Get Started

Nivoxis Terms of Service

Last updated: 18 January 2026


These Terms of Service (“Terms”) govern your access to and use of the Nivoxis website, platform (if applicable), and services including cybersecurity awareness training, phishing simulations, micro-learning, coaching, reporting, and audit-evidence outputs (collectively, the “Services”).


By accessing or using the Services, you agree to these Terms. If you do not agree, do not use the Services.


These Terms are intended to be read with our Privacy Policy and (where applicable) a signed Master Services Agreement (MSA), Statement of Work (SOW), Service Level Agreement (SLA), and Data Processing Agreement (DPA). If there is a conflict, the signed MSA/SOW will typically prevail for that customer engagement.


1. Definitions

1.1. “Nivoxis”, “we”, “us”, “our”: Nivoxis (South Africa).


1.2. “Customer”: the organization purchasing or arranging the Services (e.g., an employer).


1.3. “End User” / “Learner”: an individual participating in training or simulations under a Customer program.


1.4. “Content”: training materials, templates, landing pages, dashboards, reports, and any other materials provided by Nivoxis.

 

1.5. “Customer Data”: data the Customer (or End Users on behalf of the Customer) provides or that is generated through use of the Services.

 

2. Who Uses the Service

The Services are intended for workplace and organizational training. You must have authority to bind the Customer (if acting for an organization) or permission from the Customer to participate (if an End User).

 

3. Electronic Communications & Acceptance

You agree that we may communicate with you electronically including, but not limited to, email, platform notices, and website notices. The customer also agrees that these communications satisfy legal notice requirements for electronic transactions.

 

4. Description of Services

Nivoxis provides cybersecurity awareness and human-risk reduction services which may include:

 

  • Awareness training (in-person, online, automated)
  • Micro-learning and assessments
  • Phishing simulations and related reporting
  • Coaching and remediation recommendations
  • Audit-evidence outputs (e.g., training records, completion reports)

 

Important: Training and simulations reduce risk; they do not guarantee the prevention of incidents or compliance outcomes.

 

5. Accounts, Access, & Admin Controls

If the Services include a platform:

 

  • Customer admins are responsible for access provisioning, role assignments, and ensuring only authorized users access Customer program.
  • You must keep login credentials confidential and promptly notify us of any suspected compromise.

 

6. Customer Responsibilities

The Customer agrees to:

  • Provide accurate program configuration requirements and lawful instructions.
  • Obtain any required internal consents for employee training and simulations.
  • Ensure End User lists (names/emails/roles) are accurate and up to date.
  • Use the Services in compliance with applicable laws and internal policies.

 

7. Acceptable Use Policy

You may not, nor permit anyone to:

  • Reverse engineer, decompile, or attempt to extract source code from the Services.
  • Interfere with or disrupt the Services, networks, or security controls.
  • Upload malware, attempt unauthorized access, or perform scanning and/or testing on our systems without written permission.
  • Use the Services to target individuals outside the Customer’s authorized scope.
  • Use the Services for unlawful, harassing, discriminatory, or deceptive purposes unrelated to training objectives

We may suspend access where necessary to protect the Services, Customers, End Users, or third parties.

8. Phishing Simulations & Ethical Boundaries

Phishing simulations are meant solely for training. The Customer may not request simulations that:

 

  • Intentionally target protected classes or sensitive personal circumstances.
  • Mimic emergencies that could create real-world harm (e.g., false safety crises).
  • Collect real personal passwords or banking credentials.

 

Where simulations include credential-style landing pages, the default approach should be simulated entry (not usable credentials) with strict safeguards.

 

9. Intellectual Property

 

  • Nivoxis owns all rights in the Services and Content, including trademarks, training materials, and platform IP.
  • Subject to payment and compliance with these Terms, the Customer receives a limited, non-exclusive, non-transferable right to use the Content internally for the term of the engagement.
  • Customer Data remains the Customer’s (or End Users’) data as applicable, subject to the rights necessary for us to deliver the Services.

 

10. Confidentiality

Each party may receive confidential information from the other. The receiving party must:

 

  • Use it only to fulfil obligations under these Terms of Service and SLA Agreement.
  • Protect it with reasonable care
  • Not disclose it except to authorized personnel or contractors bound by confidentiality or as required by law

 

11. Data Protection and Privacy

Personal information is handled in line with our Privacy Policy and applicable law, including POPIA.

Where Nivoxis processes personal information as an Operator on behalf of a Customer, processing will be governed by the written SLA Agreement and appropriate security controls. POPIA requires operator security measures and prompt notification to the responsible party if unauthorized access is suspected.

 

12. Security and Incident Handling

We implement appropriate technical and organizational measures to protect Customer Data. By agreeing to this, the Client acknowledges residual risk of any data handling.

If we suspect or confirm unauthorized access to personal information processed for a Customer, we will follow contractual and legal notification duties, including POPIA-related duties where applicable.

 

13. Fees, Invoicing and Payment

Unless otherwise set out in the SLA Agreement:

 

  • Fees are payable per invoice terms
  • Late payments may result in suspension of Services after reasonable notice
  • Taxes (e.g., VAT) may apply depending on jurisdiction and invoicing arrangement

 

14. Cancellations and Cooling-off

  • Certain consumer transactions may carry statutory cooling-off rights in South Africa in limited circumstances, such as direct marketing contexts, and those rights can be affected by the nature of the transaction and other laws.
  • Most Nivoxis engagements are B2B services undersigned SLA Agreement terms; cancellation and refunds are governed by contract unless mandatory law applies.

 

15. Third-party Services

The Services may integrate with third-party providers, such as email delivery, SSO, conferencing tools, etc. Third-party services are governed by their own terms. Nivoxis is not responsible for third-party outages or acts or omissions outside our control.

 

16. Disclaimers

To the maximum extent allowed by law:

 

  • Services are provided “as is” and “as available”
  • We do not warrant that the Services will be uninterrupted or error-free
  • We do not warrant that training will prevent incidents, guarantee compliance, or achieve a specific audit result

 

17. Limitation of Liability

To the maximum extent permitted by law:

 

  • Nivoxis will not be liable for indirect, incidental, special, consequential, or punitive damages, including loss of profits, revenue, data, or goodwill.
  • Our total aggregate liability arising out of or related to the Services will be limited to the fees paid (or payable) by the Client in the 12 months preceding the event giving rise to the claim, unless the SLA Agreement states otherwise.

 

Nothing in these Terms limits liability where it cannot be limited by law.

 

18. Indemnity

The Customer agrees to indemnify and hold Nivoxis harmless from claims arising from:

 

  • Client’s unlawful configuration or use of the Services
  • Client Content or instructions
  • Use of simulations outside authorized scope
  • Breach of these Terms by the Customer or its End Users

 

19. Suspension and Termination

We may suspend or terminate access:

 

  • For material breach of these Terms
  • For non-payment (after reasonable notice)
  • To protect security, integrity, or legal compliance

 

On termination:

 

  • Access ends (unless otherwise agreed)
  • Outstanding fees become payable
  • Each party must return or securely destroy the other’s confidential information where applicable (subject to lawful retention)

 

20. Changes to Services or Terms

We may update the Services and these Terms from time to time. Updated Terms will be posted on our website with a new “Last updated” date. Material changes may be communicated to Customers via reasonable notice.

 

21. Governing Law and Jurisdiction

These Terms are governed by the laws of the Republic of South Africa, and the parties submit to the jurisdiction of South African courts.

 

22. General

 

  • Severability: If any provision is unenforceable, the rest remains in force.
  • No waiver: Failure to enforce a right is not a waiver.
  • Assignment: Customer may not assign without our written consent, except as allowed in the SLA Agreement.
  • Entire agreement: These Terms plus any signed SLA agreement for the Services.

 

23. Contact

For legal and Terms queries: support@nivoxis.com

 

Information Officer (POPIA): Josh Koopman
Email: josh.koopman@nivoxis.com