enverus online privacy policy

The Enverus Privacy Policy

Why is it important to have a privacy policy?

Enverus takes your privacy seriously. We believe that it is important for you to know how we treat, use, and protect the information you may provide or make available to us. We also believe it is important to be clear and transparent as to what information we collect, what we do with it, and with whom we share it. To this end, this privacy policy describes in detail Enverus’ policies and procedures regarding the collection, use and processing of your online data.

Who regulates Enverus?

With respect to personal information received or transferred, Enverus is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. Further details on information collected from outside the United States can be found later in this document.

Who is covered by the Enverus Privacy Policy?

The Enverus Privacy Policy applies to all Enverus corporate affiliates, including:

• Enverus Holdings, Inc.
• Enverus, Inc.
• Enverus RatedPower, S.L.
• Drilling Information Limited
• DI Ventures, LLC
• DI Digital, S. de R.L. de C.V.
• Drilling Info LLC
• DI Holdings, LLC
• Drilling Info Pte. Ltd.
• DataGenic Limited
• DataGenic, Inc.
• DataGenic India Pvt. Ltd.
• DataGenic S.L.
• Energy Acuity, LLC
• EnergyLink Holdings, LLC
• Red Dog Systems ULC
• GlobalView Software, Inc.
• GlobalView Europe Ltd.
• GlobalData, LLC
• HPDI, LLC
• Oil-Law Records Corporation
• Pattern Recognition Technologies Inc.
• Transform Software and Services, Inc.
• 1Derrick Ltd
• 1Derrick, Inc.
• Marginal Unit, Inc.
• MineralSoft, Inc.
• TransZap Holdings, Inc.
• TransZap, Inc.
• Enverus Canada, Inc.
• Cortex Business Solutions USA, LLC
• P360 Management Solutions LLC
• Midland Map Company, L.L.C.
• RS Energy Group
• Enverus Intelligence Research, Inc.
• Navport LLC
• DataWright Corporation
• Courthouse Direct.com, LLC
• Q Engineering, LLC
• 364 Title Group, LLC
• Integrity Title Company, LLC
• Integrity Title Records of New Mexico, LLC
• Integrity Title Records, Ltd. LLP
• IntegrityTitleInformation.com, LLC
• CRCL Solution, LLC
• BidOut, Inc.

Collecting Information

What information do we collect?

Enverus and third parties working on our behalf may collect a variety of personal information, depending on your use of our website and apps. Personal information may include, but is not limited to, name, address, email address, phone number and other contact information. In addition, Enverus, third parties working on our behalf and our partners may collect other information about your use of our apps and website and other websites.

What is our legal basis for processing your personal information?

Our legal basis for collecting and processing your personal information varies depending on the context and purpose of the processing, as well as applicable laws and regulations. We process personal information based on the following legal grounds:

1. Contractual Necessity: We process personal information to fulfill our contractual obligations to our users. This includes providing and maintaining our services, customer support, and ensuring the functionality of our platform.
2. Legitimate Interests: We may process personal information for legitimate business interests, such as improving our services, understanding user behavior, providing training, and conducting marketing activities. We seek to ensure that our processing in pursuit of these interests are consistent with applicable law and are not overridden by your privacy rights.
3. Consent: In certain cases, we rely on your explicit consent to process your personal information. This is typically for activities such as sending promotional communications or collecting sensitive data. You have the right to withdraw your consent at any time.
4. Legal Obligations: We process personal information to comply with legal requirements, such as tax laws, regulatory obligations, and responding to lawful requests from public authorities.

How do we collect your personal information?

Enverus collects information you provide when you express an interest in obtaining additional information about Enverus services, registering for an event or webinar, or downloading any Enverus content.

On our website and apps, Enverus, third parties working on our behalf and our partners, including social networking sites, may also place, view, and/or use “cookies,” web server logs, web beacons and other electronic tools to collect information about your use of the Enverus and other websites.

We collect the content, communications and other information you provide when you use our apps and other products. This can include information in or about the content you provide (like metadata), such as the date a file was created. We also collect information about how you use our apps and other products, such as the features you use and the actions you take.

We also use Google Analytics, a web analysis service provided by Google, and some similar services to better understand your use of our website and apps. Google Analytics collects information such as how often users visit the website, what pages they visit, and what other sites they used prior to visiting. Google uses the data to track and examine the use of the website, to prepare reports on its activities and share them with other Google services. Google may use the data collected on the website to contextualize and personalize the ads of its own advertising network. Google’s ability to use and share information collected by Google Analytics about your visits to the Site is restricted by the Google Analytics Terms of Service and the Google Privacy Policy. Google offers an opt-out mechanism for the web available here.

In some of our apps, we create a video recording of some sessions. In parallel with that, a log of app activity is created and uploaded to the server, along with the user id used during the session. Each session is also provided with a rough location (country/district) at the time of use.

Please note that our products may collect usage information even if automated tracking blockers are enabled. This means that certain data related to your interactions with our products might still be gathered despite the presence of such blockers. We use this information to improve our services and provide a better user experience.

How do we process location information?

We collect location information when you use our services. Depending on the products you’re using and settings you choose, we may use different types of location information such as IP address, GPS sensor data, and shared information such as pins or labels.

How does Enverus use location information?

Our use of location information varies, depending on the service being used and your device settings, and includes:

• Allowing websites and products to deliver content
• Supporting security of user accounts and of our products and services
• Enabling product functions such as route guidance, trip tracking, proximity alerts and invoice preparation
• Recording location and route history
• Developing additional functions and services for our customers
• Analyzing aggregated and anonymous location information

How you can control location information

An IP address identifies your computer or device, provides information about your general area, and is used to connect your device to website services. Location permission settings for both iOS and Android allow you to turn on or off location sharing. You may also be able to control whether precise or approximate location information is shared, and when an app can access the device location. The availability of these settings and controls depends on the operating system and version your device is running.

Can you disable cookies?

You can delete and disable cookies. Most browsers are set to accept cookies by default. If you prefer, you can usually set your browser to disable cookies, or to alert you when cookies are being sent. You must do this for each browser you use and on each device. However, please note if you disable cookies or refuse to accept a request to place a cookie, it is possible that some parts of your website experience will not function properly.

What about children and their personal information?

We do not knowingly gather personal information about visitors who are under the age of 13. The Enverus website and all Enverus apps and products are designed to be used only by those over 16. If you are under 13 years of age, then please do not use or access the service at any time or in any manner.

If we learn that personal information has been collected by us from persons under 13 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 13 years of age has obtained an account on the service, then please alert us at [email protected].

Using Your Data

How do we use your personal information?

Enverus may use your information in a number of ways including:

• To provide access to our products, services and customer support, and to assist with the technical functioning of our site.
• To enhance your experience with the Enverus website and apps and other parts of the organization through analyzing the usage trends and preferences of our customers.
• To communicate with you and provide information about the web site and Enverus services. Generally, you have the ability to opt-out of receiving such promotional communications.
• For business purposes, including creating new data sets based on anonymized and aggregated data. Aggregated information is also used to collect and spot trends in application usage.
• Collected information is also used by the development and management team to detect, investigate and fix issues that may arise, and maintain our website and apps.
• We also reserve the right to use data where individual people or companies have given explicit permission

What do we do with your cookie information?

We may use cookies to: (i) personalize our services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit; (ii) provide customized advertisements, content, and information; (iii) monitor and analyze the effectiveness of our services, products and third-party marketing activities; (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (v) track your entries, submissions and status in any promotions or other activities.

Will we be contacting you via email and can you opt out?

We may use your email address or other information you provide to contact you for administrative purposes, such as customer service, or to send communications, including updates on promotions and events, relating to products and services offered by us and by third parties we work with. You have the ability to opt-out and we include detailed unsubscribe instructions at the bottom of each email.

How long do we keep your data?

Enverus will retain your personal information only as needed to provide you services and perform sales and marketing operations. We will retain and use your personal information only as necessary to comply with our legal obligations, resolve disputes and enforce our agreements. Additional information regarding requesting a change or deletion of your information can be found below.

If you are no longer an Enverus customer and no longer wish to receive our newsletters and promotional communications, you may opt-out of receiving them by following the instructions included in each newsletter or communication or by emailing us at [email protected].

We sometimes use customer testimonials in our materials and on our website – do these require permission?

Yes.

Data Security

How do we protect your data?

Enverus takes data security very seriously and employes industry-standard physical, technical and administrative procedures to protect your data. These measures include computer safeguards and secured files and buildings.

Our services use industry-standard Transport Layer Security (TLS) encryption. All supplied sensitive and credit card information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider’s database only to be accessible by those authorized with special access rights to such systems and are required to keep the information confidential.

It’s important to stress, however, that no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee absolute security. If you have any questions about our security protocols, please email us at [email protected].

How can you improve your data security from you side?

When logging into the Enverus website and apps, you should take every precaution to protect your own personal information, change your passwords often, use a combination of letters, numbers and symbols, and make sure you use a secure browser.

Sharing Information with Third Parties

Do we share your information with third parties?

We may share your personal information with third parties for the following reasons:

• To help service providers assist in operating our business.
• To comply with the law or in response to a subpoena, court order, government request or other legal process.
• To produce relevant documents or information in connection with litigation, arbitration, mediation, adjudication, government or internal investigations, or other legal or administrative proceedings.
• To protect the interests, rights, safety or property of Enverus or others.
• To enforce any terms of service or other legal disclosures on or related to this website or apps.
• In connection with a sale or other transfer of all or some of the assets of Enverus and/or in connection with a sale or merger of Enverus or any division of Enverus.
• To provide you with the services or products requested by you, and to perform other activities for business and marketing purposes related to such services and products.

We may share anonymized and aggregated data with third parties for various purposes, including but not limited to, improving our services, conducting research and analysis, enhancing user experience, developing products and providing business insights to our customers and stakeholders. This data does not identify individual users and is combined with information from other users to protect your privacy while still leveraging valuable information to enhance our products and services.

What protections are provided by third parties with whom we share data information?

Enverus uses a limited number of third-party service providers to assist us in providing our services to customers. These third-party providers offer customer support to our customers, perform database monitoring and other technical operations, assist with the transmission of data and provide data storage services. These third parties may access, process, or store personal data in the course of providing their services.

Do we source data from third parties?

Enverus obtains business contact and company information and other data from third party sources, such as business intelligence providers. The information obtained from these third parties is used to support Enverus’ marketing, sales and business efforts.

What about information posted on blogs and other social media?

Our website and apps include social media links, such as Facebook, Twitter and LinkedIn buttons. Please be aware that Enverus is not responsible for the privacy practices of such other sites or third parties. We encourage you to be aware when you leave our site and to read the privacy statements of each and every website that collects personal information.

We also have a dynamic blog which is regularly updated. You should be aware that any information or comments you provide in these areas may be read, collected and used by others who access them. To request removal of your personal information from our blogs, contact us at [email protected].

Information Across Borders

Where is Enverus’ service hosted?

Enverus’ services are hosted in the United States and the United Kingdom. If you choose to use the service from Canada, the European Union, or other regions of the world with laws governing data collection and use that may differ from U.S. law, please note that you are likely transferring your personal information outside of those regions to the United States for storage and processing.

What if my personal information is transferred to other countries? Do they have their own privacy policies and regulations?

Personal information may be transferred to and processed in countries with different data protection laws. By submitting your personal information through the Enverus website or apps, you consent to such transfers and to the processing of your personal information in such countries for the purposes described in this privacy policy.

Administrative Information About the Privacy Policy

Is this privacy policy likely to change?

Enverus is constantly reviewing its privacy policies in the light of ongoing regulations and user needs and issues. Enverus therefore reserves the right to modify this privacy policy at any time by posting the revised version on the Enverus website and updating the effective date. We encourage you to check the website frequently to see the current privacy policy in effect and any changes that have been made to it.

What if you disagree with Enverus’ privacy policy or want to withdraw your consent?

If you disagree with Enverus’ privacy policy or want to withdraw consent please contact us on [email protected]. If you do not agree with the terms and conditions of this privacy policy, you must immediately cease using and accessing the website and Enverus apps, products and services.

What are your data protection rights?

Your data protection rights under applicable laws may include:

• Access to Your Personal Information. You can request access to your personal data or confirmation of its existence. In certain cases, you may also ask for your data in a portable, machine-readable format.
• Deletion Of Your Personal Information. You may have the right to request the deletion of your personal information, though legal obligations may require us to retain it for specific purposes.
• Corrections to Your Personal Information. Keep your data accurate by updating it through your account. You can also request corrections to inaccurate or incomplete information.
• Objection to Certain Processing. Object to how we use or disclose your personal information by contacting us at [email protected] .
• Opt-out of Targeted Advertising. You can opt-out of online tracking-based targeted advertising via the cookie settings link on our website footer.
• Opt-out of Sale. Prevent the sale of your personal information by clicking the “Do Not Sell My Personal Information” link on your cookie settings (if applicable in your region).
• Restrict Processing. Under certain circumstances, you may request restrictions on the processing of your personal information.
• Promotional Emails. Stop receiving promotional emails by using the unsubscribe instructions in emails or visiting our preference center.
• Revocation Of Consent. If we process your data based on consent, you can revoke it. Note that this won’t affect prior lawful processing.

These rights do not apply universally, and other rights may apply in certain jurisdictions, as the Additional Disclosures section outlines. We do not discriminate against those exercising their privacy rights.

Customers may elect to enter into a Data Processing Addendum with Enverus that provides additional terms relating to data processing and security.

Privacy Contact Information

Enverus’ data protection officer is responsible for the protection of personal information. To exercise your rights relating to your personal data, please fill out this Data Subject Access Request.  If you have questions regarding our privacy practices or wish to contact the data protection officer, email [email protected].

While Enverus will make reasonable efforts to fulfill your request, we also reserve the right to impose certain restrictions and requirements on such access requests, if allowed or required by applicable laws.

We seek to respond to data protection requests from individuals within 30 days, and some may require identity verification. If you are not satisfied with our response, and are in the European Union or United Kingdom, you may have a right to lodge a complaint with your local supervisory authority. In some cases, fees may apply, and will be communicated when relevant.

International data transfers

How does Enverus treat international data transfers?

Personal data may be transferred to and processed in countries with different data protection laws. Enverus, a global organization headquartered in Austin, TX, USA, and our affiliated companies, service providers and business partners, may access, store and duplicate your information on servers in various jurisdictions. In certain instances, your personal information may be accessed from outside the jurisdiction where we initially collected the data.

When we or our authorized parties transmit your personal information, we institute appropriate measures to ensure its protection in alignment with this Policy. These measures can include application of standard contractual clauses for the transfer of personal data among our affiliated entities. These clauses compel recipients to safeguard transferred personal data in accordance with applicable data protection laws from the jurisdiction where it was initially collected.

In compliance with relevant regulations, cross-border data transfers may occur when there is a sufficient level of protection for individuals’ fundamental data privacy rights. Under certain conditions, we may opt to depend on an adequacy decision to legitimately transfer personal data.

Additional Disclosures

This section outlines specific provisions for residents of the United States, China, Japan, Asia-Pacific, Brazil, and Colombia, detailing their additional rights and protections.

United States of America (California, Colorado, Connecticut, Virginia and Utah)

This policy addendum complements our Privacy Policy concerning the processing of personal information and applies to the processing of information of residents of the State of California, Colorado, Connecticut, Virginia, and Utah. If there are conflicts between this Addendum and our Policy, this addendum takes precedence.

Some of the information we collect may not fall under the applicable US State privacy laws because it’s public data or is regulated by a federal privacy law.

How to submit a request regarding your privacy rights

Subject to certain limitations and depending on your state of residence, you have certain rights with respect to your personal information, as described in the What are your data protection rights? section of the Policy.

To submit a request to exercise your rights:

1. Complete this form Data Subject Access Request or email [email protected]

2. For opt-out of targeted advertising requests, please visit to the “Do Not Share My Personal Information” selection of your cookie preferences selection.

3. For the opt-out of sale requests, please visit “Do Not Sell My Personal Information” of your cookie preferences selection (if regionally applicable).

Information Collection and Disclosures

Below is an overview of our data collection practices, including details about the personal information we gather, whether we disclose this information for business purposes, and whether we engage in “selling “ and/or “sharing” for targeting advertising, as per the definitions outlined by relevant laws. Enverus “shares” or “sells” personal information to third parties in very limited circumstances.

The California Consumer Privacy Act (as amended by the California Privacy Rights Act) requires businesses to disclose whether they share or sell Personal Data. As a CCPA-covered entity, we affirm that we do not sell Personal Data. However, we may share Personal Data, specifically identifiers and internet activity information, with third-party advertisers to facilitate targeted advertisements on platforms outside of Enverus, including websites, applications, and services. Additionally, we may permit authorized service providers to collect Personal Data from our sites or services, subject to contractual limitations governing their retention, use, and disclosure of such Personal Data. This may occur when interacting with third parties through Enverus sites or services or directing us to disclose Personal Data to third parties.

Under California law, we must outline the types of Personal Data we disclose for specific “business purposes,” which includes sharing with service providers aiding in securing our services or marketing our products.

The categories of Personal Data we disclose for these business purposes are as follows:

Identifiers

• Identifier; (eg. online identifier, email address, account name)
• Commercial information; (eg. purchase history)
• Internet or other network activity information; (eg. Browsing or search history)
• Financial information;  (eg banking details)
• Professional and employment-related information;
• Education information;
• Geolocation data;
• Audio and visual data;
• In limited circumstances where allowed by law, information that may be protected characteristics under California or United States law; and
• Inferences drawn from any of the above information categories;

California Sensitive Information Disclosure. We may gather certain sensitive personal information categories in California, including social security numbers, driver’s license details, and precise location data. We use this data for transactions, legal compliance, business management, and service provision, strictly in line with the California Privacy Rights Act Section 1798.121.

It’s important to note that we don’t use this information for any other purposes, like cross-context behavioral advertising. Additionally, we are not aware of selling or sharing the personal information of individuals under 16 years of age.

Under California law, residents are entitled to several rights regarding their Personal Data. These include the right to know and access specific types of Personal Data, understand how we process it, request its deletion or correction, opt-out of sharing it for third-party advertising, and ensure they are not denied goods or services for exercising these rights.

To learn how to exercise your rights, please see How to exercise your rights section of this Privacy Statement.

We may require verification of your identity and residence before processing your rights request.

China, Japan, and Asia-Pacific Provisions

China

This section is applicable if you’re in China and complements our Policy. In case of conflicts, this section prevails.

Sensitive Personal Information: Certain personal data, like biometrics, religious beliefs, or details about minors under 14, could be sensitive. We only process such data when necessary, with your separate consent when required by Chinese law.

Notifications: While we can’t guarantee online data security, we’ll take steps and report incidents to Chinese regulators. If your data is affected, we’ll notify you as required by law.

Contact Information: To exercise your rights or request account closure, follow the instructions in the “What are your data protection rights?” section of our Policy.

Asia-Pacific and Japan

The Asia-Pacific (APAC) region has diverse data protection laws. The APEC Privacy Framework sets a common standard, allowing for the free flow of data within the region.

Japan’s Act on the Protection of Personal Information (APPI) aligns with GDPR principles. Japan and the EU mutually recognize their data protection frameworks, simplifying data flows.

Brazil – Additional Provisions

This “Brazil Provision” supplements our Policy concerning the processing of personal information as governed by the General Data Protection Law of Brazil (“LGPD”). In case of any disagreements between this Brazil Provision and the rest of our Policy, this Brazil Provision takes precedence.

Under the LGPD, you have various rights, including the right to:

Confirm if your personal data is being processed. Access your personal data. Correct incomplete, inaccurate, or outdated personal data. Anonymize, block, or delete unnecessary or excessive personal data, or data not processed in line with the LGPD. Transfer your personal data to another service provider through an explicit request. Delete personal data processed with your consent. Receive information about entities, public or private, with whom we’ve shared your personal data. Understand the consequences of denying consent and the possibility to revoke consent. Request a review of decisions made solely through automated processing of personal data that affect your interests.

You or an authorized representative can exercise these rights by completing this form Data Subject Access Request. Additionally, you have the option to file a complaint directly with the Brazilian data protection regulator under LGPD.

Colombia – Additional Provisions

This “Colombia Provision” complements our Policy and applies to the processing of personal information in accordance with Colombian law. If there are any disagreements between this Colombia Provision and the rest of our Policy, this Colombia Provision takes precedence.

Rights of Data Subjects

Subject to applicable law, you have the following rights:

Access your personal information freely. Know, update, and correct personal information if it’s inaccurate, incomplete, misleading, or processed without authorization. Request proof of authorization for processing your personal information, unless exempted by law. Lodge complaints with the Superintendent of Industry and Commerce. Revoke authorization and/or request the deletion of personal information when there’s no legal or contractual reason to retain it. Decline authorization for processing sensitive personal information.

Last Updated: November 13, 2024