Terms of Service
Last updated: June 24, 2026
1. Agreement to Terms
By accessing or using Forward to Safety (“Service”), you agree to be bound by these Terms of Service (“Terms”) and the incorporated Support Terms. If you disagree with any part of these terms, you may not access the Service.
2. Description of Service
Forward to Safety provides security services organized into three tiers based on who does the work:
- Reveal (SEE): You run it. Email phishing detection, manual endpoint security scans, dark web exposure checks, password strength checking, URL safety screening, website safety monitoring, browser extension, and Craig AI; the Daily Heads-Up and member community are available on request. FTS never touches your device at this tier.
- Fortify (FIX): We patch and harden it. Includes everything in Reveal plus automatic patching, continuous hardening, team dashboard, and phishing simulation/training. Delivered as a managed product, not a help desk. Computers only — servers require Support & Defend.
- Support & Defend (KEEP SAFE): We support, watch and act. Includes everything in Fortify plus full support for computer and network problems, around-the-clock monitoring with active incident response, enterprise endpoint protection on every covered machine, DNS-layer protection, managed and monitored remote backup, direct access to Craig's team, and the Support & Defend Pledge (Section 2.3), backed by Craig Peterson's 30 years of hands-on cybersecurity experience. Covers computers and servers.
Some features, including basic URL safety screening and the no-cost trial (1 computer inspection + 3 email verdicts), are available without a paid subscription.
2.1 No Guarantee of Accuracy or Protection
Forward to Safety does not guarantee the accuracy, completeness, or reliability of any analysis, verdict, or screening result. This applies to all tiers of service. Specifically:
- No security service can detect 100% of threats or avoid all false positives.
- A result of “no known threats detected” means only that our automated checks did not identify known threat indicators at the time of the check. It does not mean the URL, email, or website is safe.
- Sophisticated, newly created, or previously unseen threats may not be detected by any tier of our analysis.
- Our verdicts and screening results are informational assessments, not safety endorsements.
- You remain solely responsible for your own security decisions, including whether to click a link, open an attachment, or respond to an email.
Best-effort protection.Patching (Fortify), hardening, monitoring, incident response, and all other security and privacy protections — at every tier — are provided on a commercially reasonable best-effort basis. We apply updates, hardening, and protective measures diligently, but we do not guarantee that any patch, configuration, monitoring, or response will prevent every vulnerability, compromise, malware infection, or data loss. No security service can. You remain responsible for maintaining your own backups and for your own security decisions.
2.2 URL Safety Screening (No-Cost Tier)
URL safety screening performs automated infrastructure checks only. It does not include AI-powered content analysis, redirect chain inspection, or behavioral analysis. Many dangerous URLs — particularly newly created phishing pages with valid SSL certificates and clean reputations — will not be flagged by this screening. URL screening results should be treated as a preliminary indicator, not a definitive safety assessment.
2.3 The Support & Defend Pledge
For machines actively enrolled in Support & Defend, if something gets through on our watch, the IT response is on us — no surprise IT bill. The following are covered at no additional IT charge:
- Investigation — we determine how it happened
- Containment — we work to stop it spreading to other covered machines
- Cleanup and restoration — we remove the malware and restore from a verified clean backup. Some malware cannot be removed remotely and may require shipping equipment to us; in rare cases malware embeds in hardware and cannot be fully removed, and we will tell you clearly when that is the case.
- Guidance — we tell you what happened, what to report, and who to call
The Support & Defend Pledge covers the IT response only. It does not cover, and we cannot promise recovery of: stolen funds or fraudulent transactions; data exfiltrated before or during containment; ransom payments; lost revenue or business interruption; or legal, regulatory, or breach-notification costs.
When charges apply:incidents on Support & Defend-enrolled machines caused by user action — intentionally disabling security software, voluntarily granting access, or a pre-existing infection present at onboarding — are billed at your reduced customer rate. Incidents on machines not enrolled in Support & Defend are billed at our normal rate; as a paying customer you are never left on your own.
2.4 Software Patching and Vulnerability Identification
Forward to Safety identifies installed software and checks it against live vulnerability intelligence. Our response to identified vulnerabilities varies by tier and by whether the software is in our Automatic Patch Catalog.
Automatic Patch Catalog
We maintain a catalog of commonly-installed software for which we can deliver automated, unattended updates. The current catalog is published at Supported Software and may be updated as we add or retire support for specific applications. The contents of the catalog may change at any time due to factors outside our control, including but not limited to changes in vendor licensing, distribution restrictions, software end-of-life, or the availability of suitable update mechanisms. We will make reasonable efforts to maintain broad coverage but do not guarantee that any specific application will remain in the catalog indefinitely. Automatic patching applies to Fortify and Support & Defend tiers only.
Vulnerability identification beyond the catalog
Regardless of whether an application is in our Automatic Patch Catalog, we identify all installed software on covered machines and check every version against live threat intelligence. Software identified as vulnerable but outside the Automatic Patch Catalog is flagged in your report with step-by-step guidance on where to obtain the update. At the Reveal tier, you act on the guidance yourself.
Manual patching (Support & Defend only)
At the Support & Defend tier, we may elect to manually patch software that falls outside the Automatic Patch Catalog. Manual patching is performed at our discretion after we have identified the specific software and version, verified the update, and accepted responsibility for applying it. We will not manually patch software without this review, and inclusion of a manual patch does not obligate us to continue manual patching of that application in the future.
Latest release only. We update software to the latest stable release available from its vendor. We do not support pinning applications to older versions, skipping updates, or maintaining outdated releases. If your hardware or operating system cannot run the current version of an application in our catalog, that application cannot be automatically patched on that machine and falls outside the scope of managed patching for that device.
Limitations. Automatic patching is delivered on a best-effort basis. Not all updates can be applied silently or without user interaction. Some vendor restrictions, licensing requirements, or application architectures may prevent automated delivery. In those cases, the update is flagged for manual action with guidance.
3. User Responsibilities
You agree to:
- Use the Service only for lawful purposes
- Not forward emails containing illegal content
- Not attempt to reverse-engineer, hack, or disrupt the Service
- Maintain the confidentiality of your account credentials
- Not share your subscription with unauthorized users
- Comply with all applicable laws and regulations
Abuse Policy: Any abuse of the Service — including but not limited to automated or bulk submissions, attempts to circumvent rate limits or usage restrictions, sharing accounts beyond authorized users, harassment of our staff, or any other conduct we determine to be abusive or harmful — will result in immediate cancellation of your account and forfeiture of any remaining subscription balance, at our sole discretion. No refunds will be issued for accounts terminated due to abuse.
4. Email Content and Consent
By forwarding an email to Forward to Safety, you represent that:
- You have the right to share that email with us for analysis
- You consent to our processing of the email content as described in our Privacy Policy
- You understand that we may retain analysis records as described in our Privacy Policy
5. Subscriptions, Billing, and Pricing
5.1 Annual Billing
All tiers carry a 12-month minimum term and are billed annually, in advance. There is no month-to-month option. A 3-pay plan is available: the annual total is split into three equal installments at days 0, 30, and 60, with a 3% payment-plan surcharge applied to the total. We may introduce additional billing options in the future; any new options will be posted here.
Payment methods:Personal plans accept credit/debit card. Business plans (Reveal Business, Fortify, and Support & Defend) accept credit/debit card or ACH bank transfer. Payment is processed securely through Authorize.net. Your payment information is stored securely with Authorize.net and is never stored on our servers.
Minimum commitments:Reveal Personal covers 1 computer and up to 3 forwarding email addresses, with 50 email checks per month. Reveal Business requires a minimum of 10 seats; each seat includes 1 computer and 20 checks per month (pooled across the account). Support & Defend requires a minimum of 5 devices.
5.2 Annual Escalator (Single-Year Agreements)
At each renewal, the subscription rate increases by the greater of the change in CPI-U or 3% (a floor of 3%). Multi-year agreements are rate-locked and not subject to the annual escalator during their term (see Section 5.6).
5.3 Check Limits and Overage
Each tier includes a monthly check allowance. Unused checks expire after 30 days and do not roll over. We size allowances generously, notify before the limit is reached, and offer top-up check blocks at $19.97 per 10 additional checks. We do not hard-block a safety check: if you need to verify a suspicious email after your allowance is used, the check still runs and the overage is reconciled. You are never left unable to check a dangerous message.
5.4 Automatic Renewal
Subscriptions automatically renew at the end of each term unless cancelled before the renewal date. You may cancel at any time through your account dashboard or by contacting support. Cancellation will take effect at the end of your current term, and you will retain access until that date. No prorated refunds are issued for partial terms.
5.5 Guarantees
Craig's Personal Guarantee
Forward 10 emails in your first 30 days. If you don't look at the results and say “this is the best protection I've ever had,” we will refund every penny. No hoops, no retention calls, no fine print. You keep access until your 30 days are up.
30-Day Unconditional Money-Back Guarantee
We offer a 30-day unconditional money-back guarantee for new subscribers only. If you are not satisfied with the Service for any reason — or no reason at all — you may request a refund within 30 days of your first subscription payment. All plans are refunded in full. One click, no questions asked. This guarantee does not apply to renewals, returning customers, or per-incident support fees.
5.6 Term Lengths and Rate Protection
Customers choose a 1, 2, or 3-year term. A 1-year term is the standard annual agreement and is subject to the renewal escalator (Section 5.2). Multi-year terms (2 or 3 years) lock your per-unit rate for the full term — it is not subject to the annual escalator, even as prices rise for new customers.
The longer the term, the longer your rate is protected. At the end of a multi-year term, renewal re-establishes the rate lock for the new term at the then-current rate.
5.7 Founder's Pricing
Existing Founder's subscribers keep their locked rate on their current (email/Reveal-equivalent) service for the life of that subscription. Fortify and Support & Defend are separate, new purchases. Founder's pricing is locked for the life of the agreement; cancellation and re-subscription results in current rates.
5.8 Payment Failures and Grace Period
If your renewal payment fails, we will attempt to charge your payment method again over the following days. We provide a 10-day grace period during which your account remains active and your check credits are preserved. If payment is not successful within the grace period, your subscription will expire. You may update your payment method at any time through your account dashboard.
6. Per-Incident Support
Support & Defend customers: Per-incident fees do not apply to Support & Defend customers whose systems meet the Minimum Standards (Section 8). Support, troubleshooting, and incident response on in-standard devices are included in your subscription, with a fair-use guideline of up to 4 hours of routine work per event. Work beyond that on a single event is discussed and quoted before proceeding. Per-incident billing applies only to work on devices that do not meet Minimum Standards or that have an Out-of-Standard Waiver in place.
For all other tiers, or for out-of-standard devices on any tier, we use a transparent, predictable model:
- $297 per incident, up to 2 hours of work, covering all items related to the reported incident.
- At the 2-hour mark, work pauses. We summarize where things stand and re-quote any remaining work. No automatic rollover into more billed time.
- A separate incident (different root cause) discovered mid-investigation is stopped and quoted separately — no work without your go-ahead.
No-charge work: There is no standing quota of no-charge incidents. Two things are always no-charge: the service operating as sold, and correcting any problem caused by FTS's own automated changes. If you report a problem you believe we caused, we investigate at no charge for up to 30 minutes. If it is not FTS-caused, it converts to a standard $297 incident only with your go-ahead.
7. The Last Touch Standard
Our responsibility is bounded to the specific work we performed and the specific incident reported. Completing a touch or resolving an incident does not make FTS responsible for unrelated problems that arise afterward. A new problem with a different root cause is a new incident. A current, working backup must exist before we make any change (see Section 8).
8. Minimum Standards (Fortify and Support & Defend)
Before a device is onboarded to Fortify or Support & Defend, it must meet these standards:
- Operating system: Must be a current, supported version that still receives security updates from its vendor. End-of-life operating systems are not eligible.
- Hardware: Must be capable of running the latest supported version of the operating system and the current releases of installed applications. If a device's hardware cannot support the latest version of the OS or the software we manage, it does not meet Minimum Standards.
- Third-party software: Applications must be updatable to their latest stable release. We do not maintain older versions of software. If an application's current version requires hardware or OS capabilities the device does not have, that application falls outside our managed patching scope on that device.
- Network equipment: Routers, switches, firewalls, and other network gear must be remotely manageable and not hinder our ability to support the environment.
- IoT and peripheral devices: Printers, cameras, card readers, and other connected equipment are held to the same standards — current firmware, remotely manageable, and not a barrier to supporting the environment.
- Backup (non-negotiable): A current, working backup must be in place before we make any change.
Devices that don't meet standards are not rejected — you may bring them into standard or sign an Out-of-Standard Waiver acknowledging that support on that device is limited and FTS's responsibility is reduced accordingly.
9. Onboarding (Fortify and Support & Defend)
Onboarding is included in your subscription at no additional charge. We remotely configure each enrolled device — installing our management tools, running an initial security assessment, applying baseline hardening, and verifying backup — so you don't have to do anything. The process is hands-off for you and typically completes within one business day.
10. Testimonials & Customer Reviews
All testimonials, reviews, and customer quotes displayed on ForwardToSafety.com are from real customers who have used our service. We do not create fabricated testimonials, use stock photos, misrepresent results, or pay for undisclosed positive reviews. Testimonials represent individual experiences and may not represent typical results.
11. Service Limitations
You acknowledge and agree that:
- No security service can detect 100% of threats or guarantee the absence of false positives or false negatives
- All analysis results, verdicts, and screening outcomes — across every tier of service — are informational assessments only and do not constitute a guarantee, warranty, or endorsement of safety
- Threat landscapes change rapidly; a URL or email that appears safe at one moment may become dangerous minutes later
- You remain solely responsible for your own security decisions
- You should not rely on Forward to Safety as your sole source of security assessment
- Service availability may be affected by maintenance or circumstances beyond our control
11.1 Service Availability and Outages
While we strive to maintain continuous service availability, the Service may experience interruptions due to unforeseen circumstances beyond our reasonable control, including email delivery problems, network outages, data center failures, third-party provider outages, scheduled or emergency maintenance, acts of God, cyberattacks, or other force majeure events. We shall not be liable for any failure or delay in performing our obligations where such failure results from these causes.
12. Disclaimer of Warranties
THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, WITHOUT ERRORS, OR COMPLETELY SECURE.
WITHOUT LIMITING THE FOREGOING, FORWARD TO SAFETY MAKES NO WARRANTY OR REPRESENTATION THAT: (A) ANY ANALYSIS, VERDICT, SCREENING RESULT, OR ASSESSMENT PROVIDED BY THE SERVICE WILL BE ACCURATE, COMPLETE, OR RELIABLE; (B) THE SERVICE WILL DETECT ALL SECURITY THREATS; (C) ANY URL, EMAIL, OR WEBSITE IDENTIFIED AS HAVING “NO KNOWN THREATS DETECTED” IS ACTUALLY SAFE; OR (D) THE SERVICE WILL PROTECT YOU FROM ALL SECURITY THREATS OR FINANCIAL LOSSES.
THIS DISCLAIMER APPLIES TO ALL TIERS OF SERVICE, INCLUDING NO-COST URL SAFETY SCREENING, PAID ANALYSIS, WEBSITE MONITORING, ENDPOINT SCANNING, PATCHING, HARDENING, MONITORING, INCIDENT RESPONSE, BROWSER EXTENSIONS, AND BOOKMARKLETS.
13. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY LAW, FORWARD TO SAFETY SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, DATA, OR OTHER INTANGIBLE LOSSES, RESULTING FROM YOUR USE OF THE SERVICE, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
OUR TOTAL LIABILITY FOR ANY CLAIMS ARISING FROM YOUR USE OF THE SERVICE SHALL NOT EXCEED THE AMOUNT YOU ACTUALLY PAID US FOR THE CURRENT BILLING PERIOD (MONTHLY OR ANNUAL) IN WHICH THE CLAIM AROSE.
14. Indemnification
You agree to indemnify and hold harmless Forward to Safety, its officers, directors, employees, and agents from any claims, damages, losses, or expenses arising from your use of the Service or violation of these Terms.
15. Termination
We may terminate or suspend your access to the Service immediately, without prior notice, for conduct that we believe violates these Terms or is harmful to other users, us, or third parties, or for any other reason at our sole discretion.
16. Dispute Resolution
These Terms are governed by the laws of the State of New Hampshire, without regard to conflict of law provisions. The parties agree to attempt good-faith resolution of any dispute before initiating formal proceedings. Venue for any legal action shall be Hillsborough County, New Hampshire.
17. Changes to Terms
We reserve the right to modify these Terms at any time. We will provide notice of material changes by posting the updated Terms on our website and updating the “Last updated” date. Changes apply to service occurring after the effective date. We will not change the financial terms of an active agreement mid-term except as that agreement allows. Your continued use of the Service after changes constitutes acceptance of the modified Terms.
18. Contact Us
If you have questions about these Terms, please contact us at:
Email: support@forwardtosafety.com
Forward to Safety · Craig Peterson · Merrimack, New Hampshire
