ph29 Privacy Policy – How We Handle Your Personal Data

ph29 is committed to protecting your privacy and handling your personal information responsibly under the Philippine Data Privacy Act of 2012 and PAGCOR regulations. Please read this policy carefully.

Last Updated: 1 June 2026

Our Privacy Commitments

Six principles that define how ph29 treats your personal information

DPA 2012 Compliance

ph29 processes all personal data in accordance with Republic Act No. 10173, the Philippine Data Privacy Act of 2012, and its Implementing Rules and Regulations. Your data rights as a Filipino data subject are fully recognised and upheld.

Purpose Limitation

ph29 collects only the personal data it needs to operate the Platform, fulfil regulatory obligations, and provide player support. We do not collect data speculatively or use it for purposes unrelated to your ph29 account and the services you access.

Security by Design

ph29 employs 256-bit SSL encryption on all data transmissions, industry-standard encryption at rest for sensitive stored data, and access controls that restrict internal data access to staff who need it to perform their role. Security is not an add-on — it is built into every layer of the ph29 Platform.

Your Data Rights

As a ph29 player, you have the right to access, correct, object to, and request erasure of your personal data. You may exercise these rights at any time through the account dashboard or by contacting ph29 support. Requests are processed within the timeframes prescribed by the Data Privacy Act.

No Unauthorised Sharing

ph29 does not sell, rent, or trade your personal data to third-party marketers. Data is shared only with service providers who process it strictly on ph29's behalf under contractual data processing obligations, or with PAGCOR and Philippine government authorities as required by law.

Defined Retention Periods

ph29 retains your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying PAGCOR record-keeping requirements and AML obligations under Philippine law. Retention periods are defined for each data category and data is securely destroyed upon expiry.

What Data We Collect & Why

A plain-language summary of the three main categories of data ph29 processes

IDENTITY
Identity & Registration Data

Full legal name, date of birth, government-issued ID details, selfie photograph, and residential address. Collected at registration and KYC verification. Required by PAGCOR and the Anti-Money Laundering Act — not optional. Used to verify your identity, comply with regulatory obligations, and protect your account from fraud.

FINANCIAL
Financial Transaction Data

GCash/PayMaya account references, BDO/BPI/Metrobank account identifiers, deposit and withdrawal history, and wallet balance history. Used to process your transactions, prevent financial crime, satisfy AML reporting obligations, and resolve any payment disputes that arise. Stored in encrypted form.

USAGE
Platform Usage Data

Login timestamps, device type and identifier, IP address, game session logs, bet history, and responsible gaming tool usage. Used to operate the Platform, detect security threats, personalise your experience, meet PAGCOR reporting requirements, and provide meaningful customer support when you contact us.

Contents
1. Introduction & Scope 2. Data Controller 3. Data We Collect 4. How We Use Your Data 5. Legal Bases for Processing 6. Sharing Your Data 7. International Transfers 8. Data Retention 9. Security Measures 10. Cookies & Tracking 11. Your Rights 12. Children 13. Changes to This Policy 14. Contact & Complaints
1. Introduction & Scope

This Privacy Policy ("Policy") explains how ph29 ("ph29," "we," "us," "our") collects, uses, stores, shares, and protects personal information relating to individuals ("you," "Player," "User") who register for or access the ph29 online gambling platform at ph29.one and any associated services (collectively, the "Platform").

This Policy applies to all personal data processed by ph29 in the context of operating the Platform for Filipino players. It is intended to inform you of your rights under Republic Act No. 10173, the Philippine Data Privacy Act of 2012 ("DPA"), and to fulfil ph29's disclosure obligations as a PAGCOR-licensed operator.

By registering an account with ph29 or by continuing to use the Platform, you acknowledge that you have read and understood this Privacy Policy. This Policy should be read alongside the ph29 Terms and Conditions, which govern your contractual relationship with ph29.

2. Data Controller

ph29 acts as the personal information controller in respect of the personal data it processes about you in connection with the Platform. As a PAGCOR-licensed online gambling operator, ph29 is registered with the National Privacy Commission (NPC) of the Philippines as required under the DPA and its Implementing Rules and Regulations.

For all privacy-related enquiries and requests to exercise your data subject rights, you may contact ph29's designated Data Protection Officer (DPO) through the contact details provided in Section 14 of this Policy.

3. Data We Collect
3.1 Registration & Identity Data
  • Full legal name as it appears on your government-issued Philippine identification document
  • Date of birth (used to verify that you meet the 21+ age requirement)
  • Residential address in the Philippines
  • Email address and mobile number used for account communications and OTP authentication
  • Username and encrypted account password
3.2 KYC & Verification Data
  • Scanned or photographed copy of a valid Philippine government-issued ID (passport, SSS ID, GSIS ID, PhilHealth card, or LTO driver's licence)
  • Selfie photograph taken alongside your identification document
  • Proof of address documentation (utility bill or bank statement dated within the past three months)
  • Proof of ownership of payment method(s) used for deposits
3.3 Financial & Transaction Data
  • GCash account reference and PayMaya account reference linked to your ph29 wallet
  • Bank account references for BDO, BPI, and Metrobank transfers
  • Complete transaction history including deposit amounts, dates, and withdrawal records
  • Wallet balance history and bonus credit records
3.4 Platform Usage & Technical Data
  • IP address and geolocation data at the time of each session
  • Device type, operating system, and browser information
  • Login timestamps and session duration data
  • Complete bet and game session history across all product verticals (sports betting, live casino, slots, bingo)
  • Responsible gaming tool settings and usage history
  • Customer support interaction records including chat logs and email correspondence
3.5 Data You Provide Voluntarily

ph29 may collect additional information that you choose to provide voluntarily, such as feedback submitted through surveys, preferences communicated through customer support interactions, or information provided in connection with a promotional activity.

4. How We Use Your Data

ph29 uses your personal data for the following purposes:

  • Account management: To create, operate, and maintain your ph29 player account and provide access to the Platform's services.
  • Identity verification (KYC): To comply with PAGCOR licensing requirements and verify that you are eligible to use the Platform (21+, Philippine resident).
  • Transaction processing: To process deposits and withdrawals via GCash, PayMaya, BDO, BPI, and Metrobank, and to maintain accurate financial records.
  • Regulatory compliance: To meet ph29's obligations under PAGCOR regulations, the Anti-Money Laundering Act (RA 9160 as amended), and the Data Privacy Act.
  • Security & fraud prevention: To monitor for and investigate suspicious account activity, unauthorised access, bonus abuse, match-fixing, and money laundering indicators.
  • Responsible gaming: To monitor player behaviour patterns that may indicate problem gambling and to administer the responsible gaming tools you activate.
  • Customer support: To respond to your enquiries, resolve disputes, and administer KYC appeals or account recovery processes.
  • Platform improvement: To analyse aggregated, anonymised usage data to improve Platform performance, user experience, and game library curation for Filipino players.
  • Marketing communications: To send you promotional offers and Platform updates, subject to your communication preferences and applicable opt-out rights.
5. Legal Bases for Processing

ph29 processes your personal data on the following legal bases under the Data Privacy Act of 2012:

  • Contract performance: Processing necessary to operate your player account and deliver the gambling services you have requested under the ph29 Terms and Conditions.
  • Legal obligation: Processing required to comply with PAGCOR licensing conditions, AML obligations, NPC registration requirements, and other applicable Philippine laws.
  • Legitimate interests: Processing for fraud prevention, platform security, responsible gaming monitoring, and internal analytics, where these interests do not override your fundamental rights.
  • Consent: Processing for marketing communications, where you have provided explicit consent and retain the right to withdraw that consent at any time.
6. Sharing Your Data

ph29 does not sell, rent, or trade your personal data to third parties for commercial marketing purposes. ph29 shares your personal data only in the following circumstances:

6.1 Regulatory & Government Authorities

ph29 is required to share player data with PAGCOR as part of its licensing obligations, with the Anti-Money Laundering Council (AMLC) when reporting covered and suspicious transactions as required by law, and with any other Philippine government authority pursuant to a valid legal demand or court order.

6.2 Service Providers

ph29 engages third-party service providers who process personal data strictly on ph29's behalf and only as instructed, including: KYC and identity verification providers, payment processing and e-wallet infrastructure providers, cloud hosting and data storage providers, customer support platform providers, and fraud detection and security monitoring providers. All such providers are subject to contractual obligations that restrict their use of your data to the agreed purpose.

6.3 Legal Proceedings

ph29 may disclose your personal data to the extent necessary to establish, exercise, or defend a legal claim, or where disclosure is required by a court or arbitral body of competent jurisdiction in the Philippines.

ph29 will never share your personal data with other online gambling operators, advertising networks, or data brokers for commercial purposes.
7. International Data Transfers

In certain cases, the service providers engaged by ph29 (including cloud infrastructure and KYC technology providers) may process personal data on servers located outside the Philippines. In such cases, ph29 ensures that appropriate safeguards are in place in accordance with Section 21 of the Data Privacy Act and NPC guidelines, including contractual data processing agreements that impose data protection standards equivalent to those required under Philippine law.

8. Data Retention

ph29 retains personal data for the period necessary to fulfil the purposes described in this Policy, subject to the following minimum retention periods mandated by applicable law:

  • Account and KYC data: Retained for a minimum of five (5) years from account closure, as required by PAGCOR and AML regulations.
  • Transaction and financial records: Retained for a minimum of five (5) years from the date of each transaction, in accordance with AMLC record-keeping requirements.
  • Bet and game session records: Retained for a minimum of three (3) years from the date of each session.
  • Customer support records: Retained for a minimum of two (2) years from the date of the last interaction.

Upon expiry of the applicable retention period, personal data is securely deleted or anonymised in accordance with ph29's data disposal procedures.

9. Security Measures

ph29 implements appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures include:

  • 256-bit SSL/TLS encryption for all data transmitted between your device and the ph29 Platform
  • Encryption at rest for sensitive stored data including KYC documents, payment details, and account credentials
  • Multi-factor authentication options for player account access
  • Role-based access controls restricting internal staff access to personal data on a need-to-know basis
  • Regular security vulnerability assessments and penetration testing of the Platform
  • Security incident response procedures aligned with NPC breach notification requirements under the DPA

In the event of a personal data breach that is likely to result in serious harm to data subjects, ph29 will notify the National Privacy Commission within seventy-two (72) hours of becoming aware of the breach, and will inform affected players as required by NPC guidelines.

10. Cookies & Tracking Technologies

ph29 uses cookies and similar tracking technologies to operate the Platform, maintain your session, remember your preferences, and analyse Platform performance. The categories of cookies used include:

  • Strictly necessary cookies: Required for the Platform to function, including session management and authentication. These cannot be disabled.
  • Functional cookies: Store your preferences such as language and display settings to improve your Platform experience.
  • Analytics cookies: Collect anonymised data about how players navigate the Platform to help ph29 identify areas for improvement. These are processed in aggregate and do not identify you individually.

ph29 does not use third-party advertising cookies or behavioural tracking cookies that share your data with advertising networks. You may manage cookie preferences through your browser settings, though disabling strictly necessary cookies will impair Platform functionality.

11. Your Data Subject Rights

Under the Philippine Data Privacy Act of 2012, you have the following rights in respect of your personal data held by ph29:

  • Right to be informed: The right to know what personal data ph29 holds about you and how it is used — addressed through this Policy.
  • Right of access: The right to request a copy of the personal data ph29 holds about you.
  • Right to rectification: The right to request correction of inaccurate or incomplete personal data.
  • Right to erasure: The right to request deletion of your personal data, subject to legal retention obligations that override this right.
  • Right to object: The right to object to processing based on legitimate interests, including the use of your data for marketing communications.
  • Right to data portability: The right to receive your personal data in a structured, machine-readable format where technically feasible.
  • Right to lodge a complaint: The right to file a complaint with the National Privacy Commission (NPC) if you believe ph29 has processed your personal data in breach of the DPA.

To exercise any of the above rights, please contact ph29's Data Protection Officer using the contact details in Section 14. ph29 will respond to data subject requests within the timeframes prescribed by the DPA — generally within fifteen (15) working days for straightforward requests.

12. Children and Minors

The ph29 Platform is strictly for individuals aged 21 years and above. ph29 does not knowingly collect personal data from any individual under the age of 21. If ph29 becomes aware that a player account has been registered by a person under 21, that account will be immediately closed, all associated personal data will be securely deleted (subject to any mandatory legal retention obligations), and any deposits will be dealt with in accordance with ph29's Terms and Conditions.

If you have reason to believe that a minor has registered an account with ph29, please contact the ph29 Data Protection Officer immediately using the contact details in Section 14.

13. Changes to This Privacy Policy

ph29 reserves the right to update this Privacy Policy at any time. Material changes will be communicated to registered players by email to the address associated with their account at least seven (7) days before taking effect, and the revised Policy will be published on this page with an updated effective date.

Your continued use of the ph29 Platform after the effective date of any revision constitutes your acknowledgement of the updated Policy. We encourage you to review this page periodically.

14. Contact & Complaints

For all privacy-related enquiries, requests to exercise your data subject rights, or concerns about how ph29 has handled your personal data, please contact:

ph29 Data Protection Officer
Email: [email protected]
Live Chat: Available 24/7 on the Platform (average response: 3–5 minutes)

Note: The email address above is displayed as plain text and is not a clickable link.

If you are not satisfied with ph29's response to your privacy concern, you have the right to lodge a complaint with the National Privacy Commission of the Philippines:

National Privacy Commission (NPC)
5th Floor Delegation Building, PICC Complex, Pasay City, Metro Manila, Philippines
Website: privacy.gov.ph (reference only — not a clickable link from this page)
Your Data Is Safe With ph29

Have questions about your personal data? ph29's support team is available 24/7 in Filipino-English. Sign in to manage your privacy settings or visit our FAQ.

Sign In to ph29 Visit FAQ