Terms of Service
Please read these terms carefully before submitting an engagement request.
1. Agreement to Terms
By submitting an engagement intake form, completing payment, or otherwise engaging the services of Marshall Williams Consulting ("Consultant," "I," "me"), you ("Client") agree to be bound by these Terms of Service in their entirety. These terms constitute a legally binding agreement.
A copy of the version of these Terms in effect at the time of your intake submission will be included in your engagement confirmation email for your records.
If you do not agree to these terms, do not submit a request or complete payment.
2. Scope of Work
Services are performed based on the scope described in the intake form submitted by the Client. The Consultant reserves the right to decline any request that is outside available service offerings or that the Consultant cannot deliver to a professional standard.
For Custom IT Projects, scope is defined via written quote sent to the Client prior to payment. Work does not begin on custom projects until the quote is accepted and payment is received.
Any scope expansion beyond what was agreed at intake requires a separate written agreement and may incur additional charges.
3. Payment Terms
3.1 Payment Before Work Begins
Payment is required in full prior to the commencement of any work. The Consultant will not begin any engagement until payment has been received and confirmed. Submission of an intake form does not constitute a reservation or guarantee of availability.
3.2 Accepted Payment Methods
- Credit or debit card via Stripe (processed at checkout)
- ACH bank transfer via Wave (invoice-based, on request)
- Zelle (details provided on confirmation page)
Online payment is preferred. PayPal and checks are not accepted.
3.3 Refunds, Deadlines, and Delivery
Once work has commenced, all sales are final. No refunds will be issued for completed or in-progress work, except as described below.
Refund requests submitted within 24 hours of payment — and before any work has begun — will be honored in full. After the 24-hour window, or once work has started, no refunds will be issued unless the Consultant fails to meet the agreed delivery deadline as described below.
Delivery deadlines. All stated delivery deadlines expire at 11:59:59 PM on the final day of the stated turnaround period, measured from the date payment is confirmed. A Client may not claim a missed deadline prior to that time on the delivery date.
Consultant-caused delays. If the Consultant fails to deliver by the stated deadline for reasons within the Consultant's control, the Client is entitled to a full refund upon request. The Consultant will proactively notify the Client before the deadline if delivery is at risk.
Force majeure. The Consultant is not liable for delays caused by circumstances beyond reasonable control, including but not limited to natural disasters, severe weather events, infrastructure outages, or medical emergencies. In such cases, the Consultant will communicate with the Client as soon as practicable and before the deadline where possible. No refund is owed for delays caused by force majeure events, though the Consultant will make reasonable efforts to complete the engagement as soon as conditions allow.
4. Chargeback and Dispute Policy
Initiating a chargeback, payment reversal, or dispute through a payment processor (including Stripe, your bank, or credit card issuer) after work has commenced — without first contacting the Consultant in good faith to resolve the issue — is a material breach of these Terms of Service.
In the event of an unauthorized or bad-faith chargeback after work has been delivered, the Consultant reserves the right to pursue recovery of the disputed amount plus any fees incurred, through civil legal action or other available remedies.
If you are dissatisfied with a delivered engagement, contact the Consultant's escalations team at [email protected] before initiating any payment dispute.
5. Revisions
All service packages include at least one round of revisions. "Standard" packages include one revision. "Premium" packages include two to three revisions depending on service type.
Revision window. Revision requests must be submitted within 3 business days of delivery. The dedicated VM for your engagement is kept available during this window to support revisions. After 3 business days with no revision request, or after final revised delivery, the VM is destroyed and no further revisions can be performed — all client data is permanently purged at that point.
Submitting a revision request acknowledges that the VM and associated data are still present. After VM destruction is confirmed via the Destruction Certificate, no further revisions can be accommodated, as client data no longer exists on the Consultant's systems.
Revisions are limited to the original scope of work. A revision request that substantially changes or expands the original scope will be treated as a new engagement.
6. Data Handling & Confidentiality
All work is performed inside a dedicated, isolated virtual machine provisioned specifically for the Client's engagement. The VM operates on an isolated network segment and has no access to other client environments or unrelated systems.
Access level. The Consultant will operate with read-only access by default unless the engagement explicitly requires write or administrative access (e.g., remediation services). The required access level will be confirmed with the Client during scoping.
Data retention and destruction. Client data — including credentials, files, audit logs, scripts, and all other materials — is retained only within the dedicated VM for the duration of the engagement, including the revision window. The VM is fully destroyed after the revision window closes or after final revised delivery, whichever comes first. A signed VM Destruction Certificate is issued at that time confirming the provision date, destruction date, and scope of engagement.
No client data is copied outside the VM, retained on the Consultant's personal systems, or stored after VM destruction. Once the Destruction Certificate is issued, all client data is permanently and irrecoverably gone.
The Consultant will not share, sell, disclose, or publish any information provided by the Client, any findings made during the engagement, or any deliverables, without the Client's explicit written consent.
The Client is responsible for ensuring that any credentials, access, or data provided to the Consultant are authorized for the stated purpose and do not violate any applicable laws or third-party agreements.
7. Client Responsibilities
The Client is responsible for:
- Providing accurate and complete information in the intake form
- Granting appropriate access in a timely manner to enable work to proceed
- Revoking all access credentials granted to the Consultant after delivery, as required by the Consultant
- Ensuring the Client has authorization to engage third-party assistance on the systems described
- Not providing regulated PII (SSNs, financial account numbers, medical records) unless strictly necessary for the stated scope
Regarding regulated PII. The Consultant reserves the right to refuse any documentation, file, or dataset that contains regulated PII. If PII is present in materials required to complete the engagement, the Consultant may provide the Client with instructions to mask, redact, or anonymize the information before submission. The decision to accept or decline materials containing PII rests solely with the Consultant.
8. Limitation of Liability
The Consultant provides services on a best-efforts basis. All deliverables are provided "as-is" without warranty of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement.
In no event shall the Consultant be liable for any indirect, incidental, special, consequential, or punitive damages — including lost profits, data loss, business interruption, or security incidents — arising out of or related to the services, even if the Consultant has been advised of the possibility of such damages.
The Consultant's total liability for any claim arising under these terms shall not exceed the amount paid by the Client for the specific engagement giving rise to the claim.
The Consultant is not responsible for security incidents, breaches, or issues that existed prior to, or arise after, the engagement.
9. Prohibited Uses
The Client may not use the Consultant's services to:
- Access, investigate, or modify systems or accounts without proper authorization
- Facilitate any illegal activity, including unauthorized computer access
- Conduct offensive security operations against systems not owned or authorized by the Client
- Circumvent security controls for malicious purposes
Any engagement found to involve unauthorized access or other illegal activity will be terminated immediately without refund, and may be reported to appropriate authorities.
10. Independent Contractor
The Consultant operates as an independent contractor. Nothing in these terms shall be construed to create an employment relationship, partnership, joint venture, or agency relationship between the Client and the Consultant.
11. Governing Law
These terms are governed by the laws of the jurisdiction in which the Consultant is located at the time the engagement is initiated. The applicable jurisdiction will be disclosed upon written request. Any disputes shall be resolved in a court of competent jurisdiction in that location.
12. Changes to These Terms
The Consultant reserves the right to update these terms at any time. Each version is identified by the version number and "Last updated" date at the top of this page. The version in effect at the time of your intake form submission governs your engagement — and a copy of that version is included in your confirmation email for your records. Continued use of services after changes constitutes acceptance of the updated terms.
13. Contact & Legal Inquiries
Questions about these terms, billing disputes, or legal inquiries may be directed to: [email protected]