Overview

This Privacy Policy (the “Policy”) explains how Dynamite Blockchain Corp. (“Dynamite,” “we,” “our,” or “us”) collects, uses, discloses, retains, and protects information in connection with its websites, products, applications, smart-contract interfaces, investor portals, and all related services (collectively, the “Services”).

We are committed to protecting privacy and upholding the highest standards of transparency, accountability, and compliance with applicable data-protection and securities laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and equivalent international frameworks.
Because portions of our ecosystem operate on public blockchain networks and within AI-enabled environments, certain data may be permanently recorded or processed algorithmically. This Policy explains those limitations and the safeguards Dynamite employs to minimize exposure and protect Personal Information within a compliance-first infrastructure.

​

1 Purpose and Scope
This Policy governs all Processing of Personal Information by Dynamite and its subsidiaries, affiliates, and service providers. It applies to all individuals who access or use our Services, visit our websites, communicate with us, or otherwise interact with Dynamite in any capacity, including investors, vendors, partners, and employees.

 

2 Definitions
•    “Personal Information” means information about an identifiable individual as defined by applicable privacy statutes.
•    “Processing” means any operation performed on Personal Information, whether by automated means or otherwise.
•    “Blockchain Data” refers to data recorded on distributed-ledger networks (e.g., Kaspa) that may include pseudonymous identifiers or transaction metadata.
•    “AI Data” means data generated or analyzed by artificial-intelligence or machine-learning components (e.g., Kasya AI, IMME Wallet).
•    “Controller” / “Processor” have the meanings assigned under GDPR. Dynamite acts primarily as a Controller.
•    “User” refers to any individual who interacts with the Services.

 

3 Lawful Bases for Processing
We process Personal Information only when permitted by law, including:
(a) your consent;
(b) performance of a contract;
(c) compliance with legal or regulatory obligations (e.g., securities filings, AML/KYC);
(d) legitimate business interests such as security, innovation, and service improvement; or
(e) public-interest requirements where applicable.

 

4 Information We Collect
•    Directly Provided Data – identification details, contact information, communications, and submitted documents.
•    Automatically Collected Data – IP addresses, device identifiers, browser type, system logs, usage analytics, blockchain-interaction 

      metadata.
•    Financial and Compliance Data – KYC/AML verifications, payment information, and transaction records.
•    Blockchain Data – wallet addresses, transaction hashes, or smart-contract interactions visible on public ledgers.
•    AI Interaction Data – queries, voice/text inputs, training feedback, and algorithmic decision logs.
•    Investor Relations Data – subscription forms, share registers, and regulatory-filing correspondence.

 

5 How We Use Information
We use Personal Information to:
•    operate, maintain, and improve the Services;
•    verify identity and fulfill compliance obligations;
•    prevent fraud, money-laundering, and cyber threats;
•    communicate with Users and respond to inquiries;
•    support product development and analytics;
•    distribute mandatory corporate disclosures and investor updates;
•    enforce our Terms of Use and protect legal rights; and
•    comply with statutory and regulatory requirements.
We do not sell or rent Personal Information to third parties.

 

6 Blockchain Data and Immutable Ledgers
Transactions recorded on public blockchains are transparent and cannot be altered or deleted. Dynamite does not control or manage those networks and cannot guarantee the removal of data once published. We minimize inclusion of identifiable information, employ off-chain hashing where feasible, and pseudonymize on-chain references to protect privacy within immutable environments.

 

7 Artificial Intelligence and Automated Processing
7.1 Certain Services (including Kasya AI and IMME Wallet) use AI modules for compliance screening, automation, or natural-language interfaces.
7.2 AI decisions are governed by oversight protocols emphasizing explainability, fairness, and human review.
7.3 Where legally required, you may request reconsideration by a human reviewer.
7.4 AI logs are retained solely for auditing, bias assessment, and system-integrity purposes.

 

8 Disclosure of Information
We may share Personal Information with:
•    affiliated entities under common ownership;
•    service providers performing regulated or technical functions under written contracts;
•    legal, tax, or regulatory authorities when required;
•    professional advisors subject to confidentiality;
•    counterparties in mergers, acquisitions, or reorganizations (subject to equivalent safeguards). All recipients must implement security and privacy protections at least equivalent to those described herein.

 

9 Cross-Border Transfers
Information may be transferred to servers or partners located outside your jurisdiction, including Canada, the United States, and the European Union. Where legally mandated, we rely on Standard Contractual Clauses or comparable mechanisms to ensure adequate protection of Personal Information.

 

10 Cookies and Similar Technologies
We use cookies, web beacons, and analytics tools to enable functionality, maintain security, and analyze usage. You may refuse cookies through browser settings; however, some portions of the Services may function improperly without them.

 

11 Data Retention
Personal Information is retained only as long as necessary to achieve its purpose or as required by law. Immutable blockchain entries cannot be erased; where deletion is impossible, identifiers are de-linked to render the data non-identifiable.
AI-training data is periodically purged or anonymized to prevent re-identification.

 

12 Security Safeguards
We employ layered administrative, technical, and physical controls, including encryption in transit and at rest, network segmentation, access controls, penetration testing, and incident-response protocols. Nevertheless, transmission over the internet and storage on blockchain networks involve inherent risk; you acknowledge such limitations and use the Services at your own discretion.

 

13 Breach Notification
If a breach of Personal Information poses a real risk of significant harm, Dynamite will:
•    promptly contain and investigate the incident;
•    notify affected individuals and relevant authorities as required by law; and
•    document remedial actions in compliance with PIPEDA s.10.1 and GDPR Articles 33–34.

 

14 User Rights
Depending on jurisdiction, you may have rights to:
•    access and obtain a copy of your Personal Information;
•    request correction or deletion;
•    restrict or object to Processing;
•    withdraw consent;
•    request data portability.

Submit verified requests to info@dynamiteblock.com. Where blockchain immutability prevents deletion, we will explain limitations and apply technical measures to minimize linkage.

 

15 Children’s Privacy
Our Services are not directed to minors under 18. We do not knowingly collect or process their data. If such information is discovered, it will be deleted or de-linked promptly.

 

16 Investor and Marketing Communications
We process investor and shareholder contact details to distribute regulatory disclosures, news releases, and materials filed on SEDAR+. Recipients may opt-out of non-mandatory communications at any time. Marketing materials will only be sent where lawful consent has been obtained.

 

17 Third-Party Links and Integrations
Links to third-party websites, decentralized applications, or exchange platforms are provided for convenience only. Dynamite is not responsible for their content, privacy practices, or data-handling standards. Review those entities’ policies before engagement.

 

18 Legal Basis for Disclosures
We may disclose Personal Information where required to:
(a) comply with subpoenas, court orders, or lawful requests;
(b) protect the rights, property, or safety of Dynamite or others;
(c) enforce our Terms of Use; or
(d) co-operate with securities regulators or law-enforcement agencies.

 

19 International Data Protection Officer
Dynamite designates its Privacy Office as the Data Protection Officer (DPO) responsible for oversight of compliance. Contact: info@dynamiteblock.com — Subject Line: “Attention: DPO”.

 

20 Force Majeure
We are not liable for failures in data-protection obligations resulting from events beyond reasonable control, including acts of God, cyberattacks, utility failures, or blockchain-network disruptions.

 

21 Limitation of Liability
To the extent permitted by law, Dynamite’s total liability for any claim arising under this Policy shall not exceed CAD $100 or the total fees paid by you to Dynamite in the preceding six months. This limitation aligns with Section 32 of the Terms of Use.

 

22 Governing Law and Dispute Resolution
This Policy is governed by the laws of the Province of Ontario and the federal laws of Canada. Any dispute shall follow the Arbitration Procedures in Sections 41–42 of the Terms of Use. Where required, complaints may also be filed with the Office of the Privacy Commissioner of Canada or an applicable supervisory authority.

 

23 Changes to This Policy
We may amend this Policy periodically to reflect legal, technological, or operational developments. Material updates will be announced on our website with a revised “Last Updated” date. Continued use after publication constitutes acceptance.

 

24 Contact Information
Dynamite Blockchain Corp.
Attention: Privacy Office / Legal Department
email: info@dynamiteblock.com web: www.dynamiteblock.com
We respond to verified privacy inquiries within statutory time limits.

 

25 Acknowledgment
By accessing or using the Services, you acknowledge that you have read, understood, and agreed to this Privacy Policy and consent to the Processing of your Personal Information in accordance with its terms and the governing laws described above.