STAGING ENVIRONMENT - Test system only. Do not enter real customer, payment, tax or sensitive personal data.
Extractly

Legal

Acceptable Use Policy

Review the current Extractly Acceptable Use Policy.

Version v1.0.0 · Published Jun 28, 2026

Extractly Acceptable Use Policy

Version: 1.0 Effective date: 16 June 2026

This Acceptable Use Policy explains what you may and may not do when using Extractly.

Extractly is operated by Utracki Systems Ltd, a private limited company registered in England and Wales under company number 17038660, with its registered office at 124-128 City Road, London EC1V 2NX, United Kingdom.

You can contact us at [email protected]. For suspected misuse, abuse or security issues, please include [security] or [support] in the subject line.

1. About this Policy

This Policy forms part of the Extractly Terms of Service.

By creating an account, accessing Extractly, uploading files, using any feature, using support, starting a trial, purchasing a subscription or continuing to use the service, you agree to this Policy.

If you breach this Policy, we may suspend, restrict, freeze or terminate your account and take other action described below.

2. Purpose of Extractly

Extractly is intended to help legitimate users upload, store, organise, review, approve, archive and export business receipts, invoices, income records, expense records and related documents.

You must use Extractly only for lawful business, accounting, tax, archive, bookkeeping, record-keeping or related administrative purposes.

Extractly must not be used for unlawful, harmful, fraudulent, abusive, misleading or unauthorised purposes.

3. Your responsibility

You are responsible for:

  • everything uploaded, entered, approved, generated or submitted through your account;
  • ensuring that you have the right to process uploaded documents;
  • ensuring that uploaded content is lawful;
  • ensuring that personal data is processed lawfully;
  • ensuring that authorised users comply with this Policy;
  • reviewing extracted data before relying on it;
  • maintaining your own records and backups where required;
  • keeping your login details secure;
  • notifying us promptly about suspected unauthorised access or misuse.

If you use Extractly on behalf of a business, organisation, client, employer or other legal entity, you are responsible for ensuring that such use is authorised and lawful.

4. Prohibited content

You must not upload, submit, create, store, process, transmit or share content that:

  • is unlawful;
  • is fraudulent, forged, stolen, fabricated or misleading;
  • infringes intellectual property rights or confidentiality obligations;
  • contains malware, viruses, ransomware, spyware, worms, trojans, exploit code or harmful scripts;
  • is designed to attack, disrupt, bypass, scan or compromise systems;
  • contains payment card data where not necessary or not lawfully handled;
  • contains unnecessary special category data;
  • contains unnecessary criminal offence data;
  • contains children’s data unless strictly necessary and lawful;
  • contains stolen identity documents or unlawfully obtained personal data;
  • relates to money laundering, tax evasion, sanctions evasion, terrorist financing or other criminal activity;
  • is defamatory, abusive, threatening, harassing or discriminatory;
  • is pornographic or sexually exploitative;
  • promotes violence, self-harm, exploitation or illegal activity;
  • creates legal, security, regulatory, reputational or operational risk for Extractly.

We may remove, quarantine, restrict or refuse to process content that we reasonably believe breaches this Policy.

5. Receipts, invoices and business records

You must only upload receipts, invoices and business records that you have a legitimate right and lawful basis to process.

You must not use Extractly to:

  • create fake receipts;
  • alter records for fraudulent purposes;
  • hide, misstate or falsify business records;
  • submit knowingly incorrect data;
  • support tax evasion, VAT fraud, false accounting or money laundering;
  • process stolen or unlawfully obtained documents;
  • impersonate another business;
  • misrepresent your expenses, income, VAT or tax position.

Extractly is a record organisation and data extraction tool. It is not a tool for creating fraudulent evidence or misleading records.

6. Personal data and privacy

You must not upload or process personal data through Extractly unless you have a lawful basis to do so.

If you upload documents containing personal data about customers, suppliers, employees, contractors, tenants, clients or other individuals, you are responsible for:

  • providing required privacy notices;
  • having a lawful basis;
  • ensuring the data is relevant and not excessive;
  • avoiding unnecessary sensitive data;
  • responding to data subject requests where you are responsible;
  • complying with applicable data protection law.

You must not upload unnecessary special category data, criminal offence data, children’s data or highly sensitive personal data unless it is lawful, necessary and compliant with applicable data protection law.

7. Security misuse

You must not:

  • attempt to access another user’s account, files, records, exports, billing information or support tickets;
  • attempt to bypass authentication, authorisation, plan limits, feature limits, payment checks or security controls;
  • probe, scan, test or exploit vulnerabilities without written permission;
  • perform penetration testing without written authorisation;
  • attempt SQL injection, cross-site scripting, request forgery, command injection, path traversal or similar attacks;
  • interfere with session security, CSRF protection, signed URLs, storage permissions or access controls;
  • use stolen credentials;
  • share login details with unauthorised persons;
  • use bots, scripts or automation to attack, scrape, spam, overload or abuse the service;
  • attempt to reverse engineer, decompile or extract source code except where permitted by law;
  • interfere with logging, monitoring, billing, metering or audit controls;
  • attempt to disable, evade or manipulate rate limits.

Security research must be authorised in advance. Suspected security issues should be reported to [email protected] with the subject [security].

8. System abuse and excessive use

You must not use Extractly in a way that harms, disrupts, overloads or degrades the service.

Prohibited behaviour includes:

  • excessive uploads designed to overload the system;
  • automated account creation;
  • repeated duplicate uploads to bypass limits;
  • unusually high processing volume outside plan limits;
  • scraping or harvesting data;
  • denial-of-service activity;
  • queue flooding;
  • API abuse;
  • excessive support ticket creation;
  • repeated failed login attempts;
  • repeated export generation designed to overload storage or processing;
  • using Extractly as general file storage unrelated to receipts, invoices or business records;
  • using Extractly to host or distribute files to others.

We may apply rate limits, file limits, usage limits, storage limits, fair use controls and other protections.

9. Trial, billing and credit abuse

You must not misuse trials, subscriptions, receipt credits, refunds, chargebacks or billing features.

Prohibited behaviour includes:

  • creating multiple trial accounts to avoid paying;
  • using false or stolen payment details;
  • buying credits, using them and then raising unjustified chargebacks;
  • intentionally triggering payment disputes after receiving service;
  • bypassing subscription limits;
  • exploiting billing errors;
  • reselling or sharing paid access without permission;
  • manipulating usage counters;
  • using scripts to consume free allowances unfairly;
  • using Extractly for fraudulent payment or refund schemes.

Billing abuse may result in suspension, termination, refusal of refunds, loss of credits, recovery of fees, reporting to payment providers or other action.

10. Account sharing and authorised users

You must keep your account secure.

Unless a feature expressly allows multi-user access, you must not share your login details with unauthorised persons.

If you allow staff, contractors, accountants, bookkeepers or advisers to access your account, you are responsible for their actions.

Where multi-user features are available, each user should have their own authorised login where possible.

You must promptly remove access for anyone who no longer needs it.

11. API and automation use

If Extractly provides API access, integrations, webhooks, import tools, automation tools or developer features, you must use them responsibly and only as permitted.

You must not:

  • exceed documented rate limits;
  • use APIs to bypass billing or plan limits;
  • access data you are not authorised to access;
  • create unstable integrations;
  • send malformed, abusive or excessive requests;
  • use APIs for spam, scraping, credential attacks or unauthorised monitoring;
  • share API keys or secrets publicly;
  • hard-code secrets in public repositories;
  • ignore deprecation notices or security instructions.

We may rotate, revoke, suspend or restrict API keys where necessary.

12. Support misuse

Support tools are provided to help with legitimate product, billing, account and technical issues.

You must not use support tools to:

  • harass, threaten or abuse staff, contractors or representatives;
  • submit spam;
  • upload malware;
  • submit repeated duplicate tickets without reason;
  • make knowingly false claims;
  • attempt social engineering;
  • request access to another user’s data;
  • bypass security or identity checks;
  • demand accounting, tax, legal or financial advice as part of product support.

We may restrict support access if support features are abused.

13. Misrepresentation

You must not misrepresent:

  • your identity;
  • your business;
  • your authority to use an account;
  • your ownership of uploaded records;
  • your relationship with Extractly;
  • Extractly’s capabilities;
  • HMRC or MTD status;
  • tax, accounting or legal treatment of extracted data;
  • AI/OCR accuracy;
  • generated exports or archive files.

You must not state or imply that Extractly has certified, approved, audited or endorsed your records unless we have expressly confirmed this in writing.

14. Resale and competing use

You must not resell, white-label, sublicense, rent, lease, provide bureau access to, or commercially exploit Extractly as a competing service without written permission.

You must not use Extractly to build, train, benchmark, copy or improve a competing product or service, except where expressly permitted by law.

Accountants, bookkeepers or advisers may use Extractly for legitimate client work only where their plan, permissions and agreement with us allow it.

15. Intellectual property misuse

You must not:

  • copy Extractly’s software, design, workflows, interface, branding, text, documentation, database structure or proprietary processes;
  • remove copyright, trademark or proprietary notices;
  • use Extractly branding in a misleading way;
  • register confusingly similar domains, names or marks;
  • create derivative services based on Extractly without permission;
  • scrape or copy content for commercial reuse.

You retain ownership of your uploaded business records, but you must not misuse Extractly’s intellectual property.

16. Compliance with law

You must comply with all laws and regulations applicable to your use of Extractly.

This may include laws relating to:

  • data protection;
  • privacy;
  • tax;
  • VAT;
  • accounting records;
  • company records;
  • consumer protection;
  • employment records;
  • landlord records;
  • confidentiality;
  • intellectual property;
  • anti-money laundering;
  • sanctions;
  • fraud;
  • computer misuse;
  • electronic communications;
  • professional regulation.

You are responsible for obtaining professional advice where needed.

17. Sanctions and restricted use

You must not use Extractly if doing so would breach sanctions, export controls, trade restrictions or other legal restrictions.

You must not use Extractly for or on behalf of sanctioned persons, sanctioned entities or prohibited jurisdictions where this would breach applicable law or provider restrictions.

We may suspend or terminate access where sanctions, payment provider rules, hosting provider rules or legal restrictions apply.

18. Monitoring and enforcement

We may monitor usage, logs, uploads, support activity, billing activity and technical behaviour to operate, secure and protect Extractly.

We are not required to monitor all content, but we may investigate suspected breaches.

If we believe you have breached this Policy, we may:

  • warn you;
  • remove, quarantine or restrict content;
  • block uploads;
  • pause processing;
  • restrict exports;
  • apply rate limits;
  • suspend features;
  • freeze the account;
  • require identity or ownership checks;
  • cancel subscriptions;
  • terminate the account;
  • refuse refunds where permitted;
  • preserve evidence;
  • report matters to payment providers, hosting providers, regulators, law enforcement or other authorities where appropriate;
  • take legal action.

Our response will depend on severity, risk, intent, repeat behaviour, legal obligations and impact on Extractly or others.

19. Content removal and account restriction

We may remove or restrict access to content if we reasonably believe that:

  • it breaches this Policy;
  • it is unlawful;
  • it creates security risk;
  • it contains malware or harmful code;
  • it infringes third-party rights;
  • it contains unnecessary sensitive data;
  • it may expose Extractly to legal or regulatory risk;
  • it causes technical instability;
  • it breaches provider rules;
  • we are required to remove it by law, regulator, court, provider or payment partner.

We may not always provide advance notice where immediate action is needed.

20. Reporting abuse

To report suspected misuse of Extractly, contact:

[email protected]

Use the relevant subject line:

  • [security] for security issues;
  • [support] for account misuse or product abuse;
  • [legal] for legal complaints or rights issues;
  • [privacy] for privacy or data protection concerns.

Please include enough detail for us to investigate, such as account email, business name, file reference, URL, screenshot, date, time and description of the issue where available.

21. Appeals

If your account or content is restricted and you believe this was a mistake, you may contact us at [email protected] with the subject [support] Account restriction appeal.

We may ask for information to verify your identity, authority, ownership of records or lawful use.

We are not required to reinstate access where we reasonably believe that doing so would create legal, security, payment, provider, operational or reputational risk.

22. Changes to this Policy

We may update this Policy from time to time.

If changes are material, we may notify you by email, in-app notice, account notice or by requiring acceptance of updated legal documents.

Continued use of Extractly after the updated Policy takes effect means you accept the updated Policy.

23. Contact

For questions about this Acceptable Use Policy, contact:

Utracki Systems Ltd 124-128 City Road London EC1V 2NX United Kingdom

Email: [email protected] Suggested subject: [legal] Acceptable Use Policy