Last Updated: 2026-02-06
1. Background
Nimblr Security Awareness is an online educational platform. The platform is designed to strengthen the security awareness of the end user as well as lower the potential risks of successful attacks against the Customer. The educational program designed by Nimblr is aimed at providing a holistic approach to learning. The program includes continues updates incorporating intelligent technology, smart illustrations, expert level knowledge regarding IT security as well as modern and effective teaching methods.
2. The Service
Nimblr Security Awareness includes but is not limited to the following functions:
Micro Training – Online Security Training.
Zero-Day Classes – Simulated attacks based on current “real-world” threats.
Simulated Attacks – Simulated phishing and various other e-mail based attacks.
Instant Learning – Real-time feedback and tips regarding how to deal with, and evade, online threats.
An administrative portal that supplies the customer and clients with relevant and useful statistics originating from training, simulations and users.
Language – Two optional are included.
3. Licensing Agreement
The Services are sold through the Customer entering into an agreement with Nimblr, or through a reseller or Managed Service Provider authorized by Nimblr.
Upon execution of the agreement governing the Customer’s use of the Service, the Customer is granted a non-exclusive, non-transferable, and limited right to use the Services in accordance with the terms and conditions of the agreement governing the Customer’s use of the Service and these Terms & Conditions.
The Customer is granted access to the Services and administrative functionality via an online control panel provided by Nimblr or an authorized partner.
Upon gaining access to the control panel, the Customer will receive login credentials. Such credentials are personal and confidential and must not be shared, distributed, disclosed, or transferred to any third party.
4. Licensing
Each license that is imported or established for business use, whether through an email address (for standard awareness services) or a mobile phone number (for the Smishing Service), is defined and regarded as one (1) participant license.
Each license grants one (1) participant the right to access and use the relevant service.
Licenses may only be transferred between “authorized participants” within the same customer organization.
5. Maintenance
Nimblr reserves the right to maintain, improve, and further develop the Services, including making modifications to their content and functionality, provided that such changes do not materially reduce the overall performance or quality of the Service.
6. Additional Services
The following additional services may be offered:
Languages (+30 available)
Custom Domain Sender
Branding
Custom Content
Smishing
7. Personal Data
Nimblr ensures that any personal data collected by Nimblr or its sub-contractors is processed in accordance with the General Data Protection Regulation (GDPR) and any other applicable legislation.
For the Smishing Service, Nimblr uses external communication providers classified as independent data controllers under the Swedish Electronic Communications Act (Lag 2022:482, “LEK”) and the EU ePrivacy Directive (2002/58/EC).
These providers handle personal data under specific sector regulations that take precedence over the GDPR for electronic communications.
Such providers are documented in Nimblr’s GDPR compliance records as independent controllers, and all processing is carried out in accordance with applicable data protection and telecommunications laws.
8. Confidential Information
Information disclosed by one Party to the other in connection with the provision or use of the Service shall be treated as confidential and shall not be disclosed to any third party.
All information and data regarding any of the signing parties that the other may receive as a result of this business relationship shall be treated as confidential and must not be disclosed to any third party.
However, Nimblr reserves the right to use the Customer’s name and logo for reference purposes, in both written and spoken form.
9. Intellectual Property Rights and Rights of Usage
Each Party may, during their cooperation, gain access to information regarding the other Party’s intellectual property. Such information shall, regardless of format, remain the property of the Party from which it originates and may only be used to fulfil obligations under the agreement governing the Customer’s use of the Service.
The Customer is granted the right to use the Service provided by Nimblr to the extent established in the agreement governing the Customer’s use of the Service.
10. Limitation of Liability
Neither Party shall be liable to the other for any indirect, incidental, special, consequential, or punitive damages, including loss of profits, revenue, data, or business opportunity.
Each Party’s total aggregate liability under the agreement governing the Customer’s use of the Service shall not exceed twelve (12) times the monthly fee for the relevant product or service (excluding VAT) calculated at the time of the breach.
This limitation shall not apply to breaches of confidentiality, infringement of intellectual property rights, fraud, willful misconduct, or liabilities that cannot be limited by law.
11. Disclaimers
Nimblr shall use commercially reasonable efforts to ensure that the Service operates in accordance with its documentation and is available for use by the Customer.
Nimblr shall not be liable for service interruptions or performance issues caused by:
(i) factors beyond its reasonable control;
(ii) the Customer’s internet connectivity, systems, or equipment; or
(iii) the Customer’s breach of the agreement governing the Customer’s use of the Service.
Nimblr does not guarantee uninterrupted or error-free operation of the Service, nor that the Service will meet all specific requirements of the Customer.
12. Warranties
Nimblr warrants that the Service will be provided with reasonable skill and care and in accordance with generally accepted industry standards.
Nimblr further warrants that it has the right to grant the licenses set forth in this Agreement and that the Service, when used as intended, does not, to the best of Nimblr’s knowledge, infringe any third-party intellectual property rights.
Except as expressly stated in this Agreement, the Service is provided on an “as is” and “as available” basis, and Nimblr makes no other warranties, whether express or implied, including but not limited to implied warranties of merchantability or fitness for a particular purpose.
The Customer acknowledges that the Service may be subject to maintenance, updates, and improvements, and that temporary interruptions may occur without constituting a breach of warranty.
13. Force Majeure
Circumstances beyond a Party’s reasonable control, such as war, strike, natural disaster, government action, or interruptions in power or communication (“Force Majeure”), shall release the affected Party from its obligations under the agreement governing the Customer’s use of the Service for as long as such circumstances persist.
The affected Party shall, without undue delay, notify the other Party of the occurrence and expected duration of such Force Majeure. Once the circumstances cease, the Party shall promptly resume fulfilment of its obligations.
14. Safety, Security and Technical Standards
Nimblr shall at all times maintain a high level of safety and security, meeting all reasonable technical and operational requirements.
Nimblr is responsible for all activities related to security, disaster recovery, and business continuity.
Nimblr shall ensure that the Services are protected from unauthorized access and that the Customer data is handled securely.
Nimblr shall promptly inform the Customer of any incidents such as denial-of-service attacks, intrusions, or unauthorized access that may compromise the Service or data protection.
It remains the Customer’s responsibility to ensure that it meets the technical requirements necessary to use the Service.
15. Compliance with Laws and Sanctions
Each Party shall comply with all applicable laws, regulations, and governmental orders applicable to that Party in connection with the provision or use of the Service, including but not limited to those relating to data protection, information security, export control, and intellectual property rights.
Neither Party shall use the Service or perform its obligations under the agreement governing the Customer’s use of the Service in violation of applicable export control or sanctions laws of the European Union, Sweden, the United States (OFAC), the United Kingdom (OFSI), or the United Nations (UN sanctions lists).
Each Party represents and warrants that neither the Party, its owners, directors, nor beneficial owners appear on any of the following sanctions lists:
European Union Consolidated Sanctions List
U.S. OFAC Specially Designated Nationals and Blocked Persons List
U.K. OFSI Sanctions List
United Nations Sanctions List
Each Party shall immediately notify the other Party in writing if it or any controlling individual is added to such lists.
16. Disputes and Applicable Law
Disputes arising in connection with the Service or the agreement governing the Customer’s use of the Service shall be finally settled by arbitration in accordance with the Rules for Simplified Arbitration of the Stockholm Chamber of Commerce Arbitration Institute (SCC), unless the SCC determines, considering the circumstances, that the Rules for Regular Arbitration shall apply.
The seat of arbitration shall be Malmö, Sweden, and the language shall be Swedish.
Swedish law shall apply to these Terms & Conditions and the agreement governing the Customer’s use of the Service.