Terms of Service
policies-public/terms-of-service.mdTerms of Service
Version: 1.0 | Last reviewed: 2026-06-17 Effective date: 2026-05-28 Last updated: 2026-06-30
These Terms of Service ("Terms") form a binding agreement between you and Vezoft (a company registered in Bulgaria under company number (EIK) 202823109, with its registered office in Kardzhali, Bulgaria) ("Vezoft"), (see Imprint for the full registered address) (TimerOS, "we"). If you accept these Terms on behalf of an organisation, you confirm that you have authority to bind that organisation, and "you" / "Customer" refers to that organisation.
By creating an account or using the Service you accept these Terms. If you do not accept them, do not use the Service.
1. The Service
The Vezoft TimerOS Service (the "Service") is a multi-tenant enterprise time-management and operations platform currently delivered through the following coordinated surfaces:
- (i) Windows desktop application — installed on the user's computer. Supported platform at launch: Microsoft Windows; native macOS support is planned. Consists of an always-on-top timer bar and a full-feature dashboard window. This is the only surface that performs automatic activity time tracking and runs the on-device activity classifier.
- (ii) Web dashboard application — a browser-based version of the dashboard, mirroring the desktop dashboard's management and reporting functionality. Accessible from any modern browser at a tenant-specific URL. It does not track time or run the classifier.
- (iii) Android companion application — a mobile review-and-management dashboard, distributed via Google Play, that mirrors the web/desktop dashboard's management and reporting functionality optimised for handheld use. It is a companion surface only: it does not track time and does not run the activity classifier (those remain Windows-desktop-only). Native iOS support is planned (not yet available).
- (iv) Per-tenant, branded client portal — a separate web application that the tenant's external clients use under the tenant's own branding.
- (v) Marketing and admin website at timeros.ai — the product marketing site and registration flow, hosting the owner/admin console for billing, subscription, users, and account-level settings. (Corporate/company information is published separately at vezoft.com.)
The set of surfaces, and the functionality available on each, may evolve over time as new platforms are added (e.g., macOS desktop, iOS companion app) and as existing surfaces gain new features. Any material expansion of the delivery surfaces, or any change in how personal data is processed, will trigger a corresponding update to these Terms (and, where appropriate, to the Privacy Policy, the Sub-processors list, and the Data Processing Agreement). Feature additions within an existing surface that do not change the categories of personal data processed do not require an update to these Terms but may be reflected in product release notes.
The dashboard (whether accessed via the desktop, web, or mobile surface) provides the day-to-day operational surface organised around Work, Organization, and Business areas, covering role-aware home dashboards, personal Schedule, Shifts (templates and assignments), Projects (with overview/team/budget/files/notes/activity tabs), cross-project Tasks, a Clients CRM, internal Support/incident tracking with SLA timers, Goals and Awards/Achievements, Team and Department management, an Organization chart with pending placements, Roles and permissions (presets and custom), an Approvals inbox, Billing/invoicing, Payroll (with Bulgarian-style deduction components and payslip generation), Expenses (bills, transactions, transfers, expense-to-invoice), Profit-and-loss analytics, and user account Settings. Capabilities are gated by subscription tier (Freelancer/Startup/Enterprise) through entitlements, and by employee role through a permissions layer.
The TimerOS Windows desktop application is REQUIRED for automatic activity time tracking — no other surface tracks activity. Reading the title of your current foreground window and the name of the running application, measuring the time since your last keyboard or mouse activity to detect idle and breaks, and the on-device activity classifier (a scored rule engine combined with a small on-device statistical classifier — no cloud AI service, no model download, no large language model) all run exclusively inside the Windows desktop application on your device. The web dashboard application, the Android companion application, the marketing and admin website, and the client portal can only display, manage, and report on data the desktop application has produced; they cannot capture activity data themselves. A user who does not install and run the Windows desktop application cannot generate productive or idle classifier outputs, cannot have shift-based hours classified, and cannot record per-window or per-application activity.
The marketing and admin website at timeros.ai hosts the owner/admin console for the SaaS account (workspace overview, Billing, Subscription, Users, Settings, Support tickets, in-app product Docs) and performs no activity tracking of its own. The client portal is a separate, per-tenant branded web application with its own authentication, giving the tenant's clients permission-scoped access to submit and track Projects, Incidents (with impact/urgency-derived priority and SLA tracking), ITIL-style Change Requests, view and pay Invoices via Stripe Checkout, manage Contacts and per-module permissions, maintain a Company Profile with 2FA, and review their Service Plan/SLA entitlements. The Service is described at https://timeros.ai.
2. Your account and authority
You must provide accurate registration information and keep it current. You are responsible for the security of your credentials and for all activity in your account. You must be at least 18 years old and capable of entering into a binding contract.
The Service is offered in two sales contexts: (a) the Freelancer plan, which is sold to individuals — including self-employed persons, freelancers, sole traders, independent contractors, and solo consultants — for use in their independent professional or business activity; and (b) the Startup and Enterprise plans, which are sold to legal entities (companies, partnerships, non-profits, public bodies) for use by their personnel. If you accept these Terms on behalf of an organisation under (b), you confirm that you have authority to bind that organisation, and "you" / "Customer" refers to that organisation. The Service is a professional time-management, billing, and operations tool; it is not designed for purely personal, household, or recreational use unrelated to a professional or business activity.
Where you qualify as a "consumer" under applicable law (for example, a natural person acting outside trade, business, craft, or profession within the meaning of Article 2(1) of EU Directive 2011/83/EU), the mandatory rights conferred on consumers — including the 14-day right of withdrawal where applicable — apply notwithstanding any other provision of these Terms and are not waived. The DPA and the "authority to bind the organisation" language in these Terms apply only to sales context (b).
3. Subscriptions, payment, and trial
- Pricing for each plan is published at https://timeros.ai/pricing. We may change pricing on 30 days' notice for the next billing cycle.
- Free trial: 14 days. We collect a payment method during trial via Stripe; we do not charge until the trial ends. Cancel at any time during the trial to avoid charge.
- Subscriptions renew automatically each billing cycle until cancelled. Cancellation takes effect at the end of the current paid period.
- Refunds: 14-day money-back guarantee on first purchase. After that, refunds are at our discretion and as required by mandatory consumer-protection law in your country.
- Taxes: prices exclude VAT, GST, or sales tax unless stated. We charge applicable taxes based on your billing address.
- Payment processing: by Stripe. We do not store full card numbers. Stripe is our sub-processor and acts as a separate controller for fraud prevention.
4. Acceptable use
You agree to comply with the Acceptable Use Policy, which is incorporated by reference. In short: no illegal use, no harming the Service or others, no use of TimerOS to violate workers' or third parties' rights.
5. Data processing — controller and processor relationship
For personal data of your employees, contractors, clients, and other individuals whose data you upload to or generate in the Service ("Customer Personal Data"), you are the data controller and TimerOS is the data processor. Our processing of Customer Personal Data is governed by the Data Processing Agreement ("DPA"), which is incorporated by reference and which you accept by accepting these Terms.
For your own account information (your name, email, billing info), TimerOS is the controller. See the Privacy Policy.
6. Customer responsibilities for employee monitoring (this clause is load-bearing — read carefully)
You acknowledge that:
(a) The Service tracks time, work activity, and (where you enable it) activity classifications generated by a local AI classifier on the worker's device.
(b) Workplace monitoring is regulated under the laws of the workers' country of residence and place of work. Examples include but are not limited to: GDPR Art. 88; national employment privacy laws in Germany (BDSG §26), France (Code du travail L1121-1 et seq.), Italy (Statuto dei Lavoratori Art. 4), Spain (Estatuto de los Trabajadores Art. 20.3), the Netherlands (Wet bescherming persoonsgegevens / works-council consent under WOR), Austria, Belgium and Poland; in the United States, statutes including but not limited to N.Y. Civil Rights Law §52-c, Conn. Gen. Stat. §31-48d, Del. Code §19-705, and California Labor Code §435 and §638(g).
(c) You — not TimerOS — are responsible for:
- providing written notice (the Employee Monitoring Notice) to your workforce, in their language, before activating activity detection in the desktop application;
- obtaining consent or fulfilling any other lawful basis required in their jurisdiction;
- consulting and obtaining the agreement of works councils, employee representatives, or trade unions where required by national law;
- maintaining records of consent and consultation as required by national law;
- acknowledging in the TimerOS admin console, at the point where activity detection is enabled, that the Employee Monitoring Notice has been delivered to the affected workforce. This acknowledgement is recorded on your tenant with the acting admin's user ID, timestamp, IP address, and the notice version, and is binding on the Customer organisation.
A template Employee Monitoring Notice is provided at policies-customer-facing/employee-monitoring-notice-template.md for your convenience. The template is not a substitute for local legal advice.
(d) You agree not to use the activity classification output of the Service as the sole basis for any decision affecting a worker's employment, pay, discipline, demotion, promotion, or termination. The classification is provided for self-observation, resource allocation, and identification of broad team trends. Any employment-related decision must be made by a human, based on a wider body of evidence and following the procedures required by your local labour law.
If you fail to comply with (a)–(d), you indemnify TimerOS for any resulting claims, fines, or losses, including under Section 13.
6A. Manual time-entry editing
The Service permits Customer's administrators and authorised users to create, edit, correct, and delete time entries after the fact. Customer is solely responsible for ensuring that such edits are made in accordance with applicable wage-and-hour, working-time, payroll, and recordkeeping law in each jurisdiction where its workers perform work (for example, the U.S. Fair Labor Standards Act and state equivalents, the EU Working Time Directive and national transpositions, and any applicable collective-bargaining agreements). Customer must not use the edit functionality to falsify records of hours worked, to suppress overtime, or otherwise to defeat statutory protections for workers.
TimerOS records every create, edit, and delete action against a time entry in an append-only audit log — no TimerOS interface (UI or API) can edit or delete an entry; this is enforced at the application and database layer (there is no PATCH or DELETE route for audit-log records, and the ORM layer rejects in-place updates and deletes via pre-hooks). It is not storage-level immutable (a privileged operator with direct database access could in principle alter the raw collection), so TimerOS does not claim cryptographic or WORM immutability. The log captures the before/after values, the acting user, the timestamp (UTC), the source IP, and the reason field (where supplied). The audit log is retained for the life of the tenant plus the retention period set out in the DPA and is accessible to Customer's administrators through the admin console. TimerOS does not modify Customer time entries and provides no warranty that Customer's editing practices comply with local law — that responsibility, and any liability for non-compliance, rests with Customer.
7. Service availability
We operate the Service to a non-binding monthly uptime target of 99.5% for paid plans, as set out in the SLA. For the launch period this is an operational target only: it is not a contractual guarantee and carries no service credits. Binding uptime commitments and a service-credit remedy are reserved for a future Enterprise SLA. Free-trial accounts are provided "as is" without any availability commitment.
8. Intellectual property
We grant you a worldwide, non-exclusive, non-transferable, revocable licence to use the Service during your subscription. All right, title, and interest in the Service and in our trademarks remain with TimerOS.
You retain all rights in Customer Personal Data and in your tenant content. You grant us a worldwide, non-exclusive licence to host, process, transmit, copy, and display Customer Personal Data and tenant content only to the extent required to provide and improve the Service, and only in accordance with the DPA. We do not use Customer Personal Data to train AI models. The on-device classifier is a scored rule engine combined with a small on-device statistical classifier whose weights are fixed at install time; both layers are deterministic for a given installed version. It does not learn from your data, it is not retrained from your data, and no telemetry from the classifier is sent to TimerOS. We maintain a model card and an EU AI Act applicability assessment for the classifier, available to competent authorities on request.
Feedback you give us about the Service is non-confidential, and we may use it without restriction.
9. Confidentiality
Each party will protect the other's Confidential Information with at least the same care it uses for its own confidential information (and no less than reasonable care). "Confidential Information" excludes information that is or becomes public through no fault of the receiver, was already known, is independently developed, or is disclosed lawfully by a third party.
10. Suspension and termination
We may suspend or terminate your access if you materially breach these Terms (including non-payment) and fail to cure within 14 days of written notice, or immediately for any breach of Sections 4, 6(d), or for legal compliance reasons. You may terminate at any time by cancelling your subscription; access continues to end of paid period. On termination we delete Customer Personal Data per Section 12 of the DPA.
11. Warranty disclaimer
To the maximum extent permitted by law, the Service is provided "as is" and "as available." We disclaim all implied warranties including merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the Service will be uninterrupted, error-free, or that the AI classifier outputs will be accurate. Mandatory consumer-protection rights (where you qualify as a consumer) are not affected.
12. Limitation of liability
To the maximum extent permitted by law:
- Neither party is liable for indirect, incidental, consequential, special, punitive, or exemplary damages, or for loss of profits, revenue, goodwill, anticipated savings, business opportunity, or data — even if advised of the possibility.
- Our total aggregate liability for any claim arising out of or related to these Terms or the Service is capped at the amounts you paid us in the 12 months preceding the event giving rise to the claim.
- Nothing in this Section limits liability for fraud, gross negligence, wilful misconduct, death or personal injury caused by negligence, or any liability that cannot be limited under applicable law (including liabilities under GDPR Art. 82 to data subjects which run directly under the regulation).
13. Indemnification
You will defend, indemnify, and hold harmless TimerOS from and against any third-party claims, costs, damages, losses, liabilities, and expenses (including reasonable legal fees) arising out of or related to:
(i) your breach of Section 6 (Customer monitoring responsibilities) or the DPA; (ii) your tenant content infringing the rights of any third party; (iii) your use of the Service in violation of any law; (iv) any employee/worker claim against you arising from your monitoring activities, where your handling of notice, consent, or consultation was deficient.
14. Governing law and jurisdiction
These Terms are governed by the laws of Bulgaria, excluding its conflict-of-laws rules and the UN Convention on Contracts for the International Sale of Goods. Each party submits to the exclusive jurisdiction of the courts of Kardzhali, Bulgaria. EU consumers retain the right to bring claims in their country of residence. EU consumers may also use the online dispute-resolution platform at ec.europa.eu/consumers/odr.
15. Changes to these Terms
We may update these Terms; changes take effect on the date stated when posted. We will give the account owner at least 30 days' notice of material changes (changes that reduce your rights, increase your obligations, or change pricing) by email and in-app. If you do not accept the change you may terminate before it takes effect.
16. Miscellaneous
- Entire agreement. These Terms, the Privacy Policy, the DPA, the AUP, the SLA, and any order form together form the entire agreement between us, and supersede prior agreements on the same subject matter. In case of conflict the order is: order form > DPA > Terms > AUP > Privacy Policy > SLA.
- Assignment. You may not assign these Terms without our consent. We may assign in connection with a merger, acquisition, or sale of assets.
- Severability. If any provision is unenforceable, the remainder remains in force.
- No waiver. Failure to enforce is not waiver.
- Force majeure. Neither party is liable for delays caused by events beyond reasonable control.
- Notices. To TimerOS: support@timeros.ai with copy to Vezoft, with registered office in Kardzhali, Bulgaria (see Imprint for the full registered address). To you: the email address on your account.
- Export controls. You confirm you are not on a US, EU, or UK sanctions list and are not located in a comprehensively sanctioned country.
Contact: Vezoft, with registered office in Kardzhali, Bulgaria (see Imprint for the full registered address). Email support@timeros.ai. Bulgarian Commercial Register No. (EIK) 202823109.