This Privacy Policy explains how phpopen collects, uses, stores, protects, and discloses your personal information when you register for, access, or use the phpopen platform. We are committed to protecting your privacy in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and relevant PAGCOR data governance requirements.
Six core commitments that define how phpopen approaches your personal information — plain language, before you read the full policy.
phpopen collects personal data strictly for the purposes of account registration, identity verification, payment processing, fraud prevention, regulatory compliance, and service delivery. We do not collect personal data speculatively or sell player data to third-party advertisers. Data collection is proportionate to the legitimate purposes it serves.
All personal data transmitted to and from phpopen is protected by 256-bit SSL/TLS encryption. Data at rest is stored in access-controlled environments with role-based internal permissions. phpopen undergoes regular security assessments and follows industry-standard data security practices to minimize the risk of unauthorized access or data breach.
phpopen does not sell, rent, or otherwise commercially exploit your personal data to any third party. Data shared with third parties — such as payment processors, KYC verification providers, and game studios — is shared solely on a need-to-know basis under binding data processing agreements, and only to the extent necessary to deliver the phpopen service.
Under the Philippine Data Privacy Act of 2012, you have the right to access, correct, object to, and request erasure of your personal data held by phpopen. These rights are exercisable by contacting phpopen's Data Protection Officer. phpopen will respond to data subject requests within the timeframes mandated by applicable law.
phpopen retains personal data only for as long as necessary to fulfill the purposes for which it was collected, including regulatory and legal retention obligations imposed by PAGCOR, the Anti-Money Laundering Council (AMLC), and Philippine tax authorities. After applicable retention periods expire, personal data is securely destroyed or anonymized.
This Privacy Policy is governed by Republic Act No. 10173 (Data Privacy Act of 2012) and its Implementing Rules and Regulations, overseen by the National Privacy Commission of the Philippines. phpopen is registered with and complies with the requirements of the National Privacy Commission as a Personal Information Controller.
The Data Privacy Act of 2012 gives every phpopen player the following rights with respect to their personal data. These are enforceable legal rights, not just platform features.
Request a copy of all personal data phpopen holds about you, including how it is being used and with whom it has been shared.
Request correction of inaccurate or incomplete personal data held in your phpopen account at any time.
Request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to legal retention obligations.
Object to the processing of your personal data for direct marketing purposes or any processing based on legitimate interests where your interests override phpopen's.
Receive your personal data in a structured, commonly used, and machine-readable format where technically feasible.
Request restriction of processing in specific circumstances — for example while the accuracy of your data is being contested by you or phpopen.
Withdraw consent for any data processing activity where consent is the legal basis, without affecting the lawfulness of processing before withdrawal.
Lodge a complaint directly with the National Privacy Commission of the Philippines if you believe phpopen has breached your data rights.
phpopen (referred to herein as "phpopen," "we," "us," or "our") is the operator of the online gaming platform accessible at phpopen.net, serving players in the Republic of the Philippines. phpopen operates in compliance with the Philippine Amusement and Gaming Corporation (PAGCOR) regulations and the Philippine Data Privacy Act of 2012 (Republic Act No. 10173).
For purposes of the Data Privacy Act of 2012, phpopen is the Personal Information Controller in respect of your personal data collected and processed through the phpopen platform. Where phpopen engages third-party service providers to process data on its behalf, those parties act as Personal Information Processors under binding data processing agreements.
Data Protection Officer: phpopen has appointed a Data Protection Officer (DPO) as required under the Data Privacy Act of 2012. Inquiries and data subject requests may be directed to the DPO via the contact information in Section 15 of this Policy.
phpopen collects personal data in the following categories, depending on how you interact with the platform:
| Category | Examples | Purpose |
|---|---|---|
| Identity Data | Full name, date of birth, government ID number, selfie / ID photograph | Account registration, KYC age and identity verification, PAGCOR compliance |
| Contact Data | Philippine mobile number, email address, residential address | Account access, OTP delivery, support communications, KYC address verification |
| Financial Data | GCash number, PayMaya account, bank account number, transaction history | Deposit processing, withdrawal verification, AML compliance, fraud prevention |
| Gaming Activity Data | Game sessions, bet amounts, win/loss records, bonus usage | Service delivery, responsible gaming monitoring, regulatory reporting, dispute resolution |
| Technical Data | IP address, device type, browser, operating system, session timestamps | Security monitoring, fraud detection, geographic compliance, platform optimization |
| Usage Data | Pages visited, features used, click paths, session duration | Platform improvement, user experience optimization, customer support |
| Communications Data | Support chat transcripts, email correspondence, complaint records | Customer service, dispute resolution, quality assurance, legal compliance |
phpopen does not collect special categories of sensitive personal data (such as health records, religious beliefs, or political opinions) except where strictly required by applicable law — for example, medical documentation submitted in connection with a responsible gaming self-exclusion request.
phpopen collects personal data through the following means:
When you register a phpopen account, complete KYC verification, make a deposit or withdrawal, contact customer support, participate in a promotion, or submit any form or correspondence through the phpopen platform, you are providing data directly to phpopen.
When you access phpopen through any device or browser, phpopen's systems automatically collect technical and usage data including your IP address, device identifiers, browser type, operating system version, session start and end times, and interaction logs. This collection is inherent to the operation of any web-based platform and is necessary for security monitoring and service delivery.
phpopen may receive personal data about you from third-party identity verification providers (used to confirm your government ID during KYC), payment processors (for deposit and withdrawal verification), fraud detection services, and PAGCOR or law enforcement authorities where legally required.
phpopen processes your personal data on one or more of the following legal grounds under the Data Privacy Act of 2012:
phpopen uses your personal data for the following specific purposes:
phpopen does not sell your personal data to any third party. phpopen may share your personal data with the following categories of recipients, strictly on a need-to-know basis:
Third-party companies engaged by phpopen to provide services on its behalf, including KYC identity verification providers, payment processors (GCash, PayMaya, and Philippine banking partners), game studio partners, cloud hosting providers, fraud detection services, and customer support platform providers. All such providers operate under binding data processing agreements that restrict their use of your data to the specific service being provided.
phpopen will disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission, the Bureau of Internal Revenue (BIR), and Philippine law enforcement agencies where required by law, court order, or legitimate regulatory inquiry. phpopen will notify you of any such disclosure where legally permitted to do so.
In the event of a merger, acquisition, or sale of phpopen's business or assets, your personal data may be transferred to the acquiring entity. phpopen will notify you of any such transfer and the applicable privacy terms before it takes effect.
No Data Sales: Under no circumstances does phpopen sell, rent, or otherwise commercially transfer your personal data to advertising networks, data brokers, or any party whose primary purpose is the commercial exploitation of personal data.
phpopen uses cookies and similar tracking technologies (such as local storage and session tokens) to operate and improve the platform. The following categories of cookies are used:
phpopen does not use cookies for behavioral advertising or tracking across third-party websites. You may manage cookie preferences through your browser settings. Note that disabling strictly necessary cookies will prevent phpopen from functioning correctly.
phpopen retains your personal data for the following periods, or such longer period as required by applicable Philippine law:
After the applicable retention period expires, phpopen will securely delete or anonymize your personal data such that it can no longer be associated with you as an identifiable individual.
phpopen implements technical and organizational measures appropriate to the risk posed by the processing of your personal data. These measures include:
While phpopen takes all reasonable steps to protect your data, no online platform can guarantee absolute security. You play an important role in protecting your own account by keeping your phpopen login credentials confidential and enabling two-factor authentication.
To exercise any of your rights under the Data Privacy Act of 2012 — including access, rectification, erasure, objection, restriction, or portability — please submit a written request to phpopen's Data Protection Officer using the contact information provided in Section 15.
phpopen will acknowledge your request within three (3) business days of receipt and will provide a substantive response within fifteen (15) business days, or within such other period as required by the Data Privacy Act of 2012. phpopen may request proof of identity before processing your request, to prevent unauthorized disclosure of your personal data.
If phpopen declines to fulfill your request — for example where legal retention obligations prevent erasure — phpopen will provide a written explanation of the reason. You have the right to escalate unresolved data rights complaints to the National Privacy Commission of the Philippines.
With your consent, phpopen may send you promotional communications about phpopen bonuses, new games, seasonal offers, and platform updates via SMS to your registered Philippine mobile number and email to your registered address.
You may withdraw your consent to marketing communications at any time by updating your communication preferences within your phpopen account settings, or by contacting phpopen customer support. Withdrawal of marketing consent does not affect your receipt of transactional communications (such as deposit confirmations and account security alerts), which are necessary for the operation of your phpopen account.
phpopen does not knowingly collect personal data from any person under the age of 21. Pursuant to PAGCOR regulations and phpopen's Terms and Conditions, the phpopen platform is strictly prohibited to persons under 21 years of age.
Age Verification: phpopen enforces age verification through KYC identity checks on every account. Any account discovered to be operated by a person under 21 will be immediately closed, all associated data will be deleted, and any balance forfeited in accordance with PAGCOR requirements.
If you believe phpopen has inadvertently collected personal data from a minor, please contact phpopen's Data Protection Officer immediately using the contact details in Section 15, and the data will be deleted without undue delay.
phpopen's primary data processing infrastructure is located in the Philippines. In certain circumstances, personal data may be processed by phpopen's service providers in locations outside the Philippines — for example, by game studio servers or cloud infrastructure providers with regional data centers in Southeast Asia.
Where phpopen transfers personal data outside the Philippines, such transfers are made only to recipients in countries or territories that provide an adequate level of protection for personal data, or under contractual arrangements that impose equivalent data protection obligations on the recipient, as required by the Data Privacy Act of 2012 and its Implementing Rules. phpopen does not transfer personal data to jurisdictions known to have inadequate data protection frameworks without appropriate safeguards in place.
phpopen may update this Privacy Policy from time to time to reflect changes in applicable law, PAGCOR regulations, phpopen's data processing practices, or platform functionality. The date of the most recent revision is displayed at the top of this page.
Where changes are material — meaning they significantly affect how phpopen processes your personal data or your rights in relation to it — phpopen will notify registered players via email or platform notification at least fourteen (14) days before the changes take effect. Your continued use of phpopen following the effective date of any revision constitutes your acceptance of the updated Privacy Policy.
If you do not accept the revised Privacy Policy, you must stop using phpopen and request account closure in accordance with the account termination procedures set out in phpopen's Terms and Conditions.
For all privacy-related inquiries, data subject requests, and complaints, please contact phpopen's Data Protection Officer:
If you are not satisfied with phpopen's response to a data privacy complaint, you have the right to lodge a complaint directly with the National Privacy Commission of the Philippines.
Your data is protected under Philippine law and phpopen's security standards. Join over 500,000 Filipino players already enjoying bingo, live casino, slots, and sports betting — all in PHP, all PAGCOR-compliant. Players must be 21 or older.
21+ only · Philippine residents · PAGCOR-compliant · Gambling can be addictive — play responsibly