Terms of Service

Reference: ISP-03
Status: Approved
Version: 8.0
Date: 06/Jul/2025
Review Date: 06/Jul/2026
Classification: Public

1. These terms

1.1 These terms set out the contract between you and Stuart Wedge. Trading as PolicyWizard.io (Postal address located at PolicyWizard.io Office 101096, PO Box 26965, Glasgow, G1 9BW), in respect of your use of any of the services as described on https://www.policywizard.io and https://blog.policywizard.io. By using a service, you agree to be bound by these terms.

1.2. We reserve the right to amend these terms from time to time. Whenever you wish to use a service, please check these terms to ensure you understand the terms in force.

2. Services provided by PolicyWizard.io.

2.1. This section will apply if you use our Information Security Policy training.

2.1.1 We offer online digital self-paced training courses and other services, as detailed at: https://www.policywizard.io.

2.1.2. We may also provide live group training courses online or in-house training at your location; the details of which can be found at: https://www.policywizard.io. These services are strictly confidential, and you agree to be bound by Section 7 of these terms.

2.1.3. We agree to comply with all applicable laws when providing online digital self-paced training, live online training as a group or live in-house training at your location.

2.1.4. We shall use reasonable care and skill to provide you with Information Security Policy training courses. However, we cannot promise that:

2.1.4.1. You will be offered a new job as a result of participating in PolicyWizard.io training courses.

2.1.4.2. You will pass any examination or certification that requires security policy development; or

2.1.4.3. Your organisation will gain certification in either ISO 27001 or SOC 2.

2.2. This section will apply if you use our Free Resources.

2.2.1. We provide free resources hosted at: https://www.policywizard.io and https://blog.policywizard.io.

2.2.2. These resources are the intellectual property of PolicyWizard.io and are covered by copyright. By downloading any resources from https://www.policywizard.io, you agree to be bound by these terms and will protect this intellectual property and not share or publish it in any way. Section 5 of these terms will also apply.

2.2.3. We agree to comply with all applicable laws when providing free resources.

2.2.4. We will use reasonable care and skill to provide you with free resources. However, we cannot promise that:

2.2.4.1. You will be offered a new job as a result of using our free resources.

2.2.4.2. You will pass any exam or certification using the information within the free resources, or

2.2.4.3. Your organisation will gain certification in either ISO 27001 or SOC 2.

2.3. This section will apply if you use our Policy Templates.

2.3.1. We provide Policy Templates hosted at: https://www.policywizard.io. These templates are provided as a base for you to amend the wording to fit the requirements of your business. Submitting these documents without amending them to meet business requirements will result in observations during any certification audit. If your organisation fails to make the required modifications to the documentation before submitting it for inspection by auditors, PolicyWizard.io will not be held liable for any costs incurred.

2.3.2. These resources are the intellectual property of PolicyWizard.io and are covered by copyright. By downloading any policy templates from https://www.policywizard.io, you agree to be bound by these terms. You will protect this intellectual property and not share or publish them in any way, including as a finished policy on a website. Section 5 of these terms will also apply. Once the documentation has been amended to suit our customer, the document becomes the customer's property. Our templates retain our copyright.

2.3.3. We agree to comply with all applicable laws when providing policy templates.

2.3.4. We shall use reasonable care and skill to provide policy templates to you. However, we cannot promise that:

2.3.4.1. Using our policy templates, your organisation will gain a professional certification in either ISO 27001 or SOC 2.

2.4. This section will apply if you use our 1-Hour PolicyWizard Coaching Session.

2.4.1. We provide a coaching session available for purchase at: https://www.policywizard.io.

2.4.1.1. Once purchased, the ability to book a coaching session is withdrawn after 90 days. After 90 days have passed, the client can email info@policywizard.io to request a link to the booking page.

2.4.1.2. Clients can book a meeting up to 365 days in advance.

2.4.1.3. If the client cannot attend the meeting, they can use the buttons at the bottom of the confirmation email to "Manage Booking". That link opens the MS Bookings page where the meeting can be rescheduled.

2.4.1.4. The fee is forfeited if the client fails to attend a confirmed meeting within the first 10 minutes of the scheduled time. The contract is considered complete. No refund will be offered. If they wish to book another session, they will be required to purchase another session on the website for £150.

2.4.1.5. If PolicyWizard is unable to attend the meeting, the booking will be cancelled, and the client will be emailed a link to the Calendar bookings page, allowing them to reschedule.

2.4.1.6. If the staff member booked does not attend within the first 5 minutes of the meeting, a rescheduled appointment will be offered.

2.4.1.8. If the staff member booked does not attend the meeting within 10 minutes of the scheduled start time, a full refund will be provided, or a rescheduled appointment will be offered.

2.4.2. This service is strictly confidential, and you agree to be bound by Section 7 of these terms.

2.4.3. We agree to comply with all applicable laws when providing a 1-Hour PolicyWizard Consultation.

2.4.4. We shall use reasonable care and skill to provide this service to you. However, we cannot promise that:

2.4.4.1. You will be offered a new job because of using our 1-Hour PolicyWizard Coaching.

2.4.4.2. You will pass any exam or certification with the information learned during the consultation.

2.4.4.3. Your organisation will gain certification in either ISO 27001 or SOC 2; or

2.4.4.4. We will take on any contract.

2.5. This section is reserved.

2.6. This section will apply if you use our free 20-minute Call.

2.6.1. We offer a complimentary 20-minute appointment to our business customers at: https://www.policywizard.io.

2.6.1.1. Once booked, PolicyWizard reserves the right to cancel the free appointment at any time.
2.6.1.2. Clients can book a meeting up to 365 days in advance.

2.6.1.3. If the client cannot attend the meeting, they can use the buttons at the bottom of the confirmation email to "Cancel or re-book". Those links open the PolicyWizard Calendar page, where the meeting can be rescheduled.

2.6.1.4. Free 15-Minute Call Cancellation/No-Show Policy: Please cancel or reschedule if you are unable to attend the meeting. Make the change at least 4 hours before the appointment; otherwise, the fees detailed below will be payable to PolicyWizard.io.

2.6.1.4.1 Bookings cancelled or reorganised at least 4 hours before the start of the appointment time will not incur a fee.

2.6.1.4.2 Bookings cancelled or reorganised within the last 4 hours immediately before the scheduled appointment time will incur a late change/cancellation fee of £47.00, payable by you or your company/employer.

2.6.1.4.3 Bookings not cancelled or reorganised before the scheduled appointment time will be subject to an Appointment No-show fee of £100.00 payable by you or your company/employer if you registered using a work email address.

2.6.1.4.4 We value our time. If you fail to attend your appointment, you are depriving us of the opportunity to have another client participate at the scheduled time. Your failure to attend incurs a cost to us. A reasonable compensation for this inconvenience is £100.00.
We will send an invoice for payment to you and your company.

2.6.1.5. If PolicyWizard is unable to attend the meeting, the meeting will be cancelled, and the client will be notified via email. The email will contain a link to the Calendar Bookings page, where the client can reschedule their appointment.

2.6.1.6. A rescheduled appointment will be offered if the staff member booked does not attend the appointment.

2.6.2. This service is strictly confidential, and you agree to be bound by Section 7 of these terms.

2.6.3. We agree to comply with all applicable laws when providing the 20-minute Call.

2.6.4. We shall use reasonable care and skill to provide this service to you. However, we cannot promise that:

2.6.4.1. We will fix your problem.

2.6.4.2. The advice provided will suit your requirements. Book a 1-hour coaching session for more detailed assistance; or

2.6.4.3. We will take on any contract discussed during the coaching session.

2.7. This section has been removed, as the service is no longer offered.

2.8. This section has been removed, as the service is no longer offered.

3. Your obligations

3.1. You agree to comply with all applicable laws when using our services.

3.2. You warrant that you will not:

3.2.1. record any part of any training course, group training or in-house training, or any of our digital training products without our prior consent (and where consent is granted, this is for personal use and not for any commercial or other purposes).

3.2.2. sell or share any information, guidance, videos, or materials passed to you as part of our training, including digital course materials, to any third party without our consent.

3.2.3. impersonate any other person (living or dead), misrepresent your connection with a person or entity, or provide false or otherwise misleading information.

3.2.4. email, publish or otherwise disseminate any content which is defamatory, obscene, or may have the effect of being harassing, threatening or abusive based on gender, sexual orientation, race, ethnicity, age, or disability.

3.2.5. email, publish or otherwise disseminate any content considered damaging to our service or reputation.

3.2.6. send us audios or videos that contain or transmit software viruses, worms, Trojan horses, or any other malicious computer code, files, or programs designed to interrupt, destroy, or limit the functionality of any computer software, hardware, or transcription equipment; or

3.2.7. remove or modify any copyright, trademark, or legal notices from transcription, guidance, videos, or materials.

4. Charges and payment

4.1. The fees for training services are as follows (in each case exclusive of VAT, if applicable):

4.1.1. The Security Policy Foundations is no longer offered to customers but is available to customers with access at the time of decommissioning.

4.1.2. Information Security Policy Writer course:
4.1.2.1 The Live Webinar Version is £1,575.
4.1.2.2 A self-paced digital course is £975 (Discounts may be available).

4.1.3. Reserved.

4.1.4. Our Free Resources are provided entirely free of charge.

4.1.5. Reserved.

4.1.6. Reserved.

4.1.7. Reserved.

4.1.8. A 1-hour Coaching appointment is £150 to customers who require additional time 1:1 with an instructor.

4.1.9. We no longer offer a consulting service through PolicyWizard. We may occasionally undertake contract work; if we do, the following terms will apply.

4.1.9.1. Full payment is due for short-term contracts before any work commences. The fee is non-cancellable and non-refundable.

4.1.9.2. For long-term contracts, 50% is due upfront, and 50% will be held in escrow. PolicyWizard.io must receive confirmation from the third party that the funds have been deposited into escrow before any work will commence. The first 50% is non-cancellable and non-refundable. If the client wishes to cancel the contract before the work has started, the remaining 50% will be waived. The total fee must be paid if the client cancels the work requirement after the "Start Date" has passed.

4.1.10. PolicyWizard no longer offer a Gift Voucher.

4.1.11. PolicyWizard no longer offer a Pay-it-Forward Thank you Card.

4.1.12. Service removed.

4.1.13. Service removed.

4.1.13.1 Service removed.

4.1.14 Service removed.

4.2. In each case (except 4.1.9 Policy Consulting Services; details are included in the section), payment in full is required at the time of booking. This fee is non-cancellable and non-refundable; however, appointments for live training courses may, at our discretion, be rearranged up to 72 hours before the scheduled time slot.

5. Intellectual Property and Materials

5.1. All intellectual property rights in the service, guidance, videos, and materials are our property.

5.2. You warrant that you will not infringe on our intellectual property rights or the rights of any third party.

6. Limitation of Liability and Indemnity

6.1. Nothing in this Section 6 is intended to limit either Party's liability where it would be unlawful, including any liability for death or personal injury caused by negligence, fraud, or fraudulent misrepresentation.

6.2. Subject to Section 6.1:

6.2.1 Our liability under these terms is limited to the total fees you pay us for the service.

6.2.2 We shall not be liable for any loss of profits, sales, business, or revenue, business interruption, loss of anticipated savings, loss of business opportunity, goodwill or reputation, or any indirect or consequential loss or damage.

6.3 You agree to indemnify us against any costs and any other losses resulting from any third-party claims made against us arising from your breach of Sections 5.2.

7. Confidentiality

7.1. Each Party undertakes that it shall not, at any time, and for two years after termination of the service, disclose to any person any confidential information concerning the business, affairs, customers, clients, or suppliers of the other Party, except as permitted by Section 7.3.

7.2. If we provide any training or service to you, you shall not disclose any confidential information concerning the activity or service to any third party.

7.3. Each Party may disclose the other Party's confidential information as required by law, a court of competent jurisdiction or any governmental or regulatory authority.

7.4. Neither Party shall use the other Party's confidential information for any purpose other than to perform its obligations under these terms.

8. Data Protection

8.1. Both parties will comply with all applicable requirements of the Data Protection Laws. This Section 8 also does not relieve, remove, or replace a party's obligations or rights under the Data Protection Laws. For this section 8, Data Protection Laws refers to the UK Data Protection Legislation and any other European Union legislation relating to the use of Personal Data. Controller, Processor, Data Subject, Personal Data, Personal Data Breach, processing, and appropriate technical and organisational measures have the meaning as defined in the Data Protection Legislation.

8.2. These terms (and the services provided in accordance with them) are subject to our Privacy Notice, which can be found at: https://www.policywizard.io/privacy. It explains what Personal Data we collect when you visit our website and use our services, and how it is used.

8.2.1. Our current hosting provider is located outside of the EU. To provide the services to you on the PolicyWizard.io website, the Personal Data you enter on our website will be exported outside the EU. Please read Section 4.0 of the Privacy Notice, located at: https://www.policywizard.io/privacy.

8.3. The parties acknowledge that, under the Data Protection Laws, PolicyWizard.io is the Controller, and you are the Data Subject for any Personal Data processed as part of the services.

8.4. You will ensure that you have all necessary, appropriate consents and notices in place to enable the lawful transfer of any Personal Data to us and the lawful collection of the Personal Data by us on your behalf for the duration and purposes provided for in these terms.

8.5. We shall:

8.5.1 Process the Personal Data only on your documented written instructions unless we are required by the applicable law to process the Personal Data.

8.5.2 Ensure that we have appropriate technical and organisational measures to protect against accidental loss, destruction, damage, and unauthorised or unlawful processing of the Personal Data.

8.5.3 Ensure that all personnel with access to or processing of Personal Data are obligated to maintain its confidentiality.

8.5.4 Not engage any sub-processor without your prior consent.

8.5.5 Not transfer any Personal Data outside the European Economic Area without your prior consent (and then only following Data Protection Laws).

8.5.6 Assist you in responding to any Data Subject request, conducting privacy impact assessments and ensuring compliance with your obligations under the Data Protection Laws.

8.5.7 Notify you without undue delay on becoming aware of any breach involving the Personal Data;

8.5.8 Delete or return all Personal Data and copies to you on termination of these terms unless we are required by the applicable law to store the Personal Data; and

8.5.9 Maintain complete and accurate records and information to demonstrate our compliance with this Section 8.

8.6. You agree to indemnify us against any costs and losses incurred by us arising from your breach of this Section 8.

8.7. PolicyWizard.io does not process data related to children. If you are under 18, please do not use our products or services. If we become aware that children are using our website, we will close the account and delete all Personal Information of the individual. No refund will be provided. If you are under 18 and wish to use our products or services, please have an adult register an account on your behalf.

9. Termination and Suspension of the Service

9.1. The contract between the parties will begin on the day you purchase the service and end when the parties' obligations regarding the delivery and payment for the service are completed.

9.2. We may terminate your access to the service immediately should we have reasonable grounds to believe you have committed a material breach of any of these terms.

9.3. On termination of service, the liabilities, obligations, rights, and remedies of the parties accrued at the date of termination (including the right to claim damages for any breach of these terms) will remain unaffected.

9.4. In addition to Section 9, the following Sections will survive the termination of the service: 5, 6, 7, 8, 10.2, 10.3, and 10.5.

10. General

10.1 Force Majeure: If an event outside our control delays the supply of the service, we will contact you as soon as possible to inform you and take steps to minimise the effect of the delay. We will not be liable for delays caused by the event. However, if there is a risk of substantial delay, you may contact us to terminate the service and receive a refund for any service you have paid for but not received.

10.2 Third-party rights: These terms do not confer any rights on any person or Party not a party to them, as per the Contracts (Rights of Third Parties) Act 1999.

10.3 Entire Agreement: These terms constitute the entire terms between the parties and supersede and extinguish all previous terms, promises, assurances, warranties, representations, and understandings between them. Each Party acknowledges that it does not rely on and shall have no remedies for any statement, representation, assurance, or warranty not set out in these terms.

10.4 Variation: Any modification to or deletion of a provision or part-provision under these terms shall not affect the validity and enforceability of the rest.

10.5 Governing Law and Jurisdiction: These terms and any dispute or claim arising out of or in connection with them or the service shall be governed by and construed following the law of Scotland, and the courts of Scotland shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with these terms or the services.

11. Academic Honesty and Non-disclosure

11.1 As the purchaser of or student taking an examination, the examination environment is made available to you for the sole purpose of certification. You agree that you will not disclose, publish, reproduce, transmit, or make available, in part or in full, any portion of the examination environment or course materials by any means, to include, but not limited to, voice, electronic, cryptological, mechanical, etc., without the expressed written consent of PolicyWizard. These non-disclosure obligations extend beyond the completion of any examinations.

11.2 The customer taking an exam attests that they are the person taking the exam and agrees not to solicit assistance from others during their exam attempt. The examinee submits that they have provided us with correct and accurate registration information and all requirements for the credential and exam. Examinee agrees that any breach of the Academic Honesty Policy, including, but not limited to, cheating, providing support or assistance to another examinee, sharing exam environment information with third parties, etc., may result in (a) a failing examination grade and revocation of retake opportunities; (b) temporary or permanent ban from PolicyWizard.io platforms without refund; (c) revocation of any certifications or credentials; or (d) Civil liability and/or criminal prosecution.

12. Community Acceptable Use

12.1 We provide access to a community of peers on Discord. Every participant is expected to always act respectfully and professionally. Participants who do not meet the requirements for acceptable use will be denied future access to PolicyWizard courses, Discord servers, platforms, and systems and will not receive a refund. The following Acceptable Use Policy is displayed in the welcome section of the Discord Server:

12.2 Acceptable Use Policy - These principles, which form the bedrock of the PolicyWizard community, ensure a fair and secure environment for all. Those who adhere to these standards are warmly welcomed. Those who do not meet the standards will be denied future access to PolicyWizard courses, discord servers, platforms, and systems and will not be refunded.

12.2.1 Principles - Criticise concepts and theories, not the person. Treat all members with respect. Keep your posts safe for work. Presume good intent. Act lawfully.

12.2.2 Rules - The server is for the PolicyWizard business. Self-promotion is not permitted. These principles and rules are subject to change by management.

12.2.3 The PolicyWizard Terms of Service and Privacy Policy apply to the Discord Server.