Privacy Policy
Effective: March 21, 2026
1. Overview
PermianIQ LLC (“we,” “us,” or “PermianIQ”) operates the permianiq.com platform. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
We collect the minimum data necessary to provide the Service. We do not sell your personal information to third parties. We do not serve ads.
2. Information We Collect
Account Information
When you create an account, we collect:
- Email address
- Password (hashed — we never store or see your plaintext password)
- Full name
- Company name (optional)
- Professional role (e.g., landman, operator, midstream)
Usage Data
When you use the Service, we collect:
- Search queries (county, radius, operator filters)
- Number of detailed well views used
- Subscription plan and status
Payment Information
Payment processing is handled entirely by Stripe. We do not store credit card numbers, bank account details, or other sensitive payment information on our servers. Stripe may collect information necessary to process payments in accordance with their privacy policy. We store only your Stripe customer ID and subscription status.
Newsletter
If you subscribe to our newsletter, we collect your email address. You can unsubscribe at any time by replying to any newsletter email or contacting us.
3. How We Use Your Information
- Provide the Service: Authenticate your account, enforce plan limits, deliver search results and well data.
- Process payments: Manage subscriptions, issue receipts, handle cancellations via Stripe.
- Send transactional emails: Account confirmation, password reset, subscription changes, newsletter (if subscribed).
- Improve the Service: Understand usage patterns to prioritize features and data coverage. We analyze aggregate usage, not individual search behavior.
- Comply with legal obligations: Respond to lawful requests from authorities where required.
4. Third-Party Services
We use the following third-party services to operate the platform:
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Database, authentication | Account data, usage data |
| Stripe | Payment processing | Email, payment details |
| Vercel | Website hosting | IP address, request logs |
| Mapbox | Map rendering | Map viewport, IP address |
| Resend | Transactional email | Email address |
Each service has its own privacy policy governing how they process data. We select services with strong security and privacy practices.
5. Cookies
We use essential cookies only — specifically, Supabase authentication session cookies that keep you logged in. We do not use advertising cookies, tracking pixels, or analytics cookies. We do not use Google Analytics or similar third-party analytics services.
6. Data Retention
We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.
Newsletter subscriber email addresses are retained until you unsubscribe.
Aggregate, anonymized usage data (e.g., total searches per county) may be retained indefinitely for service improvement.
7. Data Security
We implement reasonable security measures to protect your data, including:
- Encrypted data transmission (HTTPS/TLS)
- Hashed passwords (via Supabase Auth, using bcrypt)
- Row-level security policies on the database
- Environment variable encryption for API keys and secrets
- Stripe PCI-DSS compliant payment processing
No system is completely secure. We cannot guarantee absolute security of your data but will notify affected users promptly in the event of a data breach.
8. Your Rights
You have the right to:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate personal data.
- Deletion: Request deletion of your account and associated personal data.
- Export: Request an export of your data in a machine-readable format.
- Unsubscribe: Opt out of newsletter emails at any time.
To exercise any of these rights, contact us at hello@permianiq.com. We will respond within 30 days.
9. Children
The Service is not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.
11. Contact
Questions about this Privacy Policy? Contact us at hello@permianiq.com.