At phopen, your privacy is not an afterthought — it is built into everything we do. This Privacy Policy explains exactly what personal data we collect from Filipino players, why we collect it, how we use and protect it, and what rights you have over your own information. We believe you deserve full transparency, so we have written this policy in plain, straightforward English.
These cards summarize the most important aspects of phopen's approach to data privacy. The full legal detail for each topic follows in the sections below.
We collect only the data necessary to operate your phopen account safely and legally — including registration details, KYC documents, transaction records, and gameplay activity. We do not collect data we do not need.
Your data is used to verify your identity, process deposits and withdrawals, deliver a personalized gaming experience, prevent fraud, and comply with PAGCOR regulations and Philippine law. We never sell your data to third parties for marketing.
We share your data only with trusted service providers (payment processors like GCash and Maya, KYC verification partners, and cloud infrastructure providers) and with regulatory authorities as required by Philippine law. No unauthorized third-party sharing.
phopen uses industry-standard encryption (TLS 1.3 in transit, AES-256 at rest), strict access controls, regular security audits, and a dedicated data protection team to keep your personal information safe from unauthorized access or disclosure.
As a data subject under the Data Privacy Act of 2012, you have the right to access, correct, delete, and port your personal data. You also have the right to object to certain types of processing and to lodge a complaint with the National Privacy Commission.
We retain your personal data for as long as your phopen account is active and for a minimum of five (5) years after account closure, as required by Philippine anti-money laundering regulations. Data no longer needed is securely deleted or anonymized.
phopen ("we," "us," or "our") operates the online gaming platform accessible at phopen.live, including all associated games, features, and services offered to registered users in the Philippines. We are committed to protecting the privacy and personal data of every player who uses our platform, and we take our obligations under Philippine data protection law seriously.
This Privacy Policy ("Policy") describes how phopen collects, uses, stores, shares, and protects your personal data when you visit our website, register an account, make deposits or withdrawals, play games, or interact with our customer support team. It also explains the rights you have over your personal data and how you can exercise those rights.
Legal Framework: This Policy is drafted in compliance with the Data Privacy Act of 2012 (Republic Act No. 10173) of the Philippines, its Implementing Rules and Regulations, and the issuances of the National Privacy Commission (NPC). phopen is registered as a personal information controller with the NPC as required by applicable regulations.
By accessing or using the phopen platform, you acknowledge that you have read, understood, and agree to the collection and use of your personal data as described in this Policy. If you do not agree with any part of this Policy, please discontinue use of the phopen platform and contact our support team to close your account.
This Policy should be read together with phopen's Terms & Conditions and Responsible Gaming Policy, both of which are incorporated by reference.
phopen collects personal data that is necessary, adequate, and not excessive in relation to the purposes for which it is collected and processed. The categories of personal data we collect include:
Sensitive Personal Information: Government-issued ID documents and biometric verification images are classified as sensitive personal information under RA 10173. phopen applies heightened security controls to this category of data and limits access to authorized KYC personnel only.
phopen collects personal data through the following channels:
The majority of your personal data is collected directly from you when you register an account, complete KYC verification, make a deposit or withdrawal, contact customer support, or use any feature of the phopen platform that requires you to provide information.
When you access and use the phopen platform, certain technical and behavioral data is collected automatically through cookies, web beacons, server logs, and similar tracking technologies. This includes your IP address, device information, pages visited, and gameplay activity. See Section 7 for full details on our use of cookies and tracking technologies.
phopen may receive personal data about you from trusted third-party service providers in the following circumstances:
phopen does not purchase personal data from data brokers or any other commercial data sources.
phopen uses your personal data only for the purposes described in this Policy. The table below summarizes the primary purposes for which we process your data and the corresponding legal basis under RA 10173:
| Purpose of Processing | Data Categories Used | Legal Basis |
|---|---|---|
| Account registration and management | Registration & Identity Data | Contract performance |
| Age verification (21+ requirement) | Date of birth, KYC documents | Legal obligation (PAGCOR) |
| KYC identity verification | KYC Verification Data | Legal obligation (AML law) |
| Processing deposits and withdrawals | Financial & Transaction Data | Contract performance |
| Delivering gaming services | Gameplay & Activity Data | Contract performance |
| Fraud detection and prevention | Technical, Financial, Activity Data | Legitimate interest / Legal obligation |
| Responsible gaming monitoring | Gameplay & Activity Data | Legal obligation (PAGCOR) |
| Customer support | All relevant categories | Contract performance |
| Regulatory reporting | Identity, Financial Data | Legal obligation |
| Platform improvement and analytics | Technical & Device Data (anonymized) | Legitimate interest |
| Promotional communications (opt-in only) | Email address, gameplay preferences | Consent |
Marketing Communications: phopen will only send you promotional emails or SMS messages if you have explicitly opted in to receive them during registration or through your account settings. You can withdraw your consent and unsubscribe from marketing communications at any time through your account preferences or by contacting our support team.
Under the Data Privacy Act of 2012 and its Implementing Rules and Regulations, phopen processes your personal data on the following legal bases:
phopen does not sell, rent, or trade your personal data to any third party for their own commercial purposes. We share your personal data only in the following limited circumstances:
phopen engages trusted third-party service providers who process personal data on our behalf under strict data processing agreements that require them to maintain confidentiality and implement appropriate security measures. These include:
phopen may disclose your personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), or other Philippine government authorities when required to do so by law, court order, or regulatory directive. phopen will notify you of such disclosures where legally permitted to do so.
In the event of a merger, acquisition, restructuring, or sale of phopen's business or assets, your personal data may be transferred to the acquiring entity as part of that transaction. phopen will notify registered users of any such transfer and ensure that the acquiring entity is bound by privacy obligations no less protective than those in this Policy.
What We Never Do: phopen will never sell your personal data to advertisers, data brokers, or any other commercial third party. We will never share your data with other online gaming platforms or casinos without your explicit consent. Your data is used solely to operate and improve the phopen platform for your benefit.
phopen uses cookies and similar tracking technologies to operate the platform, remember your preferences, maintain your login session, and analyze how the platform is used. A cookie is a small text file placed on your device by a website you visit.
| Cookie Type | Purpose | Can Be Disabled? |
|---|---|---|
| Strictly Necessary | Maintain your login session, process transactions, and ensure platform security. These are essential for the platform to function. | No — required for platform operation |
| Functional | Remember your language preferences, game settings, and responsible gaming tool configurations. | Yes — via cookie settings |
| Analytics | Collect anonymized data on how users navigate the platform to help us improve the user experience. | Yes — via cookie settings |
| Security | Detect and prevent fraudulent login attempts, bot activity, and other security threats. | No — required for security |
You can manage non-essential cookie preferences through the cookie settings panel available on the phopen platform. You may also configure your browser to block or delete cookies; however, disabling strictly necessary or security cookies may prevent you from logging in or using certain platform features. phopen does not use third-party advertising cookies or cross-site tracking cookies.
phopen implements a comprehensive set of technical and organizational security measures to protect your personal data from unauthorized access, disclosure, alteration, loss, or destruction. Our security framework includes:
Your Role in Security: While phopen takes extensive measures to protect your data, the security of your account also depends on you. Use a strong, unique password for your phopen account, enable two-factor authentication, and never share your login credentials with anyone. If you suspect your account has been compromised, contact our support team immediately.
phopen retains your personal data for as long as is necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, and to resolve disputes or enforce our agreements. The following retention periods apply:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account registration data | Duration of account + 5 years after closure | AMLA / PAGCOR requirements |
| KYC verification documents | Duration of account + 5 years after closure | AMLA / RA 10173 |
| Financial transaction records | Duration of account + 5 years after closure | AMLA / Tax regulations |
| Gameplay activity logs | Duration of account + 2 years after closure | Dispute resolution / PAGCOR |
| Customer support records | 3 years from date of interaction | Legitimate interest |
| Marketing consent records | Until consent is withdrawn + 1 year | RA 10173 accountability |
| Technical / access logs | 12 months on a rolling basis | Security / fraud prevention |
When personal data is no longer required for any of the above purposes, phopen will securely delete or anonymize it in accordance with our data disposal procedures. Anonymized data (from which you cannot be identified) may be retained indefinitely for statistical and analytical purposes.
Under the Data Privacy Act of 2012 (RA 10173), you have the following rights with respect to your personal data held by phopen. To exercise any of these rights, please contact our Data Protection Officer as described in Section 14.
How to Exercise Your Rights: To submit a data rights request, email our Data Protection Officer at [email protected] with the subject line "Data Rights Request" and include your full name, registered account email address, and a clear description of the right you wish to exercise. phopen will verify your identity before processing any request and will respond within thirty (30) days of receipt.
The phopen platform is strictly intended for adults aged 21 years and above, in accordance with PAGCOR regulations governing online casino gaming in the Philippines. phopen does not knowingly collect, process, or retain personal data from individuals under the age of 21.
All users are required to verify their age during the KYC process before being permitted to deposit funds or participate in any real-money gaming activity. If phopen discovers or has reason to believe that a registered user is under 21 years of age, we will immediately suspend the account, freeze any associated funds pending review, and delete the personal data of the underage user in accordance with applicable law.
21+ Strictly Enforced: If you are a parent or guardian and believe that a minor under your care has registered an account on phopen, please contact us immediately at [email protected]. We will investigate and take appropriate action, including account closure and data deletion, as quickly as possible.
phopen's primary operations and data storage are based in the Philippines. However, some of our trusted third-party service providers — including cloud infrastructure and KYC verification partners — may process or store data in servers located outside the Philippines.
Where personal data is transferred outside the Philippines, phopen ensures that appropriate safeguards are in place to protect your data to a standard equivalent to that required under RA 10173. These safeguards include:
By using the phopen platform, you acknowledge and consent to the transfer of your personal data to overseas processors as described in this section, subject to the safeguards outlined above.
phopen reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or regulatory requirements. When we make material changes to this Policy, we will:
Your continued use of the phopen platform after the effective date of any updated Policy constitutes your acceptance of the revised terms. If you do not agree with the changes, you should discontinue use of the platform and contact our support team to close your account before the effective date of the update.
We encourage you to review this Privacy Policy periodically to stay informed about how phopen protects your personal data. Previous versions of this Policy are available upon request by contacting our Data Protection Officer.
phopen has appointed a Data Protection Officer (DPO) responsible for overseeing compliance with RA 10173 and this Privacy Policy. If you have any questions, concerns, or requests relating to your personal data or this Policy, please contact our DPO through the following channels:
National Privacy Commission: If you are not satisfied with phopen's response to your privacy concern, you have the right to escalate your complaint to the National Privacy Commission of the Philippines. The NPC is the independent government body responsible for administering and enforcing RA 10173 in the Philippines.
phopen is committed to resolving all privacy concerns fairly and transparently. We take every inquiry seriously and will work with you to address your concern in a timely and respectful manner.
Now that you know exactly how phopen handles your personal data, you can enjoy our full range of games — bingo, slots, Aviator, and live casino — with complete peace of mind. Your privacy is our priority, every step of the way.
21+ Only. Please play responsibly. If gaming stops being fun, use our Responsible Gaming tools.