These terms (“Terms”) govern access to and use of the websites, applications and related services operated by CMS InfoSec Ltd (“we”, “us”) trading as Cyber Made Simple(collectively, the “Service”). By registering an account, subscribing, or otherwise using the Service you agree to these Terms. If you do not agree, do not use the Service.
Our Privacy policy explains how we process personal data. Our Security & privacy compliance page summarises how we approach security and assurance at a high level.
The Service
We provide cyber security awareness content, tools, training features and related functionality for individuals and organisations. We may change, suspend or discontinue features, or introduce new ones, to reflect product development, security, law or commercial reasons. We do not guarantee uninterrupted or error-free operation.
Who may use the Service
You must be able to form a binding contract in your jurisdiction (for consumers, typically aged 18+). If you use the Service on behalf of an organisation, you confirm you have authority to bind that organisation to these Terms.
Accounts and security
You are responsible for safeguarding credentials, devices and MFA factors used to access your account. You must promptly notify us at support@cybermadesimple.co.uk if you suspect unauthorised access. You are responsible for all activity under your account unless caused solely by our negligence or a compromise of our systems outside your control.
Subscriptions and billing
Paid plans, trials and renewals are described at checkout and in your account. Fees are charged as displayed when you subscribe. You can cancel in line with the Billing area of your account — access for paid features generally continues until the end of the current paid period unless stated otherwise. Taxes may apply where required by law.
Acceptable use
You agree not to:
- Violate applicable law or infringe others’ rights;
- Use the Service to attack, disrupt, probe or compromise systems or people without lawful authorisation;
- Upload malware, attempt to bypass security, or stress-test the platform without our prior written consent;
- Scrape, resell or systematically harvest the Service except as our API and documentation expressly allow;
- Misrepresent identity, organisation affiliation, or send phishing or spam via the Service;
- Use the Service to distribute illegal or highly harmful content.
We may suspend or terminate access for breach or risk, subject to any rights you have under mandatory law.
Your content and instructions
You retain rights in material you submit. You grant us a licence to host, process and display it only as needed to run the Service for you and as described in our Privacy policy. You warrant you have the rights needed to submit that material. You are responsible for your configuration choices, recipient lists (where the product allows simulations to your own members), and exports you generate.
Not professional advice
The Service provides general information, education and self-service tools. Nothing in the Service is legal, regulatory, insurance, accounting, employment or tailored security advice. You must obtain qualified professionals for decisions that affect your organisation or personal risk. You use outputs and recommendations at your own discretion and risk.
Risk assumption
Cyber risk evolves constantly. No product can eliminate breaches, fraud or operational failure. You acknowledge that your security outcomes depend on your own controls, training, vendors and behaviours, not solely on the Service. You assume responsibility for how you rely on the Service and for backing up data and business continuity outside what we explicitly commit to in writing.
Disclaimer of warranties
To the maximum extent permitted by applicable law, the Service is provided on an “as is” and “as available” basis. Except where mandatory law requires otherwise, we disclaim all warranties and representations, express or implied, including merchantability, fitness for a particular purpose, non-infringement, accuracy, completeness or availability. We do not warrant that the Service will meet your requirements or be uninterrupted or error-free.
Limitation of liability
Nothing in these Terms excludes or limits liability that cannot be excluded or limited under applicable law (including liability for death or personal injury caused by negligence, fraud or fraudulent misrepresentation, and other categories where statute forbids exclusion).
Subject to that sentence, to the maximum extent permitted by applicable law: we are not liable for any indirect, incidental, special, consequential, exemplary or punitive loss or damage; loss of profit, revenue, goodwill, data or business opportunity; or any loss or damage arising from third-party services, your use of or reliance on any content or tool, or security incidents affecting your environment — even if we have been advised of the possibility of such loss.
Subject to the non-excludable categories above, our total aggregate liability arising out of or in connection with the Service and these Terms (whether in contract, tort, negligence or otherwise) is limited to the greater of: (a) the amount you paid us for the Service in the twelve (12) months before the event giving rise to liability; or (b) one hundred pounds sterling (£100), if you have not paid fees in that period. If you are on a free tier, (a) may be zero.
These limits reflect that the Service is offered at the stated price levels and that you use it at your own risk, having had the opportunity to evaluate it (including trials where offered).
Indemnity
To the extent permitted by law, you agree to indemnify and hold harmless CMS InfoSec Ltd, its officers and employees from claims, damages, liabilities, costs and expenses (including reasonable legal fees) arising from your breach of these Terms, your misuse of the Service, your content, or your violation of law or third-party rights — except to the extent caused by our wilful misconduct or material breach.
Third parties
The Service may integrate with or link to third-party sites and services. Their terms and privacy notices apply to you separately. We are not responsible for third-party acts or omissions.
Intellectual property
We and our licensors own the Service, branding, software and documentation (excluding your content). Except for the limited right to use the Service under these Terms, no rights are granted. You must not copy, modify, reverse engineer (except where law permits), or remove proprietary notices.
Suspension and termination
You may stop using the Service at any time. We may suspend or terminate access for breach, risk, legal requirement, or cessation of the Service, with or without notice where reasonably necessary. Provisions that by their nature survive (including disclaimers, limitations, indemnity and governing law) survive termination.
Governing law and jurisdiction
These Terms are governed by the law of England and Wales. The courts of England and Wales have exclusive jurisdiction, subject to mandatory protections that apply to consumers in their home country where those laws cannot be contractually overridden.
Changes
We may update these Terms. We will post the revised version here and adjust the “Last updated” date. Where changes are material, we will provide reasonable notice where practicable (for example by email or in-product notice). Continued use after the effective date constitutes acceptance unless mandatory law requires a different process.
Contact
Questions about these Terms: support@cybermadesimple.co.uk.
Last updated: 2026-06-12
This document is information only and does not constitute legal advice for your situation. A qualified solicitor should review terms for your markets and risk profile.