Terms of Use

1. Who we are

The website at magrathean.uk is owned and operated by Magrathean UK Ltd., a company registered in England and Wales under company number 16955343, with registered office at 16 Caledonian Court, West Street, Watford, England, WD17 1RY.

In these Terms:

• “Magrathean,” “we,” “us,” and “our” mean Magrathean UK Ltd.
• “Site” means magrathean.uk, including its pages, tools, forms, public APIs, content, product pages, legal pages, redirects, and subpaths.
• “Services” means paid or proposed consultancy, technical, website, Microsoft 365, AI, security, hosting, website-care, product-support, or other work supplied or proposed by us.
• “Free Tools” means free public tools or demonstrations on the Site, including any Microsoft 365 score calculator, Auditex summary validator, diagnostic form, enquiry checker, comparison tool, questionnaire, or similar feature.
• “Apps” means Magrathean software products, including apps or tools marketed through the Site, App Store listings, GitHub repositories, product websites, or other distribution channels.

2. Acceptance of these Terms

By accessing or using the Site, you accept these Terms and agree to comply with them. If you do not agree, you must not use the Site.

If you use the Site on behalf of a company, organisation, partnership, club, charity, public body, or other entity, you confirm that you have authority to bind that entity and that “you” includes that entity.

3. Website terms are not a services agreement

These Terms govern website access and use. They do not, by themselves, create a consultancy, managed service, hosting, website-care, Microsoft 365, AI, cybersecurity, Auditex, software-support, or other professional-services engagement.

Paid services are supplied only when Magrathean and the customer accept a written proposal, quote, statement of work, order form, email instruction expressly accepted by us, master services agreement, data-processing agreement, or other written engagement document. That written document will govern scope, fees, VAT, payment, cancellation, dependencies, customer responsibilities, access, confidentiality, security, intellectual property, data protection, support, service levels, and liability.

If these Terms conflict with a signed or otherwise expressly accepted services agreement, the services agreement prevails for the relevant paid work.

4. Information only; no professional advice

The content on the Site is provided for general information, marketing, education, and service-description purposes only.

The Site may include articles, service pages, examples, comparisons, score tools, security notes, AI workflow material, Microsoft 365 commentary, app descriptions, pricing examples, fixed-price offers, case-study style content, or technical explanations. Unless we expressly agree otherwise in a signed engagement, that material does not constitute legal, financial, tax, regulatory, security, cybersecurity, technical, engineering, procurement, compliance, audit, certification, or professional advice.

You must not rely on Site content or Free Tool output as a substitute for advice based on your specific facts, environment, risk profile, contracts, legal duties, insurance, security posture, tenant configuration, device estate, infrastructure, or business requirements.

5. Free Tools, scores, diagnostics, and validation routes

Free Tools are provided for initial triage and general information only. They are not live audits, certifications, assurances, professional reports, penetration tests, compliance assessments, regulated advice, or guarantees.

The Microsoft 365 score tool, if available, is an indicative questionnaire-based tool. It does not log into your Microsoft tenant, does not verify live tenant controls, and does not certify that your environment is secure, compliant, insurable, or audit-ready.

Any Auditex report-pack or summary validator, if available, is intended to validate limited safe summary artefacts only. It is not a general upload route for raw evidence, tokens, secrets, tenant exports, emails, documents, databases, logs, or personal-data dumps.

You are responsible for independently verifying any Free Tool output before acting on it. We may change, withdraw, disable, rate-limit, or refuse access to any Free Tool at any time.

6. No secrets, raw tenant data, or sensitive data through public forms

Do not submit any of the following through public website forms, Free Tools, email links, score tools, upload routes, or public API endpoints unless we have expressly agreed a secure handling process in writing:

• passwords, passphrases, private keys, API keys, SSH keys, database credentials, OAuth tokens, refresh tokens, access tokens, client secrets, Cloudflare Access credentials, Microsoft tenant secrets, .env files, configuration backups, or other secrets;
• raw Microsoft 365, Entra ID, Intune, Exchange, Defender, SharePoint, endpoint, mailbox, log, SIEM, EDR, DNS, hosting, database, telemetry, Graph, or tenant exports;
• production personal data belonging to your staff, customers, patients, pupils, users, suppliers, or other third parties;
• special-category personal data, including health, biometric, genetic, political, religious, trade-union, sex-life, or sexual-orientation data;
• criminal-offence data;
• children’s data;
• payment-card data;
• confidential third-party material that you are not authorised to share.

If you provide such material without prior written agreement, you do so at your own risk and you authorise us to delete, quarantine, ignore, or return it without review.

7. Contact forms, bookings, emails, and communications

Submitting a contact form, score request, booking request, email, reply, or other communication does not create a client relationship, professional duty, retainer, support obligation, confidentiality obligation, or obligation to respond.

We may respond, decline to respond, request more information, route the communication internally, retain the communication under our Privacy Policy, or delete it where we consider it irrelevant, unlawful, abusive, unsafe, or outside scope.

You are responsible for ensuring that information you provide is accurate, lawful, and authorised. You must not impersonate another person, misrepresent your authority, or submit another person’s details without a lawful basis.

8. B2B outreach and unsubscribe links

We may send limited business-to-business communications where permitted by law. Any outreach email should identify Magrathean and provide a reply or unsubscribe route.

You must not abuse, scan, brute-force, interfere with, or misuse unsubscribe links, campaign links, lead tokens, or email infrastructure. We may record suppression requests and related technical data to ensure we do not contact an opted-out address or domain again.

9. Professional-services engagement terms

Where we agree to provide paid Services, the relevant written engagement governs the work. If no separate written engagement fully covers an issue, the following fallback provisions apply to the extent permitted by law:

1. We will perform the agreed work with reasonable skill and care. 2. Scope is limited to what is expressly written and accepted. Anything not expressly included is excluded. 3. Dates, timescales, response times, outcomes, and prices shown on the Site are indicative unless confirmed in writing. 4. You must provide timely access, information, decisions, credentials, approvals, content, licences, third-party cooperation, and payment. 5. We may suspend or delay work if you do not provide required access, information, cooperation, or payment. 6. We are not responsible for pre-existing faults, inherited misconfiguration, unsupported systems, third-party outages, vendor changes, unavailable APIs, inaccurate customer data, missing licences, undocumented customisations, or decisions you make against our advice. 7. Any change in scope, urgency, dependencies, third-party cost, risk, or assumptions may require a revised fee or written change control. 8. We may refuse work that we reasonably believe is unlawful, unsafe, unethical, insecure, misleading, outside competence, or likely to create disproportionate regulatory, security, operational, or reputational risk.

10. Customer responsibilities for access, systems, and data

If you ask us to work on or advise about your systems, you confirm that:

• you have authority to instruct us;
• you have the right to give us access to the relevant systems, accounts, data, domains, repositories, devices, tenants, websites, hosting, and third-party platforms;
• you have provided any required notices to your staff, customers, suppliers, users, or other individuals;
• you have a lawful basis for any personal data you ask us to process;
• you will not provide more personal data than is necessary;
• you will maintain your own backups unless we expressly agree backup responsibility in writing;
• you remain responsible for business continuity, operational decisions, user communications, insurance notifications, regulator notifications, and legal compliance unless a written agreement says otherwise.

We may require named authorised contacts before accepting instructions or making changes.

11. Data protection in paid engagements

For website enquiries and Magrathean business administration, we usually act as controller. For paid customer work, our role may be controller, processor, joint controller, independent contractor, or a combination depending on the work.

Where we process personal data on your behalf as a processor and there is no separate signed data-processing agreement, the following default data-processing terms apply:

1. You are the controller and we are the processor for the customer personal data processed only to provide the agreed Services. 2. We will process customer personal data only on your documented instructions, including these Terms, the written engagement, and instructions reasonably necessary to deliver the Services. 3. We will ensure that people authorised to process the data are subject to confidentiality obligations. 4. We will implement appropriate technical and organisational measures proportionate to the risk, taking into account the nature of the data and Services. 5. We may use sub-processors required to provide hosting, email, security, analytics, development, support, professional, or infrastructure services, provided that we remain responsible for appointing them under appropriate contractual safeguards. 6. We will assist you, taking into account the nature of the processing and information available to us, with data-subject rights requests, security obligations, breach assessment, data-protection impact assessments, and regulator consultation where legally required. Reasonable charges may apply where the assistance is outside the agreed scope. 7. We will notify you without undue delay after becoming aware of a personal data breach affecting customer personal data processed on your behalf. 8. At the end of the Services, we will delete or return customer personal data in accordance with the written engagement, except where we must retain records for legal, accounting, regulatory, dispute, security, backup, or legitimate business reasons. 9. We will make available information reasonably necessary to demonstrate compliance with these processor obligations, subject to confidentiality, security, privilege, proportionality, and protection of other customers. 10. You must not instruct us to process special-category data, criminal-offence data, children’s data, payment-card data, or high-risk data unless the written engagement expressly permits it and required safeguards are agreed.

12. Microsoft 365, security, AI, and technical work

Unless expressly agreed in writing:

• Microsoft 365, Entra ID, Intune, Defender, Exchange, SharePoint, endpoint, device, email, identity, and security work is practical support, configuration, evidence review, or advisory work, not certification or legal compliance advice.
• Cyber Essentials, Cyber Essentials Plus, ISO 27001, SOC 2, GDPR, DPA 2018, NIS, insurance, contractual-security, or regulatory readiness work is not a guarantee that certification, compliance, insurance cover, customer approval, or audit sign-off will be achieved.
• Security work does not guarantee that systems are vulnerability-free, breach-proof, ransomware-proof, phishing-proof, or compliant.
• AI adoption, AI workflow, prompt, automation, agent, or policy work is advisory and implementation support. You remain responsible for human review, approval gates, data selection, employee instructions, regulated decisions, accuracy checking, and lawful use.
• We will not intentionally place customer secrets or production personal data into third-party AI systems unless a written engagement expressly permits that use and identifies the relevant safeguards.

13. Website design, hosting, DNS, and website-care work

Unless a written engagement says otherwise:

• you are responsible for providing lawful, accurate, non-infringing website content, images, claims, testimonials, pricing, regulatory statements, and business information;
• you are responsible for approving content before publication;
• you are responsible for maintaining domain ownership, registrar access, DNS authority, platform subscriptions, hosting accounts, licences, plugins, third-party services, payment accounts, analytics accounts, and email accounts;
• website-care services cover only the tasks expressly agreed and do not include unlimited support, emergency incident response, legal review, SEO guarantees, ad-spend management, content production, hosting liability, cybersecurity monitoring, or backup recovery unless agreed;
• search rankings, leads, calls, bookings, sales, ad results, Core Web Vitals, uptime, email deliverability, accessibility, and conversion outcomes are not guaranteed;
• we may suspend support for unsupported, insecure, unlawful, unpaid, abandoned, or materially changed websites or systems.

14. Apps, app stores, and downloadable software

Apps and downloadable software may have app-specific terms, privacy notices, end-user licence agreements, open-source licences, App Store terms, platform rules, subscription terms, and support terms. Those app-specific terms govern the relevant App to the extent they differ from these Website Terms.

If you obtained an App from the Apple App Store, the Apple Licensed Application End User Licence Agreement applies unless a custom EULA is provided. Apple is not a party to these Website Terms and is not responsible for the Site, Services, or non-Apple support. Apple’s rules may govern purchases, subscriptions, renewals, refunds, app review, privacy metadata, in-app purchases, and distribution.

App descriptions on the Site are marketing and support information. Before relying on any App for operational, safety, vehicle, infrastructure, SSH, server, code, terminal, session, quota, analytics, diagnostic, or security purpose, review the app-specific terms, privacy notice, App Store listing, permissions, and documentation.

15. Open-source material and repositories

Some Magrathean software, examples, tools, packages, or documentation may be made available through GitHub or another repository. Repository licences govern use of those materials. If a repository licence conflicts with these Terms for repository code or documentation, the repository licence governs that repository material only.

No licence is granted to use Magrathean names, brands, logos, trade marks, product names, website copy, design system, commercial documentation, non-public code, service materials, proposals, or proprietary content except as expressly stated.

16. Intellectual property ownership

All rights in the Site and its content belong to Magrathean UK Ltd. or its licensors. This includes text, service descriptions, pricing structures, graphics, logos, icons, images, diagrams, visual design, code, software, source code, page layouts, copy, names, product descriptions, domain content, documentation, Free Tools, questionnaires, scoring logic, reports, methods, outputs, and the selection and arrangement of material.

You are granted a limited, revocable, non-exclusive, non-transferable licence to access and view the Site for your own lawful internal business evaluation.

You must not, without our prior written consent:

• copy, reproduce, publish, sell, license, distribute, mirror, frame, scrape, crawl, mine, harvest, republish, or create derivative works from Site content;
• use Site content to train, fine-tune, evaluate, benchmark, or populate AI models, search indexes, commercial datasets, lead databases, or competitor products, except for ordinary public search indexing by recognised search engines that respect robots and crawler controls;
• remove or obscure proprietary notices;
• use Magrathean marks, names, logos, product names, domains, or confusingly similar branding;
• imply endorsement, partnership, certification, or affiliation.

All rights not expressly granted are reserved.

17. Feedback, submissions, and user content

If you submit ideas, suggestions, feedback, comments, diagnostic information, messages, reports, files, screenshots, business information, or other material to us, you grant Magrathean a worldwide, royalty-free, non-exclusive licence to use, copy, store, process, transmit, adapt, and disclose that material as reasonably necessary to respond, provide Services, administer records, improve our offerings, protect systems, comply with law, and enforce rights.

You confirm that you have the rights and authority needed to submit the material and grant that licence.

We are not required to treat unsolicited ideas or feedback as confidential unless we have agreed confidentiality in writing. We may use general know-how, concepts, skills, ideas, and experience retained in unaided memory, provided that we do not disclose your confidential information or personal data unlawfully.

18. Acceptable use

You must not use the Site, Free Tools, forms, APIs, upload routes, unsubscribe routes, redirects, or content in any way that:

• is unlawful, fraudulent, harmful, abusive, deceptive, defamatory, obscene, threatening, or infringing;
• violates another person’s rights or privacy;
• attempts unauthorised access to any system, account, API, database, server, endpoint, admin route, repository, token, or infrastructure;
• tests, scans, probes, attacks, overloads, bypasses, or interferes with security, rate limits, bot checks, Turnstile, access controls, unsubscribe mechanisms, mail systems, or infrastructure;
• submits malware, exploit code, secrets, unlawful content, excessive data, or unauthorised personal data;
• impersonates any person or misrepresents authority;
• uses automated scraping, crawling, data extraction, AI-agent browsing, form submission, spam, or lead harvesting without written permission;
• reverse engineers non-public code or attempts to derive source code except to the extent expressly permitted by law;
• uses Free Tools or outputs to make misleading claims about certification, audit, compliance, security, performance, or endorsement;
• causes reputational, operational, legal, security, or regulatory risk to Magrathean or any third party.

We may block, rate-limit, suspend, remove, report, or investigate any use that we reasonably consider abusive, unsafe, unlawful, or inconsistent with these Terms.

19. Prices, packages, proposals, and monthly services

Prices, packages, care plans, examples, “from” prices, fixed-fee references, and monthly amounts shown on the Site are invitations to discuss work, not binding offers, unless expressly stated otherwise.

Unless a written engagement says otherwise:

• prices exclude VAT and taxes where applicable;
• prices exclude third-party costs, licences, ad spend, hosting, domains, paid plugins, app-store charges, travel, urgent work, out-of-hours work, and expenses;
• proposals expire after 14 days unless stated otherwise;
• invoices are payable on receipt or within the payment period stated on the invoice;
• we may charge interest, compensation, and recovery costs on overdue business debts to the extent permitted by law;
• monthly services renew monthly until cancelled in writing on at least 30 days’ notice;
• work already performed, committed third-party costs, and non-cancellable commitments remain payable;
• we may suspend work for overdue payment.

If you are a consumer, your mandatory consumer rights are not affected.

20. Consumer and distance-selling rights

Magrathean primarily supplies business-to-business services. If we supply services or digital content to you as a consumer, mandatory consumer-protection rights may apply.

Before forming a consumer distance contract, we will provide legally required information about the service, total price, payment, duration, cancellation rights, loss of cancellation rights where applicable, and complaint routes.

If you ask us to begin services during a statutory cancellation period, you may be required to pay for work performed before cancellation. If you ask us to supply digital content immediately, you may lose cancellation rights where the law permits this and you have given the required acknowledgement. Nothing in these Terms limits rights that cannot lawfully be excluded.

21. Third-party services and links

The Site and Services may use, link to, integrate with, or refer to third-party services. These may include Cloudflare, Google, Meta, Microsoft, GitHub, LinkedIn, Instagram, Apple, Google Play, payment providers, accounting providers, hosting providers, email providers, AI providers, domain registrars, DNS providers, analytics providers, calendar providers, security providers, and customer-selected platforms.

Third-party services are controlled by their providers. We are not responsible for their terms, privacy notices, security, availability, outages, pricing, changes, API limits, approvals, account suspensions, data processing, or decisions unless a written engagement expressly says otherwise.

You are responsible for complying with third-party terms that apply to your accounts, systems, platforms, licences, and data.

22. Availability, changes, and discontinuation

We may modify, suspend, restrict, replace, or discontinue any part of the Site, Free Tools, content, product pages, APIs, forms, redirects, or Services at any time, with or without notice.

We do not guarantee that the Site, Free Tools, Apps, APIs, email, forms, analytics, booking links, third-party links, or infrastructure will be uninterrupted, secure, accurate, available, error-free, or compatible with your device, browser, system, software, tenant, database, or platform.

23. Security and incident handling

We use reasonable technical and organisational measures to protect the Site and business systems. However, no website, server, application, email system, DNS configuration, hosting platform, analytics service, third-party service, or network is completely secure.

You must promptly tell us if you become aware of suspected misuse, vulnerability, unauthorised access, compromised credentials, exposed secrets, incorrect data, or a security issue affecting the Site, your engagement, or a Magrathean product.

You must not publicly disclose suspected vulnerabilities without giving us a reasonable opportunity to investigate and remediate, unless required by law.

24. Disclaimers

To the maximum extent permitted by law, the Site, Free Tools, content, outputs, app descriptions, examples, API responses, reports, downloads, and public materials are provided “as is” and “as available.”

We disclaim all warranties, representations, conditions, and guarantees not expressly set out in writing, including implied warranties of accuracy, completeness, fitness for a particular purpose, non-infringement, merchantability, uninterrupted availability, security, compatibility, error-free operation, and suitability for your circumstances.

We do not warrant that:

• Free Tool outputs are accurate, complete, current, or reliable;
• Site content reflects the latest law, vendor behaviour, security threat, pricing, product feature, platform rule, or technical standard;
• any score, finding, report, AI output, recommendation, fix, configuration, or website change will achieve a particular result;
• any system will be secure, compliant, insurable, certified, recoverable, or free from vulnerabilities;
• any website, app, campaign, SEO change, AI workflow, Microsoft 365 configuration, or support action will generate leads, rankings, revenue, approvals, or measurable improvement.

25. Limitation of liability

Nothing in these Terms excludes or limits liability for death or personal injury caused by negligence, fraud or fraudulent misrepresentation, breach of obligations that cannot lawfully be excluded or limited, or any matter for which liability cannot be excluded or limited by law.

For free Site use, Free Tools, public content, product pages, and non-paid communications, our total aggregate liability to you for all claims arising out of or relating to the Site is limited to £100.

For paid Services where no signed written agreement states a separate liability cap, our total aggregate liability for all claims arising out of or relating to those paid Services is limited to the greater of:

• the fees actually paid by you to us for the specific Services giving rise to the claim in the three months immediately before the event giving rise to liability; or
• £1,000.

To the maximum extent permitted by law, we are not liable for:

• indirect, consequential, special, incidental, punitive, or exemplary loss;
• loss of profit, revenue, savings, business, goodwill, opportunity, contract, data, use, production, management time, or reputation;
• business interruption;
• loss caused by inaccurate information supplied by you;
• loss caused by third-party services, platforms, vendors, app stores, APIs, hosting, DNS, email, payment systems, AI providers, analytics providers, security providers, Microsoft, Apple, Google, Meta, Cloudflare, GitHub, or customer-selected services;
• loss caused by your failure to maintain backups, licences, access, documentation, insurance, internal controls, or independent review;
• loss caused by following, ignoring, modifying, delaying, or misapplying advice or outputs;
• pre-existing vulnerabilities, unsupported systems, inherited misconfiguration, compromised credentials, or unauthorised changes by others.

For consumers, these limitations apply only to the extent permitted by mandatory consumer law.

26. Indemnity

If you use the Site or Services as a business, you agree to indemnify Magrathean UK Ltd. and its directors, officers, employees, contractors, and agents against claims, losses, liabilities, damages, costs, and expenses arising out of or relating to:

• your breach of these Terms;
• your unlawful use of the Site, Free Tools, outputs, Apps, or Services;
• information, data, files, credentials, or materials you provide;
• your lack of authority to instruct us or provide access;
• your breach of third-party rights, third-party terms, data-protection law, confidentiality obligations, employment obligations, or platform rules;
• your decisions, implementations, communications, or claims made using Site content, Free Tool outputs, or Services.

This indemnity does not apply to consumers to the extent it would be unfair or unlawful.

27. Confidentiality

Information available publicly on the Site is not confidential. Information you submit through public contact routes is not treated as confidential unless we have expressly agreed confidentiality in writing or confidentiality arises by law.

Where a paid engagement includes confidential information, confidentiality obligations should be set out in the written engagement. If no separate confidentiality wording applies, each party must use the other party’s confidential information only for the agreed purpose, protect it with reasonable care, and not disclose it except to personnel, contractors, processors, advisers, insurers, auditors, or legal/regulatory authorities who need to know it.

Confidentiality does not apply to information that is public, already known without restriction, independently developed, lawfully received from a third party, or required to be disclosed by law.

28. Privacy

Our handling of personal data is described in our Privacy Policy at /privacy/.

You must not provide personal data to us unless you have authority and a lawful basis to do so. If you provide personal data about another person, you are responsible for giving that person any required privacy information unless we have agreed otherwise.

29. Export, sanctions, and unlawful use

You must not use the Site, Apps, software, downloads, outputs, or Services in breach of applicable export-control, sanctions, anti-bribery, anti-corruption, anti-money-laundering, computer-misuse, cybersecurity, data-protection, consumer-protection, or other laws.

We may refuse, suspend, or terminate access or Services where we reasonably believe continuing would breach law, sanctions, platform rules, vendor rules, or create unacceptable legal, security, regulatory, operational, or reputational risk.

30. Changes to these Terms

We may update these Terms by publishing a revised version on the Site. The effective date at the top shows when the current version took effect.

Changes apply to Site use from the date of publication. Changes do not override signed service agreements unless the agreement permits that.

31. Severability

If any provision of these Terms is invalid, unlawful, or unenforceable, that provision will be treated as modified to the minimum extent necessary to make it valid, lawful, and enforceable. If modification is not possible, it will be severed. The rest of the Terms will continue in effect.

32. No waiver

A failure or delay in enforcing any right or remedy is not a waiver. A partial exercise of a right or remedy does not prevent further exercise of that or any other right or remedy.

33. Assignment

You may not assign, transfer, subcontract, or deal with your rights or obligations under these Terms without our prior written consent.

We may assign, transfer, subcontract, or otherwise deal with our rights and obligations in connection with a restructuring, sale, transfer of assets, use of contractors, or change in operating model, provided this does not reduce mandatory rights you have by law.

34. Entire agreement for Site use

These Terms and the Privacy Policy form the entire agreement between you and us for use of the Site. They do not replace any separate written services agreement, app-specific terms, repository licence, App Store terms, or data-processing agreement.

35. Governing law and jurisdiction

These Terms and any dispute or claim arising out of or in connection with them, including non-contractual disputes or claims, are governed by the laws of England and Wales.

The courts of England and Wales have exclusive jurisdiction, except that consumers may bring proceedings in the courts of the country in which they are habitually resident where mandatory consumer law gives them that right.

36. Contact

Questions about these Terms should be sent to:

Magrathean UK Ltd. 16 Caledonian Court West Street Watford England WD17 1RY

Email: [email protected]