Terms of Service — Email Safety Advisor

Provider: iVerifi Limited, registered in England and Wales

Service: Email Safety Advisor (SaaS, B2B)

Customers: Business organisations only — not available to consumers

1. Acceptance

By executing an Order Form, activating a pilot, or otherwise using the Email Safety Advisor service ("Service"), the organisation identified in the Order Form ("Customer") agrees to be bound by these Terms of Service ("Terms"). The individual accepting on behalf of the Customer represents that they have authority to bind the Customer to these Terms.

These Terms apply exclusively to business customers. The Service is not offered to or intended for use by consumers.

2. Description of Service

Email Safety Advisor is a software-as-a-service Outlook add-in that analyses incoming email metadata — including sender information, subject line, body excerpt, and authentication headers — to produce a real-time phishing and social engineering risk assessment. The assessment is displayed within Microsoft Outlook as a risk score, risk level, and recommended action.

The Service is delivered via a Microsoft Azure Function API backend and a Microsoft Outlook add-in distributed through the Customer's Microsoft 365 tenant.

3. Subscription Plans and Pricing

Pilot Time-limited

£2,500 flat fee

Duration: 12 weeks from activation
Up to 100 named users
Full feature access
Onboarding and technical support included
No automatic renewal
Pilot converts to Professional on agreement of Order Form

Professional

£4 per user / month

Annual contract, invoiced annually in advance
Unlimited users (subject to Order Form)
Full feature access
Priority support (next business day)
Access to audit log export on request
Auto-renews annually unless terminated per clause 9

All fees are exclusive of VAT. iVerifi reserves the right to update pricing with 90 days' written notice prior to any renewal term. Pilot fee is non-refundable once the add-in has been activated.

4. Advisory Service — No Guarantee of Detection

Important limitation: Email Safety Advisor provides risk indicators as a decision-support tool for human review. It does not guarantee detection or prevention of all phishing attempts, malicious emails, or social engineering attacks. False positives and false negatives will occur. The Customer must not rely on this Service as the sole or primary control for email security.

The Service supplements — and does not replace — the Customer's existing security controls, email filtering infrastructure, user awareness training, and incident response procedures.

5. Permitted Use

The Customer may deploy the Service solely for the purpose of analysing emails received by the Customer's own employees within the Customer's Microsoft 365 environment. The Customer must not:

Sublicense, resell, or provide access to the Service to any third party without iVerifi's prior written consent
Use the Service to analyse emails the Customer is not authorised to access
Attempt to reverse-engineer, decompile, or extract the underlying AI models, API logic, or classification prompts
Use the Service in a manner that violates any applicable law or regulation, including UK GDPR and the Computer Misuse Act 1990
Circumvent any usage limits set out in the Order Form

6. Intellectual Property

All intellectual property rights in the Service — including the add-in code, API logic, AI prompts, classification models, and UI — are owned by or licensed to iVerifi Limited. These Terms grant the Customer a limited, non-exclusive, non-transferable licence to use the Service during the subscription term solely for the purposes set out in clause 5.

The Customer retains ownership of all email content and metadata submitted to the Service. iVerifi claims no rights in Customer data.

7. Data Processing

The processing of personal data through the Service is governed by iVerifi's Privacy Policy. For enterprise deployments, the parties will execute a Data Processing Agreement (DPA) in addition to these Terms. A standard DPA is available on request from privacy@iverifi.io.

The Customer, as the employer organisation deploying the add-in, is responsible for ensuring it has a lawful basis under UK GDPR to process employees' email metadata and for providing appropriate notice to employees.

8. Warranties and Limitation of Liability

iVerifi warrants that it will provide the Service with reasonable care and skill and in accordance with its published documentation.

To the fullest extent permitted by applicable law:

The Service is provided without warranty that it will detect all email threats, operate error-free, or be available at all times
iVerifi shall not be liable for any indirect, consequential, or special loss, including loss of revenue, loss of data, or loss arising from a security incident that the Service failed to detect
iVerifi's total aggregate liability under or in connection with these Terms shall not exceed the total fees paid by the Customer in the twelve months preceding the event giving rise to the claim

Nothing in these Terms excludes or limits liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded by law.

9. Term and Termination

Plan	Term	Termination notice
Pilot	12 weeks from activation date	No notice required — expires automatically
Professional	Annual, auto-renewing	90 days' written notice before renewal date

Either party may terminate immediately on written notice if the other party materially breaches these Terms and fails to remedy the breach within 30 days of written notice, or if the other party becomes insolvent or enters administration.

On termination, the Customer's access to the Service will be revoked and iVerifi will delete or return Customer data in accordance with the DPA or, where no DPA exists, within 30 days.

10. Availability and Changes

iVerifi will use reasonable commercial efforts to maintain Service availability. Planned maintenance will be notified at least 48 hours in advance where practicable. iVerifi may modify or discontinue features of the Service with 30 days' written notice to the Customer.

11. Confidentiality

Each party agrees to keep confidential all non-public information disclosed by the other in connection with these Terms, and to use such information only for the purposes of performing obligations under these Terms. This obligation does not apply to information that is publicly available, independently developed, or required to be disclosed by law.

12. Governing Law and Disputes

These Terms are governed by the laws of England and Wales. Any dispute arising out of or in connection with these Terms shall be subject to the exclusive jurisdiction of the courts of England and Wales.

Before commencing formal proceedings, the parties agree to attempt resolution in good faith through escalation to senior management for a period of 30 days.

13. General

Entire agreement: These Terms, together with any executed Order Form and DPA, constitute the entire agreement between the parties and supersede all prior representations.
Amendments: iVerifi may update these Terms with 30 days' written notice. Continued use of the Service after the effective date constitutes acceptance.
Severability: If any provision is found unenforceable, the remaining provisions continue in full force.
No waiver: Failure to enforce any right does not constitute a waiver of that right.
Assignment: The Customer may not assign these Terms without iVerifi's prior written consent. iVerifi may assign these Terms to a successor entity.