Terms of Service

1. Authorized Security Testing

By subscribing to Tower Guard, the Client represents they have the legal authority to authorize social engineering and phishing simulations against their provided domains. These tests are conducted as authorized security research under Section 342.1 of the Criminal Code of Canada.

2. CASL Compliance

The Client provides Express Consent under Canada's Anti-Spam Legislation (CASL) for Tower Guard to deploy simulated electronic messages to the Client's employees and contractors for the sole purpose of information security training and risk mitigation.

3. No Credential Storage

Tower Guard's phishing simulation landing pages do not read, log, or store any data entered by employees. Only the fact that a form was submitted and the timestamp are recorded. The Client acknowledges that Tower Guard operates a zero-knowledge credential policy.

4. Limitation of Liability

Tower Guard is an educational and risk-mitigation tool. We are not liable for any technical interruptions, loss of data, or security breaches. Total cumulative liability is strictly capped at the total fees paid by the Client in the three (3) months preceding any claim.

5. Data Processing

The Client authorizes Tower Guard to process employee contact information (name, email, department) for the sole purpose of delivering phishing simulations and generating compliance reports. Data is processed in accordance with our Privacy Policy.

6. Governing Law

These Terms are governed by the laws of the Province of Ontario and the federal laws of Canada. Any disputes shall be resolved exclusively in the courts of Ontario.