philbeth Privacy Policy

This Privacy Policy (the "Policy") describes how philbeth (the "Company", "We", "Us", or "Our"), the operator of the online gaming platform accessible at philbeth.net (the "Platform"), collects, uses, stores, shares, and protects personal data in connection with the use of our services.

This Policy is issued in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, the National Privacy Commission's ("NPC") issuances, and the data handling requirements imposed by the Philippine Amusement and Gaming Corporation (PAGCOR) on licensed online gaming operators.

By accessing, registering on, or using the Platform, you acknowledge that you have read and understood this Policy and consent to the processing of your personal data as described herein. If you do not agree to this Policy, you must discontinue use of the Platform and may request account closure in accordance with our Terms & Conditions.

philbeth takes your privacy seriously. We understand that the personal data you share with us — ranging from your name and mobile number to your payment details and gaming activity — is sensitive, and we are committed to handling it with the highest standards of confidentiality, integrity, and security.

The Philippine Data Privacy Act (DPA) grants you clear rights over your personal data and imposes corresponding obligations on organizations like philbeth that process it. This Policy explains in plain terms how we meet those obligations — what data we collect, why we need it, how long we keep it, who we share it with, and what choices you have.

We have appointed a Data Protection Officer ("DPO") responsible for overseeing philbeth's compliance with data privacy obligations. The DPO's contact details are provided in Section 16 of this Policy. The DPO is your primary contact for any data privacy concern, request, or complaint related to philbeth's processing of your personal data.

For the purposes of the Philippine Data Privacy Act and this Policy, philbeth is the Personal Information Controller (PIC) in respect of personal data collected through the Platform. As the PIC, philbeth determines the purposes and means of processing your personal data and is the primary entity responsible for ensuring that processing activities comply with applicable law.

philbeth operates under PAGCOR's online gaming licensing framework, which imposes specific regulatory obligations regarding the collection, verification, and retention of player data. Where PAGCOR regulations require philbeth to collect or retain data for compliance purposes, such processing is mandatory and cannot be waived by individual consent or objection.

Where third-party service providers (game providers, payment processors, identity verification services) process personal data on behalf of philbeth, they do so as Personal Information Processors (PIPs) under data processing agreements that require them to process data only as instructed by philbeth and to maintain equivalent security and confidentiality standards.

philbeth collects the following categories of personal data in connection with the provision of its gaming platform services:

3.1 Identity & Contact Data

• Full legal name (as it appears on a Philippine government-issued ID)
• Date of birth and age verification data
• Philippine mobile number (primary account identifier)
• Email address (if provided during registration or support contact)
• Residential address (collected during KYC verification)
• Government-issued ID type, number, and expiry date
• ID document scans or photographs submitted for KYC purposes

3.2 Financial & Payment Data

• E-wallet account identifiers (GCash number, Maya account reference) linked to your philbeth account
• Bank account names and partial account numbers as required for withdrawal processing
• Transaction history: deposit amounts, withdrawal amounts, dates, and payment method used
• Source-of-funds declarations where required for AML compliance

3.3 Gaming Activity Data

• Game session history: games played, wager amounts, outcomes, and timestamps
• Bonus and promotion usage records
• Sports betting selections, stakes, and results
• Responsible gaming tool settings: deposit limits, session timers, cooling-off periods
• Self-exclusion records and their duration

3.4 Technical & Device Data

• IP address and approximate geolocation derived from IP
• Device type, operating system, and browser/app version
• Session login and logout timestamps
• Platform interaction logs for fraud detection and security monitoring

3.5 Communication Data

• Records of live chat, email, and support ticket interactions
• Promotional communication preferences (opt-in/opt-out records)
• Survey and feedback responses where voluntarily provided

philbeth collects personal data through the following means:

• Registration: Data provided by you directly when creating a philbeth account, including mobile number, username, and date of birth confirmation;
• KYC Verification: Identity documents and supporting information submitted by you in response to philbeth's KYC requests or as part of withdrawal processing;
• Platform Use: Data generated automatically through your interaction with the Platform, including game sessions, deposits, withdrawals, and navigation activity;
• Customer Support: Data provided by you when you contact philbeth Support via live chat, email, or any other support channel;
• Cookies and Tracking Technologies: Technical data collected through cookies, session tokens, and similar technologies as described in Section 10;
• Third-Party Identity Verification: Data provided to philbeth by licensed identity verification service providers during the KYC process;
• Payment Processors: Transaction confirmation data provided to philbeth by GCash, Maya, BPI, BDO, or other payment service providers upon processing of your deposit or withdrawal.

philbeth processes your personal data for the following purposes:

philbeth will not use your personal data for purposes incompatible with those described in this Policy without your separate and explicit consent, except where required by law or PAGCOR regulation.

Under the Philippine Data Privacy Act, philbeth relies on the following legal bases for processing your personal data:

• Contractual Necessity: Processing required to provide the gaming services you have registered for, including account management, KYC, payment processing, and game delivery;
• Legal Obligation: Processing required to comply with PAGCOR licensing conditions, the Anti-Money Laundering Act (AMLA), the Data Privacy Act itself, and other applicable Philippine law;
• Legitimate Interests: Processing for fraud prevention, platform security, responsible gaming monitoring, and internal analytics — subject always to your rights under the DPA;
• Consent: Processing for optional marketing communications and non-essential cookies, where you have provided clear, affirmative opt-in consent that you may withdraw at any time without affecting the delivery of core platform services.

Where processing is based on consent, you have the right to withdraw that consent at any time by updating your communication preferences within your Account Settings or by contacting philbeth Support. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

philbeth does not sell, rent, trade, or otherwise disclose your personal data to unaffiliated third parties for their own marketing purposes. Sharing of personal data is limited to the circumstances described below:

7.1 Service Providers (Personal Information Processors)

philbeth shares personal data with third-party service providers who process data on our behalf under binding contractual obligations, including:

• Identity verification and KYC service providers;
• Payment processors and e-wallet operators (GCash, Maya, BPI, BDO, and others);
• Game content providers (for game session data required for technical delivery and RNG certification);
• Cloud hosting and infrastructure providers operating the Platform's technical environment;
• Fraud detection and cybersecurity service providers;
• Customer support platform providers.

7.2 Regulatory Authorities

philbeth is required to disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other competent Philippine government authorities where required by law, regulatory direction, court order, or lawful demand. Such disclosures are made in strict compliance with applicable legal requirements and only to the extent necessary.

7.3 Legal Proceedings

philbeth may disclose personal data where necessary to establish, exercise, or defend legal claims — including disclosure to legal advisers, courts, or law enforcement agencies — to the extent permitted and required by applicable law.

Certain third-party service providers engaged by philbeth may process data on servers located outside the Philippines, including in jurisdictions within the Asia-Pacific region. Where such international transfers occur, philbeth ensures that an adequate level of data protection is maintained through one or more of the following safeguards:

• Data processing agreements incorporating the NPC's standard contractual clauses or equivalent protections;
• Transfer to jurisdictions recognized by the NPC as providing an adequate level of data protection;
• Binding corporate rules where applicable within corporate groups.

By using the philbeth Platform, you consent to the transfer of your personal data as described in this Section, subject always to the protections described above. You may request information about the specific safeguards applied to international transfers of your data by contacting the philbeth DPO.

philbeth retains personal data for as long as necessary to fulfil the purposes described in this Policy and to comply with applicable legal and regulatory retention obligations. The following general retention guidelines apply:

Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised in accordance with philbeth's data destruction procedures. Where deletion is not technically feasible (e.g., backup media), data is securely isolated and protected until destruction is practicable.

philbeth uses cookies and similar session tracking technologies to operate and improve the Platform. The following categories of cookies are used:

• Strictly Necessary Cookies: Essential to the operation of the Platform, including session authentication tokens that keep you logged in and security cookies that prevent cross-site request forgery. These cannot be disabled without affecting Platform functionality.
• Performance & Analytics Cookies: Used to understand how Players interact with the Platform — which games are most popular, which pages are visited, and how long sessions last. Data collected is aggregated and anonymised wherever possible.
• Functional Cookies: Store your preferences — such as language settings, responsible gaming tool configurations, and recently played game lists — to personalise your Platform experience.
• Marketing Cookies (Consent-Based): Used only with your explicit opt-in consent to measure the effectiveness of promotional campaigns. These cookies are not used to track your activity across unaffiliated third-party websites.

You may manage cookie preferences through your browser settings. Disabling strictly necessary cookies will affect your ability to use the Platform. Disabling other cookie categories will not prevent access to core Platform functions. For mobile browser users accessing the Platform on Android or iOS in Metro Manila, Cebu, Davao, or elsewhere in the Philippines, the same cookie categories and controls apply.

Under the Philippine Data Privacy Act, you hold the following rights in respect of your personal data held by philbeth. These rights may be exercised by contacting the philbeth DPO as described in Section 16.

philbeth will respond to data subject requests within 15 business days of receipt, subject to verification of your identity. Requests may be submitted by contacting the DPO as described in Section 16. We may decline requests where the DPA or other applicable law permits or requires us to do so, and will provide written reasons in such cases.

philbeth implements a layered set of technical and organisational security measures designed to protect your personal data against unauthorized access, disclosure, alteration, destruction, and loss. These measures include:

• Encryption in transit: All data transmitted between your device and the philbeth Platform is encrypted using TLS 1.2 or higher (256-bit SSL);
• Encryption at rest: Sensitive personal data, including KYC documents and financial information, is encrypted at rest on philbeth's servers;
• Access controls: Internal access to personal data is restricted on a need-to-know basis, with role-based access controls and multi-factor authentication for all staff with administrative Platform access;
• Intrusion detection and monitoring: Automated monitoring systems detect and alert on anomalous access patterns, potential breaches, and unauthorized activity in real time;
• Penetration testing: philbeth conducts regular third-party security assessments of the Platform;
• Data minimisation: philbeth collects only the personal data necessary for the stated purposes and regularly reviews data holdings to remove data that is no longer required;
• Staff training: All philbeth staff with access to personal data receive regular data privacy and security training.

In the event of a personal data breach that is likely to result in significant harm to affected individuals, philbeth will notify the National Privacy Commission within 72 hours of becoming aware of the breach and will notify affected individuals without undue delay, as required by the DPA and NPC Circular No. 16-03.

philbeth does not knowingly collect personal data from any individual under the age of 21. The registration process requires age confirmation, and philbeth's KYC verification process includes date of birth verification against a valid Philippine government-issued ID.

If philbeth becomes aware that personal data has been collected from an individual under 21 years of age, the associated Account will be immediately suspended, access to funds will be restricted pending investigation, and the data will be deleted to the extent not required for regulatory reporting purposes. Regulatory disclosure to PAGCOR may be made as required.

If you believe that a person under 21 years of age has registered an account on the philbeth Platform, please contact philbeth Support or the DPO immediately.

The philbeth Platform may contain references to third-party game providers and payment services. These third parties operate under their own privacy policies, and philbeth is not responsible for the data handling practices of third parties beyond the scope of the data processing agreements described in Section 7.

philbeth's game library is powered by licensed third-party game providers including but not limited to PG Soft, Pragmatic Play, and JILI. Game session data is transmitted to these providers to the extent technically necessary for game delivery and RNG integrity verification. This data sharing occurs under the terms of philbeth's provider agreements and is described to you in this Policy.

Payment data shared with GCash, Maya, BPI, BDO, and other payment processors in connection with your deposits and withdrawals is subject to those providers' own privacy policies as applied between you and the payment provider directly. philbeth receives only the confirmation and transaction reference data necessary to credit your Account or process your withdrawal.

philbeth reserves the right to update or amend this Privacy Policy at any time. Material changes — meaning changes that significantly affect your rights or the manner in which philbeth processes your personal data — will be communicated to registered Players via email notification to your registered contact address and/or by prominent notice on the Platform, at least 7 days before the changes take effect.

Non-material updates (such as corrections of typographical errors, structural reorganisation without substantive change, or updates reflecting new NPC guidance without altering actual processing practices) may be made without advance notice. The current version of this Policy, identified by its effective date, is always available at philbeth.net/privacy-policy.

Your continued use of the Platform after the effective date of any revised Policy constitutes your acknowledgement and acceptance of the updated terms. If you disagree with any material amendment, you have the right to request Account closure prior to the amendment's effective date by contacting philbeth Support.

For any questions, concerns, or requests relating to this Privacy Policy or to the processing of your personal data by philbeth, please contact our Data Protection Officer through the following channels:

• Role: Data Protection Officer, philbeth
• Email: [email protected] (subject line: "Data Privacy Request")
• Live Chat: Available 24/7 from within your Account dashboard
• Platform: philbeth.net
• Response Commitment: Within 15 business days of receipt of your request

If you are not satisfied with philbeth's response to your data privacy concern, you have the right to lodge a complaint with the National Privacy Commission of the Philippines — the independent regulatory body responsible for upholding data privacy rights under the DPA. Information about the NPC's complaint process is available through the NPC's official channels.