PhishingRadar

Terms of Service

Last updated: July 2026

1. Scope and contracting parties

These Terms of Service apply to all contracts between Robin Ben Baumgärtner, sole proprietorship "PhishingRadar", Engelgasse 12, 5647 Oberrüti, Switzerland (hereinafter "PhishingRadar" or "the provider") and companies that register a company account (hereinafter "customer"). PhishingRadar is aimed exclusively at companies and other legal entities acting in the course of their commercial or professional activity. Deviating, conflicting, or supplementary terms proposed by the customer do not become part of the contract, even if PhishingRadar does not expressly object to them; they only apply if PhishingRadar has expressly agreed to them in writing.

2. Subject matter of the contract

PhishingRadar is a web-based platform for raising employee awareness of phishing attacks. The customer can invite employees to take a phishing-recognition test; upon successful completion, a time-limited, publicly verifiable proof is issued. The company area gives the customer an aggregated overview of their employees' progress, reminder features, and reporting tools. PhishingRadar is not security software and does not replace technical protective measures against phishing (e.g. email filters); it is a training/awareness measure.

3. Conclusion of contract and registration

The contract is concluded once the customer completes registration in the company area and PhishingRadar activates access. The customer is obliged to provide truthful information during registration and to keep login credentials confidential. The customer warrants that it is authorized to invite the employees it specifies.

4. Prices and payment terms

PhishingRadar is offered as a subscription per licensed employee seat, payable monthly or annually in advance; the applicable pricing is shown on the pricing page. The prices shown are net prices excluding VAT, as the provider is not VAT-registered at the time of contract conclusion. If the provider becomes liable for VAT during the term of the contract, the statutorily owed VAT will be invoiced additionally from that point onward. Payment is processed via the payment provider Stripe. In the event of late payment, PhishingRadar is entitled to restrict or suspend access after at least 10 days' prior notice until the outstanding amount is settled in full; further rights, in particular to default interest and reimbursement of collection costs, are reserved. Price changes are communicated to the customer with at least 30 days' notice and take effect from the next billing period.

5. Contract term and termination

The subscription runs for an indefinite period and can be cancelled effective at the end of the respective billing period. Cancellation is done via the Stripe customer portal in the company area or in writing to kontakt@phishingradar.ch. Amounts already paid for the current billing period are not refunded. PhishingRadar may terminate the contract without notice for good cause, in particular in the event of repeated late payment or misuse, and may already block a customer's access immediately and without prior notice on reasonable suspicion of abuse, fraudulent behaviour, or violation of these Terms, pending clarification of the facts.

6. Customer obligations

The customer is responsible for informing its employees appropriately about the use of PhishingRadar, to the extent required under employment or data protection law (e.g. informing employees, involving an employee representative body where applicable). The customer ensures that its administrators' login credentials are not disclosed to unauthorized persons and reports any suspected misuse without delay.

7. Indemnification

The customer shall indemnify PhishingRadar, upon first demand, against any third-party claims arising from unlawful, contract-breaching, or unauthorized use of the platform by the customer or by persons it has invited, in particular from the customer's breach of employment, data protection, or personality-rights obligations towards its own employees. This includes reimbursement of PhishingRadar's reasonable legal defence costs.

8. Usage rights

For the term of the contract, PhishingRadar grants the customer a non-exclusive, non-transferable right to use the platform, within the scope of the licensed employee seats, for its own internal purposes. Passing on access to third parties, resale, or commercial exploitation of the content (in particular the test examples) without PhishingRadar's prior written consent is not permitted.

9. Availability and warranty

PhishingRadar strives for high availability of the platform but cannot guarantee uninterrupted or error-free availability and disclaims any warranty in this respect to the extent permitted by law. Maintenance work is carried out outside usual business hours where possible and announced in advance. The platform is provided "as is"; PhishingRadar does not warrant any particular fitness for a purpose pursued by the customer, other than the core function described in section 2.

10. Data protection

The processing of personal data is governed by the separate Privacy policy. To the extent PhishingRadar processes data of the customer's employees on the customer's behalf, PhishingRadar provides a data processing agreement on request.

11. Intellectual property

All rights to the platform, the test content, the PhishingRadar brand, and the design of the issued proof remain with PhishingRadar. An employee's proof may be used by the customer for internal and external evidentiary purposes (e.g. towards customers or auditors).

12. Liability

PhishingRadar is liable without limitation for damages arising from intent and gross negligence, as well as for damages resulting from injury to life, body, or health. Otherwise, PhishingRadar's liability for slight and moderate negligence is excluded to the extent permitted by law; to the extent such liability nevertheless applies on a mandatory basis, it is capped at the fees actually paid by the customer in the twelve months preceding the event giving rise to the damage. Liability for loss of profit, data loss, reputational damage, indirect damages, or consequential damages is excluded to the extent permitted by law. In particular, PhishingRadar assumes no liability for employees correctly recognizing real phishing attacks after completing the test, for the uninterrupted availability of third-party providers used by PhishingRadar (including payment, email, or hosting providers), or for damages arising from improper use of the platform by the customer or persons it has invited. Claims for damages against PhishingRadar are forfeited unless asserted in writing within twelve months of the customer becoming aware of the damage and of PhishingRadar as a potentially liable party; mandatory statutory minimum periods remain reserved.

13. Changes to these Terms

PhishingRadar may amend these Terms with effect for the future. Material changes are announced to the customer by email at least 30 days in advance. If the customer does not object within this period, the amended Terms are deemed accepted; in case of objection, the customer has an extraordinary right of termination.

14. Governing law and jurisdiction

Swiss law applies exclusively, to the exclusion of the UN Convention on Contracts for the International Sale of Goods and the conflict-of-law rules of private international law. The exclusive place of jurisdiction for all disputes arising from or in connection with this contract is PhishingRadar's registered place of business in Oberrüti, canton of Aargau, unless mandatory statutory provisions provide for a different jurisdiction.

15. Final provisions

These Terms and the privacy policy they reference constitute the entire agreement between the parties and supersede any prior oral or written agreements on the same subject matter. Should any provision of these Terms be or become invalid, the validity of the remaining provisions shall not be affected; the invalid provision shall be replaced by a valid arrangement that comes as close as possible to the economic purpose intended. Rights and obligations under this contract may only be assigned or transferred by the customer with PhishingRadar's prior written consent.