This Privacy Policy explains what personal data phplago collects from Filipino players, how that data is used and protected, who it may be shared with, and what rights you hold over your own information under applicable Philippine data protection law.
Our Core Commitments to You
These cards summarise phplago's six foundational privacy commitments. The full legal detail for each is covered in the policy sections below.
All personal data transmitted between your device and phplago is encrypted using 256-bit SSL. Stored data — including payment details and identity documents — is held in encrypted form with restricted staff access controls.
phplago does not sell, rent, or trade your personal data to third-party marketers. Data sharing with partners is limited strictly to what is necessary to operate your account and process transactions.
You have the right to access, correct, and request deletion of your personal data. phplago provides a clear process for exercising these rights, subject to legal retention obligations that apply to gaming operators.
phplago collects only the personal data that is genuinely necessary to operate your account, process transactions, comply with PAGCOR-context obligations, and verify the 21+ age requirement. We do not collect data beyond what serves these purposes.
phplago processes data in accordance with the Republic Act No. 10173 (Data Privacy Act of 2012) and its implementing rules, administered by the National Privacy Commission (NPC) of the Philippines.
Every piece of data phplago holds is collected for a clearly defined purpose. Data is not repurposed beyond its original collection basis without your explicit consent or a lawful regulatory requirement.
phplago ("we," "us," "our") is committed to protecting the privacy of every Filipino player who interacts with our platform. This Privacy Policy is issued in compliance with the Republic Act No. 10173, also known as the Data Privacy Act of 2012, and its Implementing Rules and Regulations as administered by the National Privacy Commission (NPC) of the Philippines.
This Policy sets out the types of personal data phplago collects, the purposes for which that data is processed, the conditions under which it may be shared, the security measures applied to protect it, the retention periods that govern how long we keep it, and the rights you hold as a data subject under Philippine law. Where phplago operates within the context of PAGCOR regulatory requirements, certain data collection and retention obligations are imposed on us as a condition of lawful operation and are not optional.
This Policy covers all phplago services including the casino game lobby, live dealer tables, bingo rooms, slot games, sports betting, the phplago Login system, the player cashier, and all customer support interactions. It applies regardless of whether you access phplago from Metro Manila, Cebu, Davao, Quezon City, or any other location in the Philippines.
For the purposes of the Data Privacy Act of 2012, phplago is the personal information controller in respect of all personal data collected through the platform. phplago determines the purposes and means of processing your personal data and is responsible for ensuring that such processing is conducted lawfully, fairly, and transparently.
Any enquiries regarding how phplago handles your personal data, or any requests to exercise your data subject rights, should be directed to phplago's designated Data Protection Officer (DPO). Contact details for the DPO are provided in Section 14 of this Policy.
When you create a phplago account, we collect the following personal data:
For the purposes of identity verification and anti-money laundering compliance, phplago may collect copies of government-issued identification documents (such as a Philippine National ID, passport, or driver's licence), proof of address, and documentation establishing the source of funds deposited into your phplago wallet.
phplago records all financial transactions associated with your account, including:
phplago records comprehensive data about your in-platform gaming activity, including game sessions played, wager amounts, game outcomes, bonus claims and wagering progress, and session duration. This data is used for account management, responsible gaming monitoring, dispute resolution, and regulatory reporting.
phplago's systems automatically collect certain technical data when you access the platform:
All communications between you and phplago — including live chat transcripts, email correspondence, and support ticket records — are retained for quality assurance, dispute resolution, and regulatory compliance purposes.
| Data Category | Examples | Primary Purpose |
|---|---|---|
| Identity | Name, DOB, ID documents | KYC verification, 21+ compliance |
| Contact | Email, mobile number | Account management, notifications |
| Financial | GCash, BDO, transaction logs | Payment processing, AML compliance |
| Gaming | Sessions, wagers, outcomes | Account ops, responsible gaming |
| Technical | IP address, device info | Security, fraud prevention |
| Communications | Chat logs, emails | Support, dispute resolution |
The primary use of your personal data is to operate and manage your phplago account — processing your registrations, authenticating your phplago Login sessions, managing your wallet balance, processing deposit and withdrawal requests, and communicating with you about your account status.
phplago is required to verify that all registered players are 21 years of age or older and that the identity of persons holding accounts matches the identity of the individuals making financial transactions. Your identity data is used for this verification purpose and is subject to strict access controls within phplago.
phplago processes financial transaction data and gaming activity records for the purpose of detecting and preventing fraudulent activity, money laundering, and other financial crimes. This includes automated screening of transactions against risk thresholds and, where warranted, manual review by phplago's compliance team. Suspicious activity may be reported to the relevant Philippine regulatory authorities as required by law.
phplago monitors gaming activity patterns to identify players who may be exhibiting signs of problem gambling. This monitoring enables phplago to implement responsible gaming interventions, such as proactively offering deposit limit tools or cooling-off periods, in accordance with our responsible gaming obligations. Data used for this purpose is processed only to protect player welfare.
Personal data and account history are accessed by phplago support agents for the purpose of responding to player enquiries, resolving disputes, and addressing account issues. Access is restricted to support team members on a need-to-know basis.
Aggregated and anonymised data derived from platform usage is used to improve the phplago product — identifying technical issues, improving game loading performance on Philippine mobile networks, and understanding how players navigate the lobby. This analytics use does not involve processing identifiable personal data.
With your consent, phplago may send you promotional communications about bonuses, new games, and special offers. You may withdraw this consent at any time by updating your notification preferences in your phplago account settings or by contacting support. Withdrawal of marketing consent does not affect the lawfulness of processing carried out prior to withdrawal.
phplago processes your personal data on the following legal bases under the Data Privacy Act of 2012:
phplago engages certain third-party service providers who process personal data on our behalf as data processors. These include payment processors (GCash, PayMaya, banking partners), game software providers, identity verification service providers, cloud infrastructure providers, and customer support platform operators. All processors are bound by contractual data processing agreements that restrict their use of your data to the specific services they provide to phplago.
phplago will disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission, law enforcement agencies, or courts where disclosure is required by Philippine law, court order, or lawful regulatory directive. phplago will not provide advance notice of such disclosures where prohibited from doing so by the relevant authority.
phplago does not sell, rent, exchange, or otherwise commercially transfer your personal data to third parties for their own marketing or commercial purposes. Any data sharing is limited to the operational and legal purposes described in this Policy.
The phplago platform uses cookies and similar tracking technologies to operate the platform, maintain your phplago Login session, remember your account preferences, and collect anonymised analytics data. Cookies are small text files stored on your device by your browser.
You can control cookies through your browser settings. Blocking essential cookies will affect your ability to use the phplago platform, including the phplago Login function. Blocking non-essential cookies will not prevent you from playing games or processing financial transactions.
phplago retains personal data for as long as is necessary to fulfil the purposes for which it was collected, subject to applicable legal and regulatory retention requirements. The following retention periods apply:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account & Identity Records | 5 years post-account closure | PAGCOR regulatory requirement |
| Transaction Records | 5 years post-transaction | AML obligations (RA 9160) |
| KYC Documents | 5 years post-account closure | Regulatory compliance |
| Gaming Activity Logs | 3 years | Dispute resolution, responsible gaming |
| Support Communications | 3 years | Dispute resolution |
| Marketing Preferences | Until consent withdrawn | Consent-based processing |
Following the expiry of the applicable retention period, personal data is securely deleted or anonymised in a manner that prevents re-identification. Where data must be retained beyond these standard periods due to ongoing legal proceedings or regulatory enquiries, retention is extended only for the duration of those proceedings.
phplago implements technical and organisational security measures designed to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure. These measures include:
In the event of a personal data breach affecting your information, phplago will notify the National Privacy Commission within 72 hours of becoming aware of the breach and will notify affected players without undue delay where the breach is likely to result in a high risk to their rights and freedoms.
Under Republic Act No. 10173 (Data Privacy Act of 2012), phplago players have the following rights in respect of their personal data:
Request a copy of the personal data phplago holds about you, including the categories of data, processing purposes, and retention periods.
Request correction of any inaccurate or incomplete personal data held in your phplago account profile.
Request deletion of your personal data, subject to phplago's legal obligations to retain certain records under PAGCOR and AML regulations.
Object to processing of your personal data for direct marketing purposes at any time. Marketing opt-out takes effect immediately.
Receive a copy of your personal data in a structured, machine-readable format where technically feasible and where processing is based on consent or contract.
Lodge a complaint with the National Privacy Commission (NPC) of the Philippines if you believe phplago has not handled your personal data in accordance with the Data Privacy Act.
To exercise any of the above rights, please contact phplago's Data Protection Officer using the contact details in Section 14. phplago will respond to all data subject rights requests within 30 calendar days. Where a request involves a large volume of data or requires significant effort to fulfil, phplago may extend this period by a further 30 days with prior notice to you.
phplago does not knowingly collect personal data from individuals who are under 21 years of age. The phplago platform is strictly for adults who are 21 years of age or older, as required under the applicable PAGCOR regulatory context for online gaming in the Philippines.
At registration, phplago collects date of birth information and applies an automated age verification check. Where phplago subsequently discovers that a player is under 21 years of age, the account will be immediately suspended, all data associated with the account will be flagged for review, any balance will be subject to regulatory assessment, and the matter will be escalated to phplago's compliance team.
phplago's primary data processing occurs within the Philippines. However, certain service providers — including game software providers and cloud infrastructure operators — may process data in jurisdictions outside the Philippines. Where such transfers occur, phplago ensures that appropriate safeguards are in place in accordance with the Data Privacy Act of 2012 and NPC guidelines, including contractual clauses requiring the foreign processor to apply data protection standards equivalent to those required under Philippine law.
phplago will not transfer your personal data to a jurisdiction that lacks adequate data protection standards without your explicit consent or the application of appropriate contractual safeguards.
phplago may update this Privacy Policy periodically to reflect changes in our data processing practices, legal obligations, or platform features. Where changes are material, phplago will notify registered players via email to the address held on account and/or by displaying a prominent notice on the phplago platform for a period of no less than 14 days prior to the change taking effect.
The effective date of the current Policy version is displayed at the top of this page. Continued use of the phplago platform after the effective date of any updated Policy constitutes your acceptance of the revised terms. If you disagree with any change to this Policy, you should cease using the platform and may request account closure by contacting phplago support.
For all enquiries relating to this Privacy Policy, your personal data, or the exercise of your data subject rights, please contact phplago through the following channels:
If you are not satisfied with phplago's response to your privacy concern, you have the right to lodge a complaint with the National Privacy Commission of the Philippines (NPC), the supervisory authority responsible for enforcing the Data Privacy Act of 2012.
Your Data Is Safe at phplago
256-bit encryption, strict data minimisation, and zero data selling — phplago protects your information the same way it protects your winnings. 3,200+ games, instant GCash payouts, and full Filipino support. 21 years and older only.