ph58 Privacy Policy

ph58 ("we", "us", "our") is committed to protecting the personal data of every player who uses the ph58.asia platform. This Privacy Policy describes our practices regarding the collection, use, storage, sharing, and protection of your personal data when you access or use the ph58 Platform, including all games, account services, payment processing, customer support functions, and promotional activities.

This Policy applies to all users of the ph58 Platform, including registered account holders and visitors who browse ph58.asia without completing registration. It applies to personal data collected through the Platform's web interface, customer support channels, and any other means by which you interact with ph58.

This Policy is issued in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations (IRR), the Anti-Money Laundering Act of the Philippines (AMLA), PAGCOR's regulatory requirements regarding player data, and other applicable Philippine laws governing data privacy and protection.

For the purposes of the Data Privacy Act of 2012 (RA 10173) and its Implementing Rules and Regulations, the Data Controller responsible for your personal data is the operator of ph58.asia, operating under the PAGCOR regulatory framework.

ph58 has designated a Data Protection Officer (DPO) responsible for overseeing compliance with this Policy and with RA 10173. The DPO can be contacted through the following channel:

• Email: [email protected] — mark your message "Attention: Data Protection Officer" for direct routing to the DPO function.
• Live Chat: Available 24/7 within the ph58 Platform. For data privacy matters, identify your query as a Data Privacy request at the start of the conversation.

ph58 maintains a data processing register as required by the NPC's registration requirements for personal information controllers. Our processing activities are registered with the National Privacy Commission where required under applicable NPC issuances.

ph58 collects the following categories of personal data from players. We collect only the data that is necessary for the specific purposes described in this Policy — we do not collect personal data speculatively or unnecessarily.

ph58 collects personal data through the following methods:

Data Provided Directly by You

• Account registration form — name, date of birth, mobile number, email address.
• KYC verification submissions — government-issued identity documents uploaded for identity and age verification.
• Deposit and withdrawal requests — payment method details provided to process transactions.
• Customer support interactions — information you provide when contacting ph58 via live chat or email.
• Responsible gaming tools — deposit limits, self-exclusion preferences, and other controls you configure in Account Settings.

Data Collected Automatically

• Platform usage data — game sessions, bets placed, pages visited, features used, collected via server logs and session tracking.
• Technical data — IP address, device fingerprint, browser type, and approximate location data collected automatically when you access the Platform.
• Cookies and similar tracking technologies — as described in Section 11 of this Policy.

ph58 processes your personal data on the following legal grounds, as recognised under the Data Privacy Act of 2012 (RA 10173) and its Implementing Rules and Regulations:

• Contractual Necessity: Processing your identity, contact, financial, and gaming data is necessary to perform our obligations under the Terms and Conditions you agreed to when registering — including providing access to games, processing payments, and managing your Account.
• Legal Obligation: ph58 processes certain data — including identity verification, transaction records, and AMLA-reportable information — to comply with PAGCOR regulations, the AMLA, the Data Privacy Act, BIR tax requirements, and other applicable Philippine laws.
• Legitimate Interests: ph58 processes technical and usage data for fraud detection, security monitoring, and platform improvement where these purposes are balanced against your privacy interests.
• Consent: Where ph58 processes your data for optional purposes — such as sending you personalised promotional communications — we rely on your explicit consent, which you may withdraw at any time as described in Section 14.

ph58 uses your personal data for the following specific purposes:

• Account Management: Creating, maintaining, and securing your ph58 Account, including authentication verification and session management.
• Identity & Age Verification (KYC): Verifying that you are who you say you are and that you meet the minimum age requirement of 21 years, as mandated by PAGCOR.
• Payment Processing: Processing your deposits via GCash, Maya, BPI, BDO, Metrobank, and USDT, and processing your withdrawal requests to verified payment methods.
• Game Service Delivery: Providing access to the ph58 game library, maintaining accurate game result records, and resolving any disputes about game outcomes.
• Regulatory Compliance: Fulfilling ph58's obligations to PAGCOR, the AMLC (Anti-Money Laundering Council), the BIR, and the NPC, including mandatory transaction reporting and record-keeping.
• Fraud & Security: Detecting, investigating, and preventing fraudulent activity, account takeovers, and prohibited conduct as defined in the Terms and Conditions.
• Responsible Gaming: Monitoring for indicators of problem gambling behaviour to fulfil ph58's responsible gaming obligations, administering self-exclusion requests, and cooperating with PAGCOR's responsible gaming programme.
• Customer Support: Handling your support enquiries, resolving complaints, and providing account assistance through live chat and email.
• Platform Improvement: Analysing aggregated usage data to improve ph58's platform performance, game selection, and user experience — in a form that does not identify individual players.
• Marketing (with Consent): Sending you personalised promotions, bonus offers, and platform updates where you have provided consent. See Section 14 for opt-out details.

ph58 does not sell your personal data to third parties. We share your personal data only in the following circumstances and only to the extent necessary for each purpose:

Regulatory and Law Enforcement Authorities

• PAGCOR: Player data, transaction records, and responsible gaming information as required by our operating licence and PAGCOR's regulatory conditions.
• AMLC: Covered transaction reports and suspicious transaction reports as required under the AMLA and its implementing rules.
• BIR: Withholding tax documentation for applicable gambling winnings as required under the National Internal Revenue Code.
• NPC and other Philippine government agencies: In response to lawful orders, warrants, or regulatory requests.

Service Providers (Data Processors)

• Payment Processors: GCash, Maya, BPI, BDO, Metrobank, and USDT network providers — only the payment data necessary to process your specific transaction.
• KYC Verification Services: Identity verification technology providers engaged to assist with document verification under PAGCOR's KYC requirements.
• Game Providers: Software providers whose games are hosted on ph58 may receive anonymised session data for game integrity and dispute resolution purposes only.
• Cloud & Infrastructure Providers: Data hosting and security infrastructure providers bound by data processing agreements and equivalent data protection obligations.

All third-party data processors engaged by ph58 are bound by contractual data processing agreements that impose obligations at least equivalent to those applicable to ph58 under RA 10173.

ph58 retains personal data for as long as necessary to fulfil the purpose for which it was collected, and for as long as required by applicable Philippine law. The following retention periods apply:

Upon expiry of the applicable retention period, ph58 will securely delete or anonymise your personal data in accordance with NPC guidelines on disposal of personal data. Data that has been anonymised (i.e., cannot be re-associated with an identifiable individual) may be retained for analytical purposes beyond the retention periods above.

ph58 implements technical and organisational security measures appropriate to the sensitivity of the personal data we process and the risks presented by our processing activities. These measures include:

• Encryption in Transit: All data transmitted between your device and ph58's servers is protected by 256-bit SSL/TLS encryption. The padlock icon in your browser confirms this encrypted connection.
• Encryption at Rest: Sensitive data stored in ph58's databases is encrypted at rest. Passwords are stored as one-way cryptographic hashes — ph58 cannot retrieve your plaintext password.
• Access Controls: Access to personal data within ph58's systems is restricted to staff with a legitimate need for access, governed by role-based access controls and documented authorisation policies.
• Multi-Factor Authentication: ph58's internal systems require multi-factor authentication for staff accessing personal data. Players are encouraged to enable OTP and biometric authentication on their own accounts.
• Security Monitoring: ph58's infrastructure is monitored continuously for anomalous activity, unauthorised access attempts, and security incidents, with automated alerting to the security team.
• Third-Party Security Audits: ph58 engages independent security consultants to conduct penetration testing and vulnerability assessments on a periodic basis.

Under the Data Privacy Act of 2012 (Republic Act No. 10173), you have the following rights with respect to your personal data held by ph58. You can exercise any of these rights by contacting ph58's Data Protection Officer as described in Section 2.

• Right to Be Informed: You have the right to be informed about how ph58 collects, uses, stores, and shares your personal data — which this Privacy Policy fulfils.
• Right of Access: You have the right to obtain confirmation of whether ph58 processes your personal data, and to receive a copy of the personal data we hold about you, including information about the purposes and categories of processing.
• Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data held by ph58. For minor corrections (e.g., contact details), these can often be updated directly in Account Settings.
• Right to Erasure (Right to be Forgotten): You have the right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where you have withdrawn consent. This right is subject to exceptions where retention is required by law — including AMLA and PAGCOR requirements described in Section 8.
• Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes at any time, and to object to other processing carried out on the basis of legitimate interests where your interests override ph58's interests.
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format where processing is carried out by automated means.
• Right to Lodge a Complaint: If you believe ph58 has violated your data privacy rights, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines.

ph58 will respond to all rights requests within 30 calendar days of receipt. In complex cases, this period may be extended by a further 30 days, with notification to you explaining the reason for the extension.

ph58 uses cookies and similar technologies on the ph58.asia Platform to ensure core functionality, improve security, and (where you have consented) to personalise your experience. The following categories of cookies are used:

• Strictly Necessary Cookies: These cookies are essential for the Platform to function and cannot be disabled. They include session authentication tokens, security cookies, and load-balancing cookies. No consent is required for strictly necessary cookies.
• Functional Cookies: These cookies remember your preferences (e.g., language settings, display preferences) to improve your experience. They are activated on the basis of your consent.
• Analytical Cookies: These cookies collect anonymised data about how players use the Platform — which games are most popular, where players encounter errors, and how navigation flows — to help ph58 improve the platform. Activated on the basis of consent.

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse cookies or to alert you when cookies are being set. Note that disabling cookies beyond strictly necessary ones may affect the functionality of the ph58 Platform. Detailed instructions for managing cookies are available in your browser's help documentation.

ph58 does not knowingly collect personal data from individuals under the age of 21. The ph58 Platform is a real-money gaming service restricted to adults aged 21 and above, in compliance with PAGCOR's regulatory requirements. We implement age verification controls during registration and KYC processes specifically to prevent underage individuals from accessing the Platform.

In the event that ph58 discovers that personal data has been collected from an individual under 21 years of age, the affected Account will be suspended immediately, all associated data will be handled in accordance with our obligations under RA 10173, and the matter will be reported to PAGCOR as required under our operating licence conditions.

In the course of operating the ph58 Platform, personal data may be transferred to and processed in countries other than the Philippines — for example, where ph58's cloud infrastructure or game provider technology partners are based. Such transfers occur for legitimate operational purposes including platform hosting, payment processing infrastructure, and security monitoring.

Where such transfers occur, ph58 ensures that adequate safeguards are in place to protect your personal data at a standard equivalent to RA 10173 requirements, through one or more of the following mechanisms:

• Binding contractual clauses in data processing agreements with overseas recipients, incorporating NPC-aligned data protection obligations.
• Where the recipient country has been assessed as providing adequate data protection, reliance on that adequacy determination.
• Where required by NPC guidelines, notification to the NPC of cross-border transfer arrangements.

With your consent, ph58 may send you personalised promotional communications including bonus offers, new game announcements, VIP programme updates, and platform news, via SMS to your registered Philippine mobile number and/or email.

You may withdraw your consent to marketing communications at any time through any of the following methods:

• Account Settings — navigate to Notifications & Marketing within your ph58 Account Settings and toggle marketing communications off.
• Unsubscribe link — all marketing emails from ph58 include a one-click unsubscribe link at the bottom of the message.
• Support request — contact ph58 via live chat or email at [email protected] requesting removal from marketing lists.

ph58 will action opt-out requests within 10 business days. Withdrawal of marketing consent does not affect your ability to use the Platform, and ph58 will continue to send you essential service communications (such as deposit confirmation, withdrawal status, and security alerts) that are necessary for Account operation regardless of your marketing preferences.

ph58 reserves the right to update or amend this Privacy Policy at any time. We will notify you of material changes to this Policy in the following ways:

• For material changes — notification via SMS to your registered Philippine mobile number and/or email at least 14 days before the change takes effect.
• For minor clarifications or non-material updates — the "Last Updated" date on this Policy will be revised, and a notice will be displayed on the ph58 Platform.

Your continued use of the ph58 Platform after the effective date of any amendment constitutes your acceptance of the revised Policy. If you do not accept the revised Policy, you should cease using the Platform and contact ph58 to close your Account.

For any questions, concerns, or requests relating to this Privacy Policy or to the personal data ph58 holds about you, please contact our Data Protection Officer through the following channels:

• Email: [email protected] — subject line: "Data Privacy Request – [your registered mobile number]"
• Live Chat: 24/7 within the ph58 Platform — identify your query as a Data Privacy request at the start of the conversation.

ph58 will acknowledge privacy-related requests within 5 business days and will provide a substantive response within 30 calendar days, consistent with the timeframes prescribed by RA 10173.

If you are not satisfied with ph58's response to your privacy request, or if you believe ph58 has violated your data privacy rights, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines, the supervisory authority responsible for enforcing RA 10173.