RansomLeak logo
RansomLeak Training Platform

Terms of Service

Last updated: October 31, 2025

1. Acceptance of Terms

By accessing and using the RansomLeak security awareness training platform ("Service"), you accept and agree to be bound by the terms and provision of this agreement. If you do not agree to abide by the above, please do not use this service.

Relationship to Other Agreements

If your organization has entered into a separate written agreement with RansomLeak (such as a Master Services Agreement, Enterprise License Agreement, or Statement of Work), the terms of that separate agreement shall take precedence over these Terms of Service in the event of any conflict. These Terms of Service apply to the extent they do not conflict with your separate written agreement.

2. Description of Service

RansomLeak provides interactive 3D security awareness training designed to educate your organization's employees about cybersecurity threats and best practices. The Service is delivered to enterprise customers through a unified offering that combines hosted platform access with flexible deployment options.

All enterprise customers receive:

  • Hosted LMS Tenant Access: A dedicated learning management system tenant where your administrators can invite users, assign training, view analytics, and generate reports. Your employees can complete training directly through our hosted environment.
  • SCORM Export Capability: The ability to download and export SCORM-compliant training content packages from your tenant for use in your organization's existing LMS (Moodle, TalentLMS, or other SCORM-compatible platforms). You may use the hosted tenant, SCORM export, or both based on your organizational needs.

Additionally, we offer free marketing exercises on our landing page that require no login or account, designed to demonstrate the platform's capabilities to prospective customers.

3. Enterprise Customer Accounts

To access the Service, your organization must enter into a licensing agreement with RansomLeak. When your organization engages our services, you agree to:

  • Designate authorized administrators to manage your account and user access
  • Provide accurate organization and billing information
  • Maintain the security of administrator credentials
  • Ensure your authorized users comply with these Terms of Service
  • Accept responsibility for all activities under your organization's account

Your designated administrators are responsible for inviting users, assigning training, and managing access to your organization's hosted tenant. End users access the platform through credentials provisioned by your administrators.

4. Licensing and Payment Terms

The Service is provided under annual or multi-year licensing agreements. By entering into an agreement with RansomLeak, your organization agrees to:

  • Pay all fees as specified in the quote and invoice provided by RansomLeak
  • Make payment within the agreed terms (typically Net 30 days from invoice date)
  • Request renewal quotes prior to license expiration if continued service is desired
  • Understand that licensing is not automatically renewed and requires manual renewal
  • Understand that fees are non-refundable except as specified in your agreement or required by law

Payment is processed via emailed invoices. We do not process automatic payments or store credit card information for recurring charges. Each licensing period must be renewed manually through a new quote and invoice process.

5. Service Features and Availability

RansomLeak provides interactive 3D security awareness training through our hosted platform with flexible deployment options to meet your organization's needs.

Hosted Tenant Access

We provision and host a dedicated learning management system (LMS) tenant for your organization. Your designated administrators can log in to invite users, assign training, view analytics, and generate reports. Users can access training directly through our hosted environment.

SCORM Export Capability

Your organization also has the ability to download and export SCORM-compliant training content packages from your tenant. These packages can be uploaded to your organization's existing learning management system (Moodle, TalentLMS, or other SCORM-compatible platforms), allowing you to leverage your current LMS infrastructure. You may use the hosted tenant, SCORM export, or both based on your organizational preferences.

Service Availability and Support

RansomLeak strives to maintain high availability of the hosted tenant platform. While we target 99.5% uptime on a monthly basis, this is a service goal and not a contractual guarantee unless otherwise specified in a separate Service Level Agreement (SLA). Enterprise customers requiring formal SLA commitments should contact our sales team.

We reserve the right to:

  • Perform scheduled maintenance with advance notice (typically during off-peak hours)
  • Conduct emergency maintenance without prior notice when necessary for security or stability
  • Temporarily suspend access to address security incidents or technical issues

When using SCORM packages exported to your own LMS, the availability of training content depends on your organization's hosting infrastructure. RansomLeak is responsible for the hosted tenant availability and SCORM content quality, but not for the availability of third-party LMS platforms.

6. Acceptable Use Policy

You agree not to use the Service to:

  • Violate any laws or regulations
  • Infringe upon the rights of others
  • Attempt to gain unauthorized access to the Service or related systems
  • Interfere with or disrupt the Service or servers
  • Transmit viruses, malware, or other harmful code
  • Reverse engineer or attempt to extract the source code of the Service
  • Share account credentials or allow unauthorized access to your account

Enterprise Customer Responsibilities

As an enterprise customer, your organization is responsible for:

  • Ensuring that all authorized users comply with these Terms of Service
  • Maintaining accurate records of user access and training completion
  • Complying with all applicable export control laws and regulations when using or distributing SCORM content
  • Using the Service only for authorized business purposes within your organization
  • Notifying RansomLeak immediately of any suspected security breaches or unauthorized access

License Compliance

Your organization must comply with the following license requirements:

  • User Count Limits: Your organization's usage (both hosted tenant access and SCORM content deployment) must not exceed the number of licensed users specified in your agreement
  • No Unauthorized Sharing: You may not share administrator credentials, user credentials, or SCORM content packages with organizations outside your licensed entity
  • No Reselling or White-Labeling: You may not resell, redistribute, sublicense, or white-label the Service or SCORM content to third parties
  • Internal Use Only: The Service and SCORM content are licensed exclusively for your organization's internal training purposes

7. Intellectual Property

All content, features, and functionality of the Service, including but not limited to text, graphics, logos, icons, images, audio clips, video clips, data compilations, and software, are the exclusive property of RansomLeak or its licensors and are protected by international copyright, trademark, patent, trade secret, and other intellectual property laws.

8. Privacy and Data Protection

Your use of the Service is also governed by our Privacy Policy. For details on how we collect, use, and protect your data, please see our Privacy Policy. We are committed to protecting your privacy and maintaining the security of your personal and training data in compliance with GDPR, CCPA, and other applicable data protection laws.

Data Processing Roles

Under data protection regulations, the roles are defined as follows:

  • For Training Data: When you use our Service to train your employees, you act as the data controller and RansomLeak acts as the data processor. You retain control over the training data and determine the purposes and means of processing.
  • For Account and Billing Data: RansomLeak acts as the data controller for account registration, billing information, and platform usage data necessary to provide the Service.

Data Processing Agreement (DPA)

Enterprise customers requiring a formal Data Processing Agreement (DPA) to meet GDPR Article 28 requirements should contact privacy@ransomleak.com. The DPA specifies our obligations as a data processor, including security measures, data breach notification procedures, and data subject rights support.

Sub-Processors

We engage the following categories of sub-processors to provide the Service:

  • Cloud Infrastructure: Amazon Web Services (AWS) for hosting, storage, and computing resources
  • Analytics: Google Tag Manager for website analytics and user experience optimization
  • Payment Processing: Third-party payment processors for invoice payment processing

A complete and current list of sub-processors is available upon request by contacting privacy@ransomleak.com.

Security Measures

We implement industry-standard security measures to protect your data, including encryption at rest (AES-256) and in transit (TLS 1.3), network isolation, continuous monitoring, and access controls. Our security practices and infrastructure are detailed on our Security & Compliance page.

9. Disclaimers and Limitations of Liability

The Service is provided "AS IS" and "AS AVAILABLE" without warranties of any kind. To the fullest extent permitted by law:

  • We disclaim all warranties, express or implied
  • We do not guarantee the Service will be uninterrupted, secure, or error-free
  • We are not liable for any indirect, incidental, special, or consequential damages
  • Our total liability shall not exceed the amount paid by you in the past twelve months

10. Indemnification

You agree to indemnify, defend, and hold harmless RansomLeak, its officers, directors, employees, agents, and affiliates from and against any claims, liabilities, damages, losses, and expenses, including reasonable attorney's fees, arising out of or in any way connected with your access to or use of the Service or violation of these Terms.

11. Termination

We may terminate or suspend your account and access to the Service immediately, without prior notice or liability, for any reason, including breach of these Terms. Upon termination, your right to use the Service will immediately cease. All provisions of these Terms which by their nature should survive termination shall survive.

12. Governing Law

These Terms shall be governed by and construed in accordance with the laws of the State of New York, United States, without regard to its conflict of law provisions. Any disputes arising from these Terms or the Service shall be resolved in the courts of New York County, New York.

13. Changes to Terms

We reserve the right to modify or replace these Terms at any time. If a revision is material, we will provide at least 30 days notice prior to any new terms taking effect. Your continued use of the Service after such modifications constitutes acceptance of the updated Terms.

14. Contact Information

If you have any questions about these Terms of Service, please contact us at:

Ransomleak OÜ

Email: info@ransomleak.com

Address: Estonia, Tallinn, Lasnamäe linnaosa, Sepapaja tn 6, 15551