Back

Privacy Policy

Effective Date: August 1, 2024

This Privacy Policy describes how Desert Energy Digital Services ("Company," "we," "us," or "our") collects, uses, discloses, and protects personal information when you use our Desert web application (the "App"). We are committed to protecting your privacy and ensuring the security of your personal information. This policy applies to all users of the App, including employees, administrators, and authorized representatives of organizations using our services.

Information We Collect

Personal Information: When you register an account or use certain features of the App, we may collect personal information such as your name, email address, phone number, and contact details.

Employee Information: If you are an employee using the App, we may collect additional information related to your employment, such as your position, signature, and other relevant details necessary for field ticket and maintenance operations.

Client and Organization Information: We may collect information about clients and organizations you interact with through the App, including their names, contact details, and business information.

Field Ticket and Maintenance Data: The App allows the creation and management of field tickets, preventative maintenance records, and pumpjack installation forms. We collect and store the information you provide in these forms, including location data, equipment details, and operational records.

Usage Data: We may automatically collect certain information about how you access and use the App, such as your IP address, device information, browser type, and browsing actions.

File and Document Data: When you upload documents, images, or other files through the App, we store and process such content in connection with providing our services.

How We Use Your Information

  • To provide and maintain the App's functionality and services.
  • To personalize your experience and deliver relevant content.
  • To communicate with you, respond to your inquiries, and provide customer support.
  • To analyze and improve the App's performance and features.
  • To detect, prevent, and address technical issues, fraud, and ensure the security of the App.
  • To comply with applicable laws, regulations, and legal processes.
  • To enforce our terms of service and protect our rights and the rights of others.

Information Sharing and Disclosure

  • We may share your personal information with trusted third-party service providers (subprocessors) who assist us in operating the App and delivering services to you. A list of our key subprocessors and the purposes for which they process data is provided in the "Subprocessors" section below. These providers are contractually bound to protect your information and use it only for the purposes we specify.
  • We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, property, or safety, or that of others.
  • In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of the transaction, subject to the same privacy protections.

Subprocessors

We use the following categories of subprocessors to operate the App. This list may be updated as we add or change service providers. Key subprocessors include:

  • Amazon Web Services (AWS): Cloud hosting, database storage, file storage (S3), email delivery (SES), push notifications (SNS), and queue processing (SQS). Data may be stored in AWS data centers in the United States (e.g., us-east-1) or other regions.
  • Twilio: SMS and MMS messaging services. Used when you send or receive text messages through the App.
  • Motive: Fleet and equipment telematics. Used when your organization has integrated Motive for vehicle and equipment tracking.
  • Other service providers: We may use additional providers for specific features (e.g., invoice processing, accounting integrations) when configured for your organization. Contact us for the current list.

Data Security

We implement reasonable technical, administrative, and physical security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include, but are not limited to:

  • Encryption of data in transit (HTTPS/TLS) and at rest where supported by our infrastructure
  • Access controls and authentication requirements
  • Security monitoring and logging
  • Secure development practices

However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information. You acknowledge and accept the inherent risks of transmitting and storing data electronically.

Data Breaches and Unauthorized Disclosure (Data Leaks)

In the event of a data breach, unauthorized disclosure, or other security incident that may compromise your personal information ("Security Incident"), we will:

  • Assess and Contain: Promptly investigate the incident, contain the breach, and assess the nature and scope of any unauthorized access or disclosure.
  • Notify Affected Individuals: Where required by applicable law (including the Personal Information Protection Act of Alberta (PIPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), or other applicable privacy legislation), we will notify affected individuals without unreasonable delay when the breach poses a real risk of significant harm. Notifications will include, where practicable: a description of the incident, the types of information involved, steps we are taking in response, and recommended actions you may take to protect yourself.
  • Report to Regulators: We will report breaches to the Office of the Information and Privacy Commissioner of Alberta, the Office of the Privacy Commissioner of Canada, or other relevant authorities as required by law.
  • Document and Remediate: We will maintain records of all Security Incidents and take steps to prevent similar incidents in the future.

You acknowledge that despite our security measures, data breaches and unauthorized disclosures may occur due to factors beyond our control, including but not limited to cyberattacks, human error, or third-party failures. Our liability in connection with Security Incidents is subject to the limitations set forth in our End User License Agreement.

Data Loss

We implement backup and redundancy measures designed to protect against data loss. However:

  • No Guarantee: We cannot guarantee that your data will never be lost, corrupted, or become inaccessible. Data loss may occur due to technical failures, natural disasters, human error, cyberattacks, or other causes.
  • Your Responsibility: You are responsible for maintaining your own backups of critical data. We recommend that you regularly export or retain copies of important information stored in the App.
  • Recovery Efforts: In the event of data loss affecting your account, we will use commercially reasonable efforts to restore data from available backups where possible. We do not guarantee successful recovery of any lost data.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law. When your account is terminated or you request deletion, we will delete or anonymize your personal information within a reasonable timeframe, except where we are required to retain it for legal, regulatory, or legitimate business purposes.

International Data Transfers

Your information may be stored and processed in Canada, the United States, or other jurisdictions where our service providers (including AWS) operate. Our primary infrastructure is hosted on Amazon Web Services, which may store data in regions such as the United States (e.g., us-east-1). When we transfer data across borders, we take steps to ensure that your information receives an adequate level of protection in accordance with applicable privacy laws, including through our agreements with subprocessors and, where applicable, standard contractual clauses or other recognized transfer mechanisms.

Your Choices and Rights

  • You may update or correct your personal information through your account settings or by contacting us.
  • You may opt out of receiving promotional communications from us by following the unsubscribe instructions provided in the communications.
  • Depending on your location, you may have additional rights, such as the right to access, correct, delete, or restrict the processing of your personal information. Please contact us at support@desertenergyservices.ca to exercise these rights.

Children's Privacy

The App is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to remove that information from our servers.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top of the policy. For significant changes, we may provide additional notice by email or through the App. Your continued use of the App after such changes constitutes your acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, our privacy practices, or to report a suspected Security Incident, please contact us at support@desertenergyservices.ca.

By using the App, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.