php33 Privacy Policy —
Your Data. Your Rights. Our Obligation.

This Privacy Policy ("Policy") is issued by php33 ("php33," "the Platform," "we," "us," "our") and applies to all individuals who access, register with, or use the php33 Casino platform at https://php33.club, including registered players, prospective players, and general visitors ("you," "Data Subject"). This Policy explains how php33 handles personal data in its capacity as a Personal Information Controller under Republic Act No. 10173 (the "Data Privacy Act of 2012" or "DPA") and its Implementing Rules and Regulations. By using the php33 platform, you acknowledge that you have read and understood this Privacy Policy. This Policy should be read alongside php33's Terms and Conditions, available at https://php33.club/terms-conditions.

1.1 Data Controller. php33 acts as the Personal Information Controller ("PIC") as defined under the Data Privacy Act of 2012. As PIC, php33 determines the purposes and means of processing the personal data of its players and platform visitors.

1.2 Scope. This Policy applies to all personal data collected, used, stored, disclosed, or otherwise processed by php33 in connection with the operation of the php33 Casino platform. This includes data collected through account registration, the KYC identity verification process, payment transactions, gameplay activity, customer support interactions, and website analytics.

1.3 Regulatory Framework. php33's data practices comply with:

• Republic Act No. 10173 — Data Privacy Act of 2012 (Philippines);
• National Privacy Commission (NPC) Circulars and Advisories;
• PAGCOR data governance requirements applicable to licensed gaming operators;
• Republic Act No. 9160 as amended (Anti-Money Laundering Act), which imposes specific data retention obligations on financial and gaming institutions.

php33 collects only the personal data that is necessary for the purposes described in this Policy. The following categories of data are collected from or about you:

php33 does not collect sensitive personal information as defined in Section 3(l) of the DPA (such as health information, political opinions, religious beliefs, or genetic data) except where specifically required by PAGCOR's responsible gaming framework — for example, in connection with processing self-exclusion requests or problem gambling support referrals.

php33 collects personal data through the following channels:

3.1 Direct Collection. Data you provide directly to php33 through the account registration process, KYC document submission, deposit and withdrawal forms, customer support interactions, promotional registration forms, and any written communications sent to php33.

3.2 Automated Collection. Data collected automatically when you access the php33 platform, including IP addresses, device identifiers, browser information, session data, and gameplay logs. This data is collected through server logs, cookies, and similar tracking technologies (see Section 7).

3.3 Third-Party Collection. php33 may receive data about you from the following third-party sources:

• Payment service providers (such as GCash, Maya, BPI, BDO, and other Philippine banks) for the purpose of verifying payment transactions;
• Identity verification service providers engaged by php33 to assist with KYC compliance;
• Fraud detection and anti-money laundering screening services;
• PAGCOR and other regulatory bodies, in connection with licensing compliance and responsible gaming enforcement.

Under the Philippine Data Privacy Act of 2012, php33 is required to have a lawful basis for each instance of personal data processing. php33 relies on the following lawful bases:

• Contractual Necessity: Processing required to enter into and perform the contract between you and php33, including account registration, game access, payment processing, and customer support. Without this processing, php33 cannot provide its Services to you.
• Legal Obligation: Processing required to comply with php33's obligations under applicable Philippine law, including PAGCOR licensing requirements, the Anti-Money Laundering Act (RA 9160 as amended), and tax reporting obligations.
• Legitimate Interests: Processing conducted in pursuit of php33's legitimate business interests — specifically, fraud prevention, platform security monitoring, abuse detection, and service improvement — where such interests are not overridden by your privacy rights.
• Consent: Processing of data for direct marketing and optional personalization features, where php33 relies on your explicit opt-in consent. Consent may be withdrawn at any time without affecting the lawfulness of processing conducted prior to withdrawal.

php33 processes your personal data exclusively for the following purposes:

1. Account Management: Creating, maintaining, verifying, and administering your php33 player account, including login authentication and account security;
2. KYC and Age Verification: Verifying your identity and confirming you are 21 years of age or older, as required by PAGCOR and Philippine law;
3. Payment Processing: Processing deposits and withdrawals through GCash, Maya, Philippine banks, and other accepted payment methods; maintaining transaction records;
4. Service Delivery: Providing access to all php33 gaming services including live casino, slots, sports betting, e-sabong, bingo, and promotional offers;
5. Regulatory Compliance: Fulfilling obligations under PAGCOR licensing, the Anti-Money Laundering Act, the Data Privacy Act, and all other applicable Philippine regulatory frameworks;
6. Responsible Gaming: Monitoring gaming activity patterns to identify potential problem gambling indicators; administering self-exclusion, deposit limits, and cooling-off tools; complying with PAGCOR's responsible gaming framework;
7. Fraud Prevention and Security: Detecting, investigating, and preventing fraudulent activity, unauthorized account access, bonus abuse, money laundering, and other prohibited activities;
8. Customer Support: Responding to inquiries, resolving disputes, managing complaints, and providing technical assistance;
9. Platform Analytics: Analyzing platform usage to improve user experience, optimize performance, and develop new features;
10. Marketing Communications: Sending promotional offers, bonus notifications, and platform updates to players who have provided consent to receive such communications.

6.1 No Sale of Personal Data. php33 does not sell, rent, or trade your personal data to any third party for commercial purposes under any circumstances.

6.2 Authorized Third-Party Sharing. php33 may share your personal data with the following categories of recipients where necessary and permitted under applicable law:

• Payment Processors: GCash, Maya, BPI, BDO, Metrobank, UnionBank, and other Philippine payment service providers, for the purposes of processing deposits and withdrawals;
• Game Providers: Licensed game technology providers (such as PG Soft, Pragmatic Play, JDB, Jili) who supply game software — limited to data strictly required for game delivery and RNG certification;
• KYC and Compliance Providers: Identity verification and AML screening service providers engaged under strict data processing agreements;
• Technology Service Providers: Hosting, cloud infrastructure, and cybersecurity vendors bound by confidentiality obligations and data processing agreements;
• Regulatory Authorities: PAGCOR, the National Privacy Commission, the Anti-Money Laundering Council (AMLC), and other Philippine government authorities, where disclosure is required by law, court order, or regulatory obligation.

6.3 Data Processing Agreements. All third-party service providers who process personal data on behalf of php33 are required to enter into data processing agreements that mandate appropriate technical and organizational security measures and restrict the use of data to the purposes for which it was shared.

7.1 Use of Cookies. php33 uses cookies and similar tracking technologies (including session storage and local storage) to operate, secure, and improve the platform. Cookies are small text files stored on your device when you visit php33.club.

7.2 Types of Cookies Used:

7.3 Managing Cookies. You can manage and delete cookies through your browser settings. Note that disabling strictly necessary cookies will prevent you from logging in to your php33 account and using the platform's Services. Instructions for managing cookies are available in the help documentation of your browser (Chrome, Safari, Firefox, Edge).

php33 implements industry-standard technical and organizational measures to protect your personal data against unauthorized access, accidental loss, destruction, alteration, or disclosure. These measures include:

• Transport Encryption: All data transmitted between your device and the php33 platform is encrypted using TLS 1.2 or higher (256-bit SSL), enforced across all pages including login, payment, and account management;
• Data-at-Rest Encryption: Personal data stored in php33 databases is encrypted at rest using AES-256 encryption;
• Access Controls: Internal access to player personal data is restricted to authorized personnel on a strict need-to-know basis, governed by role-based access control policies;
• Password Hashing: Account passwords are never stored in plaintext — they are stored as cryptographic hashes using modern hashing algorithms;
• Security Monitoring: Continuous automated monitoring of platform activity for anomalous patterns, unauthorized access attempts, and security incidents;
• Regular Security Audits: php33 conducts periodic security assessments and penetration testing to identify and remediate vulnerabilities;
• Staff Training: All php33 employees who handle personal data receive regular training on data privacy obligations under RA 10173 and php33's internal data handling policies.

8.1 Data Breach Response. In the event of a personal data breach that creates a real risk of serious harm to Data Subjects, php33 will notify the National Privacy Commission within seventy-two (72) hours of becoming aware of the breach, and will notify affected Data Subjects within a reasonable period thereafter, in accordance with NPC Circular 16-03.

php33 retains personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable Philippine law. The following retention schedule applies:

Upon expiry of the applicable retention period, php33 will securely delete or anonymize your personal data in a manner that prevents its recovery and reconstruction. Where legal obligations require retention beyond the standard periods above, data will be retained for the legally required period only.

Under the Data Privacy Act of 2012, as a Data Subject you have the following rights with respect to your personal data held by php33:

Exercising Your Rights. To exercise any of the rights described above, submit a written request to php33's Data Privacy Officer at the contact details in Section 16. php33 will respond to all valid Data Subject requests within fifteen (15) business days of receipt. We may need to verify your identity before processing any request to ensure your data is not disclosed to or modified by unauthorized persons.

Where we are unable to comply with a Data Subject request — for example, due to a mandatory legal retention obligation — we will inform you of the reason and of your right to escalate the matter to the National Privacy Commission.

11.1 Consent-Based Marketing. php33 sends promotional emails, SMS notifications, and in-platform messages about bonuses, new games, and special offers only to players who have given explicit consent to receive such communications during registration or through their Account notification settings.

11.2 Opt-Out. You may withdraw your consent to receive marketing communications at any time by:

• Updating your notification preferences in your php33 Account settings;
• Using the unsubscribe link included in every marketing email;
• Contacting php33 Customer Support or the Data Privacy Officer (see Section 16) with an opt-out request.

Opt-out requests for email and SMS marketing will be processed within five (5) business days. Withdrawing marketing consent does not affect the processing of operational communications, which include account notifications, security alerts, deposit confirmations, and withdrawal updates — these are sent on the basis of contractual necessity, not consent, and cannot be opted out while your Account remains active.

11.3 No Profiling for Third-Party Marketing. php33 does not use your personal data to create profiles for the purpose of selling advertising or marketing services to third parties. Personalization of the php33 platform experience (such as displaying games you frequently play) is conducted solely within the php33 platform using your gameplay data, on the basis of legitimate interests, and is not shared externally.

php33 enforces the 21+ age requirement through mandatory KYC identity verification, which requires submission of a valid Philippine government-issued identification document confirming the applicant's date of birth. KYC verification must be completed before any withdrawal is processed. php33 reserves the right to request age verification at any stage of the account lifecycle where it has reasonable grounds to question compliance with the minimum age requirement.

In the course of providing its Services, php33 may transfer personal data to service providers and technology partners located outside the Philippines, including game software providers and cloud infrastructure vendors. Any cross-border transfer of personal data by php33 is conducted only where:

• The recipient country is recognized by the National Privacy Commission as providing adequate data protection; or
• The transfer is subject to a Data Sharing Agreement or data processing contract that incorporates safeguards equivalent to those required under the Philippine Data Privacy Act; or
• The transfer is required by applicable law, court order, or regulatory obligation.

php33 ensures that all international data transfers are documented and governed by appropriate contractual protections, and that recipient organizations are bound by obligations no less protective than those applicable to php33 under Philippine law.

The php33 platform may contain references to third-party services such as payment processors and game providers. When you interact with third-party payment services (for example, when completing a GCash or Maya transaction), you are subject to the privacy policies of those third-party providers. php33 is not responsible for the privacy practices of third-party services that operate independently of the php33 platform.

php33 does not embed third-party social media widgets, third-party advertising networks, or third-party tracking scripts on the php33 platform that would share your behavioral data with external parties without your knowledge. All analytics conducted by php33 is first-party analytics using data processed by php33 directly.

15.1 Right to Update. php33 reserves the right to modify this Privacy Policy at any time to reflect changes in applicable Philippine law, NPC guidance, PAGCOR requirements, or php33's data processing practices.

15.2 Notice of Material Changes. Where changes to this Policy are material — that is, where they affect your rights as a Data Subject or significantly change how php33 uses your personal data — php33 will provide at least fourteen (14) days' notice before the changes take effect, by way of email notification to your registered address and/or prominent notice on the php33 platform.

15.3 Continued Use. Your continued use of the php33 platform after the effective date of any Policy amendment constitutes your acknowledgment of the updated Policy. If you do not accept the revised Policy, you may close your Account in accordance with php33's Terms and Conditions.

The current version of this Privacy Policy is always available at https://php33.club/privacy-policy. The "Last Updated" date at the beginning of this document indicates the most recent revision.

In compliance with Section 21 of the Data Privacy Act of 2012 and NPC Circular 17-01, php33 has designated a Data Privacy Officer ("DPO") who is responsible for overseeing compliance with this Policy and applicable data protection law, and who serves as the primary point of contact for Data Subject rights requests and privacy inquiries.

Data Privacy Officer and General Privacy Inquiries:

• Email (plain text — not a link): [email protected]
• Subject Line: "Privacy Inquiry — [Your Account Username]" for faster routing
• Live Chat: Available 24/7 through the php33 platform
• Platform: https://php33.club

php33 will acknowledge all Privacy-related inquiries within forty-eight (48) hours and provide substantive responses to Data Subject requests within fifteen (15) business days of receipt and identity verification.

National Privacy Commission (NPC): If you believe that php33 has violated your rights as a Data Subject under RA 10173 and your complaint has not been satisfactorily resolved through php33's internal process, you have the right to file a complaint with the National Privacy Commission of the Philippines through the NPC's official channels.