AWS infrastructure
Cloudflare-protected
HTTPS everywhere
Public data only
GDPR-aligned (in progress)
Account & API security
All API keys are scoped, rotatable, and transmitted over HTTPS only. Credentials are hashed at rest. Sessions are token-based with short expiry. You can revoke any key instantly from your dashboard.
Infrastructure
Nextract runs on AWS with Cloudflare in front for DDoS protection, WAF, and rate limiting. Data in transit is encrypted via TLS 1.2+. Storage is encrypted at rest using AES-256.
Data privacy
We collect only what's necessary to operate the platform — your email, billing info, and API usage. We don't sell your data or share it with third parties outside of essential service providers. See our Privacy Policy.
Compliance
We follow GDPR principles for all user account data — lawful basis, data minimisation, and right to deletion. We are working toward full certification. For enterprise compliance questions, reach out directly. See compliance details.
What data we collect
Nextract collects publicly available product data from marketplaces — prices, titles, stock status, rankings, and seller info. We do not collect personal consumer data. All sources are publicly accessible without authentication.
Ethical data practices
We respect platform guidelines, rate limits, and terms of service. Our crawlers use managed proxy rotation with human-like pacing — not brute-force scraping. We focus exclusively on publicly available commerce data for legitimate business intelligence.
Service reliability
We operate 24/7 crawl infrastructure with automated retries, failover, and alerting. API uptime is monitored continuously. For service level commitments, see our SLA.
24/7 crawl monitoring
Automated retries on failure
Status page
Security questions or concerns?
Reach us at hello@nextract.dev — we reply within 2 hours on business days.