Get Access

Privacy Policy

Last Updated: August 5, 2025

Welcome to GDA Group Inc. (“GDA”, “we”, “our”, or “us”). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website at https://gda.group.

By using our Website, you consent to the terms of this Privacy Policy.

 

1. Who We Are

Our website address is: https://gda.group
GDA Group Inc. is a digital asset capital markets firm based in Toronto, Canada. For privacy inquiries, please contact: info@gda.capital

 

2. What Personal Data We Collect and Why

We collect the following categories of data:

Contact Forms

When you contact us through the website, we collect your name, email, company, and message content. This data is used solely to respond to inquiries and is retained for up to 12 months unless otherwise required by law or ongoing communications.

Comments

If comments are enabled on any part of the site:

  • We collect the data shown in the comment form, your IP address, and browser user agent string for spam detection.

  • An anonymized hash of your email may be sent to Gravatar to display your profile image.
    Gravatar Privacy Policy

Media

If you upload images to the website, please avoid uploading files that contain embedded location data (EXIF GPS). Visitors may extract location data from publicly visible images.

Cookies

We use cookies to:

  • Save your login details (if applicable)

  • Remember form preferences

  • Track usage patterns via analytics

  • Enable social and embedded content

You can manage cookies in your browser settings. Note: Disabling cookies may affect functionality.

Cookie duration examples:

  • Commenter cookies: 1 year

  • Login/session cookies: 2 days to 2 weeks

  • Editor cookies: 1 day

Analytics

We use Google Analytics to understand visitor behavior and improve our website. This may include IP address, device info, and browsing activity.
You can opt out using Google’s opt-out tools.

We do not use advanced profiling or ad personalization via analytics without consent.

 

3. Embedded Content from Other Websites

Some pages may include embedded videos, images, or social media content. These third-party websites may collect data, use cookies, and track your interaction with their content, especially if you’re logged into their platform.

 

4. Who We Share Your Data With

We share personal data only with:

  • Web hosting and analytics providers (e.g., Cloudways, Google Analytics)

  • Cloud email and form processing tools (e.g., Mailchimp, WPForms)

  • Security and spam detection services (e.g., Akismet)

These providers are under data processing agreements and use the data solely to provide their services to us.

We do not sell your data to third parties.

 

5. How Long We Retain Your Data

  • Contact form entries: 12 months

  • Analytics data: 26 months

  • Comments: Indefinitely, unless deleted by user or admin

  • Registered user data: As long as the account exists (if applicable)

If you request deletion of your account or data, we will act within 30 days unless legally required to retain it.

 

6. What Rights You Have Over Your Data

You have the right to:

  • Access the data we hold about you

  • Request correction or deletion

  • Withdraw consent where applicable

  • Request a copy of your data (data portability)

  • Object to processing in certain cases

To make any request, contact us at info@gda.capital

 

7. Where Your Data Is Sent

Data may be transferred to servers outside your country, including to the United States and Canada. We ensure all transfers comply with GDPR or relevant data protection laws through:

  • Data Processing Agreements

  • Standard Contractual Clauses

  • ISO-compliant service providers

Visitor comments may be checked through automated spam detection services.

 

8. How We Protect Your Data

We employ industry-standard security measures:

  • SSL encryption

  • Two-factor authentication for admin access

  • Role-based permissions

  • Firewalls and malware scanning

  • Secure backup systems

We conduct regular security audits and limit access to authorized personnel only.

 

9. What Data Breach Procedures We Have

In case of a data breach, we will:

  • Notify affected users and authorities within 72 hours (as required by law)

  • Investigate and contain the breach

  • Update security protocols to prevent recurrence

 

10. What Third Parties We Receive Data From

We may receive anonymized insights from advertising platforms (e.g., Google Ads) to improve campaign performance. We do not import personal data from third-party platforms without user consent.

 

11. Automated Decision-Making and Profiling

We do not currently perform any automated decision-making or profiling that produces legal or significant effects on users.

 

12. Industry Regulatory Disclosures

As a participant in the digital asset industry, GDA may be subject to enhanced data and compliance requirements in financial jurisdictions. All user data is handled in accordance with applicable financial and data privacy regulations in Canada, the United States, the European Union, and other relevant territories.

 

13. Contact Information

For privacy-specific concerns or data requests, please contact:

Data Protection Officer
Email: info@gda.capital
Website: https://gda.group

GDA Group