Privacy Policy

1 Introduction

mapaladph is an online gaming platform operating in the Philippines and serving Filipino players across Metro Manila, Cebu, Davao, Quezon City, Makati, and beyond. As a platform that processes financial transactions and personal account data, we take our obligations as a Personal Information Controller (PIC) under the Data Privacy Act of 2012 with the utmost seriousness.

This Policy applies to all personal data collected through the mapaladph website, mobile application, customer support channels, and any other touchpoint through which you interact with us. It covers data collected from registered players, visitors who browse without registering, and individuals who contact our support team.

This Policy should be read alongside our Terms & Conditions and Responsible Gaming Policy, both of which form part of your overall agreement with mapaladph. If you have any questions about how we handle your data, please refer to Section 14 for our contact details and Data Protection Officer (DPO) information.

2 Personal Data We Collect

mapaladph collects only the personal data that is necessary for the purposes described in this Policy. The categories of personal data we collect include:

2.1 Registration & Identity Data

Full legal name as it appears on your government-issued ID;
Date of birth (used to verify the 21+ age requirement);
Gender;
Nationality and country of residence;
Residential address (barangay, city/municipality, province, ZIP code);
Email address and mobile number.

2.2 Identity Verification (KYC) Data

Copies of government-issued identification documents (e.g., Philippine passport, SSS/UMID card, driver's license, PhilSys national ID, PRC ID, voter's ID);
Proof of address documents (e.g., utility bills, bank statements issued within the last three months);
Source of funds documentation where required by anti-money laundering regulations;
Selfie or live photo for biometric identity verification purposes.

2.3 Financial & Transaction Data

GCash or PayMaya account details (mobile number linked to the e-wallet);
Bank account details for BPI, BDO, or Metrobank transfers (account name and number);
Deposit and withdrawal history, including amounts in Philippine Peso (₱), timestamps, and transaction reference numbers;
Bonus and promotional credit history.

2.4 Gaming Activity Data

Game session logs, including games played, bet amounts, win/loss records, and session duration;
Sports betting selections, odds accepted, and settlement outcomes;
Responsible gaming tool settings (deposit limits, session limits, self-exclusion status).

2.5 Technical & Device Data

IP address and approximate geolocation;
Device type, operating system, and browser version;
Unique device identifiers;
Login timestamps and session activity logs.

2.6 Communications Data

Records of customer support interactions via live chat, email, or other channels;
Survey responses and feedback submissions;
Marketing preference settings and communication opt-in/opt-out records.

Sensitive Personal Information: Certain data we collect — such as government ID numbers and biometric verification photos — may qualify as sensitive personal information under the Data Privacy Act of 2012. mapaladph applies heightened security and access controls to all sensitive personal information in strict compliance with the DPA.

3 How We Collect Your Data

mapaladph collects personal data through the following means:

Directly from you — when you register an account, complete KYC verification, make a deposit or withdrawal, contact customer support, or respond to a survey;
Automatically — through cookies, web beacons, and similar tracking technologies when you browse or use the mapaladph platform (see Section 7 for details);
From third-party payment processors — when you transact via GCash, PayMaya, BPI, BDO, or Metrobank, we receive transaction confirmation data from these providers;
From identity verification providers — third-party KYC and AML screening services may share verification results with us as part of our compliance obligations;
From regulatory authorities — PAGCOR, the Anti-Money Laundering Council (AMLC), and other competent Philippine authorities may share information with us in the course of regulatory oversight.

4 How We Use Your Personal Data

mapaladph uses your personal data for the following purposes:

Purpose	Data Used
Account registration and management	Registration data, identity data
Age verification (21+ compliance)	Date of birth, KYC documents
Identity verification (KYC/AML)	KYC data, financial data
Processing deposits and withdrawals	Financial data, transaction data
Providing gaming services and support	Gaming activity data, communications data
Fraud prevention and security monitoring	Technical data, transaction data, gaming data
Responsible gaming monitoring and tools	Gaming activity data, responsible gaming settings
Regulatory reporting to PAGCOR and AMLC	Identity data, financial data, gaming data
Marketing communications (with consent)	Contact data, marketing preferences
Platform improvement and analytics	Technical data, gaming activity data (anonymized)
Customer support and dispute resolution	Communications data, account data

mapaladph will not use your personal data for any purpose that is incompatible with the purposes listed above without first obtaining your explicit consent or as otherwise required by applicable Philippine law.

5 Legal Basis for Processing

Under the Data Privacy Act of 2012, mapaladph processes your personal data on the following legal bases:

Contractual necessity — processing is required to perform our obligations under the Terms & Conditions you agreed to upon registration, including account management, payment processing, and game provision;
Legal obligation — processing is necessary to comply with applicable Philippine laws, including PAGCOR licensing requirements, the Anti-Money Laundering Act (RA 9160), and the Data Privacy Act of 2012;
Legitimate interests — processing is necessary for our legitimate business interests, including fraud prevention, platform security, and responsible gaming monitoring, provided these interests are not overridden by your rights and freedoms;
Consent — for marketing communications and non-essential cookies, we rely on your freely given, specific, and informed consent, which you may withdraw at any time.

6 Data Sharing & Disclosure

mapaladph does not sell, rent, or trade your personal data to third parties for their own marketing purposes. We share your data only in the following circumstances and only to the extent necessary:

6.1 Service Providers (Personal Information Processors)

We engage trusted third-party service providers who process personal data on our behalf under strict data processing agreements. These include payment processors (GCash, PayMaya, BPI, BDO, Metrobank), KYC and identity verification providers, cloud hosting and infrastructure providers, customer support platform providers, and fraud detection and cybersecurity services. All processors are contractually bound to handle your data in accordance with the DPA and our instructions.

6.2 Regulatory and Law Enforcement Authorities

mapaladph is required by Philippine law to disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other competent authorities when required by law, court order, or regulatory directive. We will notify you of such disclosures where legally permitted to do so.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of all or substantially all of mapaladph's assets, your personal data may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on the platform prior to any such transfer and will ensure the receiving entity is bound by privacy obligations no less protective than those in this Policy.

⚠️ No Cross-Border Transfers Without Safeguards: mapaladph does not transfer your personal data outside the Philippines unless adequate data protection safeguards are in place, consistent with the requirements of the Data Privacy Act of 2012 and the National Privacy Commission's guidelines on cross-border data transfers.

7 Cookies & Tracking Technologies

mapaladph uses cookies and similar tracking technologies to operate and improve the platform. Cookies are small text files stored on your device when you visit our website. We use the following types of cookies:

Strictly Necessary Cookies: Essential for the platform to function. These include session authentication cookies, security tokens, and load-balancing cookies. These cannot be disabled without affecting platform functionality.
Functional Cookies: Remember your preferences such as language settings, responsible gaming tool configurations, and display preferences to provide a more personalized experience.
Analytics Cookies: Help us understand how players use the mapaladph platform — which pages are visited most, how long sessions last, and where users encounter difficulties. This data is aggregated and anonymized.
Marketing Cookies: Used to deliver relevant promotional content about mapaladph games and offers. These are only activated with your explicit consent.

You can manage your cookie preferences through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of the mapaladph platform. For marketing cookies, you may also update your preferences through your account settings.

8 Data Retention

mapaladph retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable Philippine law. Our standard retention periods are as follows:

Data Category	Retention Period	Basis
Account registration data	Duration of account + 5 years after closure	Legal obligation / PAGCOR requirements
KYC / identity verification documents	Duration of account + 5 years after closure	Anti-Money Laundering Act (RA 9160)
Financial transaction records	5 years from transaction date	Anti-Money Laundering Act (RA 9160)
Gaming activity logs	3 years from session date	PAGCOR licensing / dispute resolution
Customer support records	3 years from last interaction	Legitimate interests / dispute resolution
Marketing consent records	Until consent is withdrawn + 1 year	Consent / legal obligation
Technical / device logs	12 months from collection	Security / fraud prevention

Upon expiry of the applicable retention period, mapaladph will securely delete or anonymize your personal data in accordance with our data disposal procedures. Where anonymization is not technically feasible, data will be securely destroyed.

9 Data Security

mapaladph implements comprehensive technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, loss, or destruction. Our security framework includes:

Encryption: All data transmitted between your device and the mapaladph platform is encrypted using industry-standard TLS (Transport Layer Security) protocols. Sensitive data at rest — including financial records and KYC documents — is encrypted using AES-256 encryption;
Access Controls: Access to personal data is restricted on a strict need-to-know basis. All mapaladph staff with access to personal data undergo background checks and regular data privacy training;
Two-Factor Authentication (2FA): mapaladph supports and strongly encourages 2FA on all player accounts to prevent unauthorized access;
Penetration Testing: Our platform undergoes regular third-party security audits and penetration testing to identify and remediate vulnerabilities;
Incident Response: mapaladph maintains a documented data breach response plan. In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the National Privacy Commission (NPC) within 72 hours and affected players without undue delay, as required by the DPA.

                Your Role in Security: While mapaladph takes every reasonable measure to protect your data, you also play an important role. Keep your mapaladph account password strong and unique, enable 2FA, and never share your login credentials with anyone. If you suspect unauthorized access to your account, contact our support team immediately.
              

10 Your Data Privacy Rights

Under the Data Privacy Act of 2012, you have the following rights with respect to your personal data held by mapaladph. To exercise any of these rights, please contact our Data Protection Officer using the details in Section 14.

👁️

Right to Be Informed

You have the right to be informed about how your personal data is collected, used, and processed — which is the primary purpose of this Privacy Policy.

📂

Right to Access

You may request a copy of the personal data mapaladph holds about you, along with information about how it is being processed.

✏️

Right to Rectification

If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated.

🗑️

Right to Erasure

You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal retention obligations.

🚫

Right to Object

You may object to the processing of your personal data for direct marketing purposes or where processing is based on our legitimate interests.

📦

Right to Data Portability

You may request a copy of your personal data in a structured, commonly used, machine-readable format for transfer to another service provider.

⏸️

Right to Restriction

You may request that we restrict the processing of your personal data in certain circumstances, such as while a rectification request is being assessed.

⚖️

Right to Lodge a Complaint

If you believe mapaladph has violated your data privacy rights, you may file a complaint with the National Privacy Commission (NPC) of the Philippines.

mapaladph will respond to all verified data privacy rights requests within fifteen (15) business days of receipt. We may request proof of identity before processing your request to ensure we do not disclose data to unauthorized parties.

11 Children's Privacy

🔞 Strict 21+ Policy: The mapaladph platform is strictly intended for adults aged 21 years and above, in compliance with Philippine gaming regulations. We do not knowingly collect personal data from individuals under the age of 21. If we discover that a person under 21 has registered an account or provided personal data, we will immediately suspend the account, delete all associated personal data, and report the incident to PAGCOR as required.

If you are a parent or guardian and believe that a minor under your care has accessed or registered on the mapaladph platform, please contact our Data Protection Officer immediately using the contact details in Section 14. We will take prompt action to investigate and remediate the situation.

12 Third-Party Services & Links

The mapaladph platform may contain references to third-party services such as payment gateways (GCash, PayMaya, BPI, BDO, Metrobank) and game content providers. When you interact with these third-party services, their own privacy policies and data practices apply. mapaladph is not responsible for the privacy practices of third-party service providers beyond the scope of our data processing agreements with them.

We encourage you to review the privacy policies of any third-party services you use in connection with your mapaladph account. Our data processing agreements with all third-party processors require them to implement data protection standards consistent with the Data Privacy Act of 2012.

13 Changes to This Privacy Policy

mapaladph reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data practices, applicable Philippine law, or PAGCOR regulatory requirements. When material changes are made, we will notify registered players via email and/or a prominent notice on the mapaladph platform at least seven (7) days before the changes take effect.

The "Last Updated" date at the top of this Policy will always reflect the date of the most recent revision. We encourage you to review this Policy periodically to stay informed about how mapaladph protects your personal data. Your continued use of the platform after the effective date of any revised Policy constitutes your acceptance of the updated terms.

14 Contact Us & Data Protection Officer

mapaladph has appointed a Data Protection Officer (DPO) in compliance with the Data Privacy Act of 2012 and the National Privacy Commission's guidelines. If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please contact us through the following channels:

📧 Data Privacy Inquiries: [email protected]
📧 General Support: [email protected]
💬 Live Chat: Available 24/7 directly on the mapaladph platform.
🌐 Mailing Address: Data Protection Officer, mapaladph, Metro Manila, Philippines.
🕐 Response Time: Within 15 business days for data privacy requests.

If you are not satisfied with our response to your data privacy concern, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines, which is the supervisory authority responsible for enforcing the Data Privacy Act of 2012.

For responsible gaming concerns, self-exclusion requests, or account restriction inquiries, please visit our Responsible Gaming page or contact our support team directly.

📋 Table of Contents