Back to Home
Legal

Terms of Service

These terms govern your use of the train2secure platform and services. By accessing or using train2secure, you agree to be bound by these terms, which are governed by the laws of Australia.

Effective: 1 January 2025Last updated: 1 May 2026

01Acceptance of Terms

By accessing or using the train2secure platform ("Service"), you agree to be bound by these Terms of Service ("Terms"), our Privacy Policy, and our Cookie Policy.

If you are using the Service on behalf of a company or other legal entity ("Organisation"), you represent that you have the authority to bind that Organisation to these Terms. In that case, "you" and "your" refer to that Organisation.

If you do not agree to these Terms, you must not access or use the Service. These Terms are governed by the laws of Queensland, Australia, and you submit to the exclusive jurisdiction of the courts of Queensland.

02Description of Service

train2secure provides a cloud-based cyber security awareness training and phishing simulation platform ("Service") that enables organisations to:

  • Deliver video-based security awareness training courses to employees.
  • Conduct phishing simulation campaigns to test and improve employee resilience.
  • Issue verified compliance certificates to employees upon course completion (paid plans). Free trials issue a sample certificate for design preview only — see "Free Trials" below.
  • Track training progress and generate analytics reports.
  • Manage users and configure settings via an administrative dashboard.
  • Offer two free, no-credit-card trials of the Service — see "Free Trials" below.

We reserve the right to modify, suspend, or discontinue any part of the Service at any time with reasonable notice. We will provide at least 30 days' notice of any material changes that affect your use of the Service.

03Free Trials

We offer two free trials, both available without a credit card and without any obligation to subscribe. Each trial is governed by these Terms in addition to the trial-specific conditions below.

1. Free Training Trial (/trial/register). One full bite-sized training video and one timed quiz, accessible via a personal trial account created with a work email address. On completion, the trial issues a sample completion certificate in PDF form. The sample certificate is provided as a design preview only — it uses the same template and visual format that paying customers' staff receive, but it is not a verified, auditor-grade compliance record and carries no compliance value of its own. Verified certificates with unique verification codes are issued automatically on paid plans only.

2. Free Phishing Risk Assessment (/free-phishing-test). One real phishing simulation campaign per business domain, against a list of staff email addresses you supply. Results are presented in a live dashboard and emailed as an executive PDF risk report when the trial ends.

When you sign up for the Free Phishing Risk Assessment you expressly warrant and represent that:

  • You are the owner of, or an authorised representative of, the business domain you sign up with.
  • You have the authority to commission a phishing simulation against the staff email addresses you supply, and those addresses belong to your own employees, contractors, or representatives — not third parties.
  • You have any internal approvals required (works council, employee representative, internal policy) for security-awareness testing of your staff.
  • You will not supply email addresses of individuals outside your organisation, members of the public, customers, vendors, journalists, regulators, or anyone you do not have authority to test.
  • You acknowledge that every campaign is reviewed and manually approved by our security team before any phishing email is sent, and that we may reject any campaign at our sole discretion.

Both free trials are limited to one trial per business domain. We may suspend, end, or refuse a free trial at our sole discretion — for example where signup details appear fraudulent, where the warranties above are not met, or where the trial is being used in a manner that breaches our Acceptable Use Policy below. Free trials carry no service-level commitment and may be modified or withdrawn at any time without notice.

04Account Registration and Security

To access the Service, you must create an account or be invited by an organisation administrator. You agree to:

  • Provide accurate, current, and complete information during registration.
  • Maintain and promptly update your account information.
  • Maintain the security of your password and account credentials.
  • Notify us immediately via our contact form if you suspect any unauthorised access to your account.
  • Accept responsibility for all activity that occurs under your account.

We strongly recommend enabling multi-factor authentication (MFA) on your account. You must not share your login credentials with any other person.

05Subscription Plans and Payment

Access to the Service requires a paid subscription. Subscriptions are available on a monthly or annual basis, as described on our pricing page. By subscribing, you authorise us to charge your payment method for the applicable fees.

  • Billing: Fees are billed in advance on a monthly or annual basis, depending on your chosen plan.
  • Price changes: We will provide at least 30 days' notice before increasing subscription prices. Your continued use of the Service after that date constitutes acceptance of the new price.
  • Refunds: We offer a 30-day money-back guarantee on new subscriptions and a 30-day pilot clause on B2B annual contracts. See our full Refund Policy for details, conditions, and carve-outs.
  • Failed payments: If a payment fails, we may suspend your account until payment is resolved.

Payments are processed by Stripe, Inc. Your payment card information is subject to Stripe's privacy policy. We do not store full card numbers.

06Australian Consumer Law

Our services come with guarantees that cannot be excluded under the Australian Consumer Law (Schedule 2 of the Competition and Consumer Act 2010 (Cth)). You are entitled to:

  • Services provided with due care and skill.
  • Services that are fit for purpose as described.
  • Services delivered within a reasonable time.

Nothing in these Terms is intended to exclude, restrict, or modify any right or remedy, or any guarantee, warranty, or other term or condition, that is implied or imposed by the Australian Consumer Law and cannot be excluded or limited by agreement.

Where we are permitted to limit our liability, we limit it to re-supplying the relevant service or paying the cost of having the service re-supplied.

07Acceptable Use Policy

You agree to use the Service only for lawful purposes and in accordance with these Terms. You must not:

  • Use the Service in any way that violates any applicable Australian federal, state, or local laws or regulations.
  • Use phishing simulation tools to conduct actual malicious phishing attacks or to target individuals outside your organisation without their consent.
  • Transmit or distribute unsolicited commercial electronic messages in violation of the Spam Act 2003 (Cth).
  • Attempt to gain unauthorised access to any part of the Service or its infrastructure.
  • Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the Service.
  • Upload or transmit viruses, malware, or any other malicious code.
  • Use the Service to harass, abuse, or harm any person.
  • Resell, sublicense, or otherwise make the Service available to third parties without our written consent.

08Intellectual Property

All intellectual property rights in the Service, including but not limited to software, training content, course materials, phishing templates, branding, and documentation, are owned by or licensed to train2secure. Nothing in these Terms transfers any intellectual property rights to you.

You are granted a limited, non-exclusive, non-transferable licence to access and use the Service solely for your internal business purposes during the term of your subscription.

You retain ownership of any data, content, or materials you upload to the Service ("Customer Data"). You grant us a limited licence to process Customer Data solely to provide and improve the Service.

09Data and Privacy

Your use of the Service is subject to our Privacy Policy, which is incorporated into these Terms by reference. We are committed to handling all personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. If you are an organisation administrator, you are responsible for ensuring that you have obtained any necessary consents from your users for the collection and processing of their personal information through the Service.

10Limitation of Liability

To the fullest extent permitted by law (including the Australian Consumer Law), train2secure is not liable for:

  • Indirect, consequential, special, incidental, or punitive damages.
  • Loss of profits, revenue, data, business opportunities, or goodwill.
  • Damages resulting from your use of, or inability to use, the Service.
  • Any security incident, data breach, or cyber attack that occurs despite our reasonable security measures.

Our total liability to you for any claim arising out of or in connection with these Terms will not exceed the total fees paid by you to us in the 12 months prior to the event giving rise to the claim.

11Termination

Either party may terminate these Terms at any time by providing written notice. You may cancel your subscription at any time through your account settings or by contacting support.

We may suspend or terminate your account immediately if you:

  • Breach these Terms and fail to remedy the breach within 7 days of notice.
  • Engage in fraudulent, unlawful, or abusive behaviour.
  • Fail to pay any amounts due.

Upon termination, your access to the Service will cease. We will retain your data for the period described in our Privacy Policy, after which it will be securely deleted.

12Dispute Resolution

We encourage you to contact us in the first instance to resolve any dispute informally. Most concerns can be resolved quickly and fairly through direct communication.

If informal resolution is unsuccessful, either party may refer the dispute to mediation under the rules of the Australian Disputes Centre before commencing litigation. These Terms are governed by the laws of Queensland, Australia.

Nothing in this clause prevents either party from seeking urgent injunctive or interlocutory relief.

13General

  • Entire agreement: These Terms, together with our Privacy Policy and Cookie Policy, constitute the entire agreement between you and train2secure regarding the Service.
  • Severability: If any provision of these Terms is found to be invalid or unenforceable, the remaining provisions will continue in full force and effect.
  • Waiver: Our failure to enforce any right under these Terms does not constitute a waiver of that right.
  • Assignment: You may not assign your rights under these Terms without our prior written consent. We may assign our rights at any time, including in connection with a merger or acquisition.
  • Force majeure: Neither party is liable for failure to perform obligations where such failure is caused by events beyond reasonable control.

14Contact Information

For any questions about these Terms, please use our contact form.

Questions about this policy?

If you have any questions, concerns, or requests regarding this policy or how we handle your data, please contact our Privacy Officer.