ph62a Privacy Policy
Your Data, Protected

1.1 This Policy applies to all personal data ph62a collects from individuals who access the ph62a platform, register an account, engage in any gaming activity, contact ph62a's support team, or otherwise interact with ph62a's services — whether from Manila, Cebu, Davao, Quezon City, or anywhere else in the Philippines or internationally.

1.2 This Policy does not apply to third-party websites, services, or platforms that may be linked from ph62a's platform or that ph62a's payment partners operate independently. ph62a is not responsible for the privacy practices of third parties, including GCash, Maya, BPI, BDO, Metrobank, or game providers accessible through the ph62a lobby.

1.3 ph62a's Privacy Policy must be read alongside the ph62a Terms and Conditions and Responsible Gaming Policy. Together, these documents define the full terms of the relationship between ph62a and each registered player.

2.1 ph62a is the personal information controller (PIC) as defined under the Data Privacy Act of 2012 with respect to the personal data described in this Policy. ph62a determines the purposes for which personal data is processed and the means by which it is processed.

2.2 ph62a has appointed a Data Protection Officer (DPO) responsible for overseeing ph62a's data protection compliance program, handling data subject rights requests, and serving as the primary point of contact with the National Privacy Commission. The DPO's contact details are provided in Section 14 of this Policy.

2.3 Where ph62a engages third-party service providers (such as payment processors, KYC verification providers, or cloud infrastructure providers) to process personal data on ph62a's behalf, such providers act as personal information processors (PIPs) bound by contractual obligations consistent with the DPA's requirements for data sharing agreements.

3.1 ph62a collects personal data across three primary categories: data you provide directly, data generated through your use of the platform, and data received from third parties as part of regulatory compliance processes.

3.2 ph62a does not collect sensitive personal information as defined under Section 3(l) of the Data Privacy Act — such as health data, biometric data, or religious/political affiliations — except where expressly required by a specific PAGCOR compliance directive and only with your explicit consent.

4.1 ph62a processes your personal data for the following specific, explicitly stated, and legitimate purposes:

• Account Administration: Creating, maintaining, and managing your ph62a account, including authentication, session management, and account security;
• Game Service Delivery: Enabling access to slots, live casino tables, sports betting, bingo, e-sabong, and all other games on the ph62a platform;
• Payment Processing: Processing deposits via GCash, Maya, and other approved channels; executing withdrawal requests to your registered payment account; maintaining transaction records;
• Regulatory Compliance: Fulfilling ph62a's obligations under PAGCOR's licensing requirements, the Anti-Money Laundering Act (RA 9160 as amended), and other applicable Philippine laws and regulations;
• Identity and Age Verification: Confirming that account holders are aged 21 or above, as required by PAGCOR, and verifying that account holders are who they claim to be;
• Fraud Prevention and Security: Detecting, investigating, and preventing fraudulent transactions, unauthorized account access, money laundering, and other prohibited activities;
• Responsible Gaming: Monitoring gaming patterns to identify potential problem gambling indicators, enforcing player-set limits, and facilitating self-exclusion requests;
• Customer Support: Responding to your queries, complaints, and requests, and maintaining records of support interactions for quality assurance;
• Platform Improvement: Analyzing aggregated and anonymized usage data to improve platform performance, game selection, and user experience;
• Communications: Sending transactional notifications (deposit confirmations, withdrawal status, security alerts) and, where you have opted in, promotional communications about ph62a offers.

5.1 ph62a processes personal data on the following legal bases under the Data Privacy Act of 2012:

• Consent (Section 12(a) DPA): Where you have given ph62a your express, informed, and freely given consent to process your data for a specific purpose — for example, receiving promotional marketing communications or opting in to enhanced game recommendations;
• Contractual Necessity (Section 12(b) DPA): Processing necessary for the performance of the contract between you and ph62a — specifically, delivering gaming services, processing payments, and maintaining your account in accordance with the Terms and Conditions;
• Legal Obligation (Section 12(c) DPA): Processing necessary for ph62a to comply with applicable laws and regulations, including PAGCOR licensing requirements, the Anti-Money Laundering Act, and the Data Privacy Act itself;
• Legitimate Interests (Section 12(f) DPA): Processing necessary for ph62a's legitimate interests — specifically, fraud detection, platform security, responsible gaming monitoring, and general platform improvement — where such interests are not overridden by your privacy rights.

5.2 Where ph62a relies on consent as the legal basis for processing, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal. To withdraw consent, contact ph62a's Data Protection Officer using the details in Section 14.

6.1 ph62a does not sell, rent, or trade your personal data to third-party advertisers or data brokers under any circumstances.

6.2 ph62a shares personal data only in the following limited circumstances:

• Payment Service Providers: Transaction data is shared with GCash (GXI), Maya (Voyager Innovations), BPI, BDO, Metrobank, and other approved payment processors strictly to the extent necessary to execute your deposit or withdrawal request;
• KYC and AML Service Providers: Identity verification and screening data is shared with ph62a's contracted KYC and AML compliance vendors to fulfill regulatory obligations;
• Game Content Providers: Where required for game functionality, technical session data may be shared with providers such as JILI, Pragmatic Play, Evolution Gaming, and other studios whose games are hosted on ph62a;
• Regulatory Authorities: Personal data and transaction records are disclosed to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other competent Philippine government authorities when required by law, court order, or regulatory directive;
• Professional Advisors: Personal data may be shared with ph62a's legal, accounting, or auditing advisors on a need-to-know basis, subject to confidentiality obligations;
• Business Transfers: In the event of a merger, acquisition, or sale of all or substantially all of ph62a's assets, personal data may be transferred to the relevant successor entity, subject to the same privacy protections described in this Policy.

6.3 All third parties with whom ph62a shares personal data are required to maintain appropriate technical and organizational security measures and to process data only as instructed by ph62a and in compliance with applicable Philippine data protection law.

7.1 ph62a retains personal data only for as long as necessary to fulfill the purpose for which it was collected, to comply with ph62a's legal obligations, to resolve disputes, and to enforce ph62a's agreements.

7.2 The following general retention periods apply:

• Account data and KYC records: Retained for a minimum of five (5) years from account closure, as required by the Anti-Money Laundering Council for covered institutions;
• Transaction records: Retained for five (5) years from the date of each transaction, consistent with AMLC requirements and PAGCOR record-keeping obligations;
• Gaming activity data: Retained for three (3) years from the date of each session, or longer where required for a pending dispute;
• Customer support communications: Retained for two (2) years from the date of resolution of the relevant support interaction;
• Marketing consent records: Retained for three (3) years from the date of consent or until withdrawal of consent, whichever is earlier.

7.3 After the applicable retention period, personal data is securely deleted or anonymized in accordance with ph62a's data disposal procedures. Anonymized data from which individuals cannot reasonably be re-identified may be retained indefinitely for statistical or research purposes.

8.1 ph62a implements technical and organizational security measures designed to protect personal data against unauthorized access, disclosure, alteration, loss, and destruction. These measures include:

• Encryption in Transit: All data exchanged between your browser and ph62a's servers is encrypted using TLS 1.3 / 256-bit SSL — the same protocol used by Philippine commercial banks;
• Encryption at Rest: Sensitive personal data stored in ph62a's databases is encrypted at rest using AES-256 encryption;
• Password Security: Account passwords are never stored in plaintext. ph62a uses bcrypt hashing with individual salts so that original passwords cannot be recovered even by ph62a's own systems;
• Access Controls: Internal access to personal data is restricted on a strict need-to-know basis. Access is logged, and privileged access is subject to multi-factor authentication;
• Two-Factor Authentication: ph62a offers optional 2FA for all player accounts, using OTP delivery to your registered Philippine mobile number;
• Intrusion Detection: ph62a operates real-time monitoring and anomaly detection systems across its platform infrastructure;
• Vulnerability Management: ph62a conducts regular security assessments and patching processes to address identified vulnerabilities.

8.2 Notwithstanding ph62a's security measures, no transmission over the internet or electronic storage system is absolutely secure. You are responsible for maintaining the security of your own account credentials and for promptly notifying ph62a of any suspected unauthorized access.

9.1 Under the Data Privacy Act of 2012 and its IRR, you have the following rights with respect to your personal data held by ph62a:

9.2 To exercise any of these rights, contact ph62a's Data Protection Officer using the details in Section 14. ph62a will respond to data subject rights requests within thirty (30) calendar days of receipt of a verified request. Complex requests may require up to sixty (60) days, in which case ph62a will notify you of the extension and the reason within the initial thirty-day period.

9.3 ph62a will not charge a fee for processing a data subject rights request unless the request is manifestly unfounded, excessive, or repetitive. In such cases, ph62a may charge a reasonable administrative fee or decline to act on the request, notifying you of the reason.

9.4 If you are dissatisfied with ph62a's handling of your personal data or its response to a rights request, you have the right to lodge a complaint with the National Privacy Commission of the Philippines at privacy.gov.ph.

10.1 ph62a uses cookies and similar tracking technologies to provide essential platform functionality, maintain your login session, analyze platform usage, and detect fraudulent activity. The following categories of cookies are used:

• Strictly Necessary Cookies: Required for the platform to function. These include session authentication cookies, anti-fraud session tokens, and load balancing cookies. These cannot be disabled without impairing platform functionality;
• Functional Cookies: Remember your preferences such as preferred language, session timeout settings, and responsible gaming limit configurations;
• Analytics Cookies: Collect anonymized data about how players navigate the ph62a platform, which pages generate errors, and which game categories are most accessed. This data is used solely to improve the platform and is not linked to identifiable individuals;
• Security Cookies: Used by ph62a's fraud detection and login anomaly monitoring systems to identify suspicious session behavior.

10.2 ph62a does not use third-party advertising or behavioral tracking cookies. You will not see ph62a advertisements following you around other websites based on your ph62a activity.

10.3 You can manage cookie preferences through your browser settings. However, disabling strictly necessary cookies will prevent you from logging in or using the ph62a platform normally. Mobile browser cookie settings on Chrome (Android) and Safari (iOS) are accessible through each browser's privacy settings menu.

11.1 Age verification is a mandatory step in ph62a's registration and KYC processes. Any account found to be held by a person under 21 years of age will be immediately closed, all personal data associated with the account will be deleted (subject to any mandatory legal retention obligations), and any deposits will be returned net of any bonuses received, in accordance with PAGCOR guidelines.

11.2 If ph62a becomes aware that personal data has been collected from a person under 21 years of age, it will take immediate steps to delete that data. If you believe ph62a may have inadvertently collected data from a minor, please contact ph62a's Data Protection Officer at the contact details in Section 14.

12.1 ph62a's primary data processing infrastructure is located in the Philippines. However, certain service providers — particularly international game content providers and cloud infrastructure vendors — may process data outside the Philippines.

12.2 Where personal data is transferred outside the Philippines, ph62a ensures that such transfers comply with Section 21 of the Data Privacy Act and NPC guidelines on cross-border data transfers. This includes requiring that receiving organizations maintain a comparable level of data protection to that required under Philippine law, either through contractual clauses, binding corporate rules, or recognition of adequacy by the NPC.

12.3 ph62a does not transfer personal data to jurisdictions known to have materially inadequate data protection standards without implementing appropriate contractual and technical safeguards.

13.1 ph62a reserves the right to update or modify this Privacy Policy at any time to reflect changes in ph62a's data practices, applicable law, or regulatory requirements. The date of the most recent revision is displayed at the top of this document.

13.2 For material changes that significantly affect your data rights or the way ph62a processes your personal data, ph62a will provide advance notice of at least fourteen (14) days via your registered email address and/or a prominent in-platform notification before the changes take effect.

13.3 Your continued use of the ph62a platform after the effective date of any revised Privacy Policy constitutes your acknowledgment of and agreement to the updated Policy. If you do not agree with changes to this Policy, you should cease using ph62a and request account closure before the effective date of the changes.

13.4 Previous versions of this Privacy Policy are archived and available upon written request to ph62a's Data Protection Officer.

14.1 For all data privacy inquiries, data subject rights requests, consent withdrawal requests, or data breach reports, please contact ph62a's Data Protection Officer through the following channels:

14.2 You also have the right to file a complaint directly with the National Privacy Commission of the Philippines if you believe ph62a has violated your data privacy rights. The NPC can be reached through its official website at privacy.gov.ph.