Privacy Policy

At Xtracta, we take privacy very seriously.

Our privacy policy communicates to you how we treat personal information. We, Xtracta Ltd encourage you to read this Policy carefully. It will help you make informed decisions about sharing your personal information with us.

By accessing our Website and using our Service (Data Extraction Service), you consent to the terms of this Policy and agree to be bound by it.


Policy: privacy policy
Supplier: Xtracta Ltd NZ
You: the person accessing the website
Licensee: the legal entity of the organisation contracting with the Supplier enabling provision of service to the user

We collect your personal information

Xtracta may collect personal information directly from you when you:

• register to use the Service,
• use the Service,
• contact the Xtracta support team, and
• visit our Website.

Accessing our Website

We collect personal information from you, including information about your:

• name
• contact information
• your IP address

We collect your personal information in order to:

•  contact you in relation to your inquiry about using the Xtracta service

Providing some information is optional. If you choose not to enter contact information , we may be unable to respond to your inquiry.

We keep your information safe by storing it in password protected systems.

You have the right to ask for a copy of any personal information we hold about you, and to ask for it to be corrected if you think it is wrong. If you’d like to ask for a copy of your information, or to have it corrected, please contact us at, or +64-9-9510448.

Hypertext links are provided to external sites for information only. Xtracta does not accept any responsibility for the content or accuracy of those sites.

Xtracta uses cookies

Xtracta utilises “cookies” in providing our website service. A cookie is a small text file that is stored on your computer for record-keeping purposes. A cookie does not identify you personally or contain any other information about you but it does identify your computer.

We and some of our affiliates and third-party service providers may use a combination of “persistent cookies” (cookies that remain on your hard drive for an extended period of time) and “session ID cookies” (cookies that expire when you close your browser) on the Website to, for example, track overall site usage, and track and report on your use and interaction with ad impressions and ad services.

You can set your browser to notify you when you receive a cookie so that you will have an opportunity to either accept or reject it in each instance. However, you should note that refusing cookies may have a negative impact on the functionality and usability of the Website.

We do not respond to or honour “Do Not Track” requests at this time.

Email Communications Opt-out

Xtracta sends product information, Service updates and Service notifications to you via email. Our emails will contain clear and obvious instructions describing how you can choose to be removed from any mailing list not essential to the Service. Xtracta will remove you at your request.

Using our Service

The Supplier’s privacy policy is designed to protect all Personal Information that is sent to, stored and/or processed by the Data Extraction Services. This policy outlines the Supplier’s policies around access to, and  retention and security of, Personal Information.

Authorised Access

The Supplier will treat the Licensee and its personnel as being authorised to access any Personal Information that is sent to the Data Extraction Services under the Licensee’s account, either directly or to a further sub-organisational group. This includes Personal Information that forms part of data that is not owned by the Licensee but is sent under the Licensee’s use of the Data Extraction Service (such as Personal Information that forms part of the Licensee’s customers’ data). It is the responsibility of the Licensee to obtain all consents and approvals that are necessary for the Licensee and its personnel to access Personal Information as described above.

The Supplier will not disseminate any Personal Information held by it to any 3rd party except:

• Where the Supplier has been given consent by the Licensee;
• To the person whom the Personal Information is about (Data Subject) (generally personnel of the end customer and, where the end customer is an individual, the end customer him/herself), in accordance with applicable law; or
• Where the Supplier is otherwise required to under applicable law.


In some cases, it is possible that there will be authorised access of Personal Information to parties beyond:

•  The Data Subject
• The Licensee and its personnel
• The Supplier and its personnel

This for example could exist in a scenario where an intermediary sits between the Licensee and the end customer – for example such as in a model where the direct customer of the Supplier is a software vendor and there is a “reseller” intermediary with authorised access between the direct customer of the Supplier and the end customer.

In all such cases, it is the responsibility of the Licensee (for the provision of the relevant Service) to obtain all consents and approvals that are necessary for such parties to access the Personal Information as described above.

The Licensee agrees that the Supplier may provide information about which parties have access to Personal Information to the relevant Data Subject, in accordance with applicable law.


Any Personal Information forming part of the Data that is held by the Supplier will be accessible by the Licensee, the Data Subject, any party that the Licensee or the Data Subject has authorised to access it, or any party that otherwise has a legal right to have access to it. This is either through typical access methods to the Supplier’s system(s) or otherwise (for example accessing deleted Personal Information forming part of data held in backup by the Supplier). Charges may apply for access to data that is no longer in the Supplier’s customer facing system(s) (due to for example retrieval costs of that data).

Security of login/access information is solely the responsibility of the Licensee and the Supplier accepts no liability where the Licensee or its personnel have failed to properly secure system access leading to a disadvantageous situation for the Licensee or its personnel or customers (such as unauthorised data access).


The Data Extraction Service(s) are primarily processing based system and as such the Supplier’s retention of Personal Information is generally limited. The Supplier provides no guarantees in relation to the time period that Personal Information will be retained once it enters its system(s).


The Supplier’s Service(s) run via a global network of computers that are located in various countries and jurisdictions. Due to the nature of the Supplier’s system(s), the location for various aspects of the Licensee’s data that passes through its systems will be fixed to certain locations.

The Supplier commits to providing full information on the locations where the Data under the Licensee’s account  is stored or processed.

Data Security

The Supplier undertakes rigorous internal processes and has implemented strong security policies to protect all Personal Information sent, residing or being processed through its system(s). This includes standard industry practices for access management, storage, processing and transit of Personal Information.

The Supplier provides encrypted options for any data to be passed between it and 3rd parties and it highly recommends that 3rd parties utilise only these options for any data transfers.


Where there is any breach of this privacy policy relating to Personal Information forming part of the Data, the Supplier will provide details of the breach to the Licensee as soon as reasonably practicable. This is only within its (the Supplier’s) ability to understand the scope and details of a breach for example what is available within logs, audit histories etc..

Privacy complaints process

If you wish to complain about how we have handled your personal information, please provide our Privacy Officer with full details of your complaint and any supporting documentation:

• by e-mail at, or
• by letter to The Privacy Officer, Xtracta Limited, PO Box 259206, Botany, Auckland 2163, New Zealand.

Our Privacy Officer will endeavour to:

• provide an initial response to your query or complaint within 10 business days, and
• investigate and attempt to resolve your query or complaint within 30 business days or such longer period as is necessary and notified to you by our Privacy Officer.


This policy may be updated from time to time

Xtracta reserves the right to change this Policy at any time, and any amended Policy is effective upon posting to this Website. Xtracta will make every effort to communicate any significant changes to you via email or notification via the Service. Your continued use of the Service will be deemed acceptance of any amended Policy.


Last updated: 20 November 2017