Privacy Policy – ph2221 Casino Philippines Data Use

1 Introduction

This Privacy Policy ("Policy") describes how ph2221 ("ph2221," "we," "us," or "our") collects, uses, stores, shares, and protects the personal information of individuals ("you," "Data Subject," or "Player") who access or use the ph2221 online casino and sports betting platform at ph2221.club and any associated services (collectively, the "Platform").

This Policy is issued in accordance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 of the Philippines ("DPA"), and its Implementing Rules and Regulations, as well as the applicable regulations of the National Privacy Commission ("NPC"). By registering for or using the ph2221 Platform, you acknowledge that you have read and understood this Policy and consent to the processing of your personal data as described herein.

This Policy should be read in conjunction with ph2221's Terms and Conditions, which are available at ph2221.club/terms-conditions.

ph2221 is committed to plain-language communication. Where legal terminology is unavoidable, we have included explanatory notes throughout this Policy. If anything is unclear, contact our live support team 24/7 for clarification.

2 Data Controller

For the purposes of the DPA and this Policy, ph2221 is the Personal Information Controller ("PIC") in respect of the personal data collected through the Platform. As PIC, ph2221 determines the purposes and means by which your personal data is processed and is responsible for ensuring that such processing is lawful and conducted in accordance with this Policy and applicable Philippine data protection law.

Where ph2221 engages third-party service providers to process personal data on our behalf — such as payment processors, game providers, or hosting services — those providers act as Personal Information Processors ("PIPs") and are contractually bound to process data only in accordance with ph2221's instructions and this Policy.

ph2221 has designated a Data Protection Officer ("DPO") responsible for overseeing compliance with data protection obligations. Contact details for the DPO are set out in Section 15 of this Policy.

3 Personal Data We Collect

ph2221 collects the following categories of personal data in connection with your use of the Platform:

3.1 Registration and Identity Data

Full legal name as it appears on a government-issued identification document;
Date of birth (for age verification — you must be 21 or older to use the Platform);
Residential address, city, and province (Philippines);
Email address and mobile number;
Username chosen at registration.

3.2 Identity Verification (KYC) Data

Copies of government-issued photo identification (e.g., PhilSys ID, passport, driver's license, SSS/GSIS ID, Voter's ID);
Proof of address documents where required;
Selfie or facial photograph for biometric identity confirmation where required by regulatory guidelines.

3.3 Financial Data

GCash mobile number or PayMaya account identifier linked to deposits and withdrawals;
Bank account details (account name, account number, bank name) for bank transfer transactions;
Transaction history including deposit amounts, dates, withdrawal requests, and payment statuses.

3.4 Gaming and Account Activity Data

Game session history including games played, wager amounts, outcomes, and session durations;
Bonus activity, rollover progress, and promotional participation history;
Account login timestamps, device type, and browser information;
Communication history with ph2221 customer support.

3.5 Technical and Usage Data

IP address and approximate geolocation derived from IP;
Device identifiers, operating system, and browser type;
Pages visited within the Platform, navigation paths, and feature usage patterns;
Cookie identifiers and session tokens (see Section 8).

ph2221 does not collect sensitive personal information as defined under Section 3(l) of the DPA — such as health data, political opinions, or religious beliefs — except where explicitly required by regulatory or legal obligation.

4 How We Collect Personal Data

ph2221 collects personal data through the following channels:

Directly from you — during account registration, KYC document submission, deposit and withdrawal requests, and communications with our support team;
Automatically — through cookies, server logs, and analytics tools when you browse or interact with the Platform (see Section 8);
From payment providers — transaction confirmation data received from GCash, PayMaya, BPI, BDO, Metrobank, and other payment service providers when you make a deposit or withdrawal;
From game providers — session outcome data received from licensed third-party game studios whose games are hosted on the ph2221 Platform;
From identity verification services — where ph2221 uses a third-party KYC provider to assist with document verification, that provider may return verification outcome data to ph2221.

5 Legal Basis for Processing

Under the DPA, ph2221 must have a lawful basis for processing your personal data. ph2221 relies on the following legal bases:

Processing Purpose	Legal Basis
Account registration and management	Performance of contract (Section 12[b] DPA)
Processing deposits and withdrawals	Performance of contract (Section 12[b] DPA)
Identity verification (KYC/AML)	Legal obligation (Section 12[c] DPA)
PAGCOR regulatory reporting	Legal obligation (Section 12[c] DPA)
Fraud prevention and security	Legitimate interest (Section 12[f] DPA)
Responsible gaming monitoring	Legitimate interest / Legal obligation
Marketing communications	Consent (Section 12[a] DPA)
Platform analytics and improvement	Legitimate interest (Section 12[f] DPA)

6 How We Use Your Personal Data

ph2221 processes your personal data for the following specific purposes:

6.1 Account Operations

To create and maintain your ph2221 account, authenticate your identity at login, administer your wallet balance, process deposits and withdrawals, and manage your account settings and preferences.

6.2 Regulatory Compliance

To fulfill our obligations under applicable PAGCOR licensing conditions, the Anti-Money Laundering Act (AMLA) of the Philippines, and other applicable Philippine laws — including conducting customer due diligence and reporting suspicious transactions to the Anti-Money Laundering Council (AMLC) where legally required.

6.3 Responsible Gaming

To monitor gaming activity for indicators of problem gambling behavior, administer responsible gaming tools requested by players (deposit limits, self-exclusion), and comply with PAGCOR responsible gaming requirements.

6.4 Customer Support

To respond to your queries, complaints, and requests via live chat and email, and to maintain records of our support interactions for quality assurance and dispute resolution purposes.

6.5 Security and Fraud Prevention

To detect, investigate, and prevent fraudulent activity, unauthorized account access, bonus abuse, collusion, money laundering, and other prohibited conduct on the Platform.

6.6 Marketing (With Consent)

Where you have opted in, to send you promotional offers, bonus notifications, game announcements, and other marketing communications by email or SMS. You may withdraw this consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

6.7 Platform Improvement

To analyze aggregate usage patterns, game preferences, and Platform performance data for the purpose of improving the ph2221 user experience, fixing technical issues, and developing new features.

7 Data Sharing & Disclosure

ph2221 does not sell, rent, or trade your personal data. We share personal data only in the following limited circumstances:

Payment Service Providers: GCash, PayMaya, BPI, BDO, Metrobank, and other payment processors receive the minimum personal data necessary to process your deposit or withdrawal transaction. These providers are bound by their own data protection obligations under Philippine law.
Game Providers: Licensed third-party game studios (e.g., JILI, PG Soft, Evolution Gaming, Pragmatic Play) receive a session token and anonymized player identifier to enable game play. Game providers do not receive your name, contact details, or financial information.
KYC / Identity Verification Services: Where ph2221 uses a third-party provider for document verification, identity data submitted for KYC is processed by that provider under a data processing agreement with ph2221.
Regulatory and Law Enforcement Authorities: ph2221 will disclose personal data to PAGCOR, AMLC, the NPC, or other competent Philippine authorities where legally required to do so, including pursuant to a valid court order or regulatory direction.
Professional Advisers: Legal, accounting, and audit firms engaged by ph2221 may have limited access to personal data in the course of providing professional services, subject to confidentiality obligations.
Business Transfers: In the event of a merger, acquisition, or sale of all or part of ph2221's business, personal data may be transferred to the acquiring entity, subject to notice to affected players and continuation of the protections in this Policy.

ph2221 will never share your personal data with third-party advertisers or data brokers for their own marketing purposes. If you receive unsolicited communications claiming to be from ph2221 that request personal information, please contact us immediately — it may be a phishing attempt.

8 Cookies & Tracking Technologies

ph2221 uses cookies and similar tracking technologies (collectively, "Cookies") on the Platform. Cookies are small text files placed on your device by your browser when you visit the Platform. They serve several functions:

8.1 Essential Cookies

These Cookies are strictly necessary for the Platform to function. They maintain your login session, remember your account preferences, and enable core features such as game loading and wallet operations. These Cookies cannot be disabled without rendering the Platform non-functional.

8.2 Analytics Cookies

ph2221 uses first-party analytics to understand how players navigate the Platform, which game categories are most popular, and where technical issues occur. This data is aggregated and analyzed at a population level rather than at an individual level and is used solely for Platform improvement purposes.

8.3 Security Cookies

Cookies used to detect and prevent fraudulent activity, unauthorized login attempts, and bot traffic. These are an important part of ph2221's security infrastructure.

8.4 Managing Cookies

You can manage or delete Cookies through your browser settings at any time. Note that disabling Essential Cookies will prevent you from using the Platform, as login sessions require Cookie support. For instructions on managing Cookies in popular browsers (Chrome, Firefox, Safari), refer to the help section of your browser.

ph2221 does not use third-party advertising Cookies or Cookies placed by social media platforms for retargeting or cross-site tracking purposes.

9 Data Retention

ph2221 retains personal data for the minimum period necessary to fulfill the purposes for which it was collected, subject to longer retention required by applicable law. The following retention periods apply:

Data Category	Retention Period
Account registration and identity data	Duration of account + 5 years after closure
KYC / identity verification documents	Duration of account + 5 years after closure (AMLA requirement)
Financial transaction records	10 years from date of transaction (AMLA requirement)
Gaming session history	Duration of account + 2 years after closure
Support communications	3 years from date of last interaction
Marketing preference records	Until consent is withdrawn + 1 year
Technical logs (IP, device, session)	12 months from collection

Upon expiry of the applicable retention period, ph2221 will securely delete or anonymize the relevant personal data so that it can no longer be linked to an individual. ph2221 may retain anonymized, aggregated data for analytical purposes indefinitely, as it no longer constitutes personal data under the DPA.

10 Data Security

ph2221 implements technical and organizational security measures appropriate to the nature and sensitivity of the personal data we hold. These measures include:

Encryption in transit: All data transmitted between your device and ph2221's servers is encrypted using TLS 1.2 or higher (256-bit SSL), preventing interception during transmission;
Encryption at rest: Sensitive personal data and financial data stored in ph2221's databases is encrypted at rest using AES-256 encryption;
Access controls: Personal data is accessible only to ph2221 personnel and authorized third-party processors who have a legitimate business need, governed by role-based access control policies;
Two-factor authentication: Administrative access to systems containing personal data requires multi-factor authentication;
Regular security assessments: ph2221 conducts periodic vulnerability assessments and penetration testing of the Platform's security infrastructure;
Incident response: ph2221 maintains a data breach response plan. In the event of a personal data breach that poses a real risk to Data Subjects, ph2221 will notify the NPC and affected players in accordance with the DPA's breach notification requirements.

No security system is completely impenetrable. We encourage all players to use a strong, unique password for their ph2221 account and to enable two-factor authentication (2FA) in account security settings for an additional layer of protection.

11 International Data Transfers

Some of ph2221's service providers — including certain game studios and technology infrastructure providers — may be located outside the Philippines. Where personal data is transferred to a country that does not provide an equivalent level of data protection to the Philippines, ph2221 ensures that appropriate safeguards are in place, including:

Binding contractual clauses that impose DPA-equivalent data protection obligations on the recipient;
Adequacy assessments confirming the recipient country's data protection framework meets applicable standards;
Standard contractual clauses approved by the NPC or equivalent supervisory authority.

By using the ph2221 Platform, you consent to the transfer of your personal data to countries outside the Philippines for the processing purposes described in this Policy, subject to the safeguards described above.

12 Your Data Protection Rights

Under the DPA, you have the following rights in relation to your personal data held by ph2221. To exercise any of these rights, contact ph2221 using the details in Section 15.

Right to Be Informed Right to Access Right to Correct Right to Erasure Right to Object Right to Portability Right to Restrict Right to Withdraw Consent

12.1 Right to Access

You have the right to request a copy of the personal data ph2221 holds about you. ph2221 will provide this information within thirty (30) days of a verified request. A reasonable administrative fee may apply for repetitive or manifestly unfounded requests.

12.2 Right to Correct

You have the right to request correction of inaccurate or incomplete personal data. You may update most account information directly through your account settings. For information you cannot update yourself — such as your registered name or date of birth — submit a correction request to ph2221 support with supporting documentation.

12.3 Right to Erasure

You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where you have withdrawn consent and there is no other lawful basis for processing. Note that ph2221 is legally required to retain certain financial records under AMLA and other regulations regardless of an erasure request, as described in Section 9.

12.4 Right to Object and Withdraw Consent

You may object to processing based on legitimate interests at any time, and you may withdraw consent for marketing communications at any time without penalty. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal.

12.5 Right to Lodge a Complaint

If you believe ph2221 has violated your data protection rights, you have the right to lodge a complaint with the National Privacy Commission of the Philippines. ph2221 would appreciate the opportunity to address your concern first — please contact us via the details in Section 15 before escalating to the NPC.

13 Children & Minors

The ph2221 Platform is strictly intended for individuals who are at least 21 years of age. ph2221 does not knowingly collect personal data from individuals under 21 years of age. Age verification is conducted during the registration and KYC process.

If ph2221 discovers that personal data has been collected from a person under 21 years of age, we will immediately close that account, delete all associated personal data to the extent legally permitted, and forfeit any balance in accordance with our Terms and Conditions and applicable PAGCOR regulations.

If you are a parent or guardian and believe your child has registered on the ph2221 Platform, please contact us immediately using the details in Section 15. We will investigate and act promptly.

21+ Only. Online gambling is restricted to adults aged 21 and above under Philippine law. ph2221 takes this requirement seriously and enforces it through identity verification.

14 Changes to This Privacy Policy

ph2221 reserves the right to update this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or regulatory requirements. Material changes — meaning changes that substantively affect how we use your personal data or your rights — will be communicated to registered players via the registered email address no less than fourteen (14) days before the change takes effect, unless a shorter notice period is required by law.

Non-material changes (such as clarifications or formatting updates) will be reflected in the revised Policy with an updated "Last Updated" date at the top of this page. Your continued use of the Platform after the effective date of any revision constitutes your acceptance of the revised Policy.

The current version of this Policy is always accessible at ph2221.club/privacy-policy. We recommend reviewing this page periodically to stay informed of how ph2221 handles your personal data.

15 Contact & Data Rights Requests

To exercise your data protection rights, submit a data rights request, report a privacy concern, or contact ph2221's Data Protection Officer, please use the following channels:

Live Chat: Available 24 hours a day, 7 days a week via the chat widget on ph2221.club. For data rights requests, please state "Data Privacy Request" at the start of your message.
Email (plain text — not a clickable link): [email protected]

ph2221 will acknowledge data rights requests within three (3) business days and will complete the request within thirty (30) days of identity verification. Where a request is complex or involves a large volume of data, ph2221 may extend this period by a further thirty (30) days with notice.

For complaints that remain unresolved after engaging with ph2221, you may escalate to the National Privacy Commission of the Philippines at privacy.gov.ph.

This Privacy Policy was last revised on January 1, 2026 and supersedes all previous versions. ph2221 thanks you for taking the time to understand how we handle your personal data.

ph2221 Privacy Policy

Privacy at a Glance

We Collect Only What We Need

256-bit SSL Encryption

We Do Not Sell Your Data

Your Rights Under Philippine Law

Cookies for a Better Experience

Marketing Communications