Your privacy matters to gamph. This policy explains exactly what personal data we collect, why we collect it, how we use and protect it, and what rights you have under Philippine law.
This Privacy Policy ("Policy") describes how gamph ("gamph," "we," "us," or "our"), the operator of the online gaming platform at gamph.vip, collects, processes, uses, stores, and protects personal data relating to individuals ("Data Subjects") who access or use gamph's website, platform services, customer support, and related communications channels.
gamph is committed to protecting the privacy and personal data of all players and website visitors in full compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) ("DPA"), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission (NPC). gamph is also subject to the data-related obligations imposed by its PAGCOR operating license and the Anti-Money Laundering Act of 2001 (Republic Act No. 9160, as amended).
By creating a gamph account or by continuing to use gamph's platform following notification of this Policy, you acknowledge that you have read and understood this Policy and consent to the processing of your personal data as described herein. If you do not agree, you must cease using the gamph platform.
gamph collects personal data from you directly (when you register, make transactions, or contact support), automatically (through your use of the platform), and in limited cases from third parties (such as payment processors and identity verification services). The categories of data collected include:
gamph processes your personal data for the following purposes:
| Purpose | Data Used |
|---|---|
| Account registration and authentication | Registration & identity data, technical data |
| Identity verification (KYC) and 21+ age confirmation | Identity data, ID documents, selfie photographs |
| Processing deposits and withdrawals | Financial & transaction data |
| Fraud prevention and AML compliance | All categories, including financial and gaming data |
| Regulatory reporting to PAGCOR and AMLC | Identity, financial, and gaming data |
| Providing customer support | Communications data, account data |
| Enforcing Terms & Conditions and responsible gaming policies | Gaming activity, account, and identity data |
| Platform security and integrity monitoring | Technical and gaming activity data |
| Sending transactional communications (deposit/withdrawal confirmations) | Contact and transaction data |
| Sending promotional communications (where consent has been given) | Contact data, gaming preferences |
gamph does not sell your personal data to third parties for their own marketing purposes. We do not use your data to make automated decisions that produce legal or similarly significant effects without human review.
gamph processes your personal data on the following legal grounds under the Philippine Data Privacy Act:
gamph does not sell, rent, or trade your personal data. We share your personal data only in the following limited circumstances:
gamph engages third-party service providers who process personal data on our behalf under strict contractual data processing agreements. These include KYC and identity verification providers, payment gateway operators (GCash/Maya/banking partners), game software providers under data licensing agreements, cloud infrastructure providers hosting the gamph platform, and customer support platform providers. All processors are contractually required to process data only on gamph's instructions and to maintain appropriate security standards.
gamph is required by law to disclose player data to PAGCOR, the Anti-Money Laundering Council (AMLC), and other competent Philippine government authorities when required under the PAGCOR Charter, the AMLA, the DPA, or any other applicable Philippine regulation, court order, or law enforcement directive.
In the event of a merger, acquisition, or sale of substantially all of gamph's assets, personal data held by gamph may be transferred to the acquiring entity, subject to equivalent privacy protections and notification to affected players.
With your explicit prior consent, gamph may share your data for purposes not described in this Policy. You may withdraw such consent at any time by contacting [email protected].
gamph uses cookies and similar tracking technologies on the gamph.vip website and platform. Cookies are small text files stored on your device that help the platform function correctly, remember your preferences, and analyse platform usage.
These are strictly necessary for the gamph platform to function. They enable session authentication, maintain your logged-in state during a gaming session, and support security features such as CSRF protection. Essential cookies cannot be disabled without severely impairing platform functionality.
gamph uses analytics tools to understand how players navigate and use the platform — including which pages are visited, session durations, and error events. This data is used in aggregate form to improve the gamph platform. You may opt out of analytical cookies via gamph's cookie preference settings.
These cookies remember your platform preferences such as language, game lobby sort order, and responsible gaming tool configurations. Disabling these cookies means your preferences will not be saved between sessions.
You can manage cookie settings through your browser settings at any time. Note that disabling essential cookies will affect your ability to log in and use the gamph platform.
gamph retains personal data for as long as is necessary to fulfil the purposes described in this Policy and to comply with legal and regulatory obligations. Specific retention periods applicable to gamph's data categories are as follows:
Upon expiry of the applicable retention period, personal data will be securely deleted or anonymised in accordance with gamph's data disposal procedures.
gamph implements technical and organisational security measures appropriate to the risks presented by the processing of personal data on the platform. These measures include:
In the event of a personal data breach affecting your rights and freedoms, gamph will notify you and the National Privacy Commission (NPC) within the timeframes required under the Data Privacy Act and NPC Circular No. 16-03.
Under the Philippine Data Privacy Act, you have the following rights with respect to your personal data held by gamph:
To exercise any of these rights, submit a written request to [email protected] with the subject line "Data Subject Request." gamph will acknowledge your request within 3 business days and endeavour to fulfil it within 30 calendar days. Requests may be subject to identity verification before processing.
The gamph platform is strictly intended for adults aged 21 years and older, as required by PAGCOR's regulations governing licensed online gaming in the Philippines. gamph does not knowingly collect personal data from individuals under the age of 21. Age verification is conducted at registration and through KYC procedures for all accounts.
If gamph discovers that personal data has been collected from a person under 21 years of age, that account will be immediately closed, all associated data will be deleted in accordance with applicable retention requirements, and any funds deposited will be handled in accordance with PAGCOR's guidelines on underage play. If you are a parent or guardian and believe your child may have accessed gamph, please contact us immediately at [email protected].
gamph's primary data processing infrastructure is hosted in data centres serving the Philippine market. In limited circumstances, personal data may be processed by gamph's service providers (such as game software providers or cloud infrastructure partners) in locations outside the Philippines. Where such transfers occur, gamph ensures that they are made in compliance with the Data Privacy Act, specifically that the receiving party provides an adequate level of data protection equivalent to the standards required under Philippine law, as evidenced by contractual data processing agreements incorporating equivalent safeguards.
gamph reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data practices, applicable law, or PAGCOR requirements. Material changes will be communicated to registered players via email to their registered address and/or through a prominent notice on the gamph platform at least 7 days before the changes take effect. The "Last Updated" date at the top of this Policy will always reflect the date of the most recent revision. Your continued use of the gamph platform after the effective date of any amendment constitutes acceptance of the revised Policy.
For any questions, concerns, or requests relating to this Privacy Policy or gamph's handling of your personal data, please contact gamph's Data Protection Officer:
If you are not satisfied with gamph's response to a privacy concern, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines, which is the regulatory authority responsible for enforcing the Data Privacy Act. Information on how to file a complaint with the NPC is available on the NPC's official website.
gamph's data handling practices are fully compliant with the Philippine Data Privacy Act of 2012 (RA 10173) and all NPC issuances. Your personal data is processed only on a lawful basis, for legitimate purposes.
All data transmitted to and from gamph is protected by 256-bit SSL encryption — the same security standard used by Philippine banks and major financial institutions. Sensitive data at rest is also encrypted.
gamph does not sell, rent, or trade your personal data to any third party for their marketing purposes. Your information is used exclusively to operate your account, process payments, and comply with regulatory obligations.
Access, correct, port, or request deletion of your gamph data at any time by contacting [email protected]. gamph processes Data Subject Requests within 30 days, with acknowledgement within 3 business days.
gamph holds your data only as long as legally required — typically 5 years post-account closure for financial and KYC records under AMLA/PAGCOR rules. After that, data is securely deleted or anonymised.
In the unlikely event of a data breach affecting your rights, gamph will notify you and the NPC within the timeframes required by law. Transparency about security incidents is a core part of how gamph operates.
gamph is built on a foundation of trust — PAGCOR licensing, DPA compliance, and secure GCash transactions. Play confidently knowing your personal data and funds are protected at every step.
Players must be 21 years or older. Play responsibly.