phpgroup Privacy Policy

1. Introduction

phpgroup ("phpgroup," "we," "us," or "our") is committed to protecting the privacy and personal data of all users of the phpgroup platform located at https://phpgroup.vip (the "Platform"). This Privacy Policy ("Policy") describes how phpgroup collects, uses, discloses, stores, and protects your personal information when you access or use the Platform, register a phpgroup account, or interact with phpgroup's customer support team.

This Policy is issued in compliance with Republic Act No. 10173, the Philippine Data Privacy Act of 2012 ("DPA"), and its Implementing Rules and Regulations. By registering a phpgroup account or continuing to use the Platform, you acknowledge that you have read and understood this Policy and consent to the collection and processing of your personal data as described herein.

If you do not agree with any part of this Policy, please discontinue use of the phpgroup Platform and contact our support team to request account closure.

2. Data We Collect

phpgroup collects personal data that you provide directly, data generated through your use of the Platform, and data received from third parties where permitted by law. The categories of personal data phpgroup may collect include:

• Identity Data: Full name, date of birth, nationality, and government-issued identification numbers (e.g., Philippine National ID, passport, driver's licence, SSS/GSIS number).
• Contact Data: Email address, mobile number, and residential address (including city — e.g., Manila, Cebu, Davao, Quezon City, Makati).
• Financial Data: Bank account details, GCash or PayMaya account numbers, BPI/BDO/Metrobank account references, deposit and withdrawal transaction history, and account balance information.
• Account Data: phpgroup username, encrypted password, account preferences, bonus history, and gaming activity records.
• Technical Data: IP address, device type, browser type and version, operating system, session duration, and pages visited on the phpgroup Platform.
• Communications Data: Records of your interactions with phpgroup customer support, including live chat transcripts and email correspondence.
• Verification Data: Copies of identity documents and selfie photographs submitted for Know Your Customer (KYC) verification as required by PAGCOR anti-money laundering regulations.

phpgroup does not intentionally collect sensitive personal information beyond what is strictly necessary for identity verification and regulatory compliance. phpgroup does not collect biometric data, health information, or political opinions.

3. How We Use Your Data

phpgroup processes your personal data for the following purposes:

• To create, verify, and manage your phpgroup account.
• To process deposits, withdrawals, and other financial transactions via GCash, PayMaya, BPI, BDO, Metrobank, and other supported payment channels.
• To verify your identity and age (21+) in compliance with PAGCOR regulations and Philippine anti-money laundering laws.
• To provide customer support and respond to your enquiries, complaints, and feedback.
• To send you transactional communications, including deposit confirmations, withdrawal notifications, and security alerts.
• To send you promotional communications about phpgroup bonuses, new games, and special offers — only where you have provided consent or where permitted by applicable law. You may opt out at any time.
• To detect, investigate, and prevent fraud, money laundering, and other illegal activities on the phpgroup Platform.
• To comply with phpgroup's legal and regulatory obligations, including reporting requirements under Philippine law.
• To improve the phpgroup Platform through analytics, performance monitoring, and user experience research.
• To administer phpgroup's responsible gaming programme, including monitoring for signs of problem gambling and enforcing self-exclusion requests.

4. Legal Basis for Processing

phpgroup processes your personal data on the following legal bases under the Philippine Data Privacy Act of 2012:

• Contractual Necessity: Processing is necessary to perform the contract between you and phpgroup (i.e., to operate your phpgroup account and provide gaming services).
• Legal Obligation: Processing is required to comply with phpgroup's obligations under Philippine law, including PAGCOR regulations, the Anti-Money Laundering Act, and the Data Privacy Act.
• Legitimate Interests: Processing is necessary for phpgroup's legitimate interests in fraud prevention, platform security, and business analytics, provided these interests are not overridden by your rights and freedoms.
• Consent: For marketing communications and non-essential cookies, phpgroup relies on your freely given, specific, and informed consent, which you may withdraw at any time.

5. Data Sharing & Disclosure

phpgroup does not sell, rent, or trade your personal data. phpgroup may share your personal data with the following categories of recipients only to the extent necessary and under appropriate safeguards:

• Payment Processors: GCash, PayMaya, BPI, BDO, Metrobank, and other payment service providers, solely to process your financial transactions.
• Identity Verification Providers: Third-party KYC and AML compliance service providers engaged by phpgroup to verify your identity and comply with regulatory requirements.
• Technology Service Providers: Cloud hosting, data analytics, and customer support platform providers operating under strict data processing agreements with phpgroup.
• Regulatory Authorities: PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission, and other Philippine government authorities where disclosure is required by law or court order.
• Business Transfers: In the event of a merger, acquisition, or sale of phpgroup's business assets, your personal data may be transferred to the acquiring entity, subject to equivalent privacy protections.

All third-party service providers engaged by phpgroup are contractually required to process your personal data only for the specified purpose and in accordance with phpgroup's instructions and applicable Philippine privacy law.

6. Cookies & Tracking Technologies

phpgroup uses cookies and similar tracking technologies to operate and improve the Platform. A cookie is a small text file placed on your device when you visit the phpgroup website. phpgroup uses the following categories of cookies:

• Strictly Necessary Cookies: Required for the Platform to function. These include session authentication cookies that keep you logged in to your phpgroup account. These cookies cannot be disabled.
• Functional Cookies: Used to remember your preferences, such as language settings and display options, to personalise your phpgroup experience.
• Analytics Cookies: Used to collect aggregated, anonymised data about how players use the phpgroup Platform, helping us identify areas for improvement. No personally identifiable information is included in analytics reports.
• Marketing Cookies: Used only with your consent to deliver relevant phpgroup promotional content. You may withdraw consent at any time via your account settings or browser controls.

You may control or disable non-essential cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the phpgroup Platform.

7. Data Retention

phpgroup retains your personal data for as long as your phpgroup account remains active and for a period thereafter as required by applicable law and regulation. Specifically:

• Account and transaction records are retained for a minimum of five (5) years following account closure, in compliance with Philippine anti-money laundering regulations.
• KYC verification documents are retained for the period required by PAGCOR and AMLC regulations, typically five (5) years from the date of the last transaction.
• Customer support communications are retained for three (3) years from the date of the interaction.
• Marketing consent records are retained for the duration of your phpgroup account and for two (2) years following account closure.

Upon expiry of the applicable retention period, phpgroup will securely delete or anonymise your personal data in accordance with its data disposal procedures.

8. Data Security

phpgroup implements a comprehensive set of technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:

• 256-bit SSL/TLS encryption for all data transmitted between your device and the phpgroup Platform.
• Encryption of sensitive data fields — including passwords and financial account references — at rest using industry-standard algorithms.
• Role-based access controls ensuring that only authorised phpgroup personnel with a legitimate business need may access personal data.
• Regular security audits, vulnerability assessments, and penetration testing of the phpgroup Platform.
• Multi-factor authentication options for phpgroup account access.
• Incident response procedures to detect, contain, and notify affected users of any personal data breach in accordance with the Data Privacy Act's 72-hour notification requirement.

While phpgroup takes all reasonable steps to protect your data, no online platform can guarantee absolute security. You are responsible for maintaining the confidentiality of your phpgroup login credentials and for notifying phpgroup immediately if you suspect any unauthorised access to your account.

9. Your Rights Under the DPA

As a data subject under the Philippine Data Privacy Act of 2012, you have the following rights with respect to your personal data held by phpgroup:

• Right to be Informed: The right to know that phpgroup is collecting and processing your personal data, and the purposes for which it is being used — as set out in this Policy.
• Right of Access: The right to request a copy of the personal data phpgroup holds about you, along with information about how it is being processed.
• Right to Rectification: The right to request correction of any inaccurate or incomplete personal data in your phpgroup account.
• Right to Erasure: The right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to phpgroup's legal retention obligations.
• Right to Object: The right to object to the processing of your personal data for direct marketing purposes. You may opt out of marketing communications at any time.
• Right to Data Portability: The right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Lodge a Complaint: The right to file a complaint with the National Privacy Commission (NPC) of the Philippines if you believe phpgroup has violated your data privacy rights.

To exercise any of these rights, please contact the phpgroup Data Privacy Officer via the support team. phpgroup will respond to all verified data subject requests within thirty (30) days.

10. Children's Privacy

The phpgroup Platform is strictly intended for adults aged 21 years and above. phpgroup does not knowingly collect personal data from individuals under the age of 21. If phpgroup becomes aware that personal data has been collected from a person under 21, that account will be immediately suspended and the data will be deleted. If you believe a minor has registered a phpgroup account, please contact our support team immediately.

11. International Data Transfers

phpgroup's primary operations and data storage are based in the Philippines. In certain circumstances, your personal data may be transferred to or processed by service providers located outside the Philippines — for example, cloud infrastructure providers or technology partners. Where such transfers occur, phpgroup ensures that appropriate safeguards are in place, including contractual data protection clauses consistent with the requirements of the Philippine Data Privacy Act and the standards set by the National Privacy Commission.

12. Changes to This Policy

phpgroup reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. Material changes will be communicated to registered phpgroup players via email or a prominent notice on the Platform at least seven (7) days before the changes take effect. The "Last Updated" date at the top of this Policy will always reflect the most recent revision. Your continued use of the phpgroup Platform after the effective date of any amendment constitutes your acceptance of the revised Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or phpgroup's data practices, please contact our Data Privacy Officer:

phpgroup Data Privacy Officer
Email: [email protected]

phpgroup aims to acknowledge all privacy-related enquiries within 48 hours and to resolve them within 30 calendar days. If you are not satisfied with phpgroup's response, you have the right to escalate your complaint to the National Privacy Commission of the Philippines.