Overview of How Personal Data is Handled

Personal data collected may include:

• Identity and contact details: name, date of birth, nationality, address, email, phone.
• Account and verification records: username, KYC documents, proof of address, photographs or video for identity checks.
• Financial and transaction information: payment method details processed by providers, deposits, withdrawals, betting and gaming history.
• Technical and device data: IP address, browser type, operating system, app identifiers, approximate location, log files.
• Usage information: pages visited, time spent, session data, preferences, communications with support.
• Responsible gambling and compliance data: limits, self-exclusion status, risk indicators required by law.

Purposes for collection:

• To provide and maintain services, manage accounts, and process transactions.
• To verify identity, prevent fraud, and comply with anti-money laundering obligations.
• To improve products, ensure security, and support responsible gaming measures.
• To respond to user requests and provide customer support.

Protection measures include:

• Encryption in transit and at rest, secure key management, and strict access controls.
• Payment processing via certified providers and segregation of financial information.
• Continuous monitoring, vulnerability management, firewalls, and audit logging.
• Staff training, confidentiality agreements, and supplier due diligence.
• Privacy by design and regular reviews of security controls.

User rights under Philippine law (Republic Act No. 10173, Data Privacy Act of 2012, and NPC issuances):

• To be informed about collection and processing.
• To access personal data held by the platform.
• To correct or update inaccurate information.
• To request deletion or blocking subject to legal retention.
• To object to processing or withdraw consent when processing is based on consent.
• To data portability where applicable.
• To lodge a complaint with the National Privacy Commission.

Compliance statement:

• Processing follows the Data Privacy Act of 2012 and its IRR, relevant NPC circulars and advisories, and aligns with international standards such as GDPR principles.

Data retention:

• Personal data is kept only as long as needed for the purposes stated or as required by law. Records related to transactions may be retained for at least five years under anti-money laundering rules.

Personal information is used only for lawful, necessary, and transparent purposes:

• Account setup and service delivery: create and manage profiles, verify identity, provide online services. Legal basis: contract and consent where required.
• Payments and transactions: process deposits and withdrawals through payment providers. Legal basis: contract and legal obligation.
• Security and fraud prevention: risk scoring, AML/CFT checks, sanctions screening. Legal basis: legal obligation and legitimate interests.
• Responsible gambling: enforce account limits, self-exclusion, and monitoring for user protection. Legal basis: legal obligation and legitimate interests.
• Customer support and communications: respond to requests, service notices, and changes to this document. Legal basis: contract and legitimate interests.
• Analytics and service improvement: measure performance, fix issues, and improve user experience. Legal basis: legitimate interests.
• Marketing and personalisation: send marketing only where consent is given, manage preferences, and tailor content. Legal basis: consent.

Processing is limited to the stated purposes, and only the minimum data necessary is collected and used.

Users can access, update, or delete their information by:

• Reviewing and editing details in account settings, where available.
• Submitting a privacy request through the support channels listed on the website.

Process and timelines:

• A request may require additional verification of identity.
• Responses are provided within a reasonable period, usually within 30 days, subject to permitted extensions.
• Deletion may be limited by legal or regulatory obligations, such as record-keeping requirements under the Anti-Money Laundering Act.

Security checks and payments:

• By using Paripesa, you consent to security reviews, identity verification, fraud prevention screening, and processing of payment data by payment providers and verification partners to meet legal obligations and protect the platform.

• The site is intended for adults aged 18 and above. Accounts for persons under 18 are not permitted.
• The operator cannot confirm age without identity documents. Proof of age may be requested at any time.
• If a parent or guardian believes a minor has submitted personal information, contact support. Upon verified notice, the account will be closed and the data will be deleted, subject to legal retention requirements.

• Personal information may be stored or processed outside the Philippines in countries where service partners and providers operate.
• By using the site, you consent to international transfers for the purposes described in this policy.
• Confidentiality and security standards are imposed on all partners through contracts and assessments. Where required, appropriate safeguards such as standard contractual clauses, encryption, and access restrictions are used to protect the data during transfer and storage.

• This section explains that any disclaimer in this policy may limit or clarify the scope and effect of certain rules to the extent allowed by law.
• The disclaimer and the rest of the policy take effect once the user accepts the policy through signature, click-acceptance, accession, or continued use of the services.
• Nothing in this policy excludes rights that cannot be waived under Philippine law.

Definition and use:

• Cookies are small files stored on a device by websites to remember a user and improve functionality.
• Cookies and similar technologies are used for statistics, behaviour analysis, personalisation, fraud prevention, and site improvement.

Retention and control:

• Cookies are retained for up to 1 year unless deleted earlier by the user.
• Users can manage or block cookies in browser or device settings. Some cookies are essential for the site to function.

Categories:

• Essential: required for login, security, and core features.
• Performance and analytics: measure usage and improve online services.
• Functionality: remember preferences and settings.
• Advertising: used only where consent is provided and according to user choices.

• Using Paripesa means full acceptance of the current version of this privacy policy.
• The policy may be updated. The latest version on the website prevails over previous versions.
• Continued use after an update signifies agreement to the revised terms.

Sharing may occur in these situations:

• Legal and regulatory: disclosures to courts, law enforcement, regulators, tax authorities, or the National Privacy Commission.
• Dispute resolution: exchanges with legal advisers, auditors, insurers, or dispute bodies.
• Service providers: payment processors, identity verification vendors, fraud prevention and risk tools, hosting and cloud services, analytics, customer support platforms, and marketing providers where consent exists.

Notes on transparency:

• The list or categories of third-party partners are published on the website or provided upon request. If a specific partner is not listed, the purpose and scope of sharing will be explained before processing where required.
• Providing personal data on the site constitutes consent to share it for the purposes stated, subject to applicable law and user choices.

• The site may contain links to external websites or services that follow their own privacy policies.
• The operator is not responsible for how those third parties collect, use, or protect information.
• Exercise caution and review the privacy terms of any external site visited before providing personal data.

Additional Information for Philippines Users

• Governing law: Processing follows the Data Privacy Act of 2012 and relevant NPC issuances. Where applicable, AMLA and gaming regulations guide identity checks, record-keeping, and responsible gambling controls.
• Breach notification: If a data breach creates a real risk of serious harm, affected users and the National Privacy Commission will be notified as required by law.
• Contact: For privacy requests, complaints, or questions, use the support channels and contact details published on the website and address communications to the Data Protection Officer.