Legal

Vertice Legal Hub

For any inquiries, please contact legal@vertice.one

Jump to
Privacy Policy
Terms of Service
Modern Slavery Statement
Data Subject Access Request
MDPA
MSA
Cookie Policy
Vulnerability Disclosure Policy

Privacy Policy

Last updated: 2 March 2026

At Vertice, we are committed to being transparent about how we collect and manage your information. This policy applies to Vertice Group Ltd and its global subsidiaries (collectively, "Vertice," "we," or "us") and explains how we respect your privacy across our website (https://www.vertice.one), our SaaS platform, and other sites we own and operate.

Personal information is any information that can be used to identify you as an individual. This includes details such as your name, job title, and business contact details, as well as information about your devices and how you use our website or online services.

In the event our site contains links to third-party sites and services, please be aware that those sites and services have their own privacy policies. After following a link to any third-party content, you should read their posted privacy policy information about how they collect and use personal information. This Privacy Policy does not apply to any of your activities after you leave our site.

Information We Collect

Information we collect falls into one of three primary categories: Voluntarily Provided, Automatically Collected and Information from Third Parties.

Voluntarily Provided Information

This refers to any information you knowingly and actively provide us when using our services, participating in promotions, or communicating with us. This primarily includes business contact details and professional information necessary for account management and sales inquiries.

Automatically Collected Information

This refers to information automatically sent by your devices or captured by our systems when you access our website or SaaS platform. This includes technical data required for system security, error logging, and usage analytics to improve our product features.

Information from Third Parties

To ensure our business communications are accurate and relevant, we may receive professional information about you from third-party sources (such as lead enrichment services) or public databases.

Log Data

When you visit our website or access our SaaS platform, our servers automatically log the standard data provided by your web browser or device. This includes your Internet Protocol (IP) address, browser type and version, the pages you visit, the time and date of your visit, the duration of your visit to specific pages, and technical details regarding your device’s operating system.

Error Reporting & Performance: If you encounter technical errors while using our services, we automatically collect diagnostic data concerning the error and the circumstances of its occurrence. This information is used strictly to maintain the security, stability, and performance of our platform.

Analytics & Improvements: We log interaction patterns to understand how users navigate our services. This data is used for our legitimate interest in improving our platform’s features and user experience. Where possible, we process this information in an aggregated or de-identified format.

Device Data

When you visit our website or interact with our services, we automatically collect specific information about the device you use to access our platform. This data is used to optimize our interface, ensure account security, and provide localized content. This includes:

  • Device Attributes: Such as your device type, operating system version, browser type, and screen resolution.
  • Approximate Geo-location Data: We derive your general location (typically limited to city and country level) from your IP address to comply with regional legal requirements and provide relevant currency or language settings. We do not collect precise real-time GPS location data.
  • Unique Identifiers: Such as cookies or similar tracking technologies that help us recognize your device across sessions.

The specific data collected depends on your device settings and software configurations. We process this information based on our legitimate interest in maintaining a secure and high-performing service.

Personal Information

We collect personal information when you interact with our website, request a demo, or communicate with our team. To ensure we provide a high-quality B2B service, we categorize the information we collect as follows:

  • Contact & Identifying Data: Such as your name, business email address, and phone number.
  • Professional & Employment Data: Such as your job title, department, company name, and professional industry.
  • Account & Profile Data: For registered users, we collect information necessary to manage your platform access, including usernames and professional profile settings.
  • Communication Data: This includes the content of your inquiries via our contact forms, email interactions, or recorded sessions where permitted for support purposes.

Transaction Data

Transaction data refers to information necessary to manage your business relationship with Vertice and your use of our platform. This includes:

  • Billing & Subscription Records: Details of your service plan, payment history, and invoices.
  • Service Metrics: Aggregated data regarding your usage of the platform used for billing accuracy and service optimization.

Note on Payment Processing: Vertice utilizes PCI-compliant third-party payment processors to handle all financial transactions securely. We do not store full credit card numbers or sensitive bank authentication details on our servers.

Legal Bases for Processing

We only collect and use your personal information when we have a lawful basis for doing so. Under the GDPR and similar global privacy laws, we process your information based on one or more of the following grounds:

  • Performance of a Contract: Where processing is necessary to provide the services you have requested, manage your account, and fulfill our obligations under our Terms of Service or MDPA.
  • Legitimate Interests: Where we have a valid business reason that does not override your privacy rights. This includes:
    • Improving our platform’s features and AI capabilities.
    • Engaging in B2B marketing and business development.
    • Ensuring the security and integrity of our systems.
  • Legal Obligation: Where we are required by law to retain or disclose information (such as for tax, accounting, or regulatory reporting).
  • Consent: Where you have given us clear and explicit permission to process your data for a specific purpose (such as subscribing to our marketing updates).

Collection and Use of Information

We collect personal information when you interact with our website, subscribe to our platform, or communicate with our team. Specifically, this occurs when you:

  • Register for an account or purchase a subscription.
  • Sign up for updates, whitepapers, or newsletters.
  • Request a demo or interact with our sales team via email or our contact forms.
  • Access our platform and services via a web browser or mobile device.

Purposes of Processing

We process your information for the following specific purposes, ensuring that all data use is compatible with the legal bases previously described:

  • Service Delivery: To provide our platform’s core features, manage your account, and deliver the services you have subscribed to.
  • Communication & Support: To respond to your inquiries, provide technical support, and send administrative or transactional messages.
  • Product Development & AI Improvement: To conduct technical assessments and analyze usage patterns. This helps us improve our platform’s features, security, and AI-driven capabilities.
  • B2B Marketing & Advertising: To send promotional information about our products and services that we believe are relevant to your professional role.
  • Security & Fraud Prevention: To ensure our systems are secure, prevent unauthorized access, and protect the integrity of our data.
  • Compliance: To fulfill our legal, tax, and regulatory obligations.

Data Enrichment

We may combine the information you provide with professional data from trusted third-party sources (such as lead enrichment services) to ensure our communications are accurate and our services are tailored to your business needs.

Security of Your Personal Information

We implement robust technical and organizational measures to protect your personal information from loss, theft, and unauthorized access, disclosure, or modification. Our security framework is designed to meet industry standards and includes:

  • Encryption: We use industry-standard encryption protocols to secure data both in transit (TLS 1.2 or higher) and at rest (AES-256).
  • Access Controls: We restrict access to personal information to authorized employees and subprocessors who require the data to perform their specific tasks.
  • Monitoring: We perform regular security assessments and system monitoring to ensure the ongoing integrity and resilience of our platform.

While we strive to protect your information using state-of-the-art security practices, no method of electronic transmission or storage is 100% secure. We maintain comprehensive incident response plans to address any suspected data breaches in accordance with our MDPA and applicable laws.

User Responsibility

You are responsible for maintaining the confidentiality of your account credentials and selecting strong, unique passwords. We strongly recommend utilizing the security features provided within our platform, such as Multi-Factor Authentication (MFA) and Single Sign-On (SSO), where available.

How Long We Keep Your Personal Information

We keep your personal information only for as long as necessary to fulfill the purposes outlined in this policy. Our retention periods are determined by the nature of the information and our legal obligations:

  • Account & Service Data: We retain information associated with your account for the duration of our business relationship. Following the termination of your agreement or account deletion, we proceed with data deletion or anonymization in accordance with our MDPA and internal data retention schedule, unless further retention is required by law.
  • Marketing & Communication Data: We retain contact details used for marketing until you opt out or request deletion, provided there is no other legal basis for retention.
  • Legal & Regulatory Requirements: We may retain certain information (such as transaction records and tax-related data) for longer periods to comply with statutory retention requirements, resolve disputes, or enforce our agreements.

Anonymization for Analytics

When your personal information is no longer required for its original purpose, and we are not legally required to retain it, we will either securely delete it or transform it into aggregated, anonymous data. This de-identified information may be retained indefinitely to help us improve our platform's performance and AI capabilities, as it no longer identifies any individual.

Children’s Privacy

Vertice provides a B2B platform intended for use by business professionals. We do not knowingly collect or solicit personal information from children.

Our services are not directed to individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). If we become aware that we have inadvertently

collected personal information from a child without verifiable parental consent, we will take immediate steps to delete that information from our servers.

If you believe that a child has provided personal information to us, please contact us at data-privacy@vertice.one.

Disclosure of Personal Information to Third Parties

We may disclose personal information to third parties only when necessary to provide our services, comply with the law, or protect our rights. Where applicable, we ensure that third parties are bound by contractual obligations (such as Data Processing Agreements) to protect your data. We disclose information to:

  • The Vertice Group: To our parent company, subsidiaries, and affiliates to support global operations and service delivery.
  • Service Providers (Subprocessors): Trusted third-party vendors who provide essential infrastructure and functional support, including:
    • Cloud Hosting & Infrastructure: For secure data storage and processing.
    • Business Operations: For CRM, sales engagement, and professional communication management.
    • Analytics & Performance: For monitoring platform health, error logging, and user experience optimization.
    • Financial Operations: For secure payment processing and billing management.
  • Professional Advisors: Our auditors, legal counsel, and insurers when necessary for compliance or risk management.
  • Legal & Regulatory Authorities: When required by law, court order, or to establish and defend our legal rights.
  • Business Transfers: To potential buyers or successors in the event of a merger, acquisition, or asset sale.

Subprocessor Management

We maintain a live, comprehensive list of our third-party subprocessors, their locations, and the nature of their processing. The most up-to-date list of these service providers is incorporated into this policy by reference and can be accessed in our MDPA.

International Transfers of Personal Information

Vertice is a global organization. While we primarily store and process your personal information in the European Economic Area (EEA), it may also be processed in other countries where our affiliates or subprocessors maintain facilities.

When we transfer personal information across borders, we ensure that such transfers comply with applicable data protection laws using one or more of the following safeguards:

  • Adequacy Decisions: We transfer data to countries that the European Commission or the UK Government has deemed to provide an adequate level of protection (such as transfers between the UK and the EEA).
  • Standard Contractual Clauses (SCCs): For transfers to jurisdictions without an adequacy decision, we utilize the European Commission’s Standard Contractual Clauses (and the UK International Data Transfer Addendum) to ensure your data remains protected to the same standards as in the EEA.
  • Data Privacy Framework (DPF): For transfers to the United States, we rely on the EU-U.S. Data Privacy Framework and the UK Extension to the DPF where our service providers are certified.

For more details on the specific locations of our subprocessors and the transfer mechanisms used, please refer to the “List of Sub-processors” in our MDPA.

Your Rights and Controlling Your Personal Information

Your Choice & Consent: You are under no statutory or contractual obligation to provide personal information to us. However, please note that if you choose not to provide certain information, we may be unable to provide you with the full functionality of our website or services.

Information from Third Parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you provide information about another person, you represent that you have their consent to do so.

Google API Disclosure: Vertice’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Marketing & Unsubscribe: You may opt out of direct marketing at any time by clicking the "unsubscribe" link in our emails or by contacting us directly. Even if you opt out of marketing, we will continue to send you essential service-related and transactional communications.

Your Data Rights: Under applicable data protection laws (including the GDPR and UK Data Protection Act), you have the following rights:

  • Access: The right to request copies of the personal information we hold about you.
  • Correction: The right to request that we correct any information you believe is inaccurate or incomplete.
  • Erasure (Right to be Forgotten): The right to request that we delete your personal data under certain conditions.
  • Restriction & Objection: The right to object to our processing of your data or request that we restrict its use.
  • Data Portability: The right to request that we transfer your data to another organization or directly to you.

Exercising Your Rights: To exercise any of these rights, please contact us at

data-privacy@vertice.one. To protect your privacy and security, we will take reasonable steps to verify your identity before granting access or making corrections.

Non-Discrimination: We will not discriminate against you for exercising any of your rights. We will not deny you services or charge different prices based on your decision to exercise your privacy rights.

Complaints & Breaches: We will comply with all laws applicable to us in respect of any data breach. If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us at data-privacy@vertice.one and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you in writing, setting out the outcome of our investigation and the steps we will take to address it.

You also have the right to contact a relevant regulatory body or data protection authority in relation to your complaint (such as the Information Commissioner’s Office in the UK, or the equivalent authority in your jurisdiction).

Use of Cookies

We use ‘cookies’ to collect information about you and your activity across our site. A cookie is a small piece of data that our website stores on your computer, and accesses each time you visit, so we can understand how you use our site. This helps us serve you content based on preferences you have specified.

You can manage your cookie preferences at any time through our website's consent manager. Please refer to our Cookie Policy for more information.

Business Transfers

In the event that Vertice undergoes a business transition, such as a merger, acquisition by another company, or sale of all or a portion of our assets, your personal information will likely be among the assets transferred.

You acknowledge that such transfers may occur and that any acquirer of Vertice may continue to process your personal information as set forth in this Privacy Policy. Any successor entity will be required to honor the commitments made in this policy, ensuring that your data is handled with the same level of protection and only for the purposes for which it was originally collected. In the unlikely event of insolvency, bankruptcy, or receivership, personal information would be transferred as a business asset in accordance with applicable laws.

Limits of Our Policy

Our website and platform may contain links to third-party sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices. We encourage you to review the privacy policies of any third-party site you visit before providing them with your personal information.

Changes to This Policy

At our discretion, we may change our Privacy Policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this Privacy Policy, we will post the changes here at the same link by which you are accessing it.

If the changes are material (i.e., changes that significantly affect your rights or how we process your data), or if required by applicable law, we will provide a more prominent notice. This may include a notification sent to the email address registered with your account, or a clear announcement displayed on our platform.

Where required by law, we will obtain your consent or provide you with the opportunity to opt in to or opt out of any new uses of your personal information. We encourage you to review this Privacy Policy periodically to stay informed about our data practices.

Additional Disclosures for Australian Privacy Act Compliance (AU)

International Transfers of Personal Information

Where the disclosure of your personal information is subject to the Australian Privacy Act, we take reasonable steps to ensure that any overseas recipient of your personal information handles it in a manner consistent with the Australian Privacy Principles (APPs).

For more details on the specific locations of our sub-processors and the transfer mechanisms used to protect your data, please refer to the “List of Sub-processors” in our MDPA.

Additional Disclosures for GDPR Compliance (EEA/UK)

If you are a resident of the European Economic Area (EEA) or the United Kingdom (UK), the following additional disclosures apply to our processing of your personal information under the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.

Data Controller / Data Processor Roles

The GDPR distinguishes between organisations that process personal information for their own purposes (“Data Controllers”) and those that process it on behalf of others (“Data Processors”).

  • Vertice as a Data Controller: We, Vertice Group Ltd, act as a Data Controller for the personal information you provide directly to us to create your account and manage our business relationship, including for the Legitimate Interests of improving our platform and AI capabilities.
  • Vertice as a Data Processor: When you use our platform to manage your organization’s SaaS spend or upload contract data, your organization is the Data Controller, and Vertice acts as a Data Processor. In these instances, our processing is governed strictly by the terms of our MDPA.

Legal Bases & Rights

As an EEA or UK resident, your data is processed according to the specific legal bases (Article 6 GDPR) and protected by the data subject rights (Articles 15-22 GDPR) detailed in the “Legal Bases for Processing” and “Your Data Rights” sections of this Privacy Policy.

International Transfers

All transfers of personal information from the EEA or UK to third countries are protected by the safeguards (such as Standard Contractual Clauses or the Data Privacy Framework) detailed in the “International Transfers of Personal Information” section above.

Parental Consent

If we seek consent to process personal information for a specific purpose and you are under 16 years of age, we will require the consent of a parent or legal guardian.

Additional Disclosures for California Compliance (US)

If you are a resident of California, the following additional disclosures apply to your personal information under the California Consumer Privacy Act (CCPA) and the "Shine the Light" law

California Notice of Collection

In the past 12 months, we have collected the following categories of personal information as defined by California law:

  • Identifiers: Such as name, email address, phone number, IP address, and account IDs.
  • Commercial Information: Such as service history and transaction records.
  • Internet or Network Activity: Such as your interactions with our website and platform.

For more details on the data we collect and our sources, please refer to the “Personal Information We Collect” section. We process these categories for the business purposes described in the “Legal Bases for Processing” section.

No Sale or Sharing of Personal Information

Vertice does not "sell" your personal information to third parties, nor do we "share" your personal information for cross-context behavioral advertising as those terms are defined under California law.

Your California Privacy Rights

If you are a California resident, you have the following rights:

  • Right to Know: The right to request the categories and specific pieces of personal information we have collected about you, the sources of that data, and the business purpose for collecting it.
  • Right to Delete: The right to request the deletion of personal information we have collected from you, subject to certain legal exceptions.
  • Right to Correct: The right to request that we correct inaccurate personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

To exercise these rights, please contact us at data-privacy@vertice.one.

Shine the Light Law

Under California Civil Code Section 1798.83, California residents may request once per year a list of the categories of personal information (if any) we disclosed to third parties for their direct marketing purposes in the preceding calendar year. To make such a request, please email us with “California Privacy Rights Request” in the subject line.

Do Not Track

Some browsers have a “Do Not Track” (DNT) feature. At this time, we do not respond to browser DNT signals, as we adhere to the standards and consent mechanisms outlined in this Privacy Policy.

Financial Incentives

We may offer certain financial incentives (such as referral benefits) permitted by the CCPA. If we do, we will provide written terms describing the nature of the offer.

Participation requires your prior opt-in consent, which you may revoke at any time.

Contact Us

For any questions or concerns regarding your privacy or this Privacy Policy, you may contact our Data Protection Officer using the following details:

Data Protection Officer

Email: data-privacy@vertice.one

Address: Vertice Group Ltd, 3rd Floor 1 Ashley Road, Altrincham, Cheshire, UK, WA14 2DT

Terms of Service

These Terms of Service govern your use of the website located at https://www.vertice.one and any related services provided by Vertice Group Ltd.

By accessing https://www.vertice.one, you agree to abide by these Terms of Service and to comply with all applicable laws and regulations. If you do not agree with these Terms of Service, you are prohibited from using or accessing this website or using any other services provided by Vertice Group Ltd.

We, Vertice Group Ltd, reserve the right to review and amend any of these Terms of Service at our sole discretion. Upon doing so, we will update this page. Any changes to these Terms of Service will take effect immediately from the date of publication.

These Terms of Service were last updated on 1 January 2022.

Limitations of Use
By using this website, you warrant on behalf of yourself, your users, and other parties you represent that you will not:

  1. modify, copy, prepare derivative works of, decompile, or reverse engineer any materials and software contained on this website;
  2. remove any copyright or other proprietary notations from any materials and software on this website;
  3. transfer the materials to another person or “mirror” the materials on any other server;
  4. knowingly or negligently use this website or any of its associated services in a way that abuses or disrupts our networks or any other service Vertice Group Ltd provides;
  5. use this website or its associated services to transmit or publish any harassing, indecent, obscene, fraudulent, or unlawful material;
  6. use this website or its associated services in violation of any applicable laws or regulations;
  7. use this website in conjunction with sending unauthorized advertising or spam;
  8. harvest, collect or gather user data without the user’s consent; or
  9. use this website or its associated services in such a way that may infringe the privacy, intellectual property rights, or other rights of third parties.

Intellectual Property
The intellectual property in the materials contained in this website are owned by or licensed to Vertice Group Ltd and are protected by applicable copyright and trademark law. We grant our users permission to download one copy of the materials for personal, non-commercial transitory use.

This constitutes the grant of a license, not a transfer of title. This license shall automatically terminate if you violate any of these restrictions or the Terms of Service, and may be terminated by Vertice Group Ltd at any time.

Liability
Our website and the materials on our website are provided on an ‘as is’ basis. To the extent permitted by law, Vertice Group Ltd makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties including, without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property, or other violation of rights.

In no event shall Vertice Group Ltd or its suppliers be liable for any consequential loss suffered or incurred by you or any third party arising from the use or inability to use this website or the materials on this website, even if Vertice Group Ltd or an authorized representative has been notified, orally or in writing, of the possibility of such damage.

In the context of this agreement, “consequential loss” includes any consequential loss, indirect loss, real or anticipated loss of profit, loss of benefit, loss of revenue, loss of business, loss of goodwill, loss of opportunity, loss of savings, loss of reputation, loss of use and/or loss or corruption of data, whether under statute, contract, equity, tort (including negligence), indemnity or otherwise.

Because some jurisdictions do not allow limitations on implied warranties, or limitations of liability for consequential or incidental damages, these limitations may not apply to you.

Accuracy of Materials
The materials appearing on our website are not comprehensive and are for general information purposes only. Vertice Group Ltd does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on this website, or otherwise relating to such materials or on any resources linked to this website.

Links
Vertice Group Ltd has not reviewed all of the sites linked to its website and is not responsible for the contents of any such linked site. The inclusion of any link does not imply endorsement, approval or control by Vertice Group Ltd of the site. Use of any such linked site is at your own risk and we strongly advise you make your own investigations with respect to the suitability of those sites.

Right to Terminate
We may suspend or terminate your right to use our website and terminate these Terms of Service immediately upon written notice to you for any breach of these Terms of Service.

Severance
Any term of these Terms of Service which is wholly or partially void or unenforceable is severed to the extent that it is void or unenforceable. The validity of the remainder of these Terms of Service is not affected.

Governing Law
These Terms of Service are governed by and construed in accordance with the laws of the UK. You irrevocably submit to the exclusive jurisdiction of the courts in that country

Modern Slavery Statement

Download the Vertice statement on the prevention of modern slavery and human trafficking.
Updated January 2nd, 2024
Vertice Modern Slavery Statement.pdf (56KB)

Data Subject Access Request

Download the Vertice Policy on Data Request here.
Updated February 1st, 2026
Data Subject Access Request.pdf (83KB)

Vulnerability Disclosure Policy

Download the Vertice Policy on Vulnerability Disclosure here.
Updated April 21st, 2026
Vulnerability Disclosure Policy.pdf (53KB)