phopen Privacy Policy – How We Handle Your Personal Data

When you register for a phopen account, we collect personal details including your full name, date of birth, email address, and mobile number. During the identity verification process required before your first withdrawal, we may also collect a copy of a valid government-issued ID and a selfie or proof-of-identity image. Payment-related information — such as your GCash or Maya account reference and transaction records — is collected each time you make a deposit or request a withdrawal in Philippine pesos. We also collect technical data automatically when you use the platform, including your device type, browser version, IP address, and session activity logs. This technical data helps us detect suspicious activity, prevent fraud, and improve the overall mobile experience for Filipino players. We do not collect more information than is necessary for the purposes described in this policy.

phopen uses your personal data primarily to operate and maintain your account, process deposits and withdrawals, and verify your identity as required under Philippine gaming regulations. Your contact details are used to send account-related notifications such as transaction confirmations, security alerts, and important policy updates — we do not send unsolicited marketing messages without your consent. Session and device data is used to monitor for fraudulent logins, enforce responsible gaming limits, and ensure the platform functions correctly on your device. Aggregated and anonymised usage data may be used internally to improve platform features, game selection, and the overall mobile experience. We do not sell, rent, or trade your personal information to third parties for their own marketing purposes under any circumstances. Where we share data with service providers — such as payment processors or identity verification partners — those parties are contractually required to handle your data securely and only for the specific purpose we have engaged them for.

phopen will only share your personal data with third parties in the limited circumstances described here. We work with payment service providers such as GCash and Maya to process your transactions; these providers receive only the transaction data necessary to complete the payment and are bound by their own privacy obligations under Philippine law. Identity verification partners may receive a copy of your ID documents solely for the purpose of confirming your identity before your first withdrawal is processed. If required by a Philippine court order, regulatory authority, or law enforcement agency, phopen may be legally obligated to disclose certain account or transaction information. In the event that phopen undergoes a business restructuring or change of ownership, player data may be transferred to the successor entity, subject to the same privacy protections described in this policy. We will never disclose your personal data to unrelated third parties for advertising, profiling, or data brokerage purposes.

phopen applies industry-standard technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse. All data transmitted between your device and the phopen platform is encrypted using secure protocols, and sensitive account information is stored in protected systems with restricted access. Our team conducts regular security reviews to identify and address potential vulnerabilities in the platform. You also play an important role in keeping your account secure — you should use a strong, unique password, never share your login credentials with anyone, and contact phopen support immediately if you suspect unauthorised access to your account. While we take every reasonable precaution, no online platform can guarantee absolute security, and you use the service at your own risk in this regard. If a data breach occurs that is likely to affect your rights, phopen will notify you and the relevant Philippine authorities in accordance with the Data Privacy Act of 2012.

Under the Philippine Data Privacy Act of 2012, you have the right to be informed about how your personal data is collected and used, which is the purpose of this policy. You also have the right to access a copy of the personal data phopen holds about you, and to request corrections if any information is inaccurate or incomplete. In certain circumstances, you may request the deletion or blocking of your personal data — for example, if it is no longer necessary for the purpose it was collected, or if you withdraw your consent and there is no other legal basis for processing. You have the right to object to the processing of your data in specific situations, and to lodge a complaint with the National Privacy Commission of the Philippines if you believe your rights have been violated. To exercise any of these rights, please contact phopen support using the email address listed in the footer of this page. We will respond to all data subject requests within a reasonable timeframe and in accordance with our legal obligations.

phopen retains your personal data for as long as your account is active and for a reasonable period thereafter, as required by Philippine gaming regulations and financial record-keeping obligations. Transaction records and identity verification documents are typically retained for a minimum period specified by applicable law, even after an account is closed. Once the retention period has expired and there is no legal requirement to keep the data, phopen will securely delete or anonymise your personal information. If you request account closure, your data will be retained for the legally required period before deletion is carried out. You may contact phopen support to ask about the specific retention period applicable to your account data. We do not retain personal data for longer than is necessary for the purposes described in this policy or required by law.