Terms, privacy and the small print — in plain view.

By creating an account or otherwise accessing or using the Verto web application and related services (collectively, the "Service"), you ("User," "you," or "your") agree to be legally bound by these Terms of Service ("Terms"). If you are accepting on behalf of a company or other legal entity, you represent that you have the authority to bind that entity to these Terms. If you do not agree, do not use the Service.

These Terms constitute a binding legal agreement between you and the individual operator of Verto ("Verto," "we," "us," or "our"), a service operated by an individual sole trader based in Riyadh, Kingdom of Saudi Arabia, under the LingoSights brand. Verto is not currently a registered legal entity. These Terms are governed by the laws of the Kingdom of Saudi Arabia.

Verto is a professional-grade, browser-based computer-assisted translation (CAT) platform designed for Arabic-English translators, freelance linguists, and language service providers (LSPs). The Service is accessible via any modern web browser without installation. The Service includes:

• A web-based translation editor environment
• Cloud-based project management, file storage, and collaboration features
• Translation memory (TM) and glossary management
• Machine translation integration via third-party API connections
• Quality assurance (QA) tools
• Team collaboration features including task assignment, document splitting, shared TMs, and audit logging (Team plan only)
• An administrative web panel accessible to account administrators

The Service is provided on a subscription basis. Features available to a User depend on their active subscription plan as described in Section 4.

3.1 Eligibility

You must be at least 18 years of age to create an account. By registering, you represent that you meet this requirement and that all information you provide is accurate, current, and complete.

3.2 Account Credentials

You are responsible for maintaining the confidentiality of your login credentials and for all activity that occurs under your account. You must notify us immediately at support@verto.com if you become aware of any unauthorised access to your account. Verto will not be liable for any loss or damage arising from your failure to protect your credentials.

3.3 Team Accounts

On the Team plan, the account administrator ("Admin") has the authority to add or remove seat holders, assign roles, manage permissions, and access team-wide usage data. The Admin accepts responsibility for ensuring that all seat holders under their account comply with these Terms.

4.1 Plans

Verto offers the following subscription tiers, subject to change with notice as described in Section 14:

• Free Plan: 1 seat, 5 projects, personal TM and glossary up to 100,000 segments, built-in QA. No charge.
• Professional Plan (USD 17/month): 1 seat, unlimited projects, unlimited personal TM and glossary, machine translation via personal API key, concordance search, advanced file formats, bilingual export, basic reporting, email support.
• Team Plan (USD 75/month): Everything in Professional, plus up to 5 seats, shared TMs and glossaries with permissions, free MT via MyMemory, AI chat with LLMs, document splitting, task assignment, comments and mentions, segment-level audit log, advanced reporting, priority email support.
• Custom Plan: Enterprise-level pricing and seat allocation negotiated directly with Verto. Terms are set out in a separate Order Form or Master Service Agreement.

4.2 Billing and Payment

Paid subscriptions are billed in advance on a monthly or annual basis through our payment processor, Lemon Squeezy. By subscribing, you authorise us to charge your payment method on each renewal date. All prices are in United States Dollars (USD) and are exclusive of applicable taxes, including Saudi Value Added Tax (VAT) at the prevailing rate.

4.3 Refunds

Subscriptions are non-refundable except where required by applicable law. If you cancel your subscription, you will retain access to paid features until the end of your current billing period. Verto may, at its sole discretion, issue a pro-rata refund in cases of service outages attributable to Verto that exceed 72 consecutive hours in a given billing month.

4.4 Failed Payments and Suspension

If a payment fails, we will notify you by email. You have 7 calendar days to update your payment method. If payment is not received within that period, your account will be downgraded to the Free plan. Your data will not be deleted, but features above the Free plan limits will become inaccessible until payment is resumed.

4.5 Plan Downgrade and Data Retention

If your account is downgraded (voluntarily or due to non-payment), projects and TM data exceeding Free plan limits will be placed in a read-only archived state. They will not be deleted for a period of 90 days, during which you may reactivate your subscription to restore full access. After 90 days of continuous Free plan status with data exceeding Free limits, we reserve the right to delete the excess archived data with 30 days' prior written notice.

You agree to use the Service only for lawful purposes and in accordance with these Terms. You must not:

• Use the Service to translate, process, or distribute content that is illegal, defamatory, obscene, or in violation of any third-party rights, including intellectual property rights
• Attempt to reverse engineer, decompile, disassemble, or otherwise extract the source code of the Service
• Use automated means (bots, scrapers, crawlers) to access or interact with the Service in ways not expressly permitted
• Circumvent, disable, or interfere with security-related features, including plan-based feature restrictions
• Share your account credentials with individuals who are not authorised seat holders under your plan
• Upload malicious code, viruses, or files designed to disrupt or damage the Service or its infrastructure
• Resell, sublicense, or otherwise commercialise access to the Service without prior written approval from Verto

Violation of this section may result in immediate suspension or termination of your account without refund.

6.1 Verto's Intellectual Property

The Service, including the web application, underlying software, user interface, design, algorithms, documentation, and all related materials, is the exclusive intellectual property of Verto and is protected by copyright, trademark, and other applicable laws. Nothing in these Terms grants you any ownership right in the Service.

6.2 Your Content

You retain full ownership of all content you upload to or create within the Service, including source documents, translated text, translation memories, glossary terms, and project files (collectively, "User Content"). By using the Service, you grant Verto a limited, non-exclusive, royalty-free licence to store, process, and transmit your User Content solely to the extent necessary to provide and maintain the Service. This licence terminates when you delete the content or close your account.

6.3 Translation Memories and Glossaries

Translation memories and glossaries you create within Verto are your intellectual property. Verto does not claim any ownership over the linguistic assets you build using the Service, nor will Verto use your TM or glossary content to train machine learning models without your explicit written consent.

6.4 Feedback

If you provide feedback, suggestions, or ideas regarding the Service, you grant Verto a perpetual, irrevocable, worldwide, royalty-free licence to use that feedback for any purpose without any obligation to compensate you.

Verto understands that translation projects often involve commercially sensitive, legally privileged, or confidential source materials. We implement technical and organisational measures to restrict access to your User Content. Verto personnel will not access your documents or translation content except: (a) as necessary to provide technical support at your explicit request; (b) to investigate a security incident; or (c) as required by applicable law or a valid court order. Any such access is logged.

You are responsible for ensuring that you have the right to upload and process any content submitted to the Service, including obtaining any necessary confidentiality waivers from your clients where required.

The Service integrates with third-party services, including machine translation providers (accessed via your own API keys) and Cloudflare R2 for file storage. Application hosting, database infrastructure, and backend services are provided through Replit, Inc. Your use of any third-party integration is subject to that provider's own terms and privacy policy. Verto is not responsible for the availability, accuracy, or security practices of third-party services.

8.1 Cloudflare R2 File Storage

All User Content files — including source documents, translated documents, bilingual exports, and project archives — are stored using Cloudflare R2, an enterprise-grade distributed object storage service operated by Cloudflare, Inc. The following storage infrastructure properties apply to all files you upload to Verto:

• Encryption at rest: All objects stored in R2, including their metadata, are automatically encrypted using AES-256 (Galois/Counter Mode). Encryption and decryption require no user configuration and do not affect performance. Encryption keys are managed by Cloudflare using the same key management systems Cloudflare employs across its internal infrastructure.
• Encryption in transit: All data transfers between the Verto application and Cloudflare R2 are secured using Transport Layer Security (TLS/SSL). Plaintext HTTP access to stored files is disabled.
• Durability: Cloudflare R2 is designed for 99.999999999% (eleven nines) annual data durability through redundant and distributed storage across Cloudflare's global network of over 330 data centres.
• Data location: R2 stores data across Cloudflare's globally distributed infrastructure. Verto uses location hints to bias storage towards regions closer to our primary user base, however exact storage location within Cloudflare's network is determined by Cloudflare. We do not offer single-region data residency guarantees at this time.
• Access control: Access to R2 storage buckets is restricted through bucket-scoped tokens. Your files are not publicly accessible and cannot be retrieved without authenticated authorisation through the Verto application.
• Compliance certifications: Cloudflare holds an extensive suite of independently verified security and privacy certifications that apply to the R2 infrastructure used by Verto. See the Compliance certifications section below.

8.2 Cloudflare R2 Security and Privacy Certifications

The following certifications and compliance frameworks have been independently audited and verified for Cloudflare's infrastructure, which includes Cloudflare R2. These certifications are current as of the effective date of these Terms and are subject to annual re-audit by Cloudflare:

Copies of Cloudflare's certifications are available to verified Cloudflare customers via the Cloudflare Dashboard. Users who require documentation of these certifications for their own compliance obligations should contact Cloudflare directly or engage their Cloudflare account representative. The most current certification status is published on the Cloudflare Trust Hub at cloudflare.com/trust-hub.

Translation output produced using the Service — whether from machine translation integrations or human work within the editor — is not warranted by Verto for accuracy, fitness for any purpose, or compliance with any regulatory requirement. Professional review of all translated content remains the responsibility of the User.

You agree to indemnify, defend, and hold harmless Verto and its affiliates, officers, agents, and employees from and against any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising out of or in any way connected with: (a) your access to or use of the Service; (b) your User Content; (c) your violation of these Terms; or (d) your infringement of any third-party intellectual property or other rights.

You may terminate your account at any time by contacting support@verto.com or through the account settings in the Service. Termination takes effect at the end of your current billing cycle for paid plans.

Verto may suspend or terminate your account immediately and without notice if: (a) you materially breach these Terms; (b) we are required to do so by law; or (c) we reasonably determine that your continued use poses a risk to other users or the integrity of the Service. In the event of termination by Verto without cause, we will provide a pro-rata refund of prepaid fees.

Upon termination, your right to access the Service ceases immediately. You may request an export of your User Content within 30 days of termination, after which we may delete it in accordance with our data retention practices described in the Privacy Policy.

These Terms are governed by and construed in accordance with the laws of the Kingdom of Saudi Arabia, without regard to its conflict of law provisions. Any dispute arising from or relating to these Terms or the Service shall first be subject to good-faith negotiation between the parties for a period of 30 days. If unresolved, disputes shall be submitted to the competent courts of Riyadh, Saudi Arabia, which shall have exclusive jurisdiction.

For Users located in the European Union, nothing in this clause limits your rights to bring claims before the courts of your country of residence where required by applicable EU law.

Verto reserves the right to modify these Terms at any time. Where changes are material, we will provide at least 30 days' advance notice by email to the address registered on your account and by posting a notice within the Service. Your continued use of the Service after the effective date of the revised Terms constitutes your acceptance. If you do not agree to the revised Terms, you must cease using the Service and may request a pro-rata refund of any prepaid fees for the period after the effective date.

Verto also reserves the right to modify, suspend, or discontinue the Service (or any feature thereof) at any time, with reasonable notice where feasible. We are not liable to you or any third party for any modification, suspension, or discontinuation of the Service.

• Entire Agreement: These Terms, together with the Privacy Policy and any Order Form applicable to Custom plan customers, constitute the entire agreement between you and Verto with respect to the Service.
• Severability: If any provision of these Terms is held to be invalid or unenforceable, the remaining provisions will continue in full force and effect.
• Waiver: Failure by Verto to enforce any right or provision of these Terms shall not constitute a waiver of that right or provision.
• Assignment: You may not assign these Terms or any rights hereunder without Verto's prior written consent. Verto may assign these Terms freely.
• Contact: Questions regarding these Terms should be directed to support@verto.com.

The data controller responsible for your personal data is the individual operator of Verto, trading under the LingoSights brand, based in Riyadh, Kingdom of Saudi Arabia. Verto is not currently a registered legal entity. You can contact us regarding any data-related matter at: privacy@verto.com.

2.1 Account Data

When you register, we collect your name, email address, country, preferred language, and password (stored as a hashed value — never in plaintext). For paid subscribers, billing-related data (name, last four digits of card, billing address) is handled directly by Lemon Squeezy and is not stored on Verto's servers.

2.2 Usage Data

We automatically collect data about how you interact with the Service, including: features accessed, projects created, translation events, TM match rates applied, file formats used, error events, session duration, browser type, and operating system. This data does not include the content of your translation segments unless you explicitly share a project with our support team.

2.3 User Content

User Content (source documents, translated text, translation memories, glossary terms) is stored on Verto's infrastructure — Cloudflare R2 for files and Replit's database infrastructure for structured data. We process this content solely to deliver the Service to you. We treat all User Content as confidential in accordance with Section 7 of the Terms of Service.

2.4 Communications Data

If you contact us for support, we retain the content of your communications and the email address you used. This data is used only to respond to your enquiry and to improve our support processes.

2.5 Technical Data

We collect IP address, browser type (for web panel access), and device identifiers for security, fraud prevention, and service reliability purposes.

We use personal data for the following purposes:

• To provide, operate, and improve the Service
• To manage your account and subscription
• To communicate with you about your account, billing, and service updates
• To enforce these Terms of Service and our acceptable use policies
• To detect, investigate, and prevent security incidents and fraudulent activity
• To comply with applicable legal obligations, including responses to lawful requests from Saudi Arabian authorities
• To conduct product analytics (using anonymised or aggregated data) to understand feature usage and improve the Service

We do not use your User Content (translation documents, TMs, glossaries) for any purpose beyond delivering the Service, and we do not use it to train AI or machine learning models without your explicit written consent.

Under the Saudi PDPL and, where applicable, the GDPR, we process your personal data on the following legal bases:

• Contract: Processing necessary to perform the Service you have subscribed to.
• Legal Obligation: Processing required to comply with applicable laws.
• Legitimate Interests: Processing for security, fraud prevention, and product improvement, where such interests do not override your rights.
• Consent: Where we ask for your consent (for example, to use content for AI training), you may withdraw it at any time without affecting the lawfulness of prior processing.

We do not sell your personal data. We share data only with the following categories of recipients, strictly for the purpose of delivering the Service:

• Application and database infrastructure: Replit, Inc. provides the hosting environment and database infrastructure on which Verto runs. Replit processes data as a sub-processor under its own Terms of Service and Privacy Policy.
• Payment processor: Lemon Squeezy processes subscription payments. They receive billing information directly from you and are subject to their own privacy policy.
• Error tracking: We use an error monitoring service (such as Sentry) to log technical errors. Error reports are anonymised and do not include translation content.
• Legal and regulatory: We may disclose personal data if required by law, court order, or a valid request from a competent Saudi Arabian authority.

All third-party service providers are bound by contractual obligations to process personal data only on our instructions and to implement appropriate security measures.

Verto's infrastructure involves services operated by US-incorporated entities, which has implications for data location and legal jurisdiction that users should understand:

6.1 Cloudflare R2 Storage

Files you upload to Verto — including source documents, translations, TM exports, and project archives — are stored on Cloudflare R2, which is distributed across Cloudflare's global network of over 330 data centres. Verto uses location hints to bias storage toward regions geographically closer to our primary user base in the MENA region. However, Cloudflare determines the precise physical location of stored data within its distributed infrastructure, and we cannot guarantee that your files will reside exclusively in any single country or region.

As Cloudflare, Inc. is incorporated in the United States, data stored on R2 may be subject to the US CLOUD Act, which permits US law enforcement to compel disclosure of data held by US companies regardless of where the data is physically stored. Verto will notify you of any such compelled disclosure request to the extent permitted by law. Users with strict data sovereignty requirements — particularly those in regulated industries or EU jurisdictions — should weigh this when determining whether Verto is appropriate for processing highly sensitive content.

6.2 Replit Application and Database Infrastructure

Verto's application and database infrastructure is hosted on Replit, Inc., a US-incorporated company. Structured data — including account information, project metadata, usage events, and TM segment data — is stored within Replit's database environment, which may be hosted in data centres outside the Kingdom of Saudi Arabia. As Replit is a US entity, the same CLOUD Act considerations described in Section 6.1 apply. Where personal data is transferred outside Saudi Arabia, we rely on contractual safeguards consistent with the PDPL's cross-border transfer requirements. For EU users, such transfers are covered by Standard Contractual Clauses (SCCs) where applicable.

6.3 Safeguards

Regardless of data location, all data in transit between Verto and its infrastructure providers is protected by TLS/SSL encryption, and all data at rest is encrypted using AES-256. Verto relies on its sub-processors — Cloudflare and Replit — to implement appropriate technical and organisational security measures consistent with their published security standards.

We retain your personal data for as long as your account is active or as necessary to provide the Service. Specifically:

• Account data is retained for the duration of your account plus 12 months following closure, to allow for dispute resolution and legal compliance.
• Usage event logs are retained for 24 months on a rolling basis.
• User Content (documents, TMs, glossaries) is retained in accordance with the plan downgrade and termination provisions in the Terms of Service.
• Support communications are retained for 36 months.
• Audit logs are retained for 5 years for compliance and security purposes.

Upon expiry of the relevant retention period, data is securely deleted or irreversibly anonymised.

Verto implements layered technical and organisational security measures across its application and infrastructure stack:

8.1 Application-level security

All communication between your browser and the Verto application is encrypted using TLS 1.2 or higher. Access controls restrict data access to authenticated and authorised users only. Role-based permissions govern what each user and administrator can access within a project or account. All administrative actions are recorded in an immutable audit log.

8.2 File storage security (Cloudflare R2)

All files stored on Cloudflare R2 — including source documents, translations, and exported files — are automatically encrypted at rest using AES-256 in Galois/Counter Mode (GCM). Encryption keys are managed by Cloudflare's internal key management systems and are not accessible to Verto or to end users. All file transfers between the Verto application and R2 are encrypted in transit using TLS/SSL. R2 buckets used by Verto are private — no file is publicly accessible without an authenticated, time-limited signed URL generated by the Verto application. Cloudflare holds the following independently audited certifications applicable to R2: ISO/IEC 27001:2013, ISO/IEC 27018:2019, ISO/IEC 27701:2019 (PII Processor and Controller), SOC 2 Type II, SOC 3, PCI DSS Level 1, C5 (German BSI), EU Cloud Code of Conduct, Global CBPR, and Global PRP. Full details are available on the Cloudflare Trust Hub.

8.3 Database and application security (Replit)

Verto's application and database run on Replit's infrastructure. Database connections are encrypted in transit. Access to the database is restricted to Verto's application layer and is not publicly exposed. Replit's own security practices and certifications govern infrastructure-level protections at this layer.

8.4 Incident response

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify you and the relevant regulatory authorities as required by applicable law, including the PDPL and, where applicable, the GDPR. Notification will be made without undue delay and, where feasible, within 72 hours of becoming aware of the breach.

No method of transmission over the internet or electronic storage is completely secure. While we take all reasonable measures to protect your data, we cannot guarantee absolute security.

Subject to applicable law, you have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your personal data, subject to legal retention obligations.
• Restriction: Request that we limit the processing of your data in certain circumstances.
• Portability: Receive your data in a structured, machine-readable format.
• Objection: Object to processing based on legitimate interests.
• Withdrawal of Consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact us at privacy@verto.com. We will respond within 30 days. We may need to verify your identity before processing your request. You also have the right to lodge a complaint with the Saudi Data and Artificial Intelligence Authority (SDAIA) or, for EU residents, with your local supervisory authority.

The Verto web panel uses essential cookies necessary for authentication and session management. We do not use advertising cookies or third-party tracking cookies. We use a first-party analytics approach that does not share data with advertising networks. You may configure your browser to reject cookies, but doing so may affect the functionality of the web panel.

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us at privacy@verto.com and we will delete it promptly.

We may update this Privacy Policy from time to time. Where changes are material, we will notify you by email with at least 30 days' notice before the revised policy takes effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

• Verto Privacy Team
• Email: privacy@verto.com
• Support: support@verto.com
• Riyadh, Kingdom of Saudi Arabia