This Privacy Policy explains how phbinggo collects, uses, stores, shares, and protects the personal information of Filipino players who access the phbinggo platform. It is prepared in compliance with the Republic of the Philippines Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations, as overseen by the National Privacy Commission (NPC). By registering a phbinggo account or using the platform in any capacity, you consent to the practices described in this policy.
Effective date: 1 January 2026 Governing language: English Applicable law: Republic Act No. 10173, Philippines
Your Privacy at phbinggo — Key Commitments
phbinggo collects personal information only to the extent necessary to operate your account, comply with PAGCOR and NPC regulatory requirements, process payments, and deliver customer support. We do not collect personal data speculatively or for purposes unrelated to the phbinggo platform.
As a data subject under Philippine law, you have rights of access, correction, erasure, data portability, and objection. phbinggo maintains a dedicated process for handling data subject access requests from Filipino players in compliance with NPC guidelines and the Data Privacy Act.
As a PAGCOR-licensed platform, phbinggo is legally required to share certain player data with PAGCOR and with Anti-Money Laundering Council (AMLC) authorities under Philippine AML law. These disclosures are not optional and are not governed by your consent — they are mandatory legal obligations.
Personal data stored by phbinggo is protected using 256-bit SSL/TLS encryption in transit and AES-256 encryption at rest. Access to personal data within phbinggo's systems is restricted to authorized personnel on a need-to-know basis and is subject to access logging and audit.
phbinggo does not sell, rent, or trade your personal information to third-party marketers or data brokers. Data sharing with third parties is limited to service providers who assist in operating the phbinggo platform and to regulatory authorities as required by Philippine law.
phbinggo sends promotional communications — bonus offers, game announcements, and platform news — only to players who have given affirmative consent during registration or through account settings. You may withdraw consent for marketing communications at any time via your account settings or by contacting support.
phbinggo, the online gaming platform accessible at phbinggo.app, is the personal information controller (PIC) in respect of all personal data processed in connection with your phbinggo account. phbinggo is a Philippine-incorporated entity, licensed by the Philippine Amusement and Gaming Corporation (PAGCOR) and registered as a personal information controller with the National Privacy Commission (NPC) of the Republic of the Philippines.
As the personal information controller, phbinggo determines the purposes for which your personal data is collected and the manner in which it is processed. Where phbinggo engages third-party service providers to process personal data on phbinggo's behalf — such as payment processors, KYC verification providers, and cloud infrastructure providers — those parties act as personal information processors (PIPs) under contractual data processing agreements that bind them to phbinggo's data protection standards and the requirements of Philippine law.
phbinggo collects personal data through several channels: information you provide directly during registration and account use, information collected automatically when you interact with the platform, and information received from third-party service providers involved in operating the phbinggo platform.
| Category | Specific Data Collected |
|---|---|
| Registration Data | Full legal name, date of birth, email address, Philippine mobile number, username, password (stored as a hashed value — never in plain text). |
| Identity Verification (KYC) | Government-issued ID document type and number, photographs of identity documents (front and back), selfie or liveness-check images, date and place of birth as stated on identity documents. |
| Payment Information | GCash account number, PayMaya account details, bank account names and numbers (BPI, BDO, Metrobank) for withdrawal processing. phbinggo does not store full card numbers or full bank account numbers — only references sufficient to process verified transactions. |
| Source of Funds | Employment information, income documentation, or other financial records requested for enhanced due diligence compliance on high-value accounts. |
| Support Communications | Contents of live chat transcripts, email correspondence, and any documentation you submit in connection with a support request or complaint. |
| Responsible Gaming | Self-exclusion elections, deposit or loss limit settings, cooling-off periods, and any responsible gaming questionnaire responses you complete. |
| Category | Specific Data Collected |
|---|---|
| Device & Technical Data | IP address, device type and operating system, browser type and version, screen resolution, unique device identifiers. |
| Session & Gameplay Data | Login timestamps, session duration, games played, wagers placed and outcomes, bonus activation events, page navigation path within the platform. |
| Geolocation Data | Approximate geographic location derived from IP address for jurisdiction compliance verification. phbinggo does not collect precise GPS location without explicit consent. |
| Cookie & Tracking Data | Session cookies, authentication cookies, preference cookies, and analytics tracking as described in Section 8 of this policy. |
phbinggo processes personal data for the following specific, legitimate purposes:
Under the Data Privacy Act of 2012, phbinggo's processing of your personal data relies on one or more of the following lawful bases for each processing activity:
Processing your registration data, identity information, and payment details is necessary to perform the contract between you and phbinggo — that is, to provide you with an operational gaming account, to process your deposits and withdrawals, and to deliver the services described in the phbinggo Terms and Conditions. Without processing this data, phbinggo cannot establish or maintain your account.
Certain processing activities are mandatory under Philippine law regardless of your consent. These include: KYC identity verification required by PAGCOR; transaction monitoring and reporting required by the Anti-Money Laundering Act and the AMLC; age verification as required by PAGCOR regulations; and disclosure of data to lawful regulatory and law enforcement authorities in response to valid legal process.
phbinggo processes certain data on the basis of legitimate interests — specifically, the detection and prevention of fraud, collusion, and platform abuse; internal security monitoring; and the improvement of platform performance through aggregated analytics. phbinggo's legitimate interest in maintaining a fair, secure, and stable gaming platform is assessed to be proportionate and not overridden by your privacy interests in these specific contexts.
Marketing communications are sent solely on the basis of your affirmative consent. Consent for marketing is collected separately during the registration process and can be withdrawn at any time through your account settings or by contacting phbinggo support. Withdrawal of marketing consent does not affect the lawfulness of processing carried out before the withdrawal.
phbinggo does not sell, rent, or trade your personal data to third-party marketers, data brokers, or any commercial entity for their own independent use. Data sharing is limited to the following categories of recipients:
phbinggo engages third-party service providers who process personal data strictly on phbinggo's instructions and for phbinggo's operational purposes. These include:
All service providers are bound by written data processing agreements requiring them to protect personal data to standards at least equivalent to those imposed by the Data Privacy Act of 2012.
phbinggo is legally required to disclose personal data to the following authorities without requiring your consent:
phbinggo retains personal data only for as long as necessary to fulfil the stated purposes of collection and to comply with applicable Philippine legal requirements. The following standard retention periods apply:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account registration data | Duration of account plus 5 years after closure | PAGCOR regulatory requirement; AML compliance |
| KYC identity documents | Duration of account plus 5 years after closure | AMLC record-keeping obligations (RA 9160) |
| Transaction records | 5 years from date of transaction | AMLC reporting; PAGCOR audit obligations |
| Gameplay logs | 3 years from date of session | Dispute resolution; fraud detection |
| Customer support records | 3 years from last interaction | Dispute resolution; regulatory audit |
| Marketing consent records | Duration of consent plus 2 years | NPC evidence of consent requirements |
| Self-exclusion records | Permanent | PAGCOR responsible gaming obligations |
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised in a manner that prevents reconstruction. Where legal proceedings or regulatory investigations are ongoing at the time a retention period expires, data relevant to those proceedings will be retained until the matter is fully resolved.
phbinggo implements a comprehensive information security program designed to protect personal data against unauthorized access, disclosure, alteration, and destruction. Key security measures include:
phbinggo uses cookies and similar tracking technologies to operate the platform, maintain your authenticated session, and improve platform performance. The following categories of cookies are used:
These cookies are essential for the operation of the phbinggo platform and cannot be disabled without impairing core functionality. They include session authentication cookies that keep you logged in during your visit, security cookies that protect against cross-site request forgery (CSRF), and load-balancing cookies that distribute traffic across phbinggo's server infrastructure. These cookies do not require your consent as they are operationally necessary.
Functional cookies remember preferences you have set on the platform — such as your selected game lobby view, language preferences, and responsible gaming settings. Disabling these cookies will cause phbinggo to revert to default settings on each session. These cookies operate on the basis of your use of the platform and do not track activity across other websites.
phbinggo uses analytics cookies to collect aggregated, anonymised data about how players navigate the platform — which pages are visited, how long sessions last, and where players encounter errors or exit points. This data is used solely to improve phbinggo's platform design and performance. Analytics data is processed in aggregated, de-identified form and is not linked back to individual player accounts.
You may manage cookie preferences through your browser settings. Most browsers allow you to view, block, or delete cookies. Note that blocking strictly necessary cookies will prevent you from using phbinggo's logged-in features. For detailed guidance on managing cookies in your specific browser, refer to your browser's help documentation.
Under the Data Privacy Act of 2012 and its Implementing Rules and Regulations, you have the following rights in respect of your personal data held by phbinggo. To exercise any of these rights, contact phbinggo's Data Protection Officer using the details in Section 14. phbinggo will respond to all valid data subject requests within thirty (30) days of receipt, in accordance with NPC guidelines.
You have the right to obtain confirmation from phbinggo as to whether personal data concerning you is being processed, and if so, to access a copy of that data and information about how it is being processed.
You have the right to request correction of inaccurate or incomplete personal data that phbinggo holds about you. Please note that changes to KYC-verified data require re-verification with supporting documentation.
You have the right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected. This right is subject to overriding legal retention obligations, particularly under PAGCOR and AML requirements, which phbinggo cannot waive.
You have the right to object to the processing of your personal data for direct marketing purposes. You also have the right to object to processing based on legitimate interests, subject to phbinggo demonstrating compelling legitimate grounds that override your interests.
You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format where processing is carried out by automated means on the basis of your consent or contractual necessity.
If you believe phbinggo has not handled your personal data in compliance with the Data Privacy Act, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines through its official complaint mechanism.
If phbinggo discovers or is informed that personal data belonging to a person under 21 years of age has been collected in connection with a phbinggo account, phbinggo will immediately close the affected account, delete the associated personal data to the extent not required for regulatory retention purposes, and take appropriate measures to prevent recurrence. Any deposited funds on such an account will be handled in accordance with applicable PAGCOR directives.
Any individual who registers a phbinggo account using a false date of birth to circumvent the age restriction is in breach of the phbinggo Terms and Conditions and may be subject to legal consequences under Philippine law. The personal data of such individuals will be retained for the period necessary to support any regulatory investigation or legal proceedings arising from the underage access.
phbinggo's primary data storage and processing infrastructure is located within the Philippines. However, certain service providers engaged by phbinggo — including cloud infrastructure providers, game software providers, and analytics tools — may process personal data in data centres located outside the Philippines, including in jurisdictions within the Asia-Pacific region.
Where personal data is transferred outside the Philippines to a third-party processor, phbinggo ensures that:
phbinggo will not transfer personal data to jurisdictions that do not meet these adequacy or contractual safeguard requirements without your explicit consent, except where required by valid Philippine legal process.
phbinggo maintains a documented Personal Data Breach Response Policy that sets out the procedures to be followed in the event of a confirmed or suspected breach of personal data security. This policy is consistent with the NPC's Circular on Personal Data Breach Management.
In the event of a personal data breach that is likely to give rise to a real risk of serious harm to affected data subjects, phbinggo will:
phbinggo reserves the right to update or amend this Privacy Policy at any time to reflect changes in applicable Philippine law, NPC regulations, PAGCOR requirements, phbinggo's data processing practices, or the services offered on the platform. All amendments will be posted to this page with a revised effective date at the top of the policy.
Material changes to this Privacy Policy — specifically, changes that affect the purposes for which personal data is processed, the categories of data shared with third parties, or the rights available to data subjects — will be communicated to registered Players via the email address on file or through a notice on the phbinggo platform prior to the effective date of the change.
Your continued use of phbinggo after the effective date of any updated Privacy Policy constitutes your acknowledgment of the changes. If you do not agree to any material change in this Privacy Policy, you should contact phbinggo support to close your account before the updated policy takes effect.
For all data privacy enquiries, data subject access requests, requests to withdraw consent, or privacy complaints, please contact phbinggo's Data Protection Officer:
If you are not satisfied with phbinggo's response to a privacy complaint, you have the right to escalate the matter to the National Privacy Commission of the Philippines. The NPC accepts complaints through its official website and complaint mechanisms. phbinggo cooperates fully with NPC investigations and complies with NPC orders and recommendations.
phbinggo is built around Filipino players — which means your personal data stays in a regulated, compliant environment governed by Philippine law. Your GCash details, your ID documents, your account history — all handled under the Data Privacy Act with the oversight of the NPC and PAGCOR. That is the standard phbinggo holds itself to, not just when regulators are watching.