At ph48, we understand that trust is the foundation of every player relationship. This Privacy Policy explains what personal data we collect, why we collect it, how we protect it, and the rights you have as a Filipino data subject under the Data Privacy Act of 2012 (Republic Act No. 10173).
Effective Date: 1 January 2026 · Version: 2.0 · Regulator: National Privacy Commission, Philippines
Philippine DPA 2012 Compliant
This Privacy Policy applies to all users of the ph48 online gaming platform accessible at ph48.club. ph48 is committed to protecting the privacy and personal data of every Filipino player in full compliance with the Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission (NPC). By registering or continuing to use ph48, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with its terms, please discontinue use of the ph48 platform and contact us to request Account closure.
This Privacy Policy applies to all personal data collected, used, stored, disclosed, or otherwise processed by ph48 in connection with the operation of the ph48 online gaming platform, including:
This Privacy Policy does not apply to third-party websites or services that may be referenced in ph48 content. ph48 is not responsible for the data practices of any third-party operator, payment provider, or service provider that maintains its own privacy policy independent of ph48.
For the purposes of the Data Privacy Act of 2012 and this Privacy Policy, ph48 (operating the ph48.club platform) is the Personal Information Controller in respect of all personal data collected from ph48 users.
ph48 has designated a Data Protection Officer (DPO) who is responsible for overseeing data protection compliance within the ph48 platform. The DPO may be contacted using the details provided in Section 15 of this Policy. The ph48 DPO is also registered with the National Privacy Commission as required under applicable NPC regulations.
ph48 collects the following categories of personal data from registered and prospective players:
| Data Category | Specific Data Points | Collection Stage |
|---|---|---|
| Identity Data | Full legal name, date of birth, nationality, gender, government ID type and number, photograph | Registration & KYC |
| Contact Data | Philippine mobile number, email address, residential address | Registration |
| Financial Data | GCash number, Maya wallet number, bank account details (BPI, BDO, Metrobank, UnionBank), deposit and withdrawal history, account balance history | Payment processing |
| Gaming Data | Game session logs, bet amounts, game outcomes, wager history, bonus usage, RTP statistics | Ongoing use |
| Technical Data | IP address, device type and model, operating system, browser type, screen resolution, cookie data, session tokens | Automated collection |
| Communications Data | Live chat transcripts, email correspondence, support ticket content, feedback submissions | Support interactions |
| Responsible Gaming Data | Self-exclusion records, deposit limit settings, session time preferences, self-assessment responses | Account settings |
| Marketing Data | Communication preferences, promotion opt-in/opt-out records, referral data | Registration & ongoing |
ph48 collects personal data through the following means:
You provide personal data directly to ph48 when you register an account, complete KYC verification, make a deposit or withdrawal, contact customer support, respond to surveys, or participate in promotional activities. This is the primary source of personal data held by ph48.
When you access the ph48 platform, certain technical data is collected automatically through server logs, cookies, and similar technologies. This includes your IP address, device identifiers, browser information, and session data. This automated collection is necessary for platform security, fraud prevention, and service delivery. See Section 12 for further information on cookies.
When you process a deposit or withdrawal through GCash, Maya, BPI, BDO, Metrobank, UnionBank, or other accepted payment providers, ph48 receives transaction confirmation data necessary to credit or process your Account. ph48 does not receive or store your complete payment credentials; payment processing is managed by the respective payment providers under their own privacy policies.
ph48 may use accredited third-party KYC and identity verification services to assist in verifying the accuracy of identity documents provided during the KYC process. These services process your identity data under data processing agreements with ph48 and applicable privacy law requirements.
ph48 processes your personal data for the following specific, legitimate purposes:
ph48 does not process your personal data for any purpose incompatible with those listed above without first obtaining your explicit consent or as otherwise permitted by applicable law.
ph48 processes personal data on the following legal bases as provided under the Data Privacy Act of 2012:
ph48 shares personal data with third parties only in the following circumstances and only to the extent necessary for the specified purpose:
ph48 is required by law to disclose player data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other Philippine government bodies when required by regulation, court order, or law enforcement request. ph48 will comply with all such lawful requests and, where legally permitted, will notify affected players of such disclosures.
ph48 shares payment-related data with payment processors (GCash, Maya, BPI, BDO, Metrobank, UnionBank, and others) strictly for the purpose of executing deposit and withdrawal transactions. These providers act as data processors under agreements with ph48 and are contractually prohibited from using player data for their own independent marketing purposes.
ph48 may share identity documents and data with accredited KYC service providers for the purpose of identity verification. These providers operate under strict data processing agreements and are permitted to process the shared data only for the KYC purpose.
Game software providers whose titles are hosted on the ph48 platform may receive anonymized or pseudonymized session and technical data necessary for game delivery, RNG certification, and RTP calculation. Personal identity data is not shared with game providers unless required for jackpot verification purposes.
ph48 does not sell, rent, or trade your personal data to any third party for commercial or marketing purposes. Full stop.
Some of ph48's third-party service providers, including game content providers and certain technical infrastructure partners, may be located outside the Philippines. Where personal data is transferred to a recipient in a foreign jurisdiction, ph48 ensures that appropriate safeguards are in place in accordance with the Data Privacy Act of 2012 and NPC regulations on cross-border data transfers. These safeguards include contractual clauses requiring the foreign recipient to maintain data protection standards substantially equivalent to those required under Philippine law.
ph48 retains personal data for as long as necessary to fulfill the purposes for which it was collected and to comply with applicable legal obligations. The following retention periods apply:
Upon expiry of the applicable retention period, ph48 securely destroys or irreversibly anonymizes personal data, provided there is no outstanding legal, regulatory, or dispute-related requirement to retain the data for a longer period.
ph48 implements a comprehensive suite of technical and organizational security measures to protect your personal data against unauthorized access, accidental loss, destruction, or disclosure. These measures include:
Under the Data Privacy Act of 2012 and its Implementing Rules, every Philippine data subject has the following rights with respect to their personal data held by ph48:
You have the right to be informed of the existence of your personal data held by ph48, the purposes of processing, and the identity of any third parties with whom your data has been shared.
You have the right to request a copy of the personal data ph48 holds about you. ph48 will provide this information in a structured, commonly used format within thirty (30) calendar days of a verified access request.
You have the right to request correction of any inaccurate or incomplete personal data ph48 holds about you. Identity data corrections require re-submission of supporting KYC documents.
You have the right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to ph48's legal retention obligations under PAGCOR and AMLA requirements.
You have the right to object to the processing of your personal data for direct marketing purposes at any time. You may opt out of marketing communications via your ph48 Account settings or by contacting support.
You have the right to receive your personal data in a structured, electronic format and to have it transmitted to another controller, where technically feasible and where processing is based on consent or contractual necessity.
If you believe ph48 has violated your data privacy rights, you have the right to lodge a complaint with the National Privacy Commission (NPC) at privacy.gov.ph or through NPC's official complaints process.
ph48 uses cookies and similar tracking technologies to operate and improve the ph48 platform. Cookies are small data files stored on your device that help ph48 recognize you between sessions, maintain your login state, and analyze platform usage patterns.
You may control non-essential cookies through your browser settings. Please note that disabling cookies may affect the functionality of certain ph48 platform features. For more information on managing cookies in your browser, refer to your browser's help documentation.
If you believe a person under 21 has registered on ph48 or that ph48 has inadvertently collected personal data from a minor, please contact ph48 immediately at [email protected].
ph48 may update this Privacy Policy from time to time to reflect changes in our data processing practices, applicable law, or regulatory requirements. When material changes are made, ph48 will:
Your continued use of the ph48 platform after a Privacy Policy update constitutes your acknowledgment of the updated Policy. If you do not accept the updated Policy, you must cease use of the ph48 platform and request Account closure. Prior versions of this Privacy Policy are available upon request from ph48's Data Protection Officer.
If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data by ph48, please contact our Data Protection Officer through the following channels:
ph48 aims to respond to all privacy-related inquiries within five (5) business days and to formally resolve data subject rights requests within thirty (30) calendar days as required under the Data Privacy Act of 2012.
If you remain dissatisfied with ph48's response to a privacy concern, you have the right to escalate your complaint to the National Privacy Commission (NPC), the independent regulatory body for data privacy in the Philippines.
A summary overview of ph48's core data protection commitments. These cards supplement, but do not replace, the full Privacy Policy above.
Every connection between your device and ph48 is secured with 256-bit TLS encryption — the same security standard used by Philippine banks. Your login, personal data, and transaction details never travel unprotected.
ph48 processes your data in full compliance with Republic Act No. 10173 (Data Privacy Act of 2012). A registered Data Protection Officer oversees all ph48 data processing activities under NPC guidelines.
Access, rectify, delete, or export your data at any time. Opt out of marketing with one click. Exercise your full data subject rights under the DPA by contacting ph48's DPO — responses guaranteed within 30 days.
ph48 does not sell, rent, or trade your personal data to any third party for commercial purposes. Data is shared only as required for service delivery, regulatory compliance, and fraud prevention.
In the event of any personal data breach affecting ph48 players, ph48 will notify the NPC and affected players within 72 hours of discovery — in line with the mandatory notification requirements of the DPA 2012.
ph48 only keeps your data for as long as legally required — typically five years for financial records under AMLA and PAGCOR requirements. After that, data is securely destroyed or anonymized.
ph48 was built specifically for Filipino players who deserve a platform that respects their data, operates under PAGCOR oversight, and actually pays out fast via GCash and Maya. Your privacy and security come first — always.