Terms and Conditions

(1) These Terms and Conditions (the "Terms") apply to all contracts between Sellrock UG (haftungsbeschränkt), Kölner Str. 43a, 90425 Nuremberg, Germany (the "Provider") and its customers regarding the use of the Phishgate service.

(2) The service is offered exclusively to companies, freelancers, legal entities and other commercial entities (B2B). Consumers within the meaning of § 13 of the German Civil Code are expressly not contractual partners.

(1) Phishgate is a cloud-based software solution for detecting and warning about potential phishing attacks.

(2) The service is intended solely to support the customer's IT-security efforts.

(3) Phishgate expressly does not constitute full protection against phishing or other cyberattacks and does not replace the customer's own security measures, training or processes.

(4) The Provider gives no guarantee that all phishing attacks or malicious content will be detected, blocked or reported.

(1) The contract is concluded upon online registration by the customer and acceptance by the Provider.

(2) By registering, the customer accepts these Terms.

(3) The Provider reserves the right to refuse registrations without giving reasons.

(1) Within the chosen plans the Provider delivers the following services:

• Browser warnings on suspected phishing pages
• URL analysis against the company whitelist and the global Phishgate whitelist
• Dashboard for managing accounts, domains and events

(1) The following prices apply (each plus statutory VAT):

(1) The customer must keep credentials confidential and protect them against unauthorised access.

(2) The customer is liable for all activity occurring under their account, unless the customer is not responsible for the misuse.

(1) For the term of the contract the customer receives a simple, non-exclusive and non-transferable right to use Phishgate.

(2) Prohibited in particular:

• reselling, leasing or sublicensing the service
• reverse engineering, decompiling or disassembling the software
• any abusive use that compromises the availability or security of the service

Phishgate may not be used in particular for:

• preparing or carrying out the customer's own phishing attacks
• any form of unlawful use, including violations of criminal law
• attacks on third-party systems or the Provider itself (e.g. brute-force, DoS)

(1) The contract is concluded for an indefinite term and may be terminated monthly with effect from the end of the calendar month.

(2) Once termination takes effect, the customer's access to the service ends.

(1) Phishgate provides notices and warnings based on automated analysis. Complete detection of threats is expressly not owed.

(2) The Provider does not warrant that:

• all relevant phishing attacks will be detected
• all warnings issued are accurate or complete in content

(1) The Provider's current Privacy Policy applies, available under "Privacy".

(2) Personal data is processed exclusively in accordance with the GDPR and with appropriate technical and organisational measures.

(1) After contract termination, customer data is deleted in accordance with statutory requirements.

(2) Statutory retention obligations (e.g. under commercial or tax law) remain unaffected.

The Provider may amend these Terms at any time with reasonable advance notice, provided this is reasonable for the customer in view of the Provider's interests. The customer will be informed of changes in good time by email.

(1) Exclusive place of jurisdiction for all disputes arising from this contract is Nuremberg, Germany, where the customer is a merchant, a legal entity under public law or a special fund under public law.

(2) German law applies, excluding the UN Convention on Contracts for the International Sale of Goods.

(3) Should individual provisions of these Terms be invalid, the validity of the remaining provisions remains unaffected.