Versions Compared

Old Version 9

changes.mady.by.user Richard Vesely

Saved on

compared with

New Version Current

changes.mady.by.user Richard Vesely

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

See available languages:

🇬🇧 English

🇨🇿 Czech

Note

Translation is currently in progress.

I. Scope

  1. LazyCompany s.r.o., Javorová 413, 250 73 Radonice, Czech Republic (IČO: 098 79 773), registered in the commercial register at the Municipal Court in Prague under No.  C 343965, info@lazyphish.com, (hereinafter referred to as “LazyCompany” or “provider“) provide services in form of testing Phishing Campaigns (specially simulation of fraudulent email and communication and awareness against such attacks) and other services related to verification, improvement and assurance of company defense and protection against Phishing and similar attacks (hereinafter referred to as “LazyPhish Services“ or “Services“).

  2. These Terms and Conditions for LazyPhish Services (hereinafter referred to as “T&C”) govern the rights and obligations of provider and of the customer using LazyPhish Services (hereinafter referred to as “customer”) when registering in LazyPhish Application on address https://app.lazyphish.com/ (hereinafter referred to as “LazyPhish App"), ordering, setting up and using LazyPhish Services and LazyPhish App.

  3. In order to use LazyPhish App, the Customer has to:

    • Conclude a contract for the use of LazyPhish Services with provider via completing registration to LazyPhish App. During the registration of the customer a profile is created in LazyPhish App (hereinafter referred to as “customer profile” or “customer account”).

    • Accept the T&C in full extent during the registration to LazyPhish App by checking the checkbox on registration form

...

    • .

  2. Actual and valid version of T&C is available on provider web documentation portal: https://lazycompany.atlassian.net/wiki/spaces/LPS/pages/31457281/General+Terms+and+Conditions+of+LazyPhish

  3. Provider also reserves the right to pilot for a limited period of time and/or for a specific market(s) and/or for a specific group of customers new services, functions, interfaces or products ("beta testing") related to LazyPhish Services or LazyPhish App without any notice.

II. LazyPhish App

  1. The customer can access the LazyPhish services through the customer account at LazyPhish App.

  2. Details about available services are provided in LazyPhish documentation: https://lazycompany.atlassian.net/wiki/spaces/LPS/overview.

  3. Provider shall take all possible measures to achieve permanent availability of Services, and in case of failures, undertakes all necessary remedial actions without undue delay. Due to force majeure or due to the necessary maintenance, repairs or other measures on the technical devices of provider or the technical devices of third parties providing data, content, information or transmission capacity it will nevertheless lead to unavoidable temporary failures, interruptions or reduction in the performance (speed) of services. Furthermore, an intensive simultaneous use of services may lead to an impairment of the performance (speed).

III. Order of LazyPhish Services

...

  1. By the registartion in the LazyPhish App the customer is

...

The Customer can choose one of the available payment methods during the order.

...

By pressing the „Finish Order“ button the customer is submitting a binding order of selected type of subscription.

...

Provider then sends the Customer an email with confirmation for the receipt of the Order and lists individual details concerning the Order ("Order Confirmation") and payment (“Payment Details”)

...

The Customer can cancel the Order within 14 days without giving reasons directly in the LazyPhish App.

...

Activation of LazyPhish services is done upon the payment is received on bank account of the provider which could take 5 working days after the payment receipt.

...

In the LazyPhish App in section „Subscriptions“ the customer can check the state of the subscription order, period and available changes for subscribed services. For more details see LazyPhish documentation: Subscription Order.

...

Payment confirmation and subscription activation confirmation will be sent to the customer email address.

...

The customer is obliged to check the services activation without undue delay after the subscription activation confirmation email. The customer must report any issue within 5 working days to agree on resolution. Otherwise, it is considered that the provider has activated the services according to the order.

IV. Updates, Services and Support

  1. Provider provides phone/email technical support in extent according to type of subscription. For more details see: Subscriptions and Pricing.

  2. Provider is performing a development and update of LazyPhish App.

  3. The purpose of the updates is primarily to adapt the application to the new versions of the programming languages in which the application is written.

  4. The purpose of the development is to add new functionalities to the application. New functions and modules and their assignment for individual subscription types depend on the provider's decision.

  5. The Provider is entitled to limit or suspend the operation of the LazyPhish application for the time strictly necessary to perform the update. The Provider is not responsible for any financial losses of the customer caused by the suspension of the application due to the update.

  6. The provider is not responsible for the issues in relation to connecting the product to any third-party programs.

V. Security

Provider is entitled to take appropriate measures to defend against threats from cyberattacks to safety, life, health, privacy, property, assets and other legal interests of the Customer, third parties or provider itself. These measures may lead to restrictions in provider services. Depending on the severity of the risks and/or significance of the legal interests under threat, temporary blocking of individual or all services may be advisable.

VI. Price

  1. The definition of all functional parameters of each type of subscription is provided in LazyPhish Documentation: Subscriptions and Pricing.

  2. If the payment for the order is not received within the due date stated in the order confirmation, the provider will send the customer a reminder by e-mail. If the provider does not receive the payment even within the specified additional period, the order for the services is automatically cancelled.

  3. If the customer does not fulfill its obligation to pay the price for running services in time and in full extent, the provider is entitled to suspend the provision of performance until the customer's obligation is paid in full.

VII. Duration of the contract

  1. The duration of the contract for the provision of LazyPhish services is defined by the existence of an active account in the LazyPhish App.

  2. If the customer and his profile is not assigned to any organization or entity with active subscription of another company or If the customer does not order a subscription of LazyPhish services for his company within thirty (30) days of the expiration of the subscription services according to the last order, the account in the LazyPhish application will be deactivated and the contract for use of LazyPhish services with the customer will be terminated automatically without legal notice.

  3. The Customer will receive email notification 30 days before the expiration of the LazyPhish subscription and 30 day before the account will be deactivated in the LazyPhish application.

VIII. Contract Termination

  1. Termination of the contract can only take place on the basis of mutual written agreement of all parties involved in the contract.

  2. The provider may terminate the contract without giving a reason. The notice period is 2 months and runs from the day following the delivery of the notice to the customer.

  3. The provider reserves the right to transfer the contract regarding the use of LazyPhish services (without changing the contractual provisions in any other respect) to another company within the provider group; the Customer already provides to provider with his/her consent for this purpose. Provider shall notify the Customer in writing and in advance.

  4. In the event of termination of the contract, the customer is obliged to export and back up all the data, backups and other data uploaded to the LazyPhish application.

  5. Upon termination of the contract, the provider is obliged to return to the customer the proportional amount paid by the customer for the services, for the unused part of the subscription. For this return, the provider will use the same payment method as chosen in the original transaction, unless otherwise agreed with the customer.

IX. User rights, Use of data

  1. The Customer receives the non-exclusive right to use LazyPhish services, the related content and information provided by the services during the period with an active subscription of LazyPhish services. The Customer is not permitted to disclose and/or distribute the content and information acquired through LazyPhish services to third parties.

  2. The Provider shall protect the Customer's personal data and use them, pursuant to prior and express consent given by the Customer, in compliance with the applicable generally binding legal regulations; details for the Customer are given in Information on Personal Data Processing. The Customer grants to the provider the non-exclusive, time-limited, unrestricted, transferable and sub-licensable right to use other data, in particular technical data, which either have no personal reference or whose personal details have been removed (anonymised data). In this context, no personal data will be disclosed and any trace of the anonymised data to the Customer is excluded.

X.  Validation of domains used for Phishing testing campaigns

  1. The customer is entitled to use the LazyPhish application only for the domains of which he is the owner and administrator or for the domains of his customers who are the domain owners and administrators.

  2. Phishing testing campaign is allowed to be performed only on the email addresses hosted on a domain that has been validated by the domain owner/administrator in LazyPhish App. The customer is obliged to perform the domain validation for all domains on which he will run the testing Phishing campaigns.

  3. Domain validation consist of, a validation email sent to the email address provided by the customer that belong to the domain to be validated. Email recipients must actively agree with the domain validation for the usage for testing Phishing campaigns. The customer is obliged to ensure that the recipient of the email is authorised to validate the domain for the stated purpose.

  4. The Provider reserves the right to verify at any time whether the validation for the use of the domain for the purposes of test phishing campaigns is performed by an authorised person with the domain owner registered in the domain registrar.

  5. In case of any suspicious activity or suspicion of domain abuse - use without justified domain validation, the provider reserves the right to immediately temporarily stop all running customer campaigns and other services or block the customer's account entirely until the suspicion is resolved.

XI. Responsibility

  1. The Customer undertakes to ensure that the use of LazyPhish services does not violate the provisions of these T&C, legal requirements, third party rights or moral standards. This shall also apply if he/she grants third parties access to LazyPhish App or LazyPhish services.

  2. The customer must refrain from any misuse of the application; in particular, it may not incorporate the application or any part of it into other websites, whether private or commercial, or distribute them commercially.

  3. In the event of a breach of the obligations set out in this article, the customer is liable for any damage caused to the provider, as well as for damage caused to third parties. This is especially applicable if the customer use the service to send testing phishing emails to email addresses without the permission of the company/domain owner.

  4. The customer must not use the provider products and services to spread Spam and Phishing that could harass the recipient or morally and mentally damage. In the event that the provider is placed on spam lists, ban lists or otherwise restricted or damaged due to unauthorised sending of Spam or Phishing by the customer, the Provider is entitled to charge the customer a contractual penalty in the amount of EUR 4,000.

  5. Furthermore, the Provider is not liable for defects or damage, including interruption of service provision and loss or damage of data caused in particular by:

    1. by entering incorrect data into the application by the customer, incorrect procedure of the customer when inserting information or files into the application or incorrect interpretation of the data presented by the service,

    2. by infecting the customer's local network or his computers with computer viruses (spyware, malware, etc.) or a hacker attack or other similar external attack,

    3. damage caused by a malfunction of hardware, operating system, or network, due to damage caused by a malfunction of third-party programs that run concurrently with the supplied software

    4. force majeure, equipment failure, electric power failure, internet connection failure caused by the connection provider or attack on the network by a third party,

    5. incorrect system operation by the customer or as a result of an attack on third-party server due to non-compliance with security standards,

    6. infringement of copyrights, trademark rights, trade name rights and other rights protected by Czech law caused by the customer,

    7. choosing an inappropriate password by the customer or by improper password storage,

    8. third party to whom the customer has given access to the application or services,

    9. not making regular backups properly.

  6. Force majeure is an event beyond the control of the contract parties, such as a state of war, legal restrictions on exports and imports, strikes, sabotage, natural disasters, pandemics and other factors beyond the provider's reasonable discretion or reasonable control which prevents the fulfilment of the concluded contract.

  7. Contract parties are obliged to inform the other party about the occurrence of circumstances that prevents the fulfilment of the concluded contract without undue delay, otherwise it loses the right to claim the consequences of these circumstances. At the end of these circumstances, the party concerned is obliged to immediately inform the other party of the alternative date for contract fulfilment. The Provider shall fulfill the obligation to this paragraph by publishing information on the occurrence / termination of these circumstances on its official product status page.

XII. Správa uživatelů a uživatelské role

  1. Podle varianty předplatného může aplikace LazyPhish podporovat správu uživatelů a rolí. To znamená, že zákazník kromě „hlavního uživatele" může do aplikace přihlásit i vedlejší uživatele (např. zaměstnanci zákazníka, třetí strany spravující bezpečnost zákazníka apod.) prostřednictvím svého vlastního uživatelského jména a hesla.

  2. Tyto smluvní podmínky platí obdobně i pro vedlejší uživatele.

XIII. Autorská práva a mlčenlivost

  1. Autorská práva, jakož i ostatní jiná práva duševního vlastnictví, vztahující se k softwarovým produktům, včetně příruček, manuálů a dalších dokumentů distribuovaných spolu se softwarovými produkty, nadále náleží příslušným subjektům jako jejich nositelům a nejsou tímto závazkovým vztahem dotčena.

  2. Zákazník není oprávněn aplikaci rozmnožovat za účelem jejího rozšiřování, rozšiřovat či jakýmkoliv způsobem sdělovat třetím osobám, pronajímat ani půjčovat, ledaže by mu k tomu dal poskytovatel předchozí výslovný a písemný souhlas.

  3. Zákazník nesmí provádět úpravu, zpětnou analýzu, rekompilaci, převod ze zdrojového kódu aplikace, přistupovat ke zdrojovému kódu a nesmí zpřístupnit zdrojový kód aplikace třetí osobě.

  4. Zákazník je dále povinen dodržovat všechna omezení v užití software stanovených zákonem, smlouvou a těmito podmínkami.

  5. Zákazník není oprávněn odstraňovat, měnit, zakrývat nebo jakýmkoli jiným způsobem zasahovat do jakýchkoli autorskoprávních, či jiných označení příslušných subjektů umístěných nebo uložených na softwarových produktech, nebo jakékoliv jejich části, či dokumentaci distribuované spolu se softwarovými produkty.

  6. Autorská práva k dodanému produktu, příslušenství a dokumentace náleží příslušnému autorovi. Veškerá loga, registrované ochranné známky, ochranné známky, další značky a názvy výrobků náleží jejich vlastníkům.

  7. Zákazník zajistí, že třetí osoby nebudou bez předchozího písemného souhlasu poskytovatele jakýmkoli způsobem seznámeny s rozsahem a postupem plnění smlouvy a k ní patřícími podklady. Zákazník bere na vědomí, že se jedná o informace důvěrné ve smyslu § 1730 občanského zákoníku.

  8. Poskytovatel je povinen zachovávat mlčenlivost o všech podstatných skutečnostech získaných při své činnosti vyplývající ze smlouvy, a to zejména o skutečnostech, které tvoří obchodní tajemství a důvěrné informace zákazníka.

  9. Bez výslovného povolení poskytovatele je zakázáno částečné nebo úplné kopírování ceníků, brožur, fotografií, katalogů, technických dat atd. poskytovatele. Zákazníkům nevyplývá žádné právo z případných chyb či nepřesných dat uvedených v těchto materiálech.

  10. Předmětný software jako autorské dílo a databáze v něm zahrnuté požívají ochrany zejména zák. č. 121/2000 Sb., autorského zákona a zák. č. 40/2009 Sb., trestního zákoníku. Zákazník je oprávněn jej užít pouze v rozsahu a způsobem stanoveným poskytovatelem.

  11. V případě zásahu zákazníka do autorských práv poskytovatele vzniká poskytovateli nárok na smluvní pokutu ve výši 100.000,- Kč (slovy jedno sto tisíc korun českých). Smluvní pokuta je splatná na základě výzvy k úhradě smluvní pokuty ve lhůtě 15 dnů od doručení výzvy. Nárok poskytovatele na náhradu škody způsobené zásahem zákazníka do autorských práv poskytovatele, jenž má vůči zákazníkovi, zaplacením smluvní pokuty zákazníkem není dotčen.

  12. Vedle nároku na smluvní pokutu má poskytovatel v případě zásahu zákazníka do jeho autorských práv nároky vyplývající z autorského zákona, zejména nárok na zdržení se dalších zásahů do autorských práv, nárok na sdělení údajů o způsobu a rozsahu neoprávněného užití software a nárok na odstranění následků zásahu do autorských práv včetně poskytnutí přiměřeného zadostiučinění a vydání případného bezdůvodného obohacení.

XIV. Zpracování osobních údajů, Cookies a Google Analytics

  1. Informace o zpracování osobních údajů s popisem služeb, Cookies a Google Analytics jsou přístupné na webových stránkách Informace o zpracování osobních údajů - LazyPhish .

  2. Poskytovatel používá Google Analytics / Firebase poskytované společností Google, Inc. („Google"), která používá soubory cookies nebo jiné nástroje integrované do zdrojového kódu k analýze toho, jak zákazník používá webovou aplikaci LazyPhish. Google Analytics / Firebase sleduje stav a výkon účtu, souhrn zákazníků, aktivní zákazníky a uživatele, průzkumníka uživatelů, analytické publikum, kvalitu návštěvníků, pravděpodobnost konverze, srovnávací přehledy, demografické údaje a zájmy, přehled toku uživatelů, přehledy AdWords. Další informace o zpracování a využití osobních údajů lze nalézt v sekci „Ochrana osobních údajů a podmínky" na webu Google Analytics / Firebase.

  3. Mimo zmíněných nástrojů se používají i další integrální analytické nástroje různých platforem. Může zahrnovat stavy, různé informace o chování uživatelů, včetně návratnosti na platformu, informace o verzích operačního systému, převodním poměru, srovnávacích zpráv, demografických údajů a recenzí. Informace o zpracování a využití osobních údajů na vybrané platformě lze nalézt na oficiálních webových stránkách provozovatele platformy.

  4. Informace generované soubory cookies o používání webových stránek (včetně IP adresy) mohou být přenášeny a ukládány na serverech ve Spojených státech. Google používá tyto informace pro účely vyhodnocení používání webových stránek a vytváření zpráv o takovém použití pro provozovatele a poskytování dalších služeb souvisejících s aktivitami na webových stránkách nebo v aplikaci a obecně s používáním internetu. Google může také poskytnout tyto informace třetím stranám, pokud to vyžaduje zákon nebo pokud tyto třetí strany zpracovávají tyto informace pro Google. U webové aplikace LazyPhish lze zakázat používání souborů cookies na webových stránkách změnou příslušného nastavení v internetovém prohlížeči, ale v případě učinění omezení pro všechny typy souborů cookies, nebude moci zákazník plně využívat všechny funkce webových stránek a aplikace LazyPhish. Podrobné informace o cookies jsou k dispozici na Zpracování Cookies .

XV. Závěrečná ustanovení

...

Není-li v konkrétní smlouvě dohodnuto jinak, řídí se veškeré obchodní vztahy mezi poskytovatelem a zákazníkem těmito podmínkami. Příslušná ustanovení autorského zákona a dalších právních předpisů upravující užívání počítačových programů a databází a sankce za jejich nelegální užívání nejsou smlouvou a těmito podmínkami dotčena.

...

Poskytovatel je oprávněn změnit tyto podmínky. Poskytovatel je povinen bez zbytečného odkladu zveřejnit novou verzi podmínek na svých internetových stránkách a zaslat novou verzi zákazníkovi na e-mailovou adresu. V případě, že zákazník do 14-ti dnů od smlouvy neodstoupí, má se za to, že zákazník tyto úpravy podmínek akceptuje v plném rozsahu.

...

Každá ze stran má povinnost bez prodlení informovat druhou stranu o všech skutečnostech neuvedených ve smlouvě, které mohou mít vliv na plnění závazků ze smlouvy.

...

Zákazník není oprávněn převádět svá práva a povinnosti dle smlouvy, ať již z části nebo jako celek.

...

Pokud by jednotlivá ustanovení této smlouvy byla neúčinná nebo pokud by se stala neúčinnými, účinnost ostatních ustanovení tím nebude dotčena. Namísto neplatného ustanovení se použijí taková ustanovení, která pokud možno co nejvíce odpovídají hospodářskému účelu smlouvy při přiměřeném zachování oboustranných zájmů.

...

Výhradním místem soudní příslušnosti pro všechny nároky vyplývající ze smlouvy o užívání služeb LazyPhish je obecný soud příslušný dle sídla poskytovatele.

...

Pro všechny spory vzniklé ze smlouvy o užívání služeb LazyPhish platí výhradně právo České republiky; použití Úmluvy Organizace spojených národů o smlouvách o mezinárodní koupi zboží (CISG) je vyloučeno.

...

  1. ordering the basic subscription which is self service and driven by AI (“Lazy AI“).

  2. If the cutomer want to order subscription for higher number of employees that is available in the basic subscription or if the cusotmer want to order additional services the LazyPhish help desk need to be contacted.

IV. Updates, Services and Support

  1. Provider provides email technical support.

  2. Provider is performing a development and update of LazyPhish App.

  3. The purpose of the updates is primarily to adapt the application to the new versions of the programming languages in which the application is written.

  4. The purpose of the development is to add new functionalities to the application. New functions and modules and their assignment for individual subscription types depend on the provider's decision.

  5. The Provider is entitled to limit or suspend the operation of the LazyPhish application for the time strictly necessary to perform the update. The Provider is not responsible for any financial losses of the customer caused by the suspension of the application due to the update.

  6. The provider is not responsible for the issues in relation to connecting the product to any third-party programs.

V. Security

Provider is entitled to take appropriate measures to defend against threats from cyberattacks to safety, life, health, privacy, property, assets and other legal interests of the Customer, third parties or provider itself. These measures may lead to restrictions in provider services. Depending on the severity of the risks and/or significance of the legal interests under threat, temporary blocking of individual or all services may be advisable.

VI. Price

  1. The definition of all functional parameters of each type of subscription is provided in LazyPhish Documentation: Subscriptions and Pricing.

VII. Duration of the contract

  1. The duration of the contract for the provision of LazyPhish services is defined by the existence of an active account in the LazyPhish App.

  2. If the customer and his profile is not assigned to any organization or entity with active subscription of another company or If the customer does not order a subscription of LazyPhish services for his company within thirty (30) days of the expiration of the subscription services according to the last order, the account in the LazyPhish application will be deactivated and the contract for use of LazyPhish services with the customer will be terminated automatically without legal notice.

  3. The Customer will receive email notification 30 days before the expiration of the LazyPhish subscription and 30 day before the account will be deactivated in the LazyPhish application.

VIII. Contract Termination

  1. Termination of the contract can only take place on the basis of mutual written agreement of all parties involved in the contract.

  2. The provider may terminate the contract without giving a reason. The notice period is 2 months and runs from the day following the delivery of the notice to the customer.

  3. The provider reserves the right to transfer the contract regarding the use of LazyPhish services (without changing the contractual provisions in any other respect) to another company; the Customer already provides to provider with his/her consent for this purpose. Provider shall notify the Customer in writing and in advance.

  4. In the event of termination of the contract, the customer is obliged to export and back up all the data, backups and other data uploaded to the LazyPhish application.

IX. User rights, Use of data

  1. The Customer receives the non-exclusive right to use LazyPhish services, the related content and information provided by the services during the period with an active subscription of LazyPhish services. The Customer is not permitted to disclose and/or distribute the content and information acquired through LazyPhish services to third parties.

  2. The Provider shall protect the Customer's personal data and use them, pursuant to prior and express consent given by the Customer, in compliance with the applicable generally binding legal regulations; details for the Customer are given in Information on Personal Data Processing. The Customer grants to the provider the non-exclusive, time-limited, unrestricted, transferable and sub-licensable right to use other data, in particular technical data, which either have no personal reference or whose personal details have been removed (anonymised data). In this context, no personal data will be disclosed and any trace of the anonymised data to the Customer is excluded.

X.  Validation of domains used for Phishing testing campaigns

  1. The customer is entitled to use the LazyPhish application only for the domains of which he is the owner and administrator or for the domains of his customers who are the domain owners and administrators.

  2. Phishing testing campaign is allowed to be performed only on the email addresses hosted on a domain that has been validated by the domain owner/administrator in LazyPhish App. The customer is obliged to perform the domain validation for all domains on which he will run the testing Phishing campaigns.

  3. Domain validation consist of, a validation email sent to the email address provided by the customer that belong to the domain to be validated. Email recipients must actively agree with the domain validation for the usage for testing Phishing campaigns. The customer is obliged to ensure that the recipient of the email is authorised to validate the domain for the stated purpose.

  4. The Provider reserves the right to verify at any time whether the validation for the use of the domain for the purposes of test phishing campaigns is performed by an authorised person with the domain owner registered in the domain registrar.

  5. In case of any suspicious activity or suspicion of domain abuse - use without justified domain validation, the provider reserves the right to immediately temporarily stop all running customer campaigns and other services or block the customer's account entirely until the suspicion is resolved.

XI. Responsibility

  1. The Customer undertakes to ensure that the use of LazyPhish services does not violate the provisions of these T&C, legal requirements, third party rights or moral standards. This shall also apply if he/she grants third parties access to LazyPhish App or LazyPhish services.

  2. The customer must refrain from any misuse of the application; in particular, it may not incorporate the application or any part of it into other websites, whether private or commercial, or distribute them commercially.

  3. In the event of a breach of the obligations set out in this article, the customer is liable for any damage caused to the provider, as well as for damage caused to third parties. This is especially applicable if the customer use the service to send testing phishing emails to email addresses without the permission of the company/domain owner.

  4. The customer must not use the provider products and services to spread Spam and Phishing that could harass the recipient or morally and mentally damage. In the event that the provider is placed on spam lists, ban lists or otherwise restricted or damaged due to unauthorised sending of Spam or Phishing by the customer, the Provider is entitled to charge the customer a contractual penalty in the amount of EUR 4,000 for each violation of the provisions of this contract.

  5. Furthermore, the Provider is not liable for defects or damage, including interruption of service provision and loss or damage of data caused in particular by:

    1. by entering incorrect data into the application by the customer, incorrect procedure of the customer when inserting information or files into the application or incorrect interpretation of the data presented by the service,

    2. by infecting the customer's local network or his computers with computer viruses (spyware, malware, etc.) or a hacker attack or other similar external attack,

    3. damage caused by a malfunction of hardware, operating system, or network, due to damage caused by a malfunction of third-party programs that run concurrently with the supplied software

    4. force majeure, equipment failure, electric power failure, internet connection failure caused by the connection provider or attack on the network by a third party,

    5. incorrect system operation by the customer or as a result of an attack on third-party server due to non-compliance with security standards,

    6. infringement of copyrights, trademark rights, trade name rights and other rights protected by Czech law caused by the customer,

    7. choosing an inappropriate password by the customer or by improper password storage,

    8. third party to whom the customer has given access to the application or services,

    9. not making regular backups properly.

  6. Force majeure is an event beyond the control of the contract parties, such as a state of war, legal restrictions on exports and imports, strikes, sabotage, natural disasters, pandemics and other factors beyond the provider's reasonable discretion or reasonable control which prevents the fulfilment of the concluded contract.

  7. Contract parties are obliged to inform the other party about the occurrence of circumstances that prevents the fulfilment of the concluded contract without undue delay, otherwise it loses the right to claim the consequences of these circumstances. At the end of these circumstances, the party concerned is obliged to immediately inform the other party of the alternative date for contract fulfilment. The Provider shall fulfill the obligation to this paragraph by publishing information on the occurrence / termination of these circumstances on its official product status page.

XII. User Management, Roles and Access

  1. LazyPhish App support user access and role management for organizations. This means that the customer as an owner of organization that he created in the LazyPhish App can also assign an access and role for his organization to another person registered in LazyPhish App (e.g. accounting clerk, procurement, CEO, etc.). For more details about user access and roles see: Roles and Access.

  2. LazyPhish App support also user access and role management for entites. This means that the customer as an owner of organization and Entity that he created in the LazyPhish App can also assign an access and role for his entity to another person registered in LazyPhish App (e.g. the customer's employees, third parties managing the customer's security, etc.). For more details about user access and roles see: Roles and Access.

  3. Roles assigned to another persons for management of organizations or entities may include privileged access rights that enable the assigned person to manage the account completely including billing for organization or starting testing phishing campaigns. Customer is fully responsible for any actions performed by the user that he assigned with role to his organization or entity.

  4. These T&C apply similarly to other users assigned to organization or entity.

XIII. Autorská práva a mlčenlivost

  1. Copyrights, as well as other intellectual property rights, relating to the software products, including manuals, manuals and other documents distributed with the software products, remain with the respective entities as their holders and are not affected by the contract and these conditions.

  2. The customer is not entitled to reproduce the application for the purpose of its distribution, expand or in any way communicate to third parties, rent or lend, unless the provider has given his prior express and written consent.

  3. Customer may not modify, reverse engineer, recompile, convert from the application source code, access the source code, or make the application source code available to a third party.

  4. The customer is also obliged to comply with all restrictions on the use of the software stipulated by law, the contract and these conditions.

  5. Customer may not remove, alter, obscure, or otherwise interfere with any copyrights or other designations of the legal entities located or stored on the Software Products, or any parts, or documentation distributed with the Software Products.

  6. The copyright for the delivered product, accessories and documentation belongs to the respective author. All logos, registered trademarks, trademarks, other brands and product names belong to their respective owners.

  7. The customer shall ensure that third parties will not be informed in any way without the prior written consent of the provider of the scope and performance of the contract and the documents belonging to it. The customer acknowledges that the information is confidential in the sense of § 1730 of the Civil Code.

  8. The Provider is obliged to maintain confidentiality of all material facts obtained in the course of its activities arising from the contract, in particular of the facts that constitute trade secrets and confidential information of the customer.

  9. Without the express permission of the provider, partial or complete copying of the provider's price lists, brochures, photographs, catalogs, technical data, etc. is prohibited. Customers are not entitled fro any rights in case of any errors or inaccurate data contained in these materials.

  10. The subject software as an author's work and the databases included in it enjoy the protection of Act no. No. 121/2000 Sb., Copyright Act and Act. No. 40/2009 Sb., Criminal Code. The customer is entitled to use it only to the extent and in the manner specified by the provider.

  11. In the event of the customer's interference with the provider's copyrights, the provider is entitled to a contractual penalty in the amount of EUR 4,000 (in words, four thousand Euros). The contractual penalty is payable on the basis of a call for payment of the contractual penalty within 15 days from the delivery of the call. The provider's right to compensation for damage caused by the customer's interference with the provider's copyrights against the customer, the payment of the contractual penalty by the customer is not affected.

  12. In addition to the right to a contractual penalty, in the event of customer interference with his copyright, the provider is entitled to copyright law, in particular the right to refrain from further copyright infringement, the right to information on the manner and extent of unauthorized use of software and the right to remove the consequences of copyright, including the provision of reasonable redress and the issuance of any unjust enrichment.

XIV. Personal Data Processing, Cookies and Google Analytics

  1. Information on Personal Data Processing with description of Services, Cookies and Google Analytics are available in the LazyPhish Docuemtnation: Information About Data Processing - LazyPhish.

  2. Provider is using Analytics / Firebase provided by Google, Inc. ("Google"), which uses cookies or other tools integrated into code to analyse how users use LazyPhish web application. Google Analytics/Firebase covers account status and performance monitor, audience summary, active customers and users, user explorer, analytics audience, visitor quality, conversion probability, comparison reports, demographics and interests, user flow report, Adwords reports. More information on processing and utilization and data can be found in Privacy & Terms section on Google Analytics/Firebase website.

  3. Apart from mentioned tools other integral analytical tools of Platforms are used. It may cover status, various information about user behaviour including return rate on the Platform, information about versions of operation system, conversion ratio, comparison reports, demographics and customer reviews. More information on processing and utilization of data on chosen Platform can be found on official websites of the Platform Operator.

  4. Information generated by a cookie about the use of the Website (including your IP address) may be transmitted and stored on servers in the United States. Google will use this information for purposes of evaluation of the use of the Website and creation of reports about such use for its operator and provision of other services related to the activities on the website or app and the use of the Internet in general. Google may also provide this information to third parties, if it is required by the law or if such third parties process this information for Google. For LazyPhish web application you may disable the use cookies on the website as described above or by changing appropriate settings in your browser, but if you do so for all types of cookies, you will not be able to make full use of all the features of the LazyPhish website and LazyPhish App. Detailed information about Cookies are available at Cookies Policy.

XV. Final Provisions

  1. Unless otherwise agreed in a specific contract, all business relations between the provider and the customer are governed by these conditions. The relevant provisions of the Copyright Act and other legal regulations governing the use of computer programs and databases and sanctions for their illegal use are not affected by the contract and these conditions.

  2. The Provider is entitled to change these conditions. The Provider is obliged to publish a new version of the terms and conditions on its website/documentation without undue delay and send notification to the customer's e-mail address. In the event that the customer does not withdraw from the contract within 14 days, it is considered that the customer accepts these modifications of the conditions in full.

  3. Each party is obliged to inform the other party without delay of all facts not stated in the contract that may affect the performance of obligations under the contract.

  4. The customer is not entitled to transfer his rights and obligations under the contract, either in part or in whole.

  5. Should individual provisions of this Agreement be ineffective or become ineffective, the effectiveness of the other provisions shall not be affected. Instead of the invalid provision, provisions shall be applied which, as far as possible, correspond to the economic purpose of the contract while adequately preserving the mutual interests.

  6. The exclusive place of jurisdiction for all claims arising from the contract for the use of LazyPhish services is the general court competent according to the registered office of the provider.

  7. All disputes arising from the contract for the use of LazyPhish services are governed exclusively by the law of the Czech Republic; the application of the United Nations Convention on Contracts for the International Sale of Goods (CISG) is excluded.

  8. These conditions are valid and effective as of July 1, 2024.