DATA PROTECTION AND PRIVACY

ORGANIZATIONAL COMMITMENT

Xtracto ("the Organization") maintains unwavering dedication to protecting the privacy and safeguarding the confidentiality of all individuals who engage with its Xtracto file extraction application, complementary browser add-ons, and related technological solutions ("Platform"). This comprehensive documentation establishes the Organization's information handling methodologies, operational guidelines, and regulatory compliance obligations under applicable international legislation.
Platform installation or utilization constitutes user ("Individual") confirmation of acceptance regarding the standards, accountability measures, and foundational principles detailed throughout this Framework. The Organization implements rigorous procedures to satisfy or surpass current legal mandates, encompassing the European Union General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and additional relevant legislation across the United States and globally.

REGIONAL REGULATORY HIGHLIGHTS

European Economic Area and United Kingdom (GDPR) The Organization acknowledges that diverse geographical regions establish distinct privacy and information usage requirements. For European Economic Area (EEA) and United Kingdom residents, the Organization processes Personal Information based on legitimate legal foundations including Contractual Necessity, Legitimate Interest, and explicit Consent when legally mandated.

California (CCPA) California residents should reference the specialized California Privacy Addendum below, explaining their entitlements to access, modify, and eliminate personal information, plus opt-out privileges regarding information "distribution" or "sharing" for cross-contextual behavioral advertising purposes.

Additional United States Jurisdictions Other United States residents may possess supplementary entitlements including requesting personal detail corrections or objecting to specific targeted advertising activities.

FRAMEWORK SCOPE AND USER ACCEPTANCE

This documentation governs comprehensive aspects of information acquisition, management, and Individual responsibilities during Platform engagement. Downloading, installing, or accessing Xtracto through any method constitutes Individual acknowledgment and consent to policies and provisions described herein.
Continued Platform utilization signifies ongoing acceptance. Individuals disagreeing with these provisions should immediately discontinue Platform usage.

INFORMATION ACQUISITION PRACTICES

The Organization obtains information essential for operational functionality, user assistance, and fulfilling diverse legal obligations. Personal Information encompasses identifiers or details revealing Individual-specific identity, including Internet Protocol addresses, electronic mail addresses provided during user communications, or unique device signatures (such as Media Access Control addresses).
Non-Personal Information consists of technical or aggregated data insufficient for individual identification independently, including device classifications, installed browser versions, general geographic approximations, and usage patterns illuminating Individual Platform interactions.

DETAILED DATA CATEGORIES AND PROCESSING PURPOSES

The Organization may acquire the following information categories to deliver and enhance Platform functionality:
Technical Information: Internet Protocol addresses, hardware model identifiers, operating system specifications, and browser configurations. Such data supports device compatibility assessment, diagnostic procedures, and robust platform maintenance.
Communication Details: Electronic mail addresses and messages transmitted to the Organization's support channels facilitate personalized technical assistance, expedite troubleshooting procedures, and enable necessary follow-up communications.
Performance Metrics: Aggregated data demonstrating usage frequency, feature engagement, or software performance assists the Organization in improving overall user experience, identifying potential system vulnerabilities, and informing future software updates or enhancements.
Security Information: Activity logs or authentication tokens capturing suspicious or anomalous behavior undergo processing to prevent fraudulent or unauthorized activities and ensure compliance with lawful directives.

INFORMATION ACQUISITION METHODOLOGIES

Automatic Collection: Information may undergo automatic acquisition through cookies or server logs documenting Platform access and utilization patterns.
Voluntary Provision: Individuals might voluntarily supply information through electronic mail inquiries or support requests addressing technical challenges.
Both methodologies facilitate efficient and beneficial user experiences.

CROSS-BORDER DATA TRANSFERS

The Organization may transfer information across international boundaries, particularly when servers, data centers, or service providers operate outside Individual home jurisdictions. Personal Information transfers comply with recognized safeguard mechanisms, including Standard Contractual Clauses or similar frameworks ensuring elevated data protection standards.

INFORMATION SECURITY PROTOCOLS

Personal Information protection involves commercially reasonable measures, including encryption protocols, restricted access controls, and regular audits identifying potential security vulnerabilities. Nevertheless, no security measure combination can guarantee absolute impenetrability.
Individuals suspecting unauthorized access incidents should contact the Organization at [email protected].

DATA RETENTION POLICIES

Information preservation continues only for durations necessary to fulfill original acquisition purposes, including facilitating product functionality, adhering to legal obligations, or resolving disputes. Once information retention becomes unnecessary, the Organization anonymizes or securely disposes of such data.
Personal Information typically remains stored for three years following final Platform interaction, unless extended retention becomes necessary for legal compliance or dispute resolution purposes.

INFORMATION SHARING PRACTICES

The Organization refrains from arbitrary Personal Information disclosure; however, such information may undergo sharing under specific circumstances:
Service Provider Relationships: Trusted partners or vendors (cloud hosting entities, analytics firms) requiring information access to execute contracted tasks on the Organization's behalf.
Legal or Regulatory Compliance: Governmental or judicial authorities may require user information access consistent with valid legal processes or mandates.
Corporate Transaction Events: During merger, acquisition, or restructuring events, user information could transfer as transaction components.
Fraud Prevention Measures: Relevant details may be exchanged with appropriate entities to prevent malicious or unauthorized activities compromising Individual or Organization interests.

INDIVIDUAL RIGHTS AND ENTITLEMENTS

Individuals within certain jurisdictions possess various Personal Information rights, including requesting access to, rectification or deletion of, or processing restrictions regarding such information. California residents retain specific CCPA rights, including knowledge of collected information, deletion of such information, and opt-out capabilities for certain disclosures.
All Individuals seeking rights exercise should direct requests to [email protected].

CHILDREN'S PRIVACY PROTECTION

The Platform excludes individuals under sixteen (16) years of age from intended usage. The Organization avoids knowingly soliciting or storing personal details from minors. Any inadvertently obtained minor information undergoes prompt deletion upon discovery.

DO NOT TRACK SIGNAL RESPONSE

Currently, Xtracto does not actively respond to Do Not Track signals or equivalent mechanisms. Industry standard "DNT" resources provide additional details, but no Organization data collection policy changes occur responding to these indications.

FRAMEWORK MODIFICATION PROCEDURES

The Organization reserves authority to update or modify this documentation at sole discretion addressing evolving legal requirements, technological advances, or operational changes. Material revisions receive announcement through postings or notifications enabling user review of updates.

ADDITIONAL PROVISIONS: LIABILITY DISCLAIMERS AND LIMITATIONS

Performance Disclaimers All Platform aspects, including Xtracto and associated utilities, operate under "AS IS" and "AS AVAILABLE" conditions, without explicit or implied performance warranties. Within maximum legal extent, the Organization disclaims all warranties, including commercial viability, application-specific fitness, and intellectual property non-infringement.
Liability Restrictions Under no circumstances shall the Organization's total cumulative liability for claims, losses, or damages exceed Ten (10) United States Dollars. This limitation persists regardless of claim nature or quantity.

INDIVIDUAL REPRESENTATIONS

Platform utilization constitutes Individual warranty of legal authority to establish binding agreements. Individuals under sixteen (16) years of age face strict Platform utilization prohibition. Installing and operating Platform functionality represents Individual confirmation of meeting applicable legal requirements.

THIRD-PARTY CONTENT AND EXTERNAL LINKS

The Organization disclaims responsibility for materials, websites, or resources operated by external parties. Although Platform functionality may embed or reference external content, the Organization neither manages nor endorses such content and bears no liability for damages or losses arising from third-party sites, advertisements, or offerings.

PROHIBITED USER CONDUCT

No Individual may undertake reverse engineering, unauthorized information harvesting, security protocol dismantling, or prohibited maneuvers circumventing software legitimate functionality. Restriction violations may result in suspension, termination, or alternative remedial measures.

SYSTEM CONFIGURATION MODIFICATIONS

Xtracto installation or updates may prompt system setting adjustments, including Individual default homepage modifications, search engine preference changes, or additional configurations. Some modifications remain integral to sustaining software core features, upgrade pathways, or monetization models through advertising or affiliate partnerships.
Individuals not consenting to these modifications should discontinue installation or remove software.

INDIVIDUAL INDEMNIFICATION OBLIGATIONS

Each Individual commits to defend, indemnify, and protect the Organization from legal claims, liabilities, costs, damages, or expenses (including legal representation fees) stemming from Platform misuse, provision breaches, or third-party rights infringements.

GOVERNING LAW AND MISCELLANEOUS PROVISIONS

This documentation operates under and interprets according to the Organization's principal jurisdiction laws, excluding conflict-of-law provisions. Legal actions arising hereunder undergo hearing in Organization-selected venues.
Should any clause receive unenforceable determination, such finding will not invalidate remaining provisions. This documentation represents complete agreement, superseding previous communications, with Organization assignment discretion. No third-party beneficiaries exist regarding these provisions.

CALIFORNIA PRIVACY ADDENDUM

CALIFORNIA RESIDENT INTRODUCTION

This addendum addresses California State residents according to California Consumer Privacy Act (CCPA) provisions. Unless otherwise specified, main Privacy Framework defined terms apply here.

PERSONAL INFORMATION COMMERCIAL TRANSACTIONS

The Organization refrains from Personal Information sale for monetary compensation within the preceding twelve-month period. Some information categories could undergo third-party sharing for cross-contextual behavioral advertising or similar purposes. Any category subject to sale or sharing practices appears in the designated section below.

PERSONAL INFORMATION CATEGORIES ASSESSMENT

Personal Information Categories Collected
Category A - Individual Identifiers Examples: Internet Protocol addresses, electronic mail details Collection Status: Collected
Category B - Personal Records Information Examples: Purchase history, billing information Collection Status: Not Collected
Category C - Protected Classification Characteristics Examples: Race, gender, ethnicity Collection Status: Not Collected
Category D - Commercial Transaction Information Examples: Transaction records, purchased products Collection Status: Not Collected
Category E - Biometric Data Examples: Fingerprints, facial recognition information Collection Status: Not Collected
Category F - Internet or Network Activity Examples: Browsing information, interaction data Collection Status: Collected
Category G - Geographic Location Information Examples: Specific location tracking Collection Status: Not Collected
Category H - Sensory Information Examples: Audio recordings, telephone calls Collection Status: Not Collected
Category I - Professional or Employment Information Examples: Job titles, employer details Collection Status: Not Collected
Category J - Educational Information Examples: Academic records, transcripts Collection Status: Not Collected
Category K - Inference Data Examples: Profile analysis, preference information Collection Status: Collected

BUSINESS PURPOSE PERSONAL INFORMATION DISCLOSURES

Personal Information Business Purpose Disclosures
Category A - Individual Identifiers Recipient Classification: Service providers (hosting, analytics) Business Purpose: Basic account management, troubleshooting
Category F - Internet or Network Activity Recipient Classification: Business partners providing security verification Business Purpose: Fraud detection, platform integrity
Category K - Inference Data Recipient Classification: Service providers offering user metrics Business Purpose: Personalization, feature improvement
All Other Categories Disclosure Status: Not Disclosed Business Purpose: Not Applicable

PERSONAL INFORMATION SALE OR SHARING

Personal Information Commercial Distribution or Sharing
All Categories (A through K) Recipient Classification: None Distribution Purpose: No categories undergo sale or sharing
Since the Organization currently refrains from engaging in Personal Information selling or sharing constituting "sale" under CCPA definitions, this assessment reflects that no Personal Information categories undergo such transactions.

ORGANIZATIONAL INFORMATION ACQUISITION METHODS

California Personal Information may be obtained directly from Individuals through registration forms or contact inquiries. Information may also undergo automatic gathering as Individuals navigate Platform functionality, including through cookies, system logs, or similar technologies.
Additional details regarding information-gathering methodologies appear in the main Privacy Framework.

PERSONAL INFORMATION UTILIZATION PURPOSES

Collected Personal Information serves various legitimate functions including fulfilling service requests, adhering to regulatory responsibilities, improving product capabilities, and maintaining robust security protocols.

INFORMATION RETENTION PRACTICES

California Personal Information retention periods follow standard policies established in the main Privacy Framework, ensuring information maintenance only as long as necessary for original collection purposes, unless legal or operational requirements mandate otherwise.

CALIFORNIA CONSUMER RIGHTS FRAMEWORK

California Privacy Rights
Right to Access Information Details: Individuals can request disclosure of Personal Information categories and specific pieces collected, used, or shared
Right to Information Deletion Details: Individuals may request removal of certain Personal Information, subject to legal exceptions
Right to Information Correction Details: Individuals can request corrections of inaccurate or outdated information
Right to Opt-Out of Commercial Distribution Details: Individuals can direct the Organization not to sell or share Personal Information for cross-contextual behavioral advertising, when such transactions occur
Right to Limit Sensitive Personal Information Processing Details: If sensitive information undergoes secondary purpose usage, Individuals may limit its utilization, when applicable
Right to Non-Discriminatory Treatment Details: The Organization will not deny services or provide lesser quality for rights exercise
Right to Information Portability Details: The Organization will provide available Personal Information in portable, commonly used formats upon valid request

RIGHTS EXERCISE PROCEDURES AND AUTHORIZED REPRESENTATIVES

California consumers or authorized agents may submit verifiable requests by contacting [email protected]. To ensure Personal Information privacy and security, the Organization may request additional information confirming requester identity or agent authority to act on consumer behalf.

FINANCIAL INCENTIVE NOTIFICATION

No financial incentives (including discounts, loyalty programs, or alternative remunerations) are offered by the Organization in exchange for Personal Information collection or utilization.

ANNUAL REVIEW COMMITMENT

This California addendum undergoes yearly review, with the beginning document date reflecting its most recent modification.
All Individuals receive encouragement to revisit these provisions periodically remaining informed about rights scope and Organization obligations. Continued Xtracto utilization constitutes Individual acknowledgment of reading, understanding, and agreeing to this documentation as currently published.

Last Modified: March 2025