PRIVACY POLICY
Your Privacy Rights

Effective Date: March 21, 2022

This Privacy Policy describes the types of information gathered by ProFrac Holding Corp., together with its affiliates and subsidiaries THRC Holdings, LP, ProFrac Holdings LLC, ProFrac Holdings II, LLC, FTS International, Inc., ProFrac Services, LLC, ProFrac Manufacturing, LLC, ProFrac Transportation, LLC, Alpine Silica, LLC, Best Pump and Flow, LLC, IOT-eq, LLC, EKU Power Drives GmbH, and EKU Power Drives Inc. (collectively “ProFrac”, “us” or “we”) in the process of providing https://profrac.com/, https://www.ftsi.com/, https://alpinesilica.com/, https://bestpumpandflow.com/, https://iot-eq.com/, and https://www.ekupd.com/, (the “Sites”), and the data, services, information, tools, functionality, updates and similar materials (collectively, the “Service”), how we use it, with whom the information may be shared, what choices are available to you regarding collection, use and distribution of information and our efforts to protect the information you provide to us through the Service.

By using the Service, you hereby consent to allow us to process information in accordance with this Privacy Policy. Please also refer to our Terms of Service, available at https://www.profrac.com/terms, which are incorporated as if fully recited herein. Terms defined in the Terms of Service that are not defined herein shall have the same definition as in the Terms of Service.

This policy is subject to change. If our information retention or usage practices change, we will let you know by posting the Privacy Policy changes on the Service and/or otherwise making you aware of the changes. Your continued use of the Service following our notice of changes to this Privacy Policy means you accept such changes. Please refer to the “Effective Date” above to see when this Policy was last updated.

Territoriality

Regardless of where our servers are located, your personal data may be processed by us in the United States, where data protection and privacy regulations may or may not be to the same level of protection as in other parts of the world. BY VISITING THE SITES AND USING THE SERVICE, YOU UNEQUIVOCALLY AND UNAMBIGUOUSLY CONSENT TO THE COLLECTION AND PROCESSING IN THE UNITED STATES OF ANY INFORMATION COLLECTED OR OBTAINED BY US THROUGH VOLUNTARY SUBMISSIONS, AND, TO THE EXTENT POSSIBLE, THAT U.S. LAW GOVERNS ANY SUCH COLLECTION AND PROCESSING.

This Privacy Policy is subject to the provisions of the European Union’s General Data Protection Regulation (“EU GDPR”), the United Kingdom’s General Data Protection Regulation (“UK GDPR” and together with the EU GDPR, the “GDPR”), the California Consumer Privacy Act of 2018 (“CCPA”), and other applicable privacy laws. ProFrac agrees that under the GDPR, it is a data “Controller” and you, if you are an individual and reside in the United Kingdom, the European Economic Area, or Switzerland (collectively, and for the purposes of this Privacy Policy, the “EEA”), are a “Data Subject” with certain protected privacy rights concerning your “Personal Data.” Similarly, under the CCPA, we are a “Business”, and you, if you are an individual residing in California, are a “Consumer” with certain protected privacy rights concerning your “Personal Information”. We will take commercially reasonable steps to maintain compliance with GDPR and CCPA requirements.

1. Who Collects Your Information On Our Service?

We do. Under the CCPA, we are what is known as the “Business”, and pursuant to the GDPR, ProFrac is what is known as a “Controller”, with respect to the information we collect from you on the Service, and we are responsible for protection of your Personal Data, Personal Information, and other similar terms defined by applicable privacy laws (collectively “PII”). We collect the following types of information about persons who use the Service: voluntarily provided personal information; and automatically collected information.

2. What Information Do We Collect?

A. Personal Information. We collect certain Personal Information about you, which may be supplied when you sign-up for the Service, when you create or update an account, when you use the Service, when you request services, or otherwise when you submit such information. The types of personal information we collect and save include:

  • Name, email address; street address; phone number; and employment information.
  • Technical information collected in our logs. Such information may include standard web log entries that contain your IP address; device identifiers; cookies (first party, third party, session, and persistent); web beacons; page URL and timestamp.

You may provide us with information when you interact with us through email, read an email from us, online chat, messaging functions within the Service, or otherwise. We may retain such information in order to provide you with services, and you agree that we may share this information as needed with other users in order to resolve any issues that may arise between you and another user of the Service.

B. Non-personal Information. Non-Personal Information is non-personally identifiable or anonymous information about you including, but not limited to, the type of device you used and its operating system, browser information, the pages accessed most frequently, how pages are used, search terms entered, and similar non-personal data.

Automatically tracking Internet Protocol (IP) addresses is one method of automatically collecting information about your activities online and information volunteered by you. An IP address is a number that is automatically assigned to your device whenever you surf the internet. Further, the Service may utilize web beacons, pixel tags, cookies, embedded links, and other commonly used information- gathering tools. Through collecting your IP address, we may be able to approximate your geographic location, however, unless and until this is information is paired with your PII, it cannot be used to identify you. If non-personal information is paired to any of your PII, we will treat the non-personal information as if it was PII too.

Although it may be possible to turn off the collection of cookies through your device, that may interfere with your use of the Service.

C. Aggregate Information. We may also collect anonymous, non-identifying and aggregate information, the date and time of any request, language preference, referring website, the website you go to after visiting one or more of our Sites, and the domain name of your Internet service provider.

3. Why Is My Information Being Collected?

We accept and gather information in an effort to provide the Service to you. We need to collect your personal information so that we can respond to your requests for information or to add you to our email lists. We also collect aggregate information to help us better design the Service. We collect log information for monitoring purposes to help us to diagnose problems with our servers, administer the Service, calculate usage levels, and otherwise provide services to you.

4. How Do We Use the Information We Collect?

A. We use the personal information you provide for the purposes for which you have submitted it including:

  • Internal Uses. We may use your PII to respond to your inquiries, to fulfill your requests for information, track usage trends, conduct experiments, send you push notifications, develop and improve the Service and other offerings, and perform research and analytics.
  • Creating and Maintaining Your Account. We use your PII to create and maintain an account for you to allow you to purchase and use the Service.
  • Communicating With You About Our Services. We may use your PII to send you information about new services and other items that may be of interest to you.
  • Sending Administrative Emails. We may use your PII to send you emails to: (a) confirm your account information and your other PII; (b) provide you with information regarding the Service; or (c) inform you of changes to this Privacy Policy, our Terms of Service, or our other terms, conditions, or policies.

B. We may use anonymous information that we collect to improve the design and content of our Service, and to enable us to personalize your internet experience. We also may use this information in the aggregate to analyze how our Sites are used, as well as to offer you programs or services. We may use any anonymous, aggregate information, of which your information may be a part of or the basis of, without restriction.

5. Do We Share Your Personal Information?

We will not share your personal information except: (a) for the purposes for which you provided it; (b) with your consent, such as other users of the Service; (c) as may be required by law or as we think necessary to protect our organization or others from injury (e.g., in response to a court order or subpoena, in response to a law enforcement agency request, or when we believe that someone is causing, or is about to cause, injury to or interference with the rights or property of another); or (d) with persons or organizations with whom we contract to carry out internal operations or business activities.

We may share aggregate information with others, including affiliated and non-affiliated organizations.

Finally, we may transfer your PII to a third party, or our successor-in-interest, in relation to, or in the event of, a merger, acquisition, sale of all or substantially all of our assets, reorganization, bankruptcy, or other change of control. After such disclosure or transfer, the third party or successor in interest may use the information in accordance with applicable law.

6. How Can You Access And Control Your Information?

After becoming a registered user of the Service, you may revise or edit your information by sending an email to support@profrac.com. For instructions on how you can further access your personal information that we have collected, or how to correct errors in such information, please send an e-mail to support@profrac.com. We will also promptly stop using your information and remove it from our servers and database at any time upon your e-mail request. To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access, making corrections, or removing your information.

7. How Do We Store and Protect Your Information?

A. After receiving your personal information, we will store it on our servers for future use. We have physical, electronic, and managerial procedures in place to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect. Unfortunately, no data transmission over the internet or data storage solution can ever be completely secure. As a result, although we take industry-standard steps to protect your information (e.g., strong encryption), we cannot ensure or warrant the security of any information you transmit to or receive from us or that we store on our or our service providers' systems.

B. If you are visiting one or more of the Sites from outside of the USA, you understand that your connection will be through and to servers located in the USA, and the information you provide will be securely stored in our servers and internal systems located within the USA.

C. Retention. We store your personal information until you request us to remove it from our servers. We store our logs and other technical records indefinitely.

8. How Do We Use Cookies And Other Network Technologies?

A. To enhance your online experience with us, our web pages may presently or in the future use "cookies." Cookies are text files that our web server may place on your hard disk to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other PII unless you choose to provide this information to us. Once you choose to provide PII, however, this information may be linked to the data stored in the cookie. Although it may be possible to turn off the collection of cookies through your device or browser, certain features of the Services may not function properly without the aid of cookies.

B. Our Service uses Google Analytics, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 (“Google”). Google Analytics uses cookies and similar technologies to collect and analyze information about use of the Services and report on activities and trends. This service may collect information regarding the use of other websites, apps and online resources. For more information on how Google uses data when you use our Sites or Service, please follow this link: https://policies.google.com/technologies/partner-sites. You may be able to opt-out of some or all of Google Analytics features by downloading the Google Analytics opt-out browser add-on, available at, https://tools.google.com/dlpage/gaoptout. For more information about interest-based ads, or to opt out of having your web browsing information used for behavioral advertising purposes, please visit http://optout.aboutads.info.

C. We or our service providers may also use "pixel tags," "web beacons," "clear GIFs" or similar means (collectively, "Pixel Tags") in connection with some of the pages on our Sites and HTML-formatted email messages for purposes of, among other things, compiling aggregate statistics about website usage and response rates. A Pixel Tag is an electronic image, often a single pixel (1x1), that is ordinarily not visible to website visitors and may be associated with cookies on visitors’ hard drives. Pixel Tags allow us and our service providers to count users who have visited certain pages of our Sites, to deliver customized services, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, Pixel Tags can inform the sender of the email whether and when the email has been opened.

D. As you use the internet, you leave a trail of electronic information at each website you visit. This information, which is sometimes referred to as "clickstream data”, can be collected and stored by a website's server. Clickstream data can reveal the type of computer and browsing software you use and the address of the website from which you linked to our Sites. We may use clickstream data as a form of non-personally identifiable information to determine how much time visitors spend on each page of our Sites, how visitors navigate through the Sites, and how we may tailor our web pages to better meet the needs of visitors. We will only use this information to improve our Sites.

E. Do Not Track. At present, the Sites do not specifically respond to browser do-not-track signals.

10. Collection of Information by Others.

Our Terms of Service document identifies certain third-party websites to which we may provide links, and that you may click on our Sites or in our Service. Please check the privacy policies of these other websites to learn how they collect, use, store and share information that you may submit to them or that they collect.

11. ‘European Union’ Privacy Rights.

If you currently reside in the EEA, the GDPR applies to your PII and you are a Data Subject. The GDPR requires that we, as a Controller, have a legal basis to process your PII.

A. We process your PII under one or more of the following legal bases:

  • Processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
  • To perform the contract that we are about to enter with you (e.g. our Terms of Service);
  • To comply with a legal obligation; and/or
  • If we have your consent to do so.

B. Under the GDPR, as a Data Subject you have certain rights. They are:

  • The right to be informed. This is your right to be informed about what they are processing, why, and who else the data may be passed to.
  • The right of access. This is your right to see what data about you is held by us.
  • The right to rectification. This is the right to have your data corrected or amended if what is held is incorrected in some way.
  • The right to erasure. This is the right to have your personal data to be deleted in the event that such data is no longer required for the purposes it was collected for, your consent for the processing of the data is withdrawn, or the data is being unlawfully processed.
  • The right to restrict processing. This is the right to ask for a temporary halt to processing of your personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
  • The right to data portability. This is the right to ask for your personal data to be provided to you in a structured, commonly used, and machine-readable format.
  • The right to object. This is the right to object to further processing your personal data if such processing is inconsistent with the primary purposes for which it was collected.
  • Rights in relation to automated decision making and profiling. This is the right to not be subject to a decision based solely on automated processing. The service does not engage in automated decision making and profiling.

You can find instructions for enforcing these EEA rights elsewhere in this Privacy Policy. Otherwise, if you wish to find out more about these EEA rights, please contact us at support@profrac.com. For purposes of the GDPR, our EU Representative is:

EKU Power Drives GmbH
Attn: Edward Eichstetter
Nobelstraße 15, Stuttgart
70569 GERMANY
Tel: +49 711 2172326-0
Email: eichstetter@ekupd.com

And our Data Protection Officer is:

Brian Von Hatten
333 Shops Boulevard, Suite 301
Willow Park, TX 76087
Tel: +1-254-776-3722
Email: brian.vonhatten@profrac.com

12. California Privacy Rights

To the extent that the CCPA applies to our practices with respect to PII and you currently reside in California, the CCPA provides you with certain rights.

A. Consumers Rights Under the CCPA.

  • California consumers have the right to request that we disclose Personal Information we have collected about them in the previous 12 months including, but not limited to, the categories of information collected by us, the source(s) of such information by category, and the purpose for collecting such information. This right may not be exercised more than twice in a 12- month period. In the previous 12 months, we have collected the following categories of Personal Information about consumers;
    • Identifiers. Identifiers can be your name, mailing address, social security number, unique personal identifiers (device identifier, IP Address, cookies, beacons, pixel tags, mobile ad identifiers), account names, and similar information;
    • Personal Information Under the California Customer Records Law (Cal. Civ. Code §1798.80) (“CCRLPI”);
    • Employment Information. Such employment information can include your employment history;
    • Internet/Network Activity. Internet Activity Information includes browsing history, cookies, search history and a consumer’s interaction with a website; and
    • Inferences drawn from any other category of personal information.

We collect Personal Information in the above categories from the consumers themselves and by automatic means for the purposes described in this Privacy Policy, and as required to comply with applicable law.

  • As a California consumer, you also have the right to request that we tell you which of your Personal Information we have disclosed for a business purpose, or sold, in the previous 12 months. With respect to Personal Information being disclosed for a business purpose, the consumer shall receive the categories of information disclosed and the types of entities they have been disclosed to. This right may not be exercised more than twice in a 12-month period. For Personal Information being sold, this includes the categories of information being sold and the categories of third parties to whom it is being sold. In the past 12 months, we have disclosed personal information falling under the following categories of Personal Information:
    • Identifiers;
    • CCRLPI; and
    • Internet/Network Activity.

We disclose Personal Information in the preceding categories to the consumers themselves, to other users/third parties as the consumer may direct, “service providers” (as defined in the CCPA), and government/law enforcement agencies for the purpose it was provided/provision of Services, to comply with applicable law, and as otherwise described above in this Privacy Policy.

IN THE PAST 12 MONTHS WE HAVE NOT SOLD, AND DURING THE PERIOD OF TIME WHICH THIS PRIVACY POLICY IS POSTED WE SHALL NOT SELL, THE PERSONAL INFORMATION OF ANY CONSUMER, INCLUDING MINORS UNDER THE AGE OF 16.

  • You have the right to opt out of the sale of your Personal Information, if applicable.
  • You also have the right to request the deletion of the Personal Information that we have collected from you at any time. However, we may not be required to comply with such request under several circumstances including, but not limited to, when the data is necessary for the underlying transaction, to comply with applicable law, to detect security incidents, to debug glitches, and for our internal purposes.
  • In the event that you exercise one of your rights under the CCPA, you will not be discriminated by us in any way, including by the denial of goods or services, providing you a different level of goods or services, or charging you different prices or rates for the goods or services, unless the change in price is reasonably related to the value you receive from your personal information.

B. How do you exercise your rights under the CCPA?

  • Because we offer the Services exclusively online, you may submit your requests to exercise your rights under the CCPA by emailing us at support@profrac.com, please include “Request for Privacy Information” in the subject line. You may also submit a request by calling us at [TOLL FREE NUMBER].
  • We will acknowledge receipt of your request within 10 business days of receiving it, and will do our very best to respond within 45 calendar days of receipt of your request, and in no event will our response come more than 90 days after receiving your request. If we are unable to provide our response within the first 45-day window, we shall notify you as soon as we become aware of the possible delay and provide an explanation of why additional time is needed to respond.
  • Before we respond to any CCPA based requests relating to your personal information, we will take steps to reasonably verify the identity of the person making the request (“Requestor”) to make sure it’s you, or your authorized agent. We do this to this avoid disclosing your information to third parties and bad actors, not to inconvenience you in any way. To do this, we will ask the Requestor to confirm at least two pieces of information that we have in our files. As the sensitivity of the information being requested goes up, we will ask the Requestor to confirm more pieces of information. If an agent is acting on behalf of the consumer, we will need to also verify the agent’s identity and their authority to act on the consumer’s behalf. For requests to delete information, after verification, we will confirm the consumer’s desire to delete one final time before actually deleting the information. If the identity of the Requestor cannot be reasonably verified, either as the consumer or their agent, then in order to protect that consumer, we shall not disclose the personal information requested.

13. Children and Young People’s Information.

We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the GDPR, the CCPA, the Children's Online Privacy Protection Act (“COPPA”), and associated Federal Trade Commission (“FTC”) rules for collecting personal information from minors. Please see the FTC's website (www.ftc.gov) for more information. If you have concerns about any of our Sites, wish to find out if your child has accessed our Services, or wish to remove your child's personal information from our servers, please contact us at support@profrac.com. Our Sites will not knowingly accept personal information from anyone under 13 years old in violation of applicable laws, without consent of a parent or guardian. In the event that we discover that a child under the age of 13 has provided PII to us, we will make efforts to delete the child’s information in accordance with the COPPA. If you believe that your child under 13 has gained access to one or more of our Sites without your permission, please contact us at support@profrac.com.

14. Contact Information

If you have any questions or suggestions regarding our Privacy Policy, please contact us via e-mail at support@profrac.com.

Copyright © ProFrac Holding Corp. All rights reserved. The Service is the property of ProFrac, and is protected by United States and international copyright, trademark, and other applicable laws. This includes the content, appearance, and design of the Service, as well as the trademarks, product names, graphics, logos, service names, slogans, colors, and designs.