ph1365 Privacy
Policy

ph1365 ("the Platform", "we", "us", "our") is committed to protecting the privacy and personal information of all Filipino players who use our online gaming services at ph1365.org. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, how we protect it, and what rights you have over your own information.

ph1365 is subject to the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its implementing rules and regulations, administered by the National Privacy Commission (NPC). We are also subject to PAGCOR-aligned compliance requirements applicable to online gaming operators serving Filipino players.

This Privacy Policy should be read in conjunction with the ph1365 Terms & Conditions, which govern your use of the platform and are incorporated herein by reference.

For the purposes of this Privacy Policy, the following definitions apply:

• "Personal Data" means any information from which you can be directly or indirectly identified, including your name, mobile number, date of birth, financial account details, and IP address.
• "Processing" means any operation performed on personal data, including collection, recording, storage, use, transmission, erasure, or destruction.
• "Data Controller" means ph1365, which determines the purposes and means of processing your personal data.
• "Data Processor" means any third party engaged by ph1365 to process personal data on its behalf.
• "Data Subject" means the natural person to whom the personal data belongs — in the context of ph1365, this is you, the registered player.
• "DPA" means the Philippine Data Privacy Act of 2012 (RA 10173) and its implementing rules.
• "NPC" means the National Privacy Commission of the Philippines, which administers and enforces the DPA.
• "KYC" means Know Your Customer — identity and age verification procedures required before withdrawal processing.

ph1365 collects personal data in the following categories. The table below describes what is collected and the primary reason for collection:

ph1365 collects personal data through the following means:

• Directly from you: When you register an account on ph1365.org, complete KYC verification, make a deposit or withdrawal, contact customer support, or participate in promotions.
• Automatically through the platform: Technical data such as IP addresses, device information, and session logs are collected automatically when you access ph1365.org, through server logs and standard web technologies.
• Through cookies and similar technologies: ph1365 uses cookies and local storage to maintain your login session, remember your preferences, and analyse aggregate usage patterns. See Section 8 for full details.
• From payment providers: When you deposit or withdraw via GCash, Maya, or bank transfer, we may receive confirmation data from those payment providers to reconcile transactions. We do not receive full financial credentials from payment providers.
• From identity verification services: During KYC, ph1365 may use third-party identity verification tools to cross-check government ID data. These services operate under their own privacy policies and are required to meet DPA compliance standards.

Under the Philippine Data Privacy Act, ph1365 must have a lawful basis for each processing activity. The legal bases on which ph1365 relies are:

• Contract Performance: Processing necessary to create and manage your ph1365 account, process your deposits and withdrawals, and deliver the gaming services you have contracted to receive.
• Legal Obligation: Processing required to comply with PAGCOR licensing conditions, the Anti-Money Laundering Act (RA 9160 as amended), the Philippine Data Privacy Act, and other applicable Philippine laws and regulations.
• Legitimate Interests: Processing for fraud prevention, platform security, responsible gaming monitoring, and the improvement of ph1365 services — where these interests are not overridden by your rights and interests.
• Consent: Processing for marketing communications, optional cookies, and certain promotional activities — where you have provided express, informed consent that can be withdrawn at any time.

ph1365 uses collected personal data for the following purposes:

• Account Management: Creating, maintaining, and administering your ph1365 account, including authentication, balance management, and account history.
• Payment Processing: Facilitating deposits via GCash, Maya, and bank transfer; processing withdrawal requests; and maintaining transaction records as required by law.
• Identity & Age Verification: Conducting KYC checks to verify that you are at least 21 years of age and to confirm your identity before processing withdrawals, in compliance with PAGCOR and AMLA requirements.
• Fraud Prevention & Security: Detecting, investigating, and preventing fraudulent activity, account takeover, money laundering, and other prohibited conduct on the platform.
• Responsible Gaming: Monitoring your gaming activity to support the responsible gaming tools available in your account, including deposit limit enforcement, session tracking, and self-exclusion management.
• Customer Support: Responding to your queries, processing complaints, and providing technical assistance via live chat, SMS, and email.
• Platform Improvement: Analysing aggregated, anonymised usage data to improve the ph1365 platform, optimise game offerings, and enhance the Filipino player experience.
• Marketing Communications: Sending you promotional offers, bonus notifications, and platform updates — but only where you have opted in to receive such communications. You may opt out at any time via your account settings or by contacting support.
• Legal Compliance: Meeting our obligations under Philippine law, including record-keeping requirements, regulatory reporting, and responding to lawful requests from competent authorities.

ph1365 does not sell, rent, or trade your personal data to third-party advertisers or data brokers. We may share your personal data with the following categories of third parties, strictly on a need-to-know basis:

• Payment Service Providers: GCash (G-Xchange Inc.), Maya (PayMaya Philippines Inc.), BPI, BDO, Metrobank, and other payment partners, for the purpose of processing your transactions. These providers are independent data controllers for their own services and are subject to their own privacy policies and BSP regulations.
• Game Providers: ph1365's game studio partners — including JILI, PG Soft, Pragmatic Play, and Evolution Gaming — may receive technical session data necessary to deliver game content. Game providers do not receive your full personal profile or financial account details.
• Identity Verification Services: Third-party KYC service providers engaged to assist with identity verification and document authentication during the KYC process.
• IT and Platform Service Providers: Cloud hosting, server infrastructure, cybersecurity, and analytics service providers that operate the technical environment in which ph1365 runs. All such providers are subject to data processing agreements that require them to handle your data in accordance with the DPA.
• Regulatory and Law Enforcement Authorities: PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other competent Philippine government authorities, where disclosure is required by law, court order, or regulatory requirement.
• Professional Advisors: Lawyers, auditors, and accountants engaged by ph1365 to provide legal, financial, or compliance advice, subject to professional confidentiality obligations.

ph1365 uses cookies and similar local storage technologies to provide and improve the platform experience. The following types of cookies are used:

• Strictly Necessary Cookies: Required for the platform to function. These include session cookies that keep you logged into your ph1365 account and security tokens that protect against CSRF attacks. These cookies cannot be disabled without breaking core platform functionality.
• Functional Cookies: Used to remember your preferences such as language settings, game display options, and responsible gaming limit configurations.
• Analytics Cookies: Used to understand how players use the ph1365 platform — which pages are visited most frequently, where players encounter errors, and how games are navigated. Analytics data is aggregated and anonymised. These cookies are optional and can be declined.
• Security Cookies: Used for fraud detection and suspicious activity monitoring, including device fingerprinting to detect anomalous login patterns.

You can control non-essential cookies through your browser settings. Please note that disabling all cookies may affect the functionality of the ph1365 platform, including your ability to maintain a logged-in session.

ph1365 retains personal data for no longer than is necessary to fulfil the purposes for which it was collected, subject to the following minimum retention periods required by Philippine law:

• KYC and Identity Documents: Retained for a minimum of five (5) years following account closure, as required by the Philippine Anti-Money Laundering Act.
• Transaction Records: Retained for a minimum of five (5) years following the date of each transaction, in compliance with AMLC and PAGCOR record-keeping requirements.
• Account Data: Retained for the duration of your active account and for three (3) years following account closure, unless a longer retention period is required by law.
• Support Communications: Retained for two (2) years following the resolution of the support interaction, for quality assurance and dispute reference purposes.
• Marketing Preferences: Retained until you withdraw consent or close your account, with opt-out records maintained thereafter to avoid inadvertent re-subscription.

Following the applicable retention period, personal data is securely deleted or anonymised in a manner that prevents reconstruction of individual identities.

ph1365 implements a comprehensive set of technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction:

• Encryption in Transit: All data transmitted between your browser and ph1365 servers is protected using TLS 1.2 or higher (256-bit SSL). The padlock icon in your browser address bar confirms an active encrypted connection.
• Encryption at Rest: Sensitive personal data stored in ph1365 databases — including KYC documents and financial data — is encrypted at rest using AES-256 encryption.
• Password Security: User passwords are stored using a one-way cryptographic hashing function with salt. ph1365 staff cannot view your password in plain text.
• Access Controls: Access to personal data within ph1365 is restricted on a strict role-based, need-to-know basis. Administrative access requires multi-factor authentication.
• Intrusion Detection: ph1365 operates automated systems to monitor for unauthorised access attempts, data exfiltration, and anomalous activity patterns.
• Vulnerability Management: ph1365 conducts regular security assessments and works with its infrastructure providers to apply security patches and address vulnerabilities promptly.

As a data subject under the Philippine Data Privacy Act of 2012, you have the following rights with respect to your personal data held by ph1365:

• Right to Be Informed: The right to know what personal data ph1365 collects, how it is used, and with whom it is shared — as provided in this Privacy Policy.
• Right of Access: The right to request a copy of the personal data ph1365 holds about you, including information on how it has been processed.
• Right to Rectification: The right to have inaccurate, incomplete, or outdated personal data corrected. You can update most personal data directly through your account settings.
• Right to Erasure ("Right to be Forgotten"): The right to request deletion of your personal data, subject to ph1365's legal obligations to retain certain records under AMLA and PAGCOR regulations.
• Right to Object: The right to object to the processing of your personal data, particularly for direct marketing purposes. Objection to marketing is immediate and absolute.
• Right to Data Portability: The right to receive your personal data in a structured, commonly used, and machine-readable format where technically feasible.
• Right to Lodge a Complaint: The right to file a complaint with the National Privacy Commission (NPC) if you believe ph1365 has processed your personal data in violation of the DPA.

To exercise any of the above rights, please contact the ph1365 Data Protection Officer (DPO) via live chat or the email address provided in Section 16 of this Policy. ph1365 will respond to verified requests within fifteen (15) business days in accordance with NPC guidelines.

ph1365 is an online gaming platform strictly intended for persons aged 21 years and above. We do not knowingly collect personal data from any person under the age of 21.

If ph1365 discovers that personal data has been collected from a person under 21 years of age, that account will be immediately suspended pending investigation, the data will be flagged, and appropriate action will be taken in accordance with our Terms & Conditions and applicable Philippine law.

Parents and guardians who believe that a minor under their care may have created a ph1365 account should contact our support team immediately via live chat so that the situation can be investigated and resolved promptly.

The ph1365 platform may contain references to third-party services such as GCash, Maya, and game providers. This Privacy Policy applies solely to personal data processed by ph1365 at ph1365.org. ph1365 is not responsible for the privacy practices of third-party services, which operate under their own independent privacy policies.

When you interact with a third-party payment provider or game studio through the ph1365 platform, that interaction is subject to the privacy policy of the relevant third party. ph1365 encourages you to review the privacy policies of any third-party services you use in connection with your ph1365 account.

ph1365's primary data processing operations are conducted within the Philippines. However, some technical service providers engaged by ph1365 — including cloud infrastructure and game streaming providers — may process data in data centres located outside the Philippines.

Where personal data is transferred outside the Philippines, ph1365 ensures that appropriate safeguards are in place in accordance with NPC guidelines, including contractual clauses that require overseas processors to apply data protection standards equivalent to those required under the Philippine DPA.

ph1365 does not transfer KYC documents, government ID data, or financial account data to overseas processors except where strictly required for the operational purpose for which it was collected, and only to processors that have demonstrated compliance with applicable data protection standards.

ph1365 may update this Privacy Policy from time to time to reflect changes in our data practices, legal obligations, or the features and services offered on the platform. The effective date and last updated date at the top of this document will be revised accordingly.

Where changes are material — meaning they significantly affect how your personal data is processed — ph1365 will provide at least seven (7) days' advance notice via registered account email or a prominent notification on ph1365.org before the changes take effect.

Your continued use of the ph1365 platform following the effective date of a revised Privacy Policy constitutes your acceptance of the updated terms. If you do not accept the revised Privacy Policy, please cease using the platform and contact support to arrange account closure.

The current version of this Privacy Policy is always available at ph1365.org/privacy-policy.

ph1365 has appointed a Data Protection Officer (DPO) responsible for overseeing compliance with the Philippine Data Privacy Act and handling data rights requests from Filipino players.

To contact the ph1365 DPO or the support team regarding any privacy-related matter — including exercising your data rights, reporting a suspected privacy breach, or asking questions about this Policy — please use the following channels:

• Live Chat: Available 24 hours a day, 7 days a week through the ph1365.org website. Mention "PRIVACY REQUEST" or "DPO ENQUIRY" at the start of your message for priority routing.
• Support Email: [email protected] — this email address is displayed as plain text only and is not a clickable link. Please include your registered username and a clear description of your request.
• Support Agent Hours: Filipino-speaking agents are available from 8:00 AM to 12:00 AM Philippine Time (PHT). Outside these hours, live chat is available with automated support and your message will be queued for an agent response.

ph1365 will acknowledge all privacy-related requests within 48 hours and provide a substantive response within fifteen (15) business days from the date of a verified request, in accordance with NPC Circular requirements.

If you are unsatisfied with ph1365's handling of your privacy concern, you have the right to file a formal complaint with the National Privacy Commission of the Philippines at privacy.gov.ph.