phdrea Privacy Policy

This Privacy Policy ("Policy") describes how phdrea ("phdrea," "we," "us," or "our") collects, uses, discloses, stores, and protects the personal information of users ("Player," "User," or "you") who access or use the phdrea online gaming platform available at phdrea.org (the "Platform").

phdrea is committed to protecting the privacy and personal data of all Filipino players in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and all relevant issuances of the National Privacy Commission (NPC) of the Philippines.

By registering an account on phdrea, accessing the Platform, or otherwise providing your personal information to us, you acknowledge that you have read and understood this Policy and consent to the collection and processing of your personal data as described herein. If you do not agree with this Policy, please do not use the phdrea Platform.

For the purposes of the Data Privacy Act of 2012 and this Policy, phdrea acts as the Personal Information Controller with respect to the personal data of its registered players and website visitors. phdrea determines the purposes and means of processing your personal information in connection with the operation of the Platform.

Where phdrea engages third-party service providers to process personal data on its behalf (for example, payment processors or identity verification providers), those parties act as Personal Information Processors and are contractually bound to process your data only in accordance with phdrea's instructions and applicable Philippine data protection law.

phdrea collects the following categories of personal data from players and platform visitors:

phdrea does not collect sensitive personal information beyond what is strictly necessary for identity verification and regulatory compliance. We do not collect information about your religious beliefs, political affiliations, or health status unless directly relevant to a responsible gaming assessment you have voluntarily initiated.

phdrea collects your personal data through the following means:

• Direct Interactions: When you register a phdrea account, complete identity verification, make a deposit or withdrawal request, contact customer support, or participate in a promotion, you directly provide us with personal data.
• Automated Technologies: When you access the phdrea Platform, we automatically collect certain technical and usage data through cookies, web beacons, server logs, and similar tracking technologies. This data helps us maintain platform security and improve your gaming experience.
• Third-Party Sources: phdrea may receive personal data about you from third-party identity verification providers, payment processors (such as GCash, Maya, or Philippine banks), and fraud prevention services, where necessary to verify your identity or process transactions.
• Publicly Available Sources: In limited circumstances related to fraud prevention or regulatory compliance, phdrea may cross-reference information you have provided against publicly available records.

phdrea uses your personal data for the following purposes:

• Account Management: To create, maintain, and manage your phdrea player account, including verifying your identity and age (21+ requirement) in compliance with PAGCOR regulations.
• Service Delivery: To provide you with access to phdrea's games, features, bonuses, and promotions, and to process your deposits and withdrawals through supported Philippine payment channels.
• Security and Fraud Prevention: To detect, investigate, and prevent fraudulent activity, money laundering, unauthorized account access, and other prohibited conduct on the phdrea Platform.
• Regulatory Compliance: To comply with our obligations under Philippine law, including PAGCOR licensing requirements, the Anti-Money Laundering Act (AMLA), and the Data Privacy Act of 2012.
• Responsible Gaming: To monitor gaming activity for signs of problem gambling and to administer responsible gaming tools such as deposit limits, session limits, and self-exclusion, in accordance with our Responsible Gaming Policy.
• Customer Support: To respond to your inquiries, resolve disputes, and provide technical assistance.
• Marketing Communications: Where you have provided your consent, to send you promotional offers, bonus notifications, and platform updates. You may withdraw this consent at any time.
• Platform Improvement: To analyze usage patterns, conduct internal research, and improve the functionality, performance, and user experience of the phdrea Platform.

phdrea processes your personal data on the following legal bases as recognized under the Data Privacy Act of 2012 and its Implementing Rules and Regulations:

• Consent: Where you have given your explicit consent to the processing of your personal data for a specific purpose, such as receiving marketing communications from phdrea.
• Contractual Necessity: Where processing is necessary for the performance of the contract between you and phdrea — specifically, to provide you with access to the Platform and to process your gaming transactions.
• Legal Obligation: Where processing is required to comply with a legal obligation applicable to phdrea, including PAGCOR licensing conditions, AMLA reporting requirements, and NPC directives.
• Legitimate Interests: Where processing is necessary for the legitimate interests of phdrea, such as fraud prevention, platform security, and service improvement, provided that such interests are not overridden by your rights and freedoms.

phdrea does not sell or rent your personal data to third parties. We may share your personal data with the following categories of recipients only to the extent necessary for the purposes described in this Policy:

• Payment Processors: Philippine payment service providers including GCash, Maya, and partner banks (BPI, BDO, Metrobank, UnionBank, Landbank, PNB, Security Bank) to process your deposits and withdrawals.
• Identity Verification Providers: Third-party KYC and age verification service providers engaged by phdrea to verify your identity and comply with regulatory requirements.
• Regulatory Authorities: PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other Philippine government authorities where disclosure is required by law or regulation.
• Fraud Prevention Services: Third-party fraud detection and prevention providers who assist phdrea in identifying and preventing fraudulent activity on the Platform.
• IT and Infrastructure Providers: Cloud hosting, data storage, and cybersecurity service providers who process data on phdrea's behalf under strict data processing agreements.
• Legal and Professional Advisors: Lawyers, auditors, and other professional advisors engaged by phdrea in connection with legal proceedings, regulatory investigations, or compliance reviews.

All third parties with whom phdrea shares personal data are required to maintain appropriate technical and organizational security measures and to process your data only in accordance with phdrea's instructions and applicable Philippine law.

phdrea uses cookies and similar tracking technologies to enhance your experience on the Platform, maintain session security, and gather analytics data. The following types of cookies may be used:

• Strictly Necessary Cookies: Essential for the operation of the phdrea Platform, including maintaining your login session and ensuring platform security. These cookies cannot be disabled without affecting core platform functionality.
• Functional Cookies: Used to remember your preferences and settings on the phdrea Platform, such as your preferred language and display settings.
• Analytics Cookies: Used to collect aggregated, anonymized data about how players use the phdrea Platform, helping us identify areas for improvement. This data does not identify you personally.
• Security Cookies: Used to detect and prevent fraudulent activity, unauthorized access attempts, and other security threats on the Platform.

You may control cookie settings through your browser preferences. Please note that disabling certain cookies may affect the functionality of the phdrea Platform. phdrea does not use third-party advertising cookies or behavioral tracking cookies for the purpose of serving advertisements on external websites.

phdrea retains your personal data only for as long as is necessary to fulfill the purposes for which it was collected, or as required by applicable Philippine law and regulation. The following general retention periods apply:

• Account Data: Retained for the duration of your active phdrea account and for a period of five (5) years following account closure, in compliance with PAGCOR record-keeping requirements and AMLA obligations.
• Financial Transaction Records: Retained for a minimum of five (5) years from the date of the transaction, as required under the Anti-Money Laundering Act and its implementing regulations.
• KYC and Verification Documents: Retained for the duration of your account and for five (5) years following account closure.
• Customer Support Records: Retained for three (3) years from the date of the last interaction, or longer if required in connection with an ongoing dispute or legal proceeding.
• Technical and Usage Data: Retained for up to twelve (12) months from collection, after which it is anonymized or deleted.

Upon expiry of the applicable retention period, phdrea will securely delete or anonymize your personal data in accordance with NPC guidelines on data disposal.

phdrea implements appropriate technical and organizational security measures to protect your personal data against unauthorized access, accidental loss, destruction, alteration, or disclosure. These measures include:

• SSL/TLS encryption for all data transmitted between your device and phdrea's servers.
• Encryption of sensitive data at rest, including financial information and identity documents.
• Role-based access controls limiting employee access to personal data on a strict need-to-know basis.
• Regular security assessments, vulnerability scanning, and penetration testing of the Platform.
• Multi-factor authentication requirements for administrative access to systems containing personal data.
• Incident response procedures for detecting, reporting, and managing personal data breaches in accordance with NPC notification requirements.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, phdrea will notify the National Privacy Commission and affected players in accordance with the timeframes and procedures prescribed by the Data Privacy Act of 2012 and NPC Circular No. 16-03.

Under the Data Privacy Act of 2012, you have the following rights with respect to your personal data held by phdrea:

To exercise any of the above rights, please contact the phdrea Data Privacy Officer at the contact details provided in Section 14 of this Policy. phdrea will respond to all verified data rights requests within fifteen (15) business days, in accordance with NPC guidelines.

The phdrea Platform is strictly intended for adults aged 21 years and older, in compliance with PAGCOR regulations governing online gambling in the Philippines. phdrea does not knowingly collect personal data from individuals under the age of 21.

If phdrea becomes aware that personal data has been collected from a person under 21 years of age, we will take immediate steps to delete that data and close the associated account. If you believe that a minor has registered on the phdrea Platform, please contact us immediately at the details provided in Section 14.

phdrea reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable Philippine law, or NPC guidance. The date of the most recent revision will be indicated at the top of this page.

Where changes to this Policy are material, phdrea will notify registered players via email or a prominent notice on the Platform prior to the changes taking effect. Your continued use of the phdrea Platform following the posting of an updated Policy constitutes your acceptance of the revised terms.

We encourage you to review this Policy periodically to stay informed about how phdrea protects your personal data.

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data by phdrea, please contact our Data Privacy Officer:

Data Privacy Officer, phdrea

Email: [email protected]

General Support: [email protected]

Operating Hours: 24 hours a day, 7 days a week

Response Time: phdrea endeavors to respond to all data privacy inquiries and rights requests within fifteen (15) business days of receipt.

You also have the right to lodge a complaint directly with the National Privacy Commission (NPC) of the Philippines if you are not satisfied with phdrea's response to your data privacy concern.