ph48 is committed to protecting the privacy and personal data of every Filipino player on our platform. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights under Philippine law.
Effective Date: 1 June 2026 | Version: 3.1 | Jurisdiction: Republic of the Philippines
This Privacy Policy ("Policy") describes how ph48 ("ph48," "we," "us," "our") collects, processes, stores, shares, and protects the personal data of individuals ("you," "Data Subject," "Player," "User") who access or use the ph48 online casino platform at ph48.asia, including all associated services, features, games, and digital touchpoints (collectively, the "Platform").
This Policy is issued in compliance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 ("DPA"), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission of the Philippines ("NPC"). It also reflects applicable requirements of the Philippine Amusement and Gaming Corporation ("PAGCOR") and the Anti-Money Laundering Act ("AMLA"), as amended.
By creating a ph48 account, logging in to the Platform, or continuing to use ph48 services after the effective date of this Policy, you acknowledge that you have read and understood this Policy and consent to the collection and processing of your personal data as described herein. If you do not agree, please discontinue use of the Platform and contact us to request account closure.
The personal data of ph48 Platform users is controlled by ph48, operating as the Data Controller for the purposes of Republic Act No. 10173. ph48 has appointed a Data Protection Officer ("DPO") responsible for overseeing data protection compliance and serving as the primary point of contact for data privacy inquiries and complaints.
You may contact the ph48 Data Protection Officer at: [email protected] — please include "Data Privacy" in your subject line. ph48 will acknowledge receipt of data privacy inquiries within five (5) business days and provide a substantive response within fifteen (15) business days.
ph48 collects the following categories of personal data in the course of providing the Platform and meeting regulatory obligations:
ph48 collects personal data through the following channels:
The table below summarizes the primary purposes for which ph48 processes your personal data and the applicable legal basis under the Data Privacy Act of 2012.
| Purpose | Data Categories Used | Legal Basis (RA 10173) |
|---|---|---|
| Account registration and identity verification (KYC) | Identity, Contact, ID documents | Legal obligation; Contractual necessity |
| Age verification (21+ requirement) | Date of birth, Government ID | Legal obligation (PAGCOR) |
| Deposit and withdrawal processing | Financial, Identity | Contractual necessity |
| Anti-money laundering (AML) monitoring | Financial, Transaction, Identity | Legal obligation (AMLA) |
| Fraud prevention and security | Technical, Financial, Identity | Legitimate interests; Legal obligation |
| Responsible gaming monitoring | Gaming & Behavioral | Legal obligation (PAGCOR); Legitimate interests |
| Customer support and complaint handling | Identity, Communications | Contractual necessity; Legal obligation |
| Platform personalization and analytics | Gaming & Behavioral, Technical | Legitimate interests; Consent (for optional analytics) |
| Promotional communications (opt-in only) | Contact, Gaming preferences | Consent |
| Regulatory reporting to PAGCOR and NPC | Identity, Financial, Gaming | Legal obligation |
ph48 does not sell, rent, or trade personal data to third parties for their own marketing purposes. Your personal data may be shared with the following categories of recipients, strictly for the purposes described in Section 5:
All third-party data processors engaged by ph48 are required to implement appropriate technical and organizational security measures and to process personal data only as instructed by ph48, in accordance with the DPA.
ph48 uses cookies and similar tracking technologies to operate and improve the Platform. Cookies are small data files stored on your device that enable the Platform to recognize returning visitors, maintain session state, prevent fraud, and analyze usage patterns.
You may manage cookie preferences through your browser settings. Note that disabling strictly necessary cookies will impair Platform functionality. ph48 does not use advertising or behavioral tracking cookies that follow you across external websites.
ph48 retains personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law and regulation. The following minimum retention periods apply:
Upon expiry of the applicable retention period, personal data is securely deleted or anonymized in accordance with ph48's data disposal procedures.
ph48 implements a layered set of technical and organizational security measures to protect personal data against unauthorized access, disclosure, alteration, loss, or destruction. These measures include:
In the event of a personal data breach that is likely to result in serious harm to affected Data Subjects, ph48 will notify the NPC within seventy-two (72) hours of becoming aware of the breach, and will notify affected individuals without undue delay as required by the DPA.
Under the Data Privacy Act of 2012, as a Data Subject you have the following rights with respect to your personal data held by ph48:
To exercise any of these rights, contact the ph48 Data Protection Officer at [email protected] with the subject line "Data Subject Rights Request." ph48 will respond within fifteen (15) business days. Note that certain rights may be limited where data processing is required for compliance with legal obligations, including AMLA and PAGCOR reporting.
The ph48 Platform is strictly for persons aged 21 years and above. ph48 does not knowingly collect personal data from individuals below the age of 21. Age verification is conducted at registration through documentary KYC. If ph48 discovers that personal data has been collected from a person under 21 years of age, that account will be immediately closed, all associated funds will be processed in accordance with applicable PAGCOR guidance, and the personal data will be deleted to the extent permissible by law. Parents or guardians who believe a minor may have registered with ph48 should contact support immediately.
ph48 primarily processes personal data within the Republic of the Philippines. Where personal data is transferred to or processed by third-party service providers outside the Philippines — for example, cloud infrastructure providers or international game content platforms — ph48 ensures that such transfers are subject to binding data processing agreements that require the recipient to maintain data protection standards at least equivalent to those required under RA 10173. ph48 will not transfer personal data to a foreign country or organization unless satisfied that adequate protections are in place.
ph48 reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or regulatory requirements. Material changes will be notified to registered Members via their registered email address and through a prominent notice on the Platform, at least seven (7) days prior to the changes taking effect. The effective date at the top of this Policy will always reflect the most recent version. We encourage you to review this Policy periodically. Continued use of ph48 following notification of changes constitutes acceptance of the updated Policy.
For any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data by ph48, please contact:
If you are unsatisfied with ph48's response to a data privacy complaint, you have the right to escalate your complaint to the National Privacy Commission of the Philippines through the NPC's official complaint channels.
How ph48 handles your data — in plain language.
ph48 processes all personal data in compliance with the Data Privacy Act of 2012. A Data Protection Officer oversees compliance and is your primary point of contact for any privacy concern.
ph48 never sells, rents, or trades your personal information to third parties for marketing purposes. Your data is used solely to deliver and improve ph48 services, and to meet regulatory obligations.
All data in transit is protected by SSL/TLS. Sensitive data at rest is encrypted. ph48 undergoes regular third-party security audits to verify that your personal and financial data is properly protected.
Access, correct, delete, or port your data — these are enforceable rights under RA 10173. Contact the ph48 DPO at [email protected] with any request. Responses within 15 business days, guaranteed.
ph48 retains data only as long as legally required — typically 5 years for financial and identity records under AMLA. After the retention period, data is securely deleted or anonymized per our disposal procedures.
In the event of a data breach likely to cause harm, ph48 notifies the NPC within 72 hours and alerts affected players without undue delay — as required by RA 10173. You will never be left in the dark.
Over 500,000 Filipino players trust ph48 with their personal data. PAGCOR-regulated, RA 10173-compliant, and serious about security — this is the platform built for the Philippine market.
21+ only. PAGCOR regulated. Please gamble responsibly.