Terms of Service
Last modified: June 1st, 2026
Subscription Terms of Service
The Agreement governs the subscription by the Client to the Verto Service.
General Construction:
Parties. The Agreement is made between Verto and the Client, as identified in the Quote or Statement of Work, as applicable.
Quote and Statement of Work. The Verto Service to be provided under the Agreement is identified in a Quote (together with its annexes, if any) issued by Verto. The Consultancy Services to be provided under the Agreement are identified in a Statement of Work agreed between Verto and the Client. The Agreement may comprise a Quote, a Statement of Work or both, depending on the nature of the Services being provided to the Client. Where both a Quote and a Statement of Work are issued, both documents will form part of the Agreement and their relationship and order of precedence will be as set out in these Terms of Service.
Terms of Service. These Terms of Service set out the general terms and conditions under which Verto agrees to provide, and Client agrees to receive and use, the Services. Capitalised terms used in these Terms of Service are defined in clause 1 or elsewhere in these Terms of Service.
Verto Service. The Client agrees that any access to and use of the Verto Service will be according to, and solely and exclusively for the purposes set out in, the Agreement.
Order of Precedence. If there are any inconsistencies between the documents that make up the Agreement, the following order of precedence will apply to the extent of that inconsistency only: (a) these Terms of Service will take precedence over all the other documents (unless a Quote or Statement of Work expressly states that it varies a clause of these Terms of Service, in which case the relevant provision in the Quote or SOW shall prevail for the purpose of that clause only); (b) the Service Level Agreement will take precedence over the Quote, the Statement of Work and the Acceptable Use Policy; (c) the Quote will take precedence over the Statement of Work and Acceptable Use Policy; and (d) the Statement of Work will take precedence over the Acceptable Use Policy.
1. Definitions
1.1. The following words have the following meanings, unless it is obvious from its context, that they do not.
|
Term |
Meaning |
|
Acceptable Use Policy |
Verto’s Acceptable Use Policy available at https://vertocloud.co.uk/acceptable-use-policy or such other website that Verto advises the Client from time to time |
|
Agreement |
the Quote, together with these Terms of Service, all the Statements of Work, the Acceptable Use Policy and the Service Level Agreement |
|
Agreement Start Date |
the date the Agreement comes into force which is the earlier of: (i) the date the Client signs the Quote; or (ii) the Subscription Start Date |
|
AI |
a system, software, model or process that performs tasks typically requiring human intelligence, including learning, reasoning, pattern recognition, decision-making, prediction, or content generation. This includes both generative AI systems (such as those that produce text, images, audio, video, or other outputs) and non-generative AI systems (such as those used for classification, recommendation, optimisation or data analysis), whether rule-based, statistical, machine learning-based, or otherwise |
|
Client |
the entity identified in the Quote or the SOW (as applicable), that subscribes to use the Verto Service or that commissions the Consultancy Services |
|
Confidential Information |
all information disclosed by one party (the disclosing party) to the other (the receiving party) or to which the receiving party gains access in connection with performance of the Services which a reasonable business person would regard as confidential, whether in writing, electronically or orally, including the business and affairs of the disclosing party, its processes and operations and in the case of Verto, the Verto Service and pricing |
|
Consultancy Service |
consulting, implementation and/or integration services to be performed by Verto as described in the Quote or SOW (as applicable) |
|
Consultancy Fees |
the fees payable for the Consultancy Service, as specified in the Quote or the SOW. |
|
Content |
any content input by the Client or a User into the Verto Service or provided by the Client to Verto, to perform the Consultancy Service |
|
Control |
the ability to direct the affairs of the Client whether by ownership of shares, contract, management control or otherwise and the expression change of Control will be construed accordingly |
|
CPI |
the consumer price index calculated by the Office of National Statistics in the UK |
|
Elements |
the factors on which Verto decides, from time to time, to base its charges for clients to use the Verto Service (e.g. Subscription Type, number of user licences) |
|
Full User Licence |
a licence, which once purchased by the Client, entitles a User to access and use the Verto Service (in accordance with the Agreement) to collaborate, edit and update tasks, but not to define project structure or resource management |
|
Full User Licence Fee |
the fee described as the ‘Full User Licence’ fee in the Quote, which is payable for each Full Use Licence and which fee may be amended from time to time in line with clause 9 |
|
Initial Subscription Term |
from the Agreement Start Date for the initial period specified in the Quote |
|
Initial Subscription Fees |
in respect of the Initial Subscription Term, the aggregate of the Platform Fees, Full User Licence Fees, Workspace Licence Fees, Pro Licensees Fees, the Module Fees and any other fees for the Verto Service, to the extent they are each specified in the Quote |
|
Intellectual Property Right |
any patent, trade mark, service mark, copyright, database right, design right, know-how and any other intellectual or industrial property rights, anywhere in the world whether or not registered |
|
Module |
an add-on or additional component of the Verto Service, as described in the Quote (if any), which is an enhancement or extension to the core Verto Service |
|
Module Fees |
in respect of each Module purchased by the Client (if any), the fee specified for that Module in the Quote, as that fee may be amended from time to time in line with clause 9 |
|
Platform |
the platform via which the Verto Service is made available by Verto from time to time, including www.Vertocloud.co.uk, Vertocloud.com, and app.verto365.com |
|
Platform Fee |
the fee described as the ‘Platform Fee’ in the Quote, which is payable by the Client for access to the Verto Platform and to the elements of the Platform and Verto Service stated to be included within the Platform Fee in the Quote and which fee may be amended from time to time in line with clause 9 |
|
Pro Licence |
a licence, which once purchased by the Client, entitles a User to full access to all features and functionality of the Verto Service in accordance with this Agreement |
|
Pro Licence Fees |
the fee described as the ‘Pro Licence’ fee in the Quote, which is payable for each Pro Licence and which fee may be amended from time to time in line with clause 9 |
|
Quote |
the quote, which if issued by Verto, forms part of the Agreement and specifies the Verto Service to be supplied by Verto and other key terms such as fees payable |
|
Renewal Term |
has the meaning given to it in clause 16.1 |
|
Renewal Fees |
in respect of each Renewal Term, the aggregate of all the fees for the Verto Service that are specified in the Quote, increased in accordance with clause 9.4. |
|
Representatives |
in relation to a party, its employees, officers, contractors, subcontractors and advisers |
|
Service Level Agreement |
the Service Level Agreement available at https://vertocloud.co.uk/service-level-agreement as the same may be amended by Verto from time to time |
|
Services |
the Verto Service and the Consultancy Services (if any) |
|
Statement of Work or SOW |
any statement of work signed by Verto and the Client which describes the Consultancy Services to be provided to the Client by Verto |
|
Subscription Start Date |
the date that the Verto Service is first made available by Verto to the Client |
|
Subscription Term |
the Initial Subscription Term together with any Renewal Term |
|
Subscription Type |
the type of User subscription purchased by the Client to use the Verto Service, as specified in the Quote or as purchased under clause 9.6.2 |
|
Termination Date |
has the meaning given to it in clause 17.1 |
|
Terms of Service |
the terms and conditions that govern the provision and use of the Services under the Agreement, as set out in this document, as it may be amended from time to time pursuant to clause 18.7 |
|
Third Party Facilitator |
any third party authorised by Verto, through whom the Client purchases or obtains access to the Verto Service, including resellers, distributors or managed service providers, who are not a party to this Agreement |
|
Verto |
TMI Systems Limited (trading as Verto) |
|
Verto Notice |
has the meaning given to it in clause 18.7 |
|
Updates |
software updates to the Verto Service released by Verto |
|
Usage Data |
data or information generated, derived or collected by Verto, related to access to the Platform and use of the Verto Service by Users, including technical logs, performance metrics, statistical and analytical data, that has been aggregated and anonymised. To avoid doubt, Usage Data does not include Content |
|
User |
any employee of:
that the Client authorises from time to time to access the Verto Service |
|
Verto Service |
the core version of the online work collaboration service made available by Verto via the Platform together with any Modules purchased by the Client, as set out in the Quote or purchased pursuant to clause 9.6.2 |
|
Workspace Licence |
a licence, which once purchased by the Client, entitles a User to restricted, often ‘read-only’ use of the Verto Service (in accordance with the Agreement) |
|
Workspace Licence Fees |
the fee described as the ‘Workspace Licence’ fee in the Quote, which is payable for each Workspace Licence and which fee may be amended from time to time in line with clause 9 |
1.2 In the Agreement, unless the context otherwise requires:
1.2.1 words in the singular include the plural and vice versa;
1.2.2 including means including without limitation and include and includes shall be construed accordingly;
1.2.3 all references to any legislation are references to that legislation (or successor legislation) as may be amended, supplemented, rescinded, or superseded from time to time.
1.2.4 controller and processor have the meanings given to it in applicable data protection law.
2. Basis of Agreement
Any purchase order issued by the Client constitutes an offer by the Client to buy the Services in accordance with these Terms of Service. It is only on the earlier of the Client signing the Quote or the Subscription Start Date that the parties enter into the Agreement for the Services.
3. The Services
3.1 Verto will, during the Subscription Term, provide the Services to the Client on and subject to the terms of the Agreement.
Verto service
3.2 The Client acknowledges that where it purchases access to the Verto Service through a Third Party Facilitator, it shall cooperate as reasonably required with both Verto and the Third Party Facilitator to facilitate the provisioning, management and ongoing support of the Verto Service. This includes timely provision of necessary information, adherence to onboarding and security requirements and participation in any required compliance or audit activities.
3.3 Verto will provide the Client with:
3.3.1 any login credentials required to enable admin access the Verto Service;
3.3.2 Updates during the Subscription Term;
3.3.3 technical help desk support and error resolution, in accordance with the Service Level Agreement.
3.4 If Verto fails to meet the standards described in the Service Level Agreement, the Client will notify details of such non-compliance to Verto in writing. If within 40 days of receipt of the notification, Verto has failed to refute any complaint, failed to achieve compliance with the required standard or failed to enable a suitable workaround, the Client may terminate the Agreement on written notice to Verto. Where Verto has been paid fees in advance for the Verto Service, Verto will reimburse the Client a pro-rata amount of those fees corresponding to the remaining part of the Subscription Term. This will be the Client’s sole remedy for failure to meet the Service Level Agreement.
3.5 Verto reserves the right to make improvements, substitutions, modifications or enhancements to the Verto Service, including introducing appropriate technical protection measures to control the way in which any part of the Verto Service is accessed, provided that no such change will result in a material degradation of the Verto Service.
Consultancy Services
3.6 Verto will provide the Consultancy Services, in accordance with the Statement of Work. The Statement of Work sets out the full extent of Verto’s obligations with respect to the Consultancy Services. Any services or deliverables not expressly described in it are excluded, unless otherwise agreed in writing by both parties.
3.7 Verto will provide the Consultancy Services with reasonable skill and care.
3.8 The Client will provide timely access to information, resources and personnel as reasonably requested by Verto to perform the Consultancy Services. Verto will not be liable for any delay or failure in delivery of the Consultancy Services which results from the Client’s failure or delay in cooperating with Verto.
3.9 The Client acknowledges that where it has purchased a package of consultancy days, those days must be consumed within 12 months of their date of purchase (the “Expiry Date”). Any unused days will expire on the Expiry Date. The parties acknowledge that consultancy day packages represent a commitment by Verto to resource availability and are recognised as revenue by Verto at the point of purchase; accordingly, no refund or credit will be issued in respect of expired unused days. Verto will notify the Client in writing when 25% or fewer consultancy days remain unused, and will work with the Client to schedule any remaining days before the Expiry Date. Where the Client has been unable to consume days due to delays caused solely by Verto, the parties will agree in writing a reasonable extension to the Expiry Date.
AI Technologies
3.10 The Customer acknowledges that the Verto Services may include access to or use of AI technologies.
3.11 The Customer further acknowledges and agrees that:
3.11.1 such technologies generate outputs, responses and suggestions automatically based on input data and algorithmic processes that may be probabilistic in nature and which may not always produce explainable or consistent results;
3.11.2 Verto makes no representations, warranties or undertakings as to the accuracy, completeness, correctness, reliability or usefulness of any outputs generated by such technologies;
3.11.3 the Client is solely responsible for reviewing, verifying and exercising its own judgement and independent verification or for obtaining specialist advice in respect of such outputs; and
3.11.4 the outputs should not be relied on as the sole basis for any business decision.
4. Right of use
4.1 Verto grants the Client the right to allow the Users (in line with the particular user roles available to the Client and according to the Client’s Subscription Types) to access and use the Verto Service in line with its functionality for the Client’s own lawful internal business purposes. This right is granted during the Subscription Term only, is non-exclusive, non-transferable, without the right to grant third parties (except for Users) access and is limited by and subject to this Agreement.
4.2 The Client acknowledges and agrees that
4.2.1 the Client determines who is a User, and enables their access to the Verto Service;
4.2.2 the Client controls each User’s level of access to the Verto Service (according to the user role assigned by the Client to the User) at all times and can revoke or change a User’s access or level of access, at any time and for any reason, in which case that person or entity will cease to be a User or will have that altered level of access, as the case may be;
4.2.3 the Client is responsible for all Users’ use of the Verto Service and will procure that the Users comply with the relevant terms of the Agreement; and
4.2.4 if there is any dispute between a Client and a User regarding access to the Verto Service or the Content, the Client will decide what access or level of access that User will have, if any.
4.3 The Client acknowledges that Verto will collect, process, copy, modify, store and use Usage Data for Verto’s business purposes (including service improvement and analytics) without paying any fee.
5. Access conditions
5.1 As a condition of the Agreement, when accessing and using the Services, except to the extent permitted by applicable law, which is incapable of exclusion by agreement of the parties and except as permitted under the Agreement, the Client must:
5.1.1 not attempt to undermine the security or integrity of Verto computing systems or networks or, where the Verto Service is hosted by a third party, that third party’s computing systems or networks;
5.1.2 not use, or misuse, the Verto Service in any way which may impair the functionality of the Verto Service or Platform, or other systems used to deliver the Verto Service or impair the ability of any other user to use the Verto Service or Platform;
5.1.3 not attempt to gain unauthorised access to any materials other than those to which the Client (and its Users) have been given express permission to access;
5.1.4 not transmit or input into the Verto Service; (i) any files that may damage any other person’s computing devices or software; or (ii) material or Content that may be offensive, in breach of any law or that otherwise causes damage or injury to any person or property (including Content or other material protected by copyright or trade secrets which the Client does not have the right to use);
5.1.5 not attempt to modify, copy, adapt, reproduce, disassemble, decompile or reverse engineer any computer programs used to deliver the Verto Service or to operate the Platform except as is strictly necessary to use either of them for normal operation;
5.1.6 not access any part of the Verto Service in order to build a product or service which competes with the Verto Service; or
5.1.7 not connect any third party tools to the Verto Service, except for integrations with Microsoft 365 or other third party software specified by Verto, without prior written agreement from Verto.
6. The Client’s obligations
6.1 The Client will:
6.1.1 obtain and maintain all necessary licences, consents, and permissions necessary for Verto, its contractors and agents to perform their obligations under the Agreement, including the Services;
6.1.2 ensure that its network and systems comply with the relevant specifications provided by Verto from time to time;
6.1.3 except as otherwise expressly provided in the Agreement, be solely responsible for:
6.1.3.1 procuring, maintaining and securing its network connections and telecommunications links from its systems to the Verto Service; and
6.1.3.2 all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Client's network connections or telecommunications links or caused by the internet;
6.1.4 have sole responsibility for the legality, reliability, integrity, accuracy and quality of all Content;
6.1.5 procure that its Users use any the AI technologies made available via the Verto Service in compliance with all applicable laws and will not use them in any manner that could result in discrimination or harm;
6.1.6 grant Verto a non-exclusive, limited, right during the Subscription Term, to host the Content on its servers, via the Platform;
6.1.7 maintain copies of all Content. Verto adheres to its best practice policies and procedures to prevent data loss, including a daily system data back-up regime, but does not make any guarantees that there will be no loss of or damage to Content;
6.1.8 inform Verto of all health and safety and security requirements that apply to the Client’s premises at which the Services may be carried out and take reasonable steps, subject to Verto’s compliance with those requirements, to ensure the safety of Verto’s staff at the Client’s premises; and
6.1.9 comply with the Acceptable Use Policy in connection with the Content uploaded to the Verto Service.
7 User Licences
7.1 The Client undertakes that:
7.1.1 the maximum number of Users that it authorises to access and use the Verto Service will not exceed the number of User licences it has purchased from time to time;
7.1.2 it will not allow any User licence to be used by more than one individual User unless it has been reassigned in its entirety to another individual User, in which case the prior User will no longer have any right to access or use the Verto Service;
7.1.3 all usernames and passwords required to access the Verto Service are kept secure and confidential and it will immediately notify Verto of any unauthorised use of such login credentials or any other breach of security;
7.1.4 it will take all other actions that Verto reasonably deems necessary to maintain or enhance the security of Verto computing systems and networks and the Client’s access to the Verto Service;
7.1.5 it will use all reasonable endeavours to prevent any unauthorised access to, or use of, the Verto Services and, if there is any unauthorised access or use, promptly notify Verto;
7.1.6 it will maintain a written, up to date list of current authorised Users and provide the list to Verto within 5 days of Verto's written request;
7.1.7 it will permit Verto or Verto 's designated auditor to audit the Client’s use of the Verto Service in order to verify compliance with the Agreement; and
7.1.8 If any of the audit referred to in clause 7.1.7 reveals that the Client has underpaid the fees due under the Agreement, then without prejudice to Verto’s other rights, the Client will pay an amount equal to such underpayment as notified by Verto to the Client within 10 days of such notification.
8. Third party providers
8.1 Verto makes no representation or warranty and will have no liability or obligation whatsoever in relation to use of or connection with any third party provider, software or service used by the Client to integrate with, or facilitate use of, the Verto Service, including Microsoft 365.
9. Fees and payment
9.1 Unless otherwise specified in the Quote, the parties agree that Verto will invoice the Client:
9.1.1 for subscription to the Verto Service, annually in advance, with the first payment being due at the Subscription Start Date;
9.1.2 for the Consultancy Fees according to the invoicing schedule set out in the Quote or SOW, as applicable; and
9.1.3 for all reasonable travel-related and out-of-pocket expenses incurred by Verto in the performance of the Consultancy Services (if any), in accordance with the Client’s travel and expense policy (a copy of which will be provided to Verto, or Verto’s policy if none is provided by the Client). If the Client is a public sector entity, Verto will invoice such expenses annually. If the Client is not a public sector entity, Verto will invoice such expenses as and when they are incurred.
9.2 The Client will pay each invoice within 30 days after the date of such invoice.
9.3 All amounts and fees stated or referred to in the Agreement:
9.3.1 are payable in pounds sterling;
9.3.2 are non-cancellable and non-refundable, except to the extent expressly set out in the Agreement;
9.3.3 are exclusive of value added tax, which will be added to Verto's invoices at the appropriate rate.
9.4 The fees payable for the Services (including for additional user licences) will automatically increase at the start of each Renewal Term by a percentage equal to the aggregate of: (a) the percentage increase in the CPI over the 12 months preceding the Renewal Term start date; and (b) 3% applied to the then current fees. The Client’s continued use of the Verto Service after the Renewal Term start date will constitute acceptance of the increased fees. If the Client does not wish to renew at the increased fee, it must terminate the Agreement in accordance with Clause 16.2 before the end of the then current term.
9.5 Without affecting clause 9.4, the Client acknowledges that the fees for subscription to the Verto Service are calculated based on the Subscription Type and number of User licences per annum and compliance with the Acceptable Use Policy. If any of the Elements change during the Subscription Term or if the Client does not comply with the Acceptable Use Policy, Verto will be entitled to charge the Client an additional fee.
9.6 If there is a change or addition to an Element, the party that becomes aware of or wishes to change it, must inform the other party in writing. Verto will evaluate the proposed change and either approve or reject it. If Verto approves it:
9.6.1 Verto will inform the Client in writing about the proposed additional fee;
9.6.2 if the Client agrees the fee, Verto may, at its option and on written notice to the Client, either issue a new quote, which once signed by the Client will become a Quote and which will replace the preceding Quote, or will treat the agreement to the new fee by the Client as an amendment to the current Quote; and
9.6.3 the Client will pay Verto the agreed fee in accordance with that Quote.
9.7 If Verto rejects the Client’s request or the parties cannot agree the fees for the change to an Element within 30 days of Verto’s notice under clause 9.6.1, Verto will be entitled to terminate the Agreement on giving the Client 30 days prior written notice.
9.8 If payment of an invoice remains outstanding for more than 10 days after its due date, or if Verto is unable to issue an invoice, because the Client has not provided a required purchase order within 30 days of the date of signing the Quote, Verto may suspend, without liability, the Client’s right of access to the Verto Service and the Content or terminate the Agreement under clause 16.4.1.
9.9 Verto may charge interest on any unpaid and due payments. The rate will be 4% per year above the Bank of England’s base rate, calculated on a daily basis, from the date payment was due until Verto receives payment in full. This interest will be calculated on a daily basis and will be charged from the first day that payment was due until Verto receives the full amount, whether before or after judgement.
10. Proprietary rights
10.1 Verto acknowledges that, as between the parties, the Client owns all Intellectual Property Rights in and to all of the Content and in and to any output generated through use of the AI technologies incorporated into the Verto Service, to the extent such output is substantively derived from the Content.
10.2 The Client acknowledges that Verto and/or its licensors own all Intellectual Property Rights in the Platform, the Services and the Usage Data. Except as expressly stated in the Agreement, the Agreement does not grant the Client any Intellectual Property Rights in the Services, nor in any output generated by the Client through use of AI technologies incorporated into the Verto Service.
10.3 Verto acknowledges that it has all the rights required to grant the rights it purports to grant under, and in accordance with, the terms of the Agreement.
11. Confidential Information
11.1 Each party (receiving party) will receive and hold any Confidential Information from the other party (disclosing party), in strict confidence and will:
11.1.1 protect and safeguard the Confidential Information against unauthorised use, publication and disclosure and exercise at least the same standard of care and security to protect the Confidential Information as it uses to protect its own Confidential Information, but no less than a reasonable degree of care; and
11.1.2 not use the Confidential Information except for the purpose of exercising or performing its rights and obligations under or in connection with the Agreement or as otherwise specifically authorised by the disclosing party.
11.2 A party may disclose the other party's Confidential Information to those of its Representatives who need to know such Confidential Information for the purpose of exercising its rights and obligations under the Agreement, provided that:
11.2.1 it informs such Representatives of the confidential nature of the Confidential Information before disclosure; and
11.2.2 at all times, it is responsible for such Representatives' compliance with the confidentiality obligations set out in this clause.
11.3 A party may also disclose Confidential Information to the extent such Confidential Information is required to be disclosed by law, by any governmental or other regulatory authority or by a court or other authority of competent jurisdiction provided that, to the extent it is legally permitted to do so, it gives the other party as much notice of the disclosure as possible and, where notice of disclosure is not prohibited and is given in accordance with this clause11.3, it takes into account the reasonable requests of the other party in relation to the content of the disclosure.
11.4 The provisions of this clause 11 will not apply to any Confidential Information that:
11.4.1 is or becomes generally available to the public (other than as a result of its disclosure by the receiving party or its Representatives in breach of this clause);
11.4.2 was available to the receiving party on a non-confidential basis before disclosure by the disclosing party; or
11.4.3 was, is or becomes available to the receiving party on a non-confidential basis from a person who, to the receiving party's knowledge, is not bound by a confidentiality agreement with the disclosing party or otherwise prohibited from disclosing the information to the receiving party.
11.5 Each party reserves all rights in its Confidential Information. No rights or obligations in respect of a party's Confidential Information other than those expressly stated in the Agreement are granted to the other party, or to be implied from the Agreement.
11.6 On termination or expiry of the Agreement, each party will:
11.6.1 subject to clause 17.1.2 destroy or return to the other party all documents and materials (and any copies) containing, reflecting, incorporating or based on the other party's Confidential Information; and
11.6.2 erase all the other party's Confidential Information from computer and communications systems and devices used by it, including such systems and data storage services provided by third parties (to the extent technically practical).
11.7 Each party’s obligations under this clause will survive termination of the Agreement.
12. Data Protection
12.1 Where Verto acts as controller of personal data, it processes such personal data in accordance with its privacy notice available at Privacy Notice - Verto Cloud.
12.2 Where Verto acts as the Clients processor in connection with personal data, processed under the Agreement, Verto and the Client will enter into the Data Processing Agreement attached as Schedule 1 to these Terms of Service (or such other data processing agreement as the parties may agree in writing).
13. Indemnities
13.1 The Client will defend, indemnify and hold harmless Verto against claims, actions, proceedings, losses, damages, expenses and costs (including reasonable legal fees) arising out of or in connection with: (i) the Client's unauthorised use of the Verto Service; and (ii) any losses incurred by Verto as a result of the Content.
13.2 Verto will defend the Client, its officers, directors and employees against any claim that the Client's use of the Verto Service in accordance with the Agreement infringes any United Kingdom patent valid as of the Agreement Start Date, or copyright, trade mark or database right, and will indemnify the Client for any amounts awarded against the Client in judgment or settlement of such claims.
13.3 In the defence or settlement of any claim, Verto may procure the right for the Client to continue using the Verto Service, replace or modify the Verto Service so that it becomes non-infringing or, if such remedies are not reasonably available, terminate the Agreement on 2 UK business days' notice to the Client without any additional liability to the Client.
13.4 In no event will Verto, its employees, agents and sub-contractors be liable to the Client to the extent that the alleged infringement is based on:
13.4.1 a modification of the Verto Service by anyone other than Verto;
13.4.2 the Client's use of the Verto Service contrary to the instructions given to the Client by Verto;
13.4.3 combination of the Verto Services with any products or software not supplied or approved in writing by Verto;
13.4.4 the Client's continued use of the Verto Service after notice of the alleged or actual infringement from Verto or any appropriate authority; or
13.4.5 the Client's breach of the Agreement.
13.5 Where any claim is made by a party under an indemnity in the Agreement, the indemnified party will promptly notify the indemnifying party of any and all such claims and will allow the indemnifying party at the indemnifying party’s sole cost and expense to defend any proceedings in respect of any such claim in the indemnified party’s name (including the right to compromise any such other proceedings after prior consultation with the indemnified party).
14. Disclaimers
14.1 Verto has no responsibility to any person other than to the Client and nothing in this Agreement confers, or purports to confer, a benefit on any person other than the Client.
14.2 Except as expressly provided in the Agreement:
14.2.1 Verto will have no liability for any damage caused by errors or omissions in any Content, information, instructions or scripts provided to Verto by the Client in connection with the Services, or any actions taken by Verto at the Client’s direction;
14.2.2 the Services are provided to the Client ‘as is’;
14.2.3 Verto shall have no liability for any loss, damage, cost or expense arising from the Client’s use of any AI technologies made available in or via the Verto Services, including any reliance on any output generated by such technologies;
14.2.4 Verto does not warrant that the use of the Verto Service will be uninterrupted or error free; and
14.2.5 Verto gives no warranty about the Services. Without limitation, Verto does not warrant that the Services will meet the Client’s requirements or that they will be suitable for any particular purpose. To avoid doubt, all implied conditions or warranties are excluded in so far as is permitted by law, including (without limitation) warranties of merchantability, fitness for purpose, title and non-infringement.
15. Limitation of liability
15.1 Nothing in the Agreement excludes the liability of Verto for:
15.1.1 death or personal injury caused by Verto's negligence; or
15.1.2 fraud or fraudulent misrepresentation;
15.1.3 any other loss it is unlawful to exclude or restrict.
15.2 Subject to clause 15.1, Verto will have no liability to the Client (or any other person) in contract, tort (including negligence), or otherwise, for any: (i) loss of profits; (ii) loss of business; (iii) wasted expenditure; (iv) depletion of goodwill; (v) loss or corruption of data, including the Content or (vi) any special, indirect or consequential losses.
15.3 Subject to clauses 15.1 and 15.2, Verto's total liability to the Client under or in connection with the Agreement, whether arising out of contract, tort (including negligence) or otherwise, will not exceed:
15.3.1 in respect of a single claim or a series of connected claims, the greater of £50,000 or 100% of the fees paid in the 12 months preceding the event giving rise to the claim; or
15.3.2 in respect of a claim under the indemnity at clause 13.2, £100,000.
16. Term and Termination
16.1 The Agreement will, unless otherwise terminated as provided in the Agreement start on the Agreement Start Date and continue for the Initial Subscription Term and, thereafter, the Agreement will be automatically renewed for successive periods of 12 months (each a Renewal Term).
16.2 Either party may terminate this Agreement for convenience by giving the other party at least 30 days’ written notice prior to the end of the Initial Subscription Term or any Renewal Term (as applicable). In such case, this Agreement will terminate at the end of the Initial Subscription Term or Renewal Term (as applicable).
16.3 Without affecting any other right or remedy available to it, either party may terminate the Agreement with immediate effect by giving written notice to the other party if:
16.3.1 the other party commits a material breach of any term of the Agreement and (if such breach is remediable) fails to remedy that breach within a period of 14 days after being notified in writing to do so;
16.3.2 the other party is unable to pay its debts as they fall due or enters into compulsory or voluntary liquidation or compounds with or convenes a meeting of its creditors or has a receiver or manager or an administrative receiver or an administrator appointed over any of its assets or ceases for any reason to carry on business or takes or suffers any similar action which in the reasonable opinion of the party giving notice means that the other may be unable to pay its debts, as they fall due.
16.4 Verto may in addition immediately terminate or suspend the Agreement by written notice to the Client if:
16.4.1 the Client fails to pay any amount due under this Agreement on the due date for payment and remains in default not less than 10 days after being notified in writing to make payment; or
16.4.2 the Client suffers a change in its Control.
17. Effect of Termination
17.1 On expiry or termination of the Agreement (Termination Date):
17.1.1 all licences granted under the Agreement will immediately terminate and the Client will immediately cease all use of the Verto Service;
17.1.2 Verto will disable access to the Verto Service;
17.1.3 if the Client has not downloaded a copy of the Content prior to termination, provided the Client has paid all fees and charges outstanding at the Termination Date, the Client may request Verto, by written notice within 30 calendar days of the Termination Date, to provide a copy of the portfolio, programme and project management Content to the Client via a secure transfer method. The Client acknowledges that: (i) such Content will not include any attached files, dashboards, boards or reports; (ii) Verto may charge reasonable costs for extracting and providing this Content; (iii) access to the Content will be provided for 14 days following delivery; (iv) the Content will cease to be backed up as at the Termination Date; and (v) the Content will be permanently deleted 3 months after the Termination Date. Where the Client requires a structured CSV or Excel export, or a SQL Server backup file, Verto will provide these at the rates set out in the then-current rate card.
17.1.4 any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the Agreement which existed at or before the date of termination will not be affected or prejudiced; and
17.1.5 clauses that are intended by implication to survive termination, will so survive, including clauses 1, 3.4, 9.9, 10.1, 10.2, 11, 13, 14, 15, 17 and 18.
18. General
18.1 Entire agreement. The Agreement supersedes and extinguishes all prior agreements, representations (whether oral or written), and understandings and constitutes the entire agreement between Verto and the Client relating to the Services.
18.2 Waiver. If either party waives any breach of the Agreement, this will not constitute a waiver of any other breach. No waiver will be effective unless made in writing.
18.3 Delays. Neither party will be liable for any delay or failure in performance of its obligations under the Agreement if the delay or failure is due to any cause outside its reasonable control. This clause does not apply to any obligation to pay money.
18.4 No assignment. The Client may not assign the Agreement or transfer any rights under it to any other person without Verto’s prior written consent.
18.5 Severability. If any part or provision of the Agreement is invalid, unenforceable or in conflict with the law, that part or provision is replaced with a provision which, as far as possible, accomplishes the original purpose of that part or provision. The remainder of the Agreement will be binding on the parties.
18.6 Notices. Any notice given under the Agreement by either party to the other must be by email and will be deemed to have been given on transmission if sent between the hours of 9am to 5pm on a business day in the UK, unless a failure to transmit email has been received. If sent outside these hours, the notice will be deemed served at 9am on the next UK business day. Notices to Verto must be sent to support@Vertocloud.co.uk or to any other email address notified by email to the Client by Verto. Notices to the Client will be sent to the email address, which the Client provided when setting up access to the Verto Service.
18.7 Amendments. Unless the parties have expressly agreed otherwise in writing, Verto may, modify these Terms of Service by posting a revised version at https://vertocloud.co.uk/terms-of-service Such revised version will become effective 5 business days after its posting, provided that where there are any material changes to the Terms of Service, Verto will provide the Client with no less than 45 days written notice of such material changes (Verto Notice). Unless, the material changes have been made to comply with applicable law, if the Client does not agree with such material changes, the Client is entitled to terminate the Agreement, by giving Verto written notice no less than 30 days after receipt of the Verto Notice. If the Client gives notice, the Agreement will continue to be governed by the Terms of Service applicable prior to modification until the next renewal date, at which point the Agreement with terminate. However, if Verto can no longer reasonably provide the Verto Service to the Client under the Terms of Service applicable prior to modification (for example, if the modifications result from general product changes), then Verto may terminate the Agreement and/or affected Verto Service on written notice to the Client.
18.8 Public Announcement. Neither party may make any public announcement or use the other party’s trademarks, trade names or logos in publicity or marketing materials without the other party's prior written consent (such consent not to be unreasonably withheld or delayed), except that Verto may include the Client’s name and logo in its promotional literature and on its platform.
18.9 Force Majeure. Neither party shall be liable to the other for any delay, or failure to perform its obligations under the Agreement (except for any obligation to pay money) if such delay or failure results from events, circumstances or causes beyond its reasonable control, including, acts of God, flood or other natural disaster, epidemic or pandemic, terrorist attack, civil commotion, interruption or failure of plant or utilities, sanctions, industrial action or failure of any Third Party Facilitator (a “Force Majeure Event”). The affected party shall promptly notify the other party in writing of the Force Majeure Event, its expected duration and the effect on its ability to perform its obligations. The time for performance of such obligations shall be extended for the period of delay or inability to perform due to the Force Majeure Event. If the period of delay or non-performance continues for more than 60 days, either party may terminate the Agreement by giving the other 20 days written notice.
18.10 Governing law and jurisdiction. The Agreement is governed by the laws of England and Wales both parties hereby submit to the exclusive jurisdiction of the courts of England and Wales for all disputes arising out of or in connection with the Agreement.
Schedule 1 Data Processing Agreement
The following Data Processing Agreement forms part of and is incorporated into these Terms of Service. Where Verto processes personal data on behalf of the Client, both parties are bound by the terms below. In the event of conflict between this Schedule and any other part of these Terms of Service, this Schedule shall prevail in respect of data protection matters. A standalone version is available at https://vertocloud.co.uk/data-processing-agreement.
Data Processing Agreement
TMI Systems Limited (trading as Verto) Controller and Processor
Version 1.0 | June 2026 | UK GDPR Article 28 Compliant
1. Parties
This Data Processing Agreement (“DPA”) is entered into between:
Processor: TMI Systems Limited (company number 06667738), trading as Verto, of Beechey House, 87 Church Street, Crowthorne, Berkshire, RG45 7AW (“Verto” or “Processor”).
Controller: The Client identified in the Quote or Statement of Work entered into with Verto (“Controller”).
This DPA forms part of and is incorporated into the Agreement between the parties (comprising the Quote, Terms of Service, Statement of Work and Service Level Agreement, as applicable). In the event of conflict between this DPA and any other part of the Agreement, this DPA shall prevail in respect of data protection matters.
2. Definitions
In this DPA, the following terms have the meanings given below. Capitalised terms not defined here have the meanings given to them in the Agreement or in applicable Data Protection Legislation.
“Data Protection Legislation” means the UK General Data Protection Regulation (UK GDPR) as retained in UK law by the European Union (Withdrawal) Act 2018, the Data Protection Act 2018, and any regulations or codes of practice made under them, as amended or replaced from time to time.
“Personal Data” has the meaning given in the UK GDPR, and means any information relating to an identified or identifiable natural person that is processed by the Processor on behalf of the Controller under the Agreement.
“Processing”, “Processor”, “Controller”, “Data Subject”, “Personal Data Breach” and “Supervisory Authority” have the meanings given to them in the UK GDPR.
“Sub-processor” means any third party engaged by the Processor to carry out processing activities on behalf of the Controller in connection with the Agreement.
“Technical and Organisational Measures” or “TOMs” means the security measures set out in Schedule 2 of this DPA.
3. Scope and Nature of Processing
The Processor shall process Personal Data only in connection with the provision of the Verto Service and/or Consultancy Services under the Agreement. The subject matter, nature, purpose, and duration of the processing, and the categories of Personal Data and Data Subjects, are set out in Schedule 1 to this DPA.
The Processor shall not process Personal Data for any purpose other than as set out in Schedule 1 and as instructed by the Controller in writing from time to time. If the Processor is required by applicable law to process Personal Data other than as instructed, it shall inform the Controller of that requirement before processing, unless prohibited by law.
4. Processor Obligations
4.1 Processing on Instructions
The Processor shall process Personal Data only on documented instructions from the Controller, including with regard to transfers of Personal Data to a third country or international organisation, unless required to do so by applicable law.
4.2 Confidentiality
The Processor shall ensure that persons authorised to process the Personal Data are subject to appropriate obligations of confidentiality, whether by contract or by operation of law.
4.3 Security
Taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of processing, as well as the risk to the rights and freedoms of natural persons, the Processor shall implement and maintain the Technical and Organisational Measures set out in Schedule 2 to this DPA, and shall ensure a level of security appropriate to the risk.
4.4 Sub-processors
The Controller provides general written authorisation for the Processor to engage Sub-processors, subject to the following conditions:
• The Processor shall maintain an up-to-date list of Sub-processors (“Sub-processor List”), available at https://vertocloud.co.uk/sub-processors
or upon written request to support@vertocloud.co.uk
• The Processor shall give the Controller at least 30 days’ prior written notice of any intended changes to the Sub-processor List, including additions or replacements.
• The Controller may object to any new Sub-processor on reasonable grounds relating to data protection within 14 days of receiving notice. In such case, the parties shall work in good faith to resolve the objection. If the objection cannot be resolved, either party may terminate the Agreement on 30 days’ written notice without liability.
• Where the Processor engages a Sub-processor, it shall impose data protection obligations equivalent to those set out in this DPA on that Sub-processor by way of a written contract. The Processor remains fully liable to the Controller for the performance of the Sub-processor’s obligations.
4.5 Data Subject Rights
The Processor shall, taking into account the nature of the processing, assist the Controller by appropriate technical and organisational measures, insofar as possible, to fulfil the Controller’s obligations to respond to requests by Data Subjects exercising their rights under Data Protection Legislation (including rights of access, rectification, erasure, restriction, portability, and objection).
The Processor shall promptly notify the Controller, and in any event within 5 Business Days, if it receives a request from a Data Subject in respect of Personal Data processed under this DPA. The Processor shall not respond to such a request except on documented instructions from the Controller or as required by applicable law.
4.6 Personal Data Breach
The Processor shall notify the Controller without undue delay, and in any event within 48 hours of becoming aware of a Personal Data Breach involving Personal Data processed under this DPA. The notification shall include, to the extent available at the time:
• a description of the nature of the breach, including the categories and approximate number of Data Subjects and Personal Data records affected;
• the name and contact details of the Processor’s data protection contact;
• a description of the likely consequences of the breach;
• a description of the measures taken or proposed to address the breach and mitigate its effects.
The Processor shall cooperate with the Controller and take such reasonable steps as the Controller directs to assist in the investigation, mitigation, and remediation of any Personal Data Breach.
4.7 Data Protection Impact Assessments
The Processor shall provide reasonable assistance to the Controller in conducting data protection impact assessments (DPIAs) and, where required, prior consultations with the Supervisory Authority, in each case to the extent the assessment or consultation relates to processing under this DPA and the Processor holds information relevant to it.
4.8 Return and Deletion of Personal Data
On expiry or termination of the Agreement, the Processor shall, at the Controller’s election:
• return to the Controller all Personal Data processed under this DPA (in a structured, commonly used and machine-readable format); or
• securely delete or destroy all Personal Data processed under this DPA, and certify in writing to the Controller that deletion has been completed.
The Processor shall comply with the Controller’s election within 30 days of the Termination Date. The Processor may retain Personal Data to the extent required by applicable law, provided it continues to process such data only for the purposes required by law and subject to appropriate safeguards. The data return and deletion provisions of Clause 17.1.3 of the Terms of Service shall apply.
4.9 Audit Rights
The Processor shall make available to the Controller all information necessary to demonstrate compliance with the obligations in this DPA and shall allow for and contribute to audits and inspections conducted by the Controller or an auditor appointed by the Controller, subject to the following:
• The Controller shall give at least 15 Business Days’ prior written notice of any audit.
• Audits shall be conducted during normal business hours and in a manner that minimises disruption to the Processor’s operations.
• The Controller shall bear the costs of any audit unless the audit reveals a material breach of this DPA, in which case the Processor shall bear its own reasonable costs.
• The Controller shall treat all information obtained during an audit as Confidential Information in accordance with the Agreement.
• The Processor may satisfy audit requests by providing the Controller with a current third-party security certification (such as ISO 27001 or Cyber Essentials Plus) in lieu of an on-site audit, where the Controller agrees.
5. Controller Obligations
The Controller warrants and represents that:
• it has a lawful basis for processing Personal Data under Data Protection Legislation and has complied with all applicable requirements in relation to the collection of Personal Data prior to disclosing it to the Processor;
• it has provided all necessary privacy notices to Data Subjects as required by Data Protection Legislation;
• the instructions it gives to the Processor regarding the processing of Personal Data comply with Data Protection Legislation;
• it will not instruct the Processor to process Personal Data in a manner that would cause the Processor to be in breach of Data Protection Legislation.
6. International Transfers
The Processor shall not transfer Personal Data outside the United Kingdom without the prior written consent of the Controller, except where:
• the transfer is to a country or territory that has been assessed as providing an adequate level of protection for Personal Data by the UK Government; or
• appropriate safeguards are in place in accordance with UK GDPR Article 46, such as UK International Data Transfer Agreements (IDTAs) or UK Addenda to EU Standard Contractual Clauses.
As at the date of this DPA, all Personal Data processed under the Agreement is stored and processed within the United Kingdom on Microsoft Azure UK-based infrastructure. The Processor shall notify the Controller in writing if this position changes.
7. Liability
Each party’s liability under or in connection with this DPA is subject to the limitations and exclusions set out in the Agreement (Clause 15 of the Terms of Service). Nothing in this DPA limits either party’s liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded or limited by law.
Where a Data Subject brings a claim against the Controller or the Processor in connection with processing under this DPA, the parties shall cooperate in good faith to establish responsibility between them in accordance with Data Protection Legislation.
8. Term and Termination
This DPA shall come into force on the Agreement Start Date and shall remain in force for the duration of the Agreement. It shall terminate automatically on expiry or termination of the Agreement, subject to the survival of obligations expressly stated to survive termination, including obligations relating to the return or deletion of Personal Data and confidentiality.
9. General
• This DPA is governed by the laws of England and Wales. The parties submit to the exclusive jurisdiction of the courts of England and Wales for all disputes arising from or in connection with this DPA.
• If any provision of this DPA is found to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.
• This DPA, together with the Agreement, constitutes the entire agreement between the parties with respect to the processing of Personal Data under the Agreement.
• Any amendment to this DPA must be made in writing and signed by both parties.
Schedule 1 Details of Processing
The following table sets out the subject matter, nature, purpose, duration, categories of personal data, and categories of data subjects for the processing carried out by Verto as Processor on behalf of the Controller.
|
Category of Personal Data |
Data Subjects |
Purpose of Processing |
Retention Period |
|
Project team member identity and contact data (name, job title, email address, telephone number) |
Client employees, contractors and partner organisation staff involved in project delivery |
User account creation and authentication; assignment of tasks, risks, issues and actions within the platform |
Duration of the Agreement plus 3 months post-termination (pending deletion) |
|
Project management data (task assignments, progress updates, comments, document uploads) |
Client employees and authorised Users |
Delivery of the Verto Service — portfolio, programme and project management |
Duration of the Agreement plus 3 months post-termination |
|
Financial and resource data (budget entries, cost allocations, timesheet data where used) |
Client employees and project team members |
Financial tracking and resource management functionality within the platform |
Duration of the Agreement plus 3 months post-termination |
|
Platform usage and access data (login timestamps, IP addresses, user activity logs) |
All Users |
Security, audit trail, SLA compliance monitoring, platform improvement |
Duration of the Agreement plus 3 months post-termination |
|
Support and communications data (email content, support ticket content) |
Client employees and administrators |
Provision of helpdesk support and client communications |
2 years from date of creation |
Note: The categories and volume of Personal Data processed will depend on the specific configuration and use of the Verto Service by the Controller. The Controller is responsible for ensuring that only Personal Data necessary for the purposes above is uploaded to or processed through the platform.
Schedule 2 Technical and Organisational Measures (TOMs)
Verto implements the following technical and organisational security measures to protect Personal Data processed under this DPA:
Access Control
• Role-based access controls limiting access to Personal Data to authorised personnel only.
• Multi-factor authentication (MFA) enforced for administrative access to platform infrastructure.
• Regular review of access rights; immediate revocation on change of role or departure.
• Unique user credentials; shared accounts prohibited.
Encryption
• All data encrypted in transit using TLS 1.2 or higher.
• All data encrypted at rest using AES-256 or equivalent.
• Encryption keys managed in accordance with industry best practice.
Infrastructure and Hosting
• Platform hosted on Microsoft Azure UK-based data centres. All data stored and processed within the United Kingdom.
• Azure infrastructure SLA-backed with 99.9% uptime commitment.
• Network segmentation, firewall controls and intrusion detection in place.
Backup and Recovery
• Automated nightly backups with 90-day retention period.
• Backup integrity tested regularly. Disaster recovery procedures documented and tested annually.
• Recovery time objective (RTO): 4 hours. Recovery point objective (RPO): 24 hours.
Vulnerability Management
• Regular vulnerability scanning of platform infrastructure and application code.
• Security patches applied within defined timeframes based on severity classification.
• Annual penetration testing by qualified third-party security specialists.
Organisational Measures
• Information security policies reviewed and updated annually.
• All staff with access to personal data subject to mandatory data protection and security training.
• Vetting and background checks conducted on staff with access to personal data.
• Supplier and sub-processor due diligence carried out before engagement.
• Incident response plan documented and tested. Personal data breach notification procedure in place consistent with Clause 4.6 of this DPA.
Information Security Standards
• Platform aligned with ISO 27001:2022 information security management standards.
• Cyber Essentials certified.
Execution
This DPA is entered into as of the Agreement Start Date and is executed by duly authorised representatives of each party.
|
For and on behalf of Verto (TMI Systems Limited) |
For and on behalf of the Controller |
|
Signature: ___________________________ |
Signature: ___________________________ |
|
Name: ________________________________ |
Name: ________________________________ |
|
Title: _______________________________ |
Title: _______________________________ |
|
Date: ________________________________ |
Date: ________________________________ |
Verto (TMI Systems Limited) Data Processing Agreement v1.0 UK GDPR Article 28 June 2026
Schedule 3 Sub-processor List
This Schedule sets out the sub-processors engaged by Verto (TMI Systems Limited) in connection with the processing of personal data under this Agreement. Sub-processors are engaged in accordance with Clause 4.4 of this DPA.
As at the date of this Agreement, Verto engages the following sub-processor:
|
Sub-processor |
Location |
Service Provided |
Data Processed |
|
Microsoft Corporation (trading as Microsoft Azure) |
United Kingdom (UK South / UK West data centres) |
Cloud hosting, infrastructure, data storage, backup and disaster recovery |
All personal data processed under this Agreement, stored and processed within the United Kingdom. |
Verto does not transfer personal data outside the United Kingdom in connection with the provision of the Verto Service. All data processed by Microsoft Azure under this arrangement is stored and remains within UK-based data centres.
The current sub-processor list is maintained at https://vertocloud.co.uk/sub-processors and will be updated in accordance with Clause 4.4 of this DPA (30 days’ notice of any changes).