Home
Log in
Talk To Us
Last Update: June 1,2026
TRADABLE BITS DATA PROCESSING ADDENDUM
This Data processing addendum including its Annexes ("Addendum") is entered into by and between the Tradable Bits entity identified in the SOW ("Tradable Bits") and Company identified in the SOW (referred to herein as "Customer").
This Data processing addendum forms part of the master subscription agreement, terms of service or other written or electronic agreement between Tradable Bits and Customer for the purchase of hosted online services (including any associated offline, mobile or software components) from Tradable Bits (identified as either "Services", "Tradable Bits Solution", "Tradable Bits Platform" or otherwise in the applicable Agreement, and hereinafter defined as the "Services") (the "Agreement"), to reflect the Parties’ agreement with regard to the Processing of Personal Information.
Upon receipt of the validly completed Data processing addendum by Tradable Bits at this email address above, this Data processing addendum will become legally binding. This Data processing addendum shall only become binding between Tradable Bits and Customer when the formalities set out above have been fully completed and then such Data processing addendum will then become an addendum to and forms part of the Agreement.
In the event of any conflict between the Agreement and this Data processing addendum, the terms and conditions of this Data processing addendum shall control. Except to the extent expressly superseded or modified in this Data processing addendum, the terms and conditions of the Agreement will apply to this Data Processing Addendum and remain in full force and effect. Unless otherwise provided herein, a capitalized term that is not defined in this Addendum shall have the meaning given to it in the Agreement, and the words and expressions in, and the rules of interpretation of, the Agreement shall have the same meaning in this Addendum.

Definitions

"Process," or "Processing," means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as, but not limited to, collection, use, modification, retrieval, disclosure, storage, anonymization, deletion, and/or management.
"Personal Data" means any information relating to an identified or identifiable individual transferred by Customer or its permitted agents to Tradable Bits in performance of or pursuant to the Agreement or this Addendum, and any information relating to an identified or identifiable derived or otherwise created by Tradable Bits in connection therewith.
"Privacy Breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, theft, or unauthorized access to or disclosure of Personal Data.
"Privacy Laws" means all Applicable Laws governing the Processing or protection of Personal Data as amended, modified or replaced from time to time, including for example and without limitation the Personal Information Protection and Electronic Documents Act, SC 2000 c. 5 ("PIPEDA"), Regulation (EU) 2016/679 ("GDPR") and Directive 2002/58/EC, and any implementing legislation or further particularising rules, orders or regulations.

Roles of the Parties

For purposes of applicable Privacy Laws, Customer acts as the “Controller” (or equivalent term) and Tradable Bits acts as the “Processor” (or equivalent term) with respect to Personal Data Processed on behalf of Customer under the Agreement.

Data Processing and Security Responsibilities.

Customer and Tradable Bits shall each comply with all Privacy Laws that apply to it in relation to any Personal Data Processed in connection with this Addendum, as set out in Annex A to this Addendum.
Customer agrees that it has:
a) made and shall maintain all necessary registrations and notifications as required in order to permit Tradable Bits to perform its obligations and exercise its rights under this Addendum;
b) obtained and shall continue to obtain all consents necessary, and provided all necessary notices and otherwise has and continues to have all necessary authority to permit Tradable Bits to perform its obligations and exercise its rights under this Addendum, and shall inform Tradable Bits immediately if any such consents are withdrawn;
c) ensured and shall continue to ensure that all Personal Data Processed by Tradable Bits is adequate, relevant, accurate and up-to-date, and limited to what is necessary to permit Tradable Bits to perform its obligations and exercise its rights under this Addendum;
d) ensured and shall continue to ensure that there are valid legal bases to enable Tradable Bits to Process Customer's Personal Data;
e) Processed and will continue to Process the Personal Data in accordance with all applicable Privacy Laws.
In the course of Processing Personal Data on behalf of Customer in connection with the Tradable Bits Solution as set out in Annex A to this Addendum, Tradable Bits shall:
a) only Process Personal Data for the purposes of rendering the Tradable Bits Solution and as otherwise instructed by Customer in writing from time to time, and not Process any Personal Data in any other manner without the express prior written authorization of Customer unless required to do so by Applicable Law;
b) immediately inform the Customer if, in Tradable Bits’ opinion, any instruction received from the Customer infringes any Privacy Laws;
c) not disclose (and not allow any of its employees, or permitted agents or representatives to disclose) any Personal Data to any third party without the prior written authorization of Customer unless required to do so under Applicable Law;
d) where any disclosure, transfer or other Processing of Personal Data is required by Applicable Law, promptly notify Customer in writing before complying with any such requirement (unless prohibited by Applicable Law, such as on important grounds of public interest);
e) promptly notify Customer in writing of any (i) enquiry received from individuals relating to the individual’s right to access, update, correct, rectify, erase or restrict the processing of Personal Data or to exercise their right of data portability or an objection in accordance with Privacy Laws, (ii) complaint or correspondence received by Tradable Bits relating to the Processing of Personal Data, and (iii) order, demand, warrant or any other document purporting to compel the production of any Personal Data, and provide reasonable assistance at Customer’s cost to facilitate Customer’s compliance with Customer’s obligations under Privacy Laws;
f) implement appropriate physical, technical, administrative and organizational measures appropriate to the processing of the Personal Data in connection with the Tradable Bits Solution (as further described in Annex B) as would allow Tradable Bits to ensure the ongoing confidentiality, integrity, availability and resilience of Processing systems and services and to provide reasonable assistance at Customer's cost to ensure compliance with Customer's obligations to implement such security measures;
g) authorize access to Personal Data only by those employees and agents of Tradable Bits who need to have access to the Personal Data for the purposes set out in the Agreement (including this Addendum);
h) ensure or cause each of the employees and permitted contractors of Tradable Bits to agree in writing to keep and to protect the confidentiality and security of the Personal Data in accordance with the terms of this Addendum, and otherwise properly advise and train each of its employees and permitted subcontractor of the requirements of Tradable Bits under this Addendum and applicable Privacy Law; and
i) provide reasonable assistance, at Customer’s cost and request, to Customer in connection with Customer’s obligations under Privacy Laws to carry out a data protection impact assessment or to consult with the relevant supervisory authority in respect of any such data protection impact assessment.

Use of Machine Learning and Artificial Intelligence

Customer acknowledges that the Services may incorporate machine learning or artificial intelligence technologies to support functionality, analytics, segmentation, optimization, or performance improvements. Tradable Bits will not use Customer Personal Data to train generalized models for the benefit of other customers except where such data has been aggregated and de-identified in accordance with applicable Privacy Laws. Any Processing of Personal Data in connection with such technologies will be performed in accordance with this Addendum.

Audit Rights

Tradable Bits shall provide and Customer agrees to accept Tradable Bits’ most current third-party certifications as may be relevant and available in respect of the Tradable Bits Solution, as evidence of Tradable Bits’ compliance with this Addendum.
Upon reasonable request, Tradable Bits shall provide Customer (or its representatives) with access to information reasonably necessary to demonstrate Tradable Bits’ compliance with this Addendum.
Onsite audits of Tradable Bits’ facilities will be permitted only where required by applicable Privacy Laws and subject to the following conditions: (i) at least 30 days’ advance written notice; (ii) during normal business hours; (iii) no more than once per calendar year; (iv) reasonable scope and duration; (v) strict confidentiality obligations; (vi) no access to information relating to other customers. Customer shall bear its own costs in connection with any audit.

Sub-processing

Customer acknowledges and agrees that Tradable Bits shall use sub-processors (including Tradable Bits affiliates) to provide the Tradable Bits Solution as set out in Annex B. Tradable Bits shall enter into a written contract with each such sub-processor that imposes obligations on the sub-processor that are substantially similar to those imposed on Tradable Bits under this Addendum. Tradable Bits shall only retain sub-processors that Tradable Bits can reasonably expect to appropriately protect the privacy, confidentiality and security of the Personal Data. Where such sub-processors fail to fulfil their data protection obligations, Tradable Bits shall remain fully liable to the Customer for the performance of those sub-processor’s obligations. Prior to appointing any new sub-processor in addition to or in lieu of those listed in Annex B, Tradable Bits shall notify Customer of such sub-processors, whereupon Customer shall have 10 days to object to such appointment by providing detailed reasons for such objection to Tradable Bits.

International Data Transfers

To the extent Personal Data is transferred outside the jurisdiction in which it was collected, the parties shall implement an appropriate lawful transfer mechanism as required under applicable Privacy Laws.

Security Breach Notification

Tradable Bits shall notify Customer in writing without undue delay upon Tradable Bits becoming aware of a Privacy Breach. Tradable Bits shall take any reasonably necessary measures and actions to remedy or mitigate the effects of the Privacy Breach to the extent within Tradable Bits’ control and shall keep Customer informed of material developments in connection with the Privacy Breach.

Termination

Upon the termination of the Agreement or at such other times as instructed by Customer in writing, Tradable Bits shall either return or, upon the written instruction of Customer, securely dispose of the Personal Data and all existing copies. In the event Applicable Law does not permit Tradable Bits to comply with the delivery or destruction of the Personal Data, Tradable Bits warrants that it shall ensure the confidentiality of the Personal Data in accordance with Applicable Law.

Updates to this Addendum

In the event of material changes to applicable Privacy Laws, including, but not limited to, the amendment, revision or introduction of new laws, regulations, or other legally binding requirements to which either Party is subject, the Parties agree to revisit the terms of this Addendum, and negotiate any appropriate or necessary updates in good faith, including the addition, amendment, or replacement of any annexes or schedules.

ANNEX A

DATA PROCESSING DESCRIPTION

Subject-matter and duration of the Processing.

The subject matter of Processing is Tradable Bits’ provision of its online marketing platform enabling the Client to run marketing campaigns and collect data from members of the public via the platform and various other channels (e.g. social media), as more particularly described in the Agreement (and applicable Statement of Work).

This DP Agreement shall come into effect with its signature by both Parties, and shall automatically terminate if the main agreement terminates or expires for whatever reason; provided, however, that the termination of this DP Agreement shall not affect each Party’s continuing rights, obligations or liabilities under this DP Agreement (in relation to which this DP Agreement shall remain in force until such rights, obligations or liabilities expire). The termination rights set out in the main agreement remain unaffected.

Nature and purposes of the Processing.

The nature, purpose and means of Processing are as set out in the applicable Statement of Work

Data Categories.

The nature, purpose and means of Processing are as set out in the applicable Statement of Work

ANNEX B

SECURITY MEASURES

The following measures are subject to change based on operational requirements and the evolution of technology and security threats:

  • administrative safeguards
  • user accounts permissioned based on principle of least privilege
  • employees authorized to only access data required for their duties
  • technical safeguards
  • web application firewalls
  • intrusion detection systems
  • disaster management backup processes
  • two-factor authentication requirements
  • physical safeguards
  • secure data centre
  • limited number of employees able to access data centre
Suite #301, 7 West 7th Ave, Vancouver, BC, Canada, V5Y 1L4 © 2026 TradableBits Media Inc.
Names, logos, and trademarks mentioned herein are the property of their respective owners (“Third-Party Owners”)
Any feedback received through support queries or inquiries is owned by TradableBits Media Inc.
All rights reserved.