Privacy Policy

National Digital Asset Exchange Inc. (“NDAX”, “we”, “us”) is dedicated to ensuring users (“User”, “you”, “yours”, “their” and “theirs”) confidentiality by protecting their personal, business and financial information.

To protect User privacy, NDAX follows different principles in accordance with industry practices for customer privacy and data protection:

  • NDAX has established a Privacy Policy (“Policy”) to comply with all applicable rules and regulations and has designated one or more persons to be accountable.
  • NDAX uses industry-standard technologies and maintains current security standards to ensure that personal information is protected against unauthorized access, disclosure, inappropriate alteration or misuse.
  • Electronic User files are kept in a secured environment with restricted access.
  • Paper-based files are stored in a secure work space environment.

The purpose of this Policy is to inform Users about the types of personal information NDAX collects in the process of opening and operating accounts for it’s Users. The Policy explains how we use and disclose collected information. This Policy outlines the principles adopted by NDAX, regarding the collection, use and disclosure and safeguarding of personal information provided to us either directly by Users or by a third party.

NDAX is required to collect information for it’s Users that personally identifies them or allows us to contact them. “Personal information”, as specified in the Personal Information Protection and Electronic Documents Act (“PIPEDA”), includes information about an identifiable individual, but does not include a person’s name, title, business name, business address, business email address, business telephone number or similar information.

We collect Personal information when Users or a User’s organization elects to conduct business with us or have us conduct business services or transactions on your behalf.  We use this information to carry out business, administrative and technological functions and processes (collectively “Services”) associated with these Services and transactions. 

In providing the Services, Personal information may be shared with affiliated companies or third parties who have been retained by NDAX to assist us in carrying out various Services. In these cases, we select third parties carefully and confirm that they use similar standards to NDAX with regards to privacy.

In addition, we gather and use Personal information in accordance with all legislation and regulations applicable to NDAX. There are some situations where we are legally permitted and/or required to disclose Personal information for detection and prevention of fraud. NDAX will disclose your Personal information, without notice, only if required to do so by law or in good faith that such actions are necessary.


NDAX may gather Personal information from Users filling out electronic account forms, in person, over the telephone or by corresponding with you via email, facsimile, the internet or from third parties who have your authority to disclose such information to us.  We endeavor to ensure that every third party who discloses Personal information to us has the User’s consent to do so.  However, if you believe that a third party has inappropriately disclosed your Personal information to us, please contact that third party.

The collection of Personal information will be limited to the information which we require for opening and operating an account with NDAX. All of the information will be used only for the purpose it was originally collected for and kept for as long as required to serve it’s original purpose and in accordance with Financial Transactions and Reports Analysis Centre of Canada (“FINTRAC”) record retention requirement.

Personal information must be accurate, complete and up-to-date to satisfy the original purpose it was collected for. NDAX makes every reasonable effort to keep the information in our records as up to date as necessary. However, we also rely on the User to update their account information when such information changes, and at a minimum to review and verify the information annually.


Users have the right to access the Personal information that NDAX has collected from them through the course of business. Most of the information can be assessed by login onto your online account. If additional information is required, you may submit a written request to NDAX’s head office to obtain access to such information. In some cases, your request for Personal information may be denied or access may be restricted as permitted or required by law (information which is subject to legal privilege, information related to third parties or confidential commercial information).

When Users engage NDAX’s Services, we will only use Personal information with their consent. Consent may be expressed or implied. Express consent may be written or verbal.  Consent is implied when we can reasonably conclude that Users have given consent by an action they have taken or not taken (providing information to NDAX at an account opening stage), where the context reasonably requires that we have certain information and use this information to provide different types of Services. By providing Personal information to NDAX or authorizing a third party to provide a User’s Personal information to NDAX, Users consent to our collection, use and disclosure of their Personal information in accordance with this Policy.

The choice to provide NDAX with your Personal information, either directly or through a third party, is always the Users. However, the decision to withhold information may result in limiting our ability to provide the User with the Services or products you requested.


NDAX has taken strong measures to protect the security of it’s User’s Personal information and to ensure that their choices for its intended use are honored. NDAX takes strong precautions to protect User data from loss, misuse, unauthorized access or disclosure, alteration, or destruction.

Users also have a significant role in protecting their Personal information. No one can see or edit your Personal information without knowing the User’s user name and password, so do not share these with others.


The website, (“Website”), is governed by the provisions and practices stated in this Policy.

The Website may contain links to other third party sites that are not governed by this Policy. Although we endeavor to only link to sites with similar high privacy standards, the Policy will no longer apply once a User leaves the Website. 

We may collect or authorize third parties to collect anonymous information from visits to the Website to help us provide better customer service.  We may collect this type of information for statistical purposes and for evaluating the Website to make it more useful to visitors.


Cookies are small files which are stored on a User’s computer. They are designed to hold data specific to a particular User and website (if you permit), and can be accessed either by the web server or the User’s computer. We use cookies to help us serve our Users better and remember their preferences for future visits.


In the course of daily operations, access to private, sensitive and confidential or Personal information is restricted to authorized employees only who have a legitimate business purpose and reason for accessing it. 

As a condition of employment, all employees of NDAX are required to abide by the privacy standards we have established.  Employees are informed about the importance of privacy and are required to annually confirm that they are aware and abide by NDAX’s Policies and Procedures Manual that prohibits the disclosure of customer information to unauthorized individuals or parties.

Unauthorized access to and/or disclosure of Personal information is strictly prohibited.  All employees are expected to maintain the confidentiality of Personal information and failing to do so may result in appropriate disciplinary measures, which may include dismissal.


NDAX will endeavor to maintain and protect the User’s Personal information in our possession.

We will carefully select third party service providers with which we share Personal information for business purposes and ensure they are governed by similar privacy policies and business standards.

NDAX will limit collection of Personal information to the information which we require for opening and operating the User’s account.

We will only use or disclose the User’s Personal information in accordance with the purposes for which it was originally collected, or when it is required or permitted by law. 

NDAX will retain the User’s Personal information only for as long as it is required to fulfill the purpose for which it was collected or as required by law.

We will utilize industry-standard (or better) security safeguards to protect the User’s Personal information that is in our possession.

Upon a User’s request, NDAX will provide the User with the information relating to your Personal information. The User may verify the accuracy and completeness of the Personal information that we have and may request it be amended and corrected, if appropriate.

This Policy is designed to meet all the “fair information principles” standards outlined in PIPEDA as well as other applicable provincial privacy legislations.

We have designated our Chief Compliance Officer to be Chief Privacy Officer and, as such, be accountable for the compliance of these policies. You may direct any questions or concerns with respect to the Policy or our information-handling practices by contacting: National Digital Asset Exchange at 200, 815-8th Avenue SW, Calgary, AB T2P 3P2. Attention: Chief Compliance Officer.

Any changes to the Policy and our information-handling practices will be acknowledged in the Policy in a timely manner. We may add, modify or delete portions of the Policy when we feel appropriate to do so.

This Privacy Policy was last updated on May 14, 2018.