Your privacy matters to php22. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the php22 platform — in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and applicable PAGCOR requirements.
All data transmitted between your device and the php22 platform is encrypted using TLS 1.3 with 256-bit AES encryption. Your personal details, financial transactions, and account credentials are protected in transit and at rest — the same standard used by major Philippine banks.
php22 processes personal data in accordance with Republic Act 10173, the Philippine Data Privacy Act of 2012, and its Implementing Rules and Regulations. Our Data Protection Officer (DPO) oversees all data processing activities and is the point of contact for data subject requests.
As a php22 player, you have the right to access, correct, delete, and port your personal data. You may withdraw consent for non-essential processing at any time. Data subject requests are handled within 15 business days as required under RA 10173.
php22 does not sell, rent, or trade your personal data to any third party for commercial marketing purposes. Data is shared only with service providers necessary to operate the Platform (e.g., GCash payment processing, game providers) and with regulators as legally required.
php22 collects only the personal data that is necessary for the stated purpose. We do not collect excessive data. KYC information is collected solely to comply with PAGCOR licensing requirements and Philippine anti-money laundering law — not for marketing profiling.
In the unlikely event of a personal data breach, php22 will notify the National Privacy Commission (NPC) within 72 hours of becoming aware of the breach, and affected Players within a reasonable period, as required under RA 10173 and NPC Circular 16-03.
This Privacy Policy ("Policy") describes how php22 ("php22," "we," "us," or "our") — the operator of the online gaming platform at php22.org — collects, uses, stores, discloses, and protects personal information provided by users ("Players," "you," or "your") of the php22 platform and associated services.
php22 is committed to protecting the privacy and security of all personal data it processes. This Policy is issued in accordance with Republic Act No. 10173, the Philippine Data Privacy Act of 2012 ("DPA"), its Implementing Rules and Regulations ("IRR"), and the regulations of the National Privacy Commission ("NPC"). It should be read together with the php22 Terms & Conditions.
By registering an account with php22, you consent to the collection and processing of your personal data as described in this Policy. If you do not agree with this Policy, you must not use the php22 platform.
The data controller responsible for your personal information is the licensed operator of php22, operating under a valid PAGCOR (Philippine Amusement and Gaming Corporation) licence. For data privacy enquiries, the designated Data Protection Officer (DPO) can be reached at:
Email: [email protected] (subject line: Data Privacy Request)
Hours: Monday to Friday, 9:00 AM – 6:00 PM (Philippine Standard Time)
All data subject requests — including requests to access, correct, delete, or port personal data — must be directed to the DPO. php22 will acknowledge receipt within 3 business days and respond within 15 business days as required under the DPA.
php22 collects the following categories of personal data, depending on how you use the Platform:
| Category | Examples | Purpose |
|---|---|---|
| Identity Data | Full legal name, date of birth, nationality | Account registration, KYC, age verification |
| Contact Data | Mobile number, email address | Account communication, OTP, support |
| KYC / ID Data | Government-issued ID (SSS, PhilSys, UMID, passport, driver's licence), selfie | PAGCOR compliance, AML obligations |
| Financial Data | GCash number, Maya number, bank account details (masked), transaction history | Deposits, withdrawals, fraud prevention |
| Gaming Data | Game history, bet amounts, win/loss records, session durations | Service provision, responsible gaming, AML monitoring |
| Technical Data | IP address, device type, browser, operating system, session logs | Security, fraud detection, platform optimisation |
| Usage Data | Pages visited, features used, time on site | Product improvement, personalisation |
| Communications Data | Live chat logs, support emails, feedback forms | Customer support, quality assurance |
php22 does not collect sensitive personal information (as defined in Section 3(l) of RA 10173) — such as racial origin, political affiliations, health data, or religious beliefs — except where explicitly required by PAGCOR regulations or applicable law.
php22 collects personal data through the following means:
php22 processes your personal data on the following legal bases as specified under the DPA:
php22 does not sell personal data. We share personal data only in the following circumstances:
Some of php22's service providers (e.g., cloud infrastructure, game software providers) may be located outside the Philippines. Where personal data is transferred internationally, php22 ensures that such transfers are subject to appropriate safeguards — including contractual clauses approved by the NPC or equivalent standards — to maintain a level of data protection equivalent to that provided under RA 10173.
php22 will not transfer personal data to any jurisdiction that does not provide an adequate level of protection without implementing the appropriate safeguards required under the DPA and its IRR.
php22 retains personal data for as long as necessary to fulfil the purposes set out in this Policy, unless a longer retention period is required or permitted by law. Specific retention periods are as follows:
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised. Anonymised aggregate data (from which individuals cannot be identified) may be retained indefinitely for analytics purposes.
php22 uses cookies and similar technologies (web beacons, pixel tags, local storage) to operate the Platform, remember your preferences, and analyse usage. The following categories of cookies are used:
You may manage cookie preferences through your browser settings. Note that disabling strictly necessary cookies will prevent you from accessing authenticated areas of the Platform.
Under RA 10173, you have the following rights regarding your personal data held by php22:
To exercise any of these rights, contact the php22 DPO at [email protected] with the subject line "Data Privacy Request" and your registered mobile number or email for identity verification. php22 will not charge a fee for data subject requests unless they are manifestly unfounded or excessive.
The php22 Platform is strictly for adults aged 21 years and above, in compliance with PAGCOR regulations. php22 does not knowingly collect personal data from persons under 21. If you are under 21, you are prohibited from using php22 and must not submit any personal information.
If php22 becomes aware that personal data has been collected from a person under 21, that Account will be closed immediately and all personal data will be deleted without undue delay. If you believe a minor may have registered on php22, please contact support at [email protected] immediately.
php22 implements appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. Key measures include:
While php22 implements industry-standard security measures, no system is completely impenetrable. Players are encouraged to use strong, unique passwords for their php22 accounts and to enable two-factor authentication (2FA) in Account settings to reduce the risk of unauthorised access.
The php22 Platform may contain references to third-party services (e.g., GCash, Maya payment screens) that are operated by separate entities with their own privacy policies. php22 is not responsible for the privacy practices of third-party services. When you are redirected to a third-party service (e.g., to complete a GCash payment), their privacy policy governs the processing of any data you provide on their platform.
php22 reserves the right to amend this Privacy Policy at any time to reflect changes in law, regulatory requirements, or Platform operations. Material changes will be communicated to Players via email to the registered address or via a prominent notice on the Platform at least 7 days before the changes take effect, except where immediate amendment is required by law.
The date of the most recent revision is indicated at the top of this Policy. Continued use of the php22 Platform after the effective date of any amendment constitutes acceptance of the revised Policy. We encourage Players to review this Policy periodically.
For any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data, please contact the php22 Data Protection Officer:
Email: [email protected] (Subject: Data Privacy Request)
Support Hours: Daily, 8:00 AM – 12:00 MN (Philippine Standard Time)
You also have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines if you are unsatisfied with how php22 has handled your personal data. The NPC can be reached at their official government website.
This Privacy Policy was last reviewed and updated in June 2026. The current version is always available at php22.org/privacy-policy. php22 is committed to protecting your data and upholding your rights under Philippine data privacy law.
Your data is protected. Your games are certified. Your funds are secure. Join half a million Filipino players at php22 — the PAGCOR-regulated choice.
21+ only. PAGCOR regulated. Play responsibly. Gambling involves risk.