phpg Privacy Policy

This Privacy Policy ("Policy") describes how phpg ("phpg," "we," "us," or "our") collects, processes, stores, and protects the personal data of users ("you" or "your") who access or use the phpg online gaming platform at phpg.club. This Policy is issued in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission (NPC).

By registering for a phpg account or by continuing to use the phpg platform, you acknowledge that you have read and understood this Policy and consent to the collection and processing of your personal data as described herein.

1. Introduction

phpg is committed to protecting the privacy and personal data of all its users, particularly Filipino players who trust phpg with their information. This Policy applies to all personal data collected through the phpg website, mobile application, customer support channels, and any other phpg service touchpoints.

This Policy should be read alongside phpg's Terms and Conditions and Responsible Gaming Policy, both of which are available on the phpg platform. Where this Policy conflicts with any other phpg document, this Policy shall prevail with respect to matters of personal data and privacy.

2. Data Controller

phpg acts as the data controller in respect of the personal data it collects from users of the phpg platform. As data controller, phpg determines the purposes and means of processing your personal data and is responsible for ensuring that such processing complies with applicable Philippine data protection law.

phpg has appointed a Data Protection Officer (DPO) who is responsible for overseeing phpg's data protection compliance. You may contact the phpg DPO at the contact details provided in Section 14 of this Policy.

3. Data We Collect

phpg collects the following categories of personal data from its users:

Category	Examples	Purpose
Identity Data	Full legal name, date of birth, nationality, government-issued ID number	KYC verification, age verification (21+), AML compliance
Contact Data	Email address, Philippine mobile number, residential address	Account management, support communications, regulatory notices
Financial Data	GCash number, bank account details, transaction history, deposit and withdrawal records	Payment processing, AML monitoring, fraud prevention
Gaming Data	Game history, wager amounts, win/loss records, session duration, responsible gaming tool usage	Service delivery, responsible gaming monitoring, regulatory reporting
Technical Data	IP address, device type, browser type, operating system, login timestamps	Security monitoring, fraud detection, platform optimisation
Usage Data	Pages visited, features used, click patterns, session duration	Platform improvement, personalisation, analytics
Communications Data	Live chat transcripts, support ticket content, email correspondence	Customer support, dispute resolution, quality assurance

phpg does not collect sensitive personal information (as defined under the Data Privacy Act) unless strictly required for regulatory compliance, in which case such collection will be subject to additional safeguards and explicit consent.

4. How We Collect Data

phpg collects personal data through the following means:

• Direct interactions: Data you provide when registering a phpg account, completing KYC verification, making deposits or withdrawals, contacting phpg support, or participating in phpg promotions.
• Automated technologies: Data collected automatically when you use the phpg platform, including cookies, web beacons, server logs, and similar tracking technologies.
• Third-party sources: Data received from identity verification providers, payment processors (such as GCash and Maya), fraud prevention services, and PAGCOR where required for regulatory compliance.

5. How We Use Your Data

phpg uses your personal data for the following purposes:

• To create and manage your phpg account, including identity and age verification.
• To process deposits, withdrawals, and other financial transactions in Philippine Peso (PHP).
• To provide phpg's gaming services, including live casino, slots, bingo, and other game categories.
• To comply with PAGCOR licensing requirements, anti-money laundering (AML) obligations, and other applicable Philippine laws and regulations.
• To monitor gaming activity for responsible gaming purposes and to enforce phpg's responsible gaming tools, including self-exclusion.
• To detect, investigate, and prevent fraud, cheating, and other prohibited conduct on the phpg platform.
• To provide customer support and resolve disputes.
• To send you transactional communications, including account notifications, security alerts, and regulatory notices.
• To send you marketing communications about phpg promotions and new features, where you have consented to receive such communications.
• To improve and optimise the phpg platform based on usage analytics.

6. Legal Basis for Processing

phpg processes your personal data on the following legal bases under the Data Privacy Act of 2012:

• Contractual necessity: Processing required to perform phpg's obligations under the Terms and Conditions you have accepted, including account management and payment processing.
• Legal obligation: Processing required to comply with PAGCOR regulations, AML laws, tax obligations, and other applicable Philippine legal requirements.
• Legitimate interests: Processing for fraud prevention, security monitoring, and platform improvement, where such interests are not overridden by your data protection rights.
• Consent: Processing for marketing communications and non-essential cookies, where you have provided explicit consent. You may withdraw this consent at any time.

7. Sharing Your Data

phpg does not sell your personal data. phpg may share your personal data with the following categories of recipients:

• Service providers: Third-party providers who assist phpg in delivering its services, including KYC verification providers, payment processors, cloud hosting providers, customer support platforms, and analytics providers. All such providers are bound by data processing agreements that require them to protect your data.
• Regulatory authorities: PAGCOR, the National Privacy Commission (NPC), the Anti-Money Laundering Council (AMLC), and other Philippine government authorities where disclosure is required by law.
• Game providers: Licensed third-party game providers whose games are available on the phpg platform, to the extent necessary to deliver the relevant game service.
• Professional advisers: Lawyers, auditors, and other professional advisers where necessary for phpg's legal and compliance obligations.
• Business transfers: In the event of a merger, acquisition, or sale of phpg's business, your personal data may be transferred to the relevant successor entity, subject to the same privacy protections.

phpg does not transfer your personal data outside the Philippines except where necessary to deliver its services and subject to appropriate safeguards in accordance with the Data Privacy Act.

8. Cookies & Tracking Technologies

phpg uses cookies and similar tracking technologies on the phpg platform. Cookies are small text files stored on your device that help phpg recognise you, remember your preferences, and improve your experience. phpg uses the following types of cookies:

• Strictly necessary cookies: Required for the phpg platform to function correctly, including session management and security features. These cannot be disabled.
• Functional cookies: Used to remember your preferences and settings on the phpg platform, such as language and display preferences.
• Analytics cookies: Used to collect anonymised data about how users interact with the phpg platform, helping phpg improve its services. These are only set with your consent.
• Marketing cookies: Used to deliver relevant phpg promotions and to measure the effectiveness of phpg's marketing campaigns. These are only set with your consent.

You can manage your cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of the phpg platform.

9. Data Security

phpg implements appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:

• TLS 1.3 encryption for all data transmitted between your device and phpg's servers.
• AES-256 encryption for sensitive data stored at rest, including financial data and government ID information.
• Multi-factor authentication for phpg staff accessing systems that hold personal data.
• Regular penetration testing and security audits conducted by independent third- party security specialists.
• Strict role-based access controls limiting phpg staff access to personal data on a need-to-know basis.
• Incident response procedures to detect, report, and address personal data breaches in accordance with NPC requirements.

While phpg takes all reasonable steps to protect your personal data, no online platform can guarantee absolute security. You are responsible for keeping your phpg login credentials confidential and for notifying phpg immediately if you suspect any unauthorised access to your account.

10. Data Retention

phpg retains your personal data for as long as necessary to fulfil the purposes described in this Policy, or as required by applicable Philippine law. The following general retention periods apply:

• Account and identity data: Retained for a minimum of five (5) years following account closure, as required by PAGCOR regulations and AML obligations under Republic Act No. 9160.
• Financial transaction data: Retained for a minimum of five (5) years following the date of the transaction, in compliance with AML and tax record-keeping requirements.
• Gaming activity data: Retained for a minimum of three (3) years following account closure for responsible gaming monitoring and regulatory reporting purposes.
• Customer support communications: Retained for two (2) years following resolution of the relevant support interaction.
• Marketing consent records: Retained for the duration of your phpg account and for one (1) year following account closure or withdrawal of consent.

Upon expiry of the applicable retention period, phpg will securely delete or anonymise your personal data in accordance with its data disposal procedures.

11. Your Rights Under the Data Privacy Act

As a data subject under the Philippine Data Privacy Act of 2012, you have the following rights in respect of your personal data held by phpg:

• Right to be informed: The right to be informed of how phpg collects and processes your personal data, as set out in this Policy.
• Right of access: The right to request a copy of the personal data phpg holds about you.
• Right to rectification: The right to request correction of any inaccurate or incomplete personal data phpg holds about you.
• Right to erasure: The right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to phpg's legal retention obligations.
• Right to object: The right to object to phpg's processing of your personal data for direct marketing purposes or on grounds relating to your particular situation.
• Right to data portability: The right to receive your personal data in a structured, commonly used format and to transmit it to another data controller where technically feasible.
• Right to lodge a complaint: The right to lodge a complaint with the National Privacy Commission (NPC) if you believe phpg has processed your personal data in violation of the Data Privacy Act.

To exercise any of these rights, please contact phpg's Data Protection Officer using the contact details in Section 14. phpg will respond to all valid requests within thirty (30) days of receipt, in accordance with NPC guidelines.

12. Children's Privacy

The phpg platform is strictly intended for users who are at least 21 years of age, as required under Philippine law governing casino-style online gaming. phpg does not knowingly collect personal data from individuals under the age of 21. If phpg becomes aware that it has inadvertently collected personal data from a person under 21, it will take immediate steps to delete such data and close the relevant account.

If you believe that phpg may have collected personal data from a person under 21, please contact phpg's Data Protection Officer immediately using the contact details in Section 14.

13. Changes to This Policy

phpg reserves the right to update or amend this Privacy Policy at any time to reflect changes in applicable law, regulatory requirements, or phpg's data processing practices. Where material changes are made, phpg will notify registered users via the email address or mobile number associated with their phpg account at least fourteen (14) days before the changes take effect.

The date of the most recent revision is displayed at the top of this Policy. Your continued use of the phpg platform following notification of any changes constitutes your acceptance of the revised Policy. phpg encourages you to review this Policy periodically to stay informed about how phpg protects your personal data.

14. Contact & Data Protection Officer

If you have any questions, concerns, or requests relating to this Privacy Policy or phpg's handling of your personal data, please contact phpg's Data Protection Officer:

• Email: [email protected]
• General Support: [email protected]
• Live Chat: Available 24/7 through the phpg platform

Note: Email addresses above are displayed as plain text for informational purposes only and are not clickable links.

You also have the right to lodge a complaint directly with the National Privacy Commission of the Philippines if you are not satisfied with phpg's response to your data privacy concern.