php65 Privacy Policy

php65 operates the online gaming platform accessible at php65.vip, which provides Filipino players with access to live casino games, slot machines, sports betting markets, e-sabong, fishing games, and bingo. In the course of providing these services, php65 necessarily collects and processes personal data about its registered players, website visitors, and in some cases, third parties whose information is provided to us in connection with account verification or payment processing.

This Policy is intended to give you clear, plain-language information about our data practices. We take our obligations under Philippine data protection law seriously, including those arising under the Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations issued by the National Privacy Commission (NPC). Where applicable, we also comply with the data protection requirements of the Philippine Amusement and Gaming Corporation (PAGCOR) as a condition of our gaming licence.

This Policy should be read alongside the php65 Terms and Conditions, which are incorporated by reference and govern the overall contractual relationship between you and php65. In the event of any conflict between this Policy and the Terms and Conditions on a data-related matter, this Policy shall prevail.

The data controller responsible for your personal data processed through the php65 platform is the legal entity that holds the PAGCOR gaming licence authorising the operation of php65.vip. The Data Protection Officer (DPO) designated by php65 may be contacted at the email address listed in Section 15 of this Policy.

As the data controller, php65 determines the purposes and means by which your personal data is processed. Third-party service providers engaged by php65 to process personal data on our behalf act as data processors and are bound by contractual obligations consistent with the requirements of the Data Privacy Act of 2012.

php65 collects the following categories of personal data, depending on the nature of your interaction with the platform:

php65 collects your personal data through the following channels and methods:

• Direct submission by you: Information you voluntarily provide during account registration, profile updates, KYC document uploads, customer support interactions, or promotional opt-ins.
• Automated technical collection: Data collected automatically when you access or navigate the php65 platform, including through cookies, web beacons, session replay tools, and server logs. See Section 8 for details on cookies and tracking.
• Payment processors: Transaction confirmations, payment method details, and related financial data received from GCash, Maya, BPI, BDO, Metrobank, 7-Eleven, and other payment service providers when you make deposits or request withdrawals.
• Identity verification services: Data received from third-party KYC or AML screening providers engaged by php65 to verify the authenticity of identity documents and cross-check player information against watchlists maintained under Philippine AML regulations.
• PAGCOR and regulatory bodies: In limited circumstances, player-related information may be received from or transmitted to PAGCOR and other competent Philippine authorities in connection with our regulatory obligations.
• Publicly available sources: Publicly accessible information may be consulted in connection with due diligence, fraud prevention, or AML compliance where this is permitted by applicable law.

php65 processes your personal data for the following specific purposes:

• Account creation and management: Creating, maintaining, and administering your php65 account, including authentication, password recovery, and account preferences.
• Service delivery: Providing access to games, processing bets, settling winnings, delivering promotional offers you have opted in to receive, and displaying your transaction and gaming history.
• Payment processing: Processing deposits, executing withdrawal requests, reconciling financial records, and investigating disputed transactions.
• Identity verification and KYC compliance: Verifying your identity and age (21+) as required by PAGCOR regulations and the Anti-Money Laundering Act of 2001, as amended.
• Fraud prevention and security: Detecting and preventing fraud, unauthorised account access, money laundering, bonus abuse, and other prohibited activities. This includes automated screening of transaction patterns and the use of device fingerprinting technology.
• Responsible gaming: Monitoring player activity to identify potential problem gambling indicators and facilitating the use of responsible gaming tools (deposit limits, self-exclusion, session reminders).
• Customer support: Responding to your enquiries, resolving complaints, and improving our support processes.
• Legal and regulatory compliance: Fulfilling our obligations under PAGCOR licensing conditions, the Data Privacy Act of 2012, the Anti-Money Laundering Act, and any other applicable Philippine law.
• Platform improvement and analytics: Analysing aggregated usage patterns to improve the php65 platform, enhance user experience, and develop new features. This analysis uses pseudonymised or aggregated data where possible.
• Marketing communications (with consent): Sending promotional emails, SMS notifications, and personalised offers where you have explicitly opted in to receive such communications. You may withdraw consent at any time as described in Section 11.

In accordance with the Data Privacy Act of 2012 and its Implementing Rules, php65 processes your personal data on one or more of the following lawful bases:

• Contractual necessity: Processing required to perform our obligations under the php65 Terms and Conditions, including account management, game delivery, and payment processing.
• Legal obligation: Processing required to comply with PAGCOR licensing conditions, the Anti-Money Laundering Act (RA 9160 as amended), the Data Privacy Act of 2012, and other applicable Philippine legislation.
• Legitimate interests: Processing necessary for the legitimate interests of php65 (fraud prevention, platform security, responsible gaming monitoring, and business analytics), where such interests are not overridden by your data protection rights.
• Consent: Processing for marketing communications and certain optional profiling activities, where your specific, informed, and freely given consent has been obtained. You may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

php65 does not sell your personal data to any third party. We may share your personal data in the following limited circumstances:

• Payment service providers: GCash, Maya, BPI, BDO, Metrobank, GrabPay, and other payment processors that facilitate your deposits and withdrawals. These providers operate under their own privacy policies and are subject to Philippine financial regulations.
• Game software providers: Licensed game providers (e.g., PG Soft, Pragmatic Play, Evolution Gaming) may receive pseudonymised session data necessary to deliver real-time gaming services. These providers do not receive your full personal profile.
• KYC and AML service providers: Third-party identity verification and screening companies engaged to assist with Know Your Customer checks and anti-money laundering screening required under PAGCOR regulations and Philippine law.
• Technology and infrastructure providers: Cloud hosting providers, cybersecurity services, analytics platforms, and other technical service providers who process personal data on our behalf under binding data processing agreements.
• Customer support platforms: Third-party live chat and support ticketing platforms used to manage player support interactions, operating under contractual data protection obligations.
• Regulatory and law enforcement authorities: PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), Philippine law enforcement agencies, and courts of competent jurisdiction, where disclosure is required by law, court order, or regulatory direction.

php65 uses cookies and similar tracking technologies to operate and improve the platform. A cookie is a small text file placed on your device when you visit a website. We use the following categories of cookies:

• Strictly Necessary Cookies: Essential for the platform to function correctly. These include session authentication cookies, security tokens, and load-balancing cookies. These cannot be disabled without impairing platform functionality.
• Functional Cookies: Remember your preferences (e.g., language settings, game lobby layout, responsible gaming settings) to personalise your experience on return visits.
• Analytics Cookies: Collect anonymised or aggregated data about how players use the platform — which pages are visited most, how long sessions last, and where players navigate to — to help us improve the site. We use privacy-respecting analytics tools that do not track players across third-party websites.
• Security Cookies: Support fraud detection and prevention by enabling device fingerprinting and session integrity checks. These are essential for protecting the security of your Account.

You may adjust your cookie preferences through your browser settings. Note that disabling certain cookies (particularly strictly necessary and security cookies) may affect the functionality of the php65 platform or prevent you from logging in securely.

php65 retains your personal data only for as long as is necessary for the purposes for which it was collected, subject to applicable legal retention obligations. The following retention periods apply:

• Active account data: Retained for the duration of your Account's existence and for a minimum of five (5) years following Account closure, as required by PAGCOR regulations and the Anti-Money Laundering Act of 2001 (as amended by RA 10927).
• Transaction and financial records: Retained for a minimum of five (5) years from the date of each transaction in accordance with AML record-keeping requirements. Certain high-value or flagged transactions may be retained for longer periods.
• KYC and identity verification documents: Retained for the period required by PAGCOR and AML regulations, typically five (5) years from Account closure or the date of the last verified transaction, whichever is later.
• Customer support communications: Retained for two (2) years following the resolution of the relevant support interaction, or longer where communications relate to an ongoing dispute or legal matter.
• Marketing consent records: Retained for the duration of the consent and for one (1) year following withdrawal of consent, to demonstrate compliance with consent requirements.
• Technical and usage logs: Typically retained for twelve (12) months for security and analytics purposes, after which they are deleted or aggregated.

Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised, except where retention is required by a continuing legal obligation or an ongoing dispute.

php65 implements appropriate technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, loss, or destruction. Our security programme includes:

• 256-bit TLS/SSL encryption on all data transmitted between your device and the php65 servers.
• Encrypted storage of sensitive personal data and financial information at rest using AES-256 or equivalent encryption standards.
• Access controls: Role-based access controls restricting internal access to personal data to authorised personnel with a legitimate need in the performance of their duties.
• Two-Factor Authentication (2FA) available for all player accounts and mandatory for internal systems access by php65 staff.
• Regular penetration testing and security audits conducted by independent third-party security firms.
• Incident response procedures: A documented data breach response plan in compliance with the NPC's Breach Notification Regulations (NPC Circular 16-03), including mandatory notification to the NPC and affected data subjects within 72 hours of discovery of a qualifying breach.

While php65 implements industry-standard security measures, no digital platform can guarantee absolute security. You are responsible for maintaining the confidentiality of your Account credentials and for ensuring the security of the devices you use to access php65. Report any suspected Account compromise immediately to php65 support via Live Chat.

Under the Data Privacy Act of 2012 and its Implementing Rules, you have the following rights with respect to your personal data held by php65. All requests may be submitted to the php65 Data Protection Officer via the contact details in Section 15:

php65 will respond to all verified data subject rights requests within fifteen (15) business days of receipt, as required by NPC regulations. Requests are processed free of charge. We may require identity verification before processing a request to ensure that data is not disclosed to an unauthorised third party.

Where a legal obligation (such as AML record-keeping requirements or an ongoing regulatory investigation) requires php65 to retain certain data, we will inform you of the applicable legal basis and cannot immediately comply with a deletion or restriction request in respect of that data.

If you are a parent or guardian and believe that a minor has registered a php65 account or provided personal data to php65 without your knowledge or consent, please contact our Data Protection Officer immediately using the details in Section 15. We will investigate and take appropriate action, including Account closure and data deletion, as rapidly as possible.

php65's primary data processing infrastructure is located in the Philippines. Certain service providers engaged by php65 may process data in other countries — for example, cloud hosting infrastructure operated by international providers, or game studios with servers outside the Philippines.

Where personal data is transferred outside the Philippines, php65 takes appropriate steps to ensure that the receiving party provides an adequate level of protection for the data, including through the use of:

• Standard contractual data protection clauses approved by the NPC or equivalent competent authority.
• Binding corporate rules or equivalent data transfer safeguards where applicable.
• Transfer to jurisdictions recognised by the NPC as providing an adequate level of data protection.

php65 does not transfer personal data to jurisdictions that do not offer adequate protection without the explicit consent of the relevant data subject or a specific legal justification under the Data Privacy Act of 2012.

php65 reserves the right to update this Privacy Policy from time to time to reflect changes in our data practices, applicable law, or PAGCOR regulatory requirements. The "Last Updated" date at the top of this Policy will be revised whenever a material change is made.

Material changes — particularly those that affect how we process your data or reduce your rights — will be communicated to registered players via email to their registered address and/or a prominent notice on the php65 platform at least fourteen (14) days before the changes take effect.

Non-material changes (e.g., typographical corrections, clarifications that do not alter the substance of any provision) may be published without advance notice. We encourage you to review this Policy periodically to stay informed of our current data practices. Your continued use of the php65 platform after the effective date of any revised Policy constitutes your acceptance of the changes.

If you have any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data by php65, please contact our designated Data Protection Officer:

If you are not satisfied with our response to your privacy concern, you have the right to lodge a complaint with the National Privacy Commission of the Philippines (NPC) at its official address or through the NPC's online complaint portal published on the NPC's official government website.