phdrea Privacy Policy

This Privacy Policy ("Policy") is issued by phdrea ("phdrea," "we," "us," or "our") and applies to all personal information collected, processed, stored, and used in connection with the phdrea online gaming platform available at https://phdrea.app, including all associated mobile-optimized interfaces, features, games, promotions, and customer support channels (collectively, the "Platform").

This Policy is intended to inform you — our registered players, prospective players, and visitors — about the types of personal data we collect, the purposes for which we process it, the parties with whom we may share it, and the rights you hold with respect to your personal information under applicable Philippine law.

phdrea is committed to complying with the Republic Act No. 10173, also known as the Data Privacy Act of 2012 of the Philippines, and its Implementing Rules and Regulations, as administered by the National Privacy Commission (NPC). All personal data processing activities conducted by phdrea are carried out in accordance with the principles of transparency, legitimate purpose, and proportionality as mandated by Philippine data protection law.

By registering an account on phdrea, accessing the Platform, or otherwise providing your personal information to us, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein. If you do not agree with any part of this Policy, you should not use the Platform.

phdrea collects personal data from you through several channels: directly when you register an account or interact with the Platform, automatically through your use of the Platform, and from third-party sources where permitted by law. The categories of personal data we collect include the following:

2.1 Registration & Identity Data

When you create a phdrea account, we collect the information you provide during the registration process, including:

• Full legal name (as it appears on your government-issued ID)
• Date of birth (to verify that you meet the 21+ age requirement)
• Residential address in the Philippines
• Email address
• Mobile phone number
• Username and encrypted password

2.2 Identity Verification Data

To comply with Philippine anti-money laundering regulations and to verify your identity, phdrea may request and collect copies of government-issued identification documents, including:

• Philippine passport
• Driver's license issued by the Land Transportation Office (LTO)
• Unified Multi-Purpose ID (UMID)
• Social Security System (SSS) ID
• PhilHealth ID
• Postal ID or Voter's ID
• Proof of address documents (e.g., utility bills, bank statements)

2.3 Financial & Transaction Data

When you make deposits or withdrawals on phdrea, we collect financial information necessary to process your transactions, including:

• GCash account number or registered mobile number
• PayMaya account details
• Bank account details for BPI, BDO, or Metrobank transfers (account name and number)
• Transaction history, including deposit amounts, withdrawal amounts, dates, and reference numbers
• Betting history and game activity records

2.4 Technical & Usage Data

When you access and use the phdrea Platform, we automatically collect certain technical information about your device and browsing behavior, including:

• IP address and approximate geographic location
• Device type, operating system, and browser version
• Pages visited, features used, and time spent on the Platform
• Session duration and login timestamps
• Referring URLs and exit pages
• Error logs and crash reports

2.5 Communications Data

When you contact phdrea's customer support team via live chat, email, or any other channel, we collect and retain records of those communications, including the content of your messages, the date and time of contact, and the resolution provided.

phdrea processes your personal data only for specific, legitimate purposes. We do not use your data in ways that are incompatible with the purposes for which it was originally collected. The primary purposes for which phdrea processes your personal data are as follows:

• Account Management: To create, maintain, and manage your phdrea player account, including processing your registration, verifying your identity, and enabling you to access all Platform features.
• Payment Processing: To process your deposits and withdrawals via GCash, PayMaya, BPI, BDO, Metrobank, and other supported payment methods, and to maintain accurate financial records of all transactions.
• Identity Verification & KYC Compliance: To verify that you meet the 21+ age requirement and to comply with Philippine anti-money laundering (AML) and Know Your Customer (KYC) obligations.
• Fraud Prevention & Security: To detect, investigate, and prevent fraudulent activity, unauthorized account access, money laundering, and other illegal or prohibited conduct on the Platform.
• Regulatory Compliance: To comply with applicable Philippine laws and regulations, including reporting obligations to relevant government authorities where required by law.
• Customer Support: To respond to your inquiries, resolve disputes, and provide technical assistance through phdrea's 24/7 customer support channels.
• Platform Improvement: To analyze usage patterns, identify technical issues, and improve the performance, features, and user experience of the phdrea Platform.
• Responsible Gaming: To monitor gaming behavior and identify players who may be exhibiting signs of problem gambling, in order to offer appropriate responsible gaming interventions and support tools.
• Marketing Communications: To send you promotional offers, bonus notifications, and news about phdrea — but only where you have provided your consent to receive such communications. You may opt out at any time.

phdrea does not sell, rent, or trade your personal information to third parties for their own marketing purposes. We may, however, share your personal data with the following categories of recipients where necessary and permitted by law:

• Payment Service Providers: We share necessary financial information with GCash, PayMaya, BPI, BDO, Metrobank, and other payment processors to facilitate your deposits and withdrawals. These providers are bound by their own privacy policies and applicable financial regulations.
• Identity Verification Services: We may engage third-party KYC and identity verification service providers to assist with the verification of your identity documents and age confirmation.
• Game Software Providers: The game providers whose titles are available on phdrea may receive limited technical data (such as session identifiers and bet records) necessary to operate their games on our Platform. These providers do not receive your full personal profile.
• Fraud Prevention & Security Partners: We may share data with specialist fraud detection and cybersecurity service providers to protect the Platform and its players from fraudulent activity.
• Legal & Regulatory Authorities: phdrea will disclose your personal data to Philippine government agencies, law enforcement authorities, or regulatory bodies where required to do so by law, court order, or regulatory directive. This includes reporting obligations under the Anti-Money Laundering Act (AMLA) of the Philippines.
• Professional Advisors: We may share your data with our legal counsel, auditors, and other professional advisors where necessary for the conduct of our business, subject to strict confidentiality obligations.
• Business Transfers: In the event of a merger, acquisition, or sale of all or substantially all of phdrea's assets, your personal data may be transferred to the acquiring entity. You will be notified of any such transfer and the privacy practices of the new entity.

phdrea uses cookies and similar tracking technologies to operate the Platform, remember your preferences, analyze usage patterns, and enhance your overall gaming experience. A cookie is a small text file placed on your device by a website you visit. Cookies do not contain executable code and cannot access other files on your device.

Types of Cookies We Use:

• Strictly Necessary Cookies: These cookies are essential for the Platform to function correctly. They enable core features such as account login, session management, and security. These cookies cannot be disabled without affecting Platform functionality.
• Performance & Analytics Cookies: These cookies collect anonymized information about how players use the Platform — which pages are visited most frequently, how long sessions last, and where errors occur. This data helps us improve Platform performance.
• Functional Cookies: These cookies remember your preferences and settings, such as your preferred language, display settings, and responsible gaming tool configurations, so you don't have to re-enter them each time you visit.
• Session Cookies: Temporary cookies that exist only for the duration of your browser session and are deleted when you close your browser. Used to maintain your login state during a gaming session.

Managing Cookies: You can control and manage cookies through your browser settings. Most browsers allow you to refuse new cookies, delete existing cookies, and set preferences for specific websites. Please note that disabling strictly necessary cookies may prevent you from accessing certain features of the phdrea Platform, including your account login.

phdrea implements a comprehensive set of technical and organizational security measures designed to protect your personal data against unauthorized access, accidental loss, destruction, alteration, or disclosure. Our security infrastructure includes:

• SSL/TLS Encryption: All data transmitted between your device and phdrea servers is encrypted using industry-standard SSL/TLS protocols. Look for the padlock icon in your browser's address bar when accessing phdrea.
• Password Hashing: Your phdrea account password is never stored in plain text. It is processed through a one-way cryptographic hashing algorithm, meaning that even phdrea staff cannot view your actual password.
• Access Controls: Access to personal data within phdrea's systems is restricted on a strict need-to-know basis. Only authorized personnel with a legitimate operational need may access player data, and all such access is logged and audited.
• Secure Data Centers: phdrea's servers and data storage infrastructure are hosted in secure, access-controlled data center facilities with physical security measures including CCTV monitoring, biometric access controls, and 24/7 on-site security.
• Regular Security Audits: phdrea conducts regular internal and third-party security assessments, penetration testing, and vulnerability scans to identify and remediate potential security weaknesses before they can be exploited.
• Two-Factor Authentication: phdrea supports and encourages the use of two-factor authentication (2FA) for player accounts to provide an additional layer of protection against unauthorized access.

While phdrea takes all reasonable steps to protect your personal data, no security system is completely impenetrable. In the event of a data breach that poses a risk to your rights and freedoms, phdrea will notify you and the National Privacy Commission of the Philippines within the timeframes required by the Data Privacy Act of 2012.

phdrea retains your personal data only for as long as is necessary to fulfill the purposes for which it was collected, or as required by applicable Philippine law and regulatory obligations. The following general retention periods apply:

Upon expiry of the applicable retention period, phdrea will securely delete or anonymize your personal data in a manner that prevents reconstruction or identification. Where data is anonymized rather than deleted, the anonymized data may be retained indefinitely for statistical and analytical purposes.

Under the Data Privacy Act of 2012 of the Philippines and its Implementing Rules and Regulations, you have the following rights with respect to your personal data held by phdrea:

• Right to Be Informed: You have the right to be informed about how phdrea collects, uses, and processes your personal data. This Privacy Policy fulfills that obligation.
• Right to Access: You have the right to request a copy of the personal data that phdrea holds about you, along with information about how it is being processed. Requests will be fulfilled within 30 days.
• Right to Rectification: If any of the personal data phdrea holds about you is inaccurate, incomplete, or outdated, you have the right to request that it be corrected. You may update most account information directly through your phdrea account settings.
• Right to Erasure: You have the right to request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn your consent, or where the processing is unlawful. This right is subject to phdrea's legal retention obligations.
• Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes at any time. You may also object to processing based on legitimate interests where you have grounds relating to your particular situation.
• Right to Data Portability: You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format, and to request that it be transmitted to another data controller where technically feasible.
• Right to Lodge a Complaint: If you believe that phdrea has violated your data privacy rights, you have the right to lodge a complaint with the National Privacy Commission of the Philippines (NPC).

To exercise any of the above rights, please contact phdrea's Data Protection Officer through the contact details provided in Section 13 of this Policy. phdrea will respond to all verified data subject requests within 30 calendar days of receipt. In complex cases, this period may be extended by a further 30 days, and you will be notified of any such extension.

phdrea primarily processes and stores personal data within secure data center facilities. In certain circumstances, your personal data may be transferred to, stored in, or processed by service providers located outside of the Philippines — for example, where phdrea uses cloud-based infrastructure or international game software providers.

Where such international transfers occur, phdrea ensures that appropriate safeguards are in place to protect your personal data in accordance with the Data Privacy Act of 2012. These safeguards may include:

• Contractual clauses requiring the recipient to apply data protection standards equivalent to those required under Philippine law.
• Transfers to countries or organizations that have been assessed as providing an adequate level of data protection.
• Binding corporate rules where the recipient is part of the same corporate group as phdrea.

By using the phdrea Platform, you acknowledge and consent to the transfer of your personal data to other countries where necessary for the operation of the Platform, subject to the safeguards described above.

The phdrea Platform is strictly intended for adults who are 21 years of age or older. phdrea does not knowingly collect personal data from individuals under the age of 21. The 21+ age requirement is a non-negotiable condition of registration and use of the Platform, in accordance with Philippine gaming regulations.

During the registration process, phdrea requires all applicants to confirm that they are at least 21 years of age. phdrea also conducts active age verification as part of its KYC process, requiring players to submit government-issued identification documents that confirm their date of birth.

If phdrea discovers or has reason to believe that a registered account belongs to a person under 21 years of age, the following actions will be taken immediately:

• The account will be suspended and then permanently closed.
• All real-money deposits will be returned to the verified payment source.
• Any winnings generated during the period of underage use will be voided and forfeited.
• All personal data associated with the underage account will be securely deleted, except where retention is required by law.

The phdrea Platform may contain references to or integrations with third-party services, including payment processors (GCash, PayMaya, BPI, BDO, Metrobank), game software providers, and customer support tools. These third-party services operate under their own privacy policies, which are independent of this Policy.

phdrea is not responsible for the privacy practices of third-party service providers. We encourage you to review the privacy policies of any third-party services you interact with in connection with your use of phdrea. phdrea selects its third-party service providers carefully and requires them to implement appropriate data protection measures as a condition of their engagement.

phdrea does not embed third-party advertising networks, social media tracking pixels, or cross-site behavioral advertising technologies on the Platform. Your gaming activity on phdrea is not shared with social media platforms or advertising networks.

phdrea reserves the right to update, amend, or replace this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or Platform features. When material changes are made to this Policy, phdrea will notify registered players via email and/or through a prominent notice on the Platform prior to the changes taking effect.

The "Last Updated" date at the top of this page will always reflect the date of the most recent revision. We encourage you to review this Policy periodically to stay informed about how phdrea protects your personal information.

Your continued use of the phdrea Platform following the effective date of any revised Privacy Policy constitutes your acceptance of the updated Policy. If you do not agree with the changes, you should cease using the Platform and may request the closure of your account by contacting our support team.

If you have any questions, concerns, or requests regarding this Privacy Policy or the way phdrea processes your personal data, you may contact our Data Protection Officer (DPO) through the following channel:

When submitting a data subject request, please include your full name, registered email address, and a clear description of your request so that we can process it efficiently. phdrea may request additional information to verify your identity before fulfilling any request.

If you are not satisfied with phdrea's response to your privacy concern, you have the right to escalate your complaint to the National Privacy Commission of the Philippines (NPC), which is the independent government body responsible for enforcing the Data Privacy Act of 2012.