betphil Privacy Policy

This Privacy Policy ("Policy") describes how betphil ("betphil," "we," "us," "our") collects, uses, stores, discloses, and protects the personal data of users ("you," "Player," "Data Subject") who access and use the betphil online gambling platform available at betphil.club, including all associated mobile browser interfaces, game services, payment processing features, customer support channels, and promotional communications.

This Policy applies to all betphil members — whether you are a registered player, a visitor browsing the betphil website without an account, or a former player whose account has been closed. By registering a betphil account or continuing to access the betphil platform, you acknowledge that you have read, understood, and consent to the data practices described in this Policy.

This Policy is intended to fulfill betphil's transparency obligations under Republic Act No. 10173, the Philippine Data Privacy Act of 2012 ("DPA") and its Implementing Rules and Regulations ("IRR"), as administered by the National Privacy Commission ("NPC") of the Philippines.

betphil is the personal information controller ("PIC") responsible for the personal data collected through the betphil platform. As PIC, betphil determines the purposes for which and the means by which personal data is processed, and is responsible for ensuring that processing activities comply with the DPA, its IRR, and all applicable issuances of the National Privacy Commission.

betphil has designated a Data Protection Officer ("DPO") responsible for overseeing compliance with data protection obligations, responding to data subject rights requests, and serving as the point of contact for the NPC in matters relating to personal data protection. Contact details for betphil's DPO are provided in Section 14 of this Policy.

betphil collects personal data about you through the following channels and in the following categories:

• Registration data: Full legal name (as it appears on your government-issued ID), date of birth, Philippine mobile number, email address (if provided), and your chosen account password.
• Identity verification (KYC) data: Scanned or photographed images of a valid Philippine government-issued ID (SSS, UMID, PhilHealth, passport, or driver's license); in enhanced verification cases, a selfie photo and proof of address or source of funds documentation.
• Payment data: GCash account details (mobile number), Maya wallet identifier, bank account details (account name and number for bank transfer channels), and transaction references. betphil does not store full card numbers or e-wallet PINs.
• Communications data: Content of messages you send to betphil's customer support team via live chat or email, including account queries, complaints, dispute submissions, and responsible gaming requests.
• Preferences and settings: Responsible gaming limit preferences, notification settings, language preferences, and bonus opt-in status.

• Device and access data: IP address, device type and model, operating system version, browser type and version, mobile network operator, and approximate geographic location (derived from IP address).
• Usage and behavioral data: Pages visited, game sessions initiated, wagers placed, game outcomes, session duration, navigation paths, and in-platform feature interactions.
• Transaction logs: Complete records of all deposit and withdrawal transactions, including amounts, timestamps, payment channels used, and transaction status.
• Cookie and tracking data: As described in Section 8 of this Policy.

• Payment processors: Transaction confirmation status and reference data from GCash, Maya, BPI, BDO, and other Philippine payment partners.
• Identity verification providers: Results of automated ID document verification checks conducted by betphil's KYC technology partners, where applicable.
• PAGCOR and regulatory authorities: Exclusion list data and compliance-related information shared by PAGCOR or the AMLC in the performance of their regulatory functions.
• Fraud prevention services: Risk signals and fraud indicators from third-party fraud detection services used to protect the platform and its players.

betphil processes your personal data for the following specific purposes, each supported by a lawful basis under the Philippine DPA:

1. Account Registration and Management — To create and administer your betphil account, authenticate your identity at login, and maintain your account profile. Legal basis: Performance of contract (your account agreement with betphil).
2. Identity Verification (KYC) — To verify your age (minimum 21 years) and identity as required by PAGCOR licensing conditions and AMLC anti-money laundering obligations. Legal basis: Compliance with a legal obligation.
3. Payment Processing — To process your deposits and withdrawals through Philippine payment channels including GCash and Maya, and to maintain complete financial records. Legal basis: Performance of contract; compliance with legal obligation.
4. Game Delivery and Platform Operation — To deliver the games and services you use on betphil, including live casino, slots, sabong, bingo, sports betting, and fishing games, and to maintain platform performance and availability. Legal basis: Performance of contract.
5. Regulatory Compliance and Anti-Money Laundering — To fulfill betphil's obligations under PAGCOR regulations, the AMLC Implementing Rules, and other applicable Philippine laws, including transaction monitoring and suspicious activity reporting. Legal basis: Compliance with a legal obligation.
6. Fraud Prevention and Platform Security — To detect, investigate, and prevent unauthorized access, cheating, bonus abuse, multiple account creation, and other fraudulent or prohibited conduct on the betphil platform. Legal basis: Legitimate interests of betphil and its players in maintaining a secure and fair gaming environment.
7. Responsible Gaming Monitoring — To implement and monitor responsible gaming tools including deposit limits, session tracking, self-exclusion enforcement, and PAGCOR exclusion list compliance. Legal basis: Compliance with a legal obligation; legitimate interests.
8. Customer Support — To receive, process, and respond to your support queries, account disputes, payment questions, and responsible gaming requests. Legal basis: Performance of contract.
9. Direct Marketing and Promotions — To send you personalized promotional offers, bonus notifications, and platform updates via SMS or in-platform messaging, but only where you have provided explicit consent. Legal basis: Consent.
10. Platform Improvement and Analytics — To analyze aggregate and anonymized usage data to improve the betphil platform, personalize your experience, and optimize game offering and user interface. Legal basis: Legitimate interests.

betphil does not sell, rent, or commercially trade your personal data. betphil shares your personal data only with the following categories of recipients, and only to the extent strictly necessary for the stated purpose:

• Payment processors and e-wallet providers (GCash, Maya, BPI, BDO, Metrobank, GrabPay, and others): To process your deposits and withdrawals. Sharing is limited to the transaction data required to execute the payment.
• Game content providers (Playtech and other certified providers whose games appear on betphil): For game session authentication and RNG certification purposes. These providers receive session tokens and, in some cases, anonymized player identifiers — not your full identity data.
• KYC and identity verification technology partners: To automate document verification checks required under PAGCOR KYC obligations. These partners process ID document images under strict data processing agreements and do not retain data beyond the verification session.
• Fraud detection and cybersecurity services: Technical data including IP addresses and device fingerprints are shared with fraud prevention systems to protect the platform and player accounts.
• PAGCOR and Philippine regulatory authorities: betphil discloses personal data to PAGCOR, the AMLC, the NPC, and other Philippine competent authorities when required to do so by law, court order, or regulatory directive.
• Law enforcement and judicial authorities: Where required by a valid Philippine legal process (warrant, court order, or AMLC freeze order), betphil will disclose relevant personal data to the requesting authority.
• Professional advisers: Lawyers, auditors, and compliance consultants acting under confidentiality obligations, where necessary for betphil's legal and regulatory compliance functions.

betphil retains your personal data for as long as is necessary to fulfill the purposes for which it was collected, subject to the following minimum retention periods required by Philippine law and PAGCOR regulation:

Upon expiry of the applicable retention period, personal data will be securely deleted or anonymized in a manner that prevents reconstruction of the original data subject's identity.

betphil implements and maintains comprehensive technical and organizational security measures designed to protect your personal data against unauthorized access, accidental loss, destruction, alteration, or unlawful processing. These measures include:

• Encryption in transit: All data transmissions between your browser or mobile device and betphil's servers are protected by 256-bit TLS (Transport Layer Security) encryption.
• Encryption at rest: Sensitive personal data stored in betphil's databases — including identity documents and financial data — is encrypted at rest using AES-256 encryption.
• Access controls: Internal access to personal data is restricted on a role-based need-to-know basis. betphil employees with access to personal data are subject to confidentiality obligations and regular training on data protection responsibilities.
• Multi-factor authentication: Administrative access to betphil's core data processing systems requires multi-factor authentication.
• Regular security audits: betphil's platform and data security posture is reviewed through regular internal audits and periodic third-party penetration testing.
• Incident response protocols: betphil maintains documented data breach response procedures in accordance with NPC Circular No. 16-03 on Personal Data Breach Management.

While betphil takes all reasonable measures to protect your personal data, no transmission over the internet or electronic storage system is completely secure. betphil cannot guarantee absolute security of your data and recommends that you maintain strong, unique passwords for your betphil account and enable two-factor authentication where available.

betphil uses cookies and similar tracking technologies on the betphil platform for the following purposes:

• Strictly necessary cookies: Session management cookies required for platform authentication, security, and core functionality. These cannot be disabled without disabling platform functionality.
• Functional cookies: Cookies that remember your preferences — such as language settings, responsible gaming limits, and notification preferences — to improve your betphil experience.
• Analytics cookies: Aggregated, anonymized data about how visitors use the betphil platform, used to identify performance issues and improve the user interface. betphil does not use these cookies to track individual players across third-party websites.
• Security cookies: Tokens and fingerprinting data used by betphil's fraud detection systems to identify unauthorized account access and bot activity.

betphil does not deploy third-party advertising cookies or share your betphil usage data with social media platforms or advertising networks. You may manage or restrict cookies through your browser settings; however, disabling certain cookies may affect the functionality of the betphil platform.

betphil strictly prohibits access by persons under 21 years of age, in accordance with PAGCOR's minimum gambling age requirements for the Philippines. betphil does not knowingly collect personal data from persons under the age of 21.

If betphil discovers that personal data has been collected from a person under 21 years of age without verifiable parental consent (which betphil does not seek or accept as a basis for minor access), betphil will immediately close the account, delete the collected data to the extent permissible under applicable law, and — where fraud or misrepresentation is suspected — report the matter to PAGCOR.

Under the Philippine Data Privacy Act, you have the right to exercise the following rights with respect to your personal data held by betphil:

1. Right to be Informed: You have the right to be informed of the personal data being collected and the purposes for which it will be used — as provided in this Policy.
2. Right to Access: You may request a copy of all personal data betphil holds about you, including your account profile data, transaction history, and KYC records.
3. Right to Rectification: You may request correction of any inaccurate or incomplete personal data betphil holds about you. Some corrections (such as changes to your registered name) may require supporting documentation.
4. Right to Erasure / Right to be Forgotten: You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected and where no legal retention obligation applies. Note that betphil is required to retain certain financial and identity records under AMLC and PAGCOR regulations, which take precedence over erasure requests in those categories.
5. Right to Object: You may object to the processing of your personal data for direct marketing purposes at any time. You may also object to processing based on betphil's legitimate interests, subject to betphil's right to demonstrate compelling legitimate grounds that override your interests.
6. Right to Data Portability: You may request that betphil provide your personal data in a structured, commonly used, machine-readable format, to the extent technically feasible.
7. Right to Withdraw Consent: Where processing is based on your consent (e.g., marketing communications), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

To exercise any of these rights, contact betphil's Data Protection Officer at the contact details provided in Section 14. betphil will acknowledge your request within five (5) Philippine business days and provide a substantive response within fifteen (15) business days. Complex requests may require additional time, of which betphil will notify you with an explanation.

If you are not satisfied with betphil's response to your data rights request, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines through the NPC's official complaint procedure.

betphil's primary data processing infrastructure is located in the Philippines. In limited circumstances, certain personal data may be transferred to or processed by systems operated in other countries — for example, by game content providers, global fraud detection services, or cloud infrastructure providers with regional data centers.

Any cross-border transfer of your personal data by betphil is governed by a data transfer agreement that imposes data protection standards at least equivalent to those required under the Philippine DPA. betphil does not transfer personal data to jurisdictions that do not provide an adequate level of data protection without implementing appropriate safeguards.

In the event of a personal data breach that poses a real risk of serious harm to affected data subjects, betphil is committed to the following response process in accordance with NPC Circular No. 16-03:

1. Contain the breach and assess its nature, scope, and likely impact within the first 24–48 hours of discovery.
2. Notify the National Privacy Commission (NPC) within 72 hours of discovering a notifiable breach, providing all information known at that time.
3. Notify affected betphil members whose personal data was involved in the breach without undue delay, providing a clear description of the nature of the breach, the categories and approximate number of data subjects and records involved, the likely consequences, and the measures betphil has taken or proposes to take to address the breach.
4. Conduct a thorough post-incident review and implement remediation measures to prevent recurrence.

betphil maintains a dedicated Personal Data Breach Response Team and a documented breach response plan reviewed annually.

betphil reserves the right to update or revise this Privacy Policy at any time to reflect changes in our data practices, applicable law, PAGCOR regulatory requirements, or NPC guidance. The date of the most recent revision is displayed at the top of this page.

When material changes are made to this Policy, betphil will use reasonable efforts to notify registered members via in-platform notification or SMS to the registered mobile number. Your continued use of the betphil platform after the effective date of revised Policy constitutes your acknowledgment of the changes.

If you have any questions about this Privacy Policy, wish to exercise your data subject rights, or wish to make a complaint about betphil's data practices, you may contact betphil's Data Protection Officer through the following channel:

• Email (DPO inquiries and data rights requests): support@betphil.club — mark your message as "Data Privacy Request" or "DPO Inquiry" in the subject line.
• Live chat: Available 24/7 through the betphil platform. For data rights requests via chat, a written follow-up email is recommended to create a verifiable record.

For complaints about betphil's data protection practices that betphil's DPO has been unable to resolve to your satisfaction, you have the right to escalate your complaint to the National Privacy Commission of the Philippines through its official online complaint portal.

This Privacy Policy was last reviewed and updated in January 2026. betphil operates under PAGCOR license. All rights reserved.