phiery Privacy Policy

1. Introduction

phiery ("we", "us", "the Company", or "the Platform") is committed to protecting the privacy and security of the personal information entrusted to us by our players and website visitors. This Privacy Policy describes in detail how phiery collects, uses, discloses, stores, and safeguards personal data in connection with the operation of the phiery online gaming platform at phiery.org.

This Privacy Policy is issued in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173, hereinafter "DPA"), its Implementing Rules and Regulations (IRR), and the issuances of the National Privacy Commission (NPC). It also reflects applicable PAGCOR guidelines governing the collection and handling of player information by licensed online gaming operators.

By creating a phiery account, accessing the phiery Platform, or submitting any personal information to us, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein. If you do not agree with any part of this Policy, please do not use the phiery Platform.

2. Data Controller

For the purposes of the Philippine Data Privacy Act, phiery acts as the Personal Information Controller (PIC) in respect of all personal data collected through the phiery Platform. phiery determines the purposes and means of processing personal data submitted by players and visitors.

Third-party service providers engaged by phiery to process data on our behalf (including payment processors, KYC verification providers, and customer support software providers) operate as Personal Information Processors (PIP) under the DPA and are bound by data processing agreements that impose obligations consistent with this Policy and applicable Philippine law.

3. Personal Data We Collect

phiery collects the following categories of personal data from players and, where applicable, from website visitors:

phiery does not intentionally collect special categories of sensitive personal information (such as data concerning health, religious beliefs, or political opinions) except where a player voluntarily discloses such information in the context of a responsible gaming or self-exclusion request, in which case it is processed solely for the purpose of delivering the requested service.

4. How We Collect Personal Data

phiery collects personal data through the following channels:

• Directly from you — when you register an account, complete KYC verification, make a deposit or withdrawal request, contact phiery support, or update your account settings;
• Automatically — through cookies, web beacons, and server logs as you navigate and use the phiery Platform (see Section 11 regarding cookies);
• From third-party verification providers — identity verification and document authentication services used to complete KYC checks may return data to phiery as part of the verification result;
• From payment processors — GCash, PayMaya, and banking institutions may provide transaction confirmation data in connection with deposits and withdrawals;
• From regulatory authorities — where required by PAGCOR guidelines or other applicable Philippine regulatory directives.

5. Purposes of Processing

phiery processes personal data for the following purposes:

• Creating and managing player accounts on the phiery Platform;
• Verifying player identity and age (21+ requirement) in compliance with PAGCOR regulations;
• Processing deposits and withdrawals in Philippine Peso via GCash, PayMaya, and Philippine banking institutions;
• Operating and delivering gaming services, including live dealer, slots, bingo, Tongits Go, and Go Rush;
• Administering bonuses, promotions, and the phiery VIP loyalty program;
• Delivering customer support via live chat and email;
• Detecting, preventing, and investigating fraud, money laundering, and other illegal activities;
• Complying with applicable Philippine laws and regulations, including the Anti-Money Laundering Act (AMLA), the DPA, and PAGCOR licensing requirements;
• Enforcing the phiery Terms & Conditions;
• Delivering and improving responsible gaming tools and monitoring player behaviour for indicators of problem gambling;
• Improving platform performance, user experience, and game content through analytics;
• Sending transactional communications (account notifications, payment confirmations, security alerts);
• Sending promotional communications where you have provided consent or where permitted under applicable law.

6. Legal Basis for Processing

phiery processes personal data under the following legal bases as recognised by the Philippine Data Privacy Act:

• Consent — for the sending of direct marketing and promotional communications. You may withdraw this consent at any time by updating your communication preferences in your account settings or by contacting phiery support;
• Contractual Necessity — for the performance of the player agreement (account registration, payment processing, game delivery, and support);
• Legal Obligation — where processing is necessary to comply with applicable Philippine law, including AML obligations, PAGCOR reporting requirements, and tax regulations;
• Legitimate Interests — for fraud prevention, platform security, responsible gaming monitoring, and aggregated analytics, where these interests are not overridden by your data rights.

7. Sharing Your Personal Data

phiery does not sell, rent, or trade your personal data to third parties. We share personal data only in the following limited circumstances:

• Payment Processors — GCash, PayMaya, BPI, BDO, Metrobank, UnionBank, and other payment providers, solely for the purpose of processing your deposit and withdrawal transactions;
• KYC and Identity Verification Providers — third-party providers engaged to perform document verification and facial recognition as part of the KYC process;
• Customer Support Platforms — service providers operating phiery's live chat and ticket management systems, bound by data processing agreements;
• Analytics and Platform Providers — technology service providers used to host, maintain, and improve the phiery Platform, operating under strict confidentiality and data processing obligations;
• Regulatory and Law Enforcement Authorities — PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission, and other Philippine government bodies, where disclosure is required by law or lawful regulatory directive;
• Professional Advisers — lawyers, auditors, and other professional advisers, subject to confidentiality obligations;
• Business Transfers — in the event of a merger, acquisition, or sale of substantially all assets of phiery, in which case player data may be transferred as part of the transaction subject to continued compliance with this Privacy Policy.

8. Cross-Border Data Transfers

8.1 Certain service providers engaged by phiery may be located outside the Philippines. Where personal data is transferred to providers in other jurisdictions, phiery ensures that appropriate safeguards are in place in accordance with NPC rules on cross-border data transfers.

8.2 Safeguards applied to cross-border transfers include contractual data processing agreements incorporating standard data protection clauses consistent with the DPA and NPC issuances, and assessments of the recipient country's data protection framework.

8.3 By using the phiery Platform, you consent to your personal data being transferred to and processed in jurisdictions outside the Philippines where phiery or its service providers operate, subject to the safeguards described above.

9. Data Retention

9.1 phiery retains personal data for as long as your account remains active and for a minimum period of five (5) years following account closure, as required by applicable Philippine AML legislation (Republic Act No. 9160, as amended) and PAGCOR record-keeping requirements.

9.2 Transaction records, KYC documentation, and game history are retained for the minimum statutory periods applicable under Philippine law. Communications data (support chat transcripts and email correspondence) is retained for a minimum of three (3) years following the resolution of the relevant matter.

9.3 On expiry of the applicable retention period, personal data is securely destroyed using industry-standard data disposal methods. Where complete destruction is not technically feasible (e.g., in respect of backup systems), data is anonymised to prevent re-identification.

10. Security Measures

phiery implements a comprehensive set of technical and organisational security measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction:

• Encryption in Transit: All data transmitted between your browser or device and the phiery Platform is encrypted using 256-bit SSL/TLS technology — the same standard used by Philippine banks;
• Encryption at Rest: Sensitive personal data stored on phiery's servers is encrypted at the database level using industry-standard encryption;
• Access Controls: Access to player personal data is restricted to authorised phiery personnel and service providers who have a legitimate operational need for that access. All access is logged;
• Two-Factor Authentication: phiery account access supports OTP-based two-factor authentication to protect against unauthorised login;
• Security Monitoring: phiery employs continuous monitoring of its systems for intrusion attempts, anomalous activity, and security incidents;
• Regular Security Reviews: phiery conducts periodic security assessments and vulnerability scans of its platform and infrastructure.

11. Cookies and Tracking Technologies

11.1 phiery uses cookies and similar tracking technologies (including web beacons and local storage) on the phiery Platform. Cookies are small text files stored on your device that help phiery deliver a functional, secure, and personalised user experience.

11.2 phiery uses the following categories of cookies:

• Essential Cookies: Required for the Platform to function. These enable session management, login persistence, and security features. These cookies cannot be disabled without impairing Platform functionality;
• Functional Cookies: Remember your preferences (such as preferred game categories and responsible gaming settings) to personalise your experience;
• Analytical Cookies: Collect aggregated, anonymised information about how visitors use the Platform, enabling phiery to improve performance and user experience;
• Security Cookies: Support phiery's fraud detection and account security systems by recording device fingerprints and session behaviour patterns.

11.3 You may manage cookie settings through your browser's privacy controls. Disabling non-essential cookies will not prevent you from using the phiery Platform, but may affect the availability of certain personalisation features.

12. Minors

The phiery Platform is strictly prohibited for use by persons under 21 years of age, in accordance with PAGCOR regulations governing online gaming in the Philippines. phiery does not knowingly collect personal data from persons under 21. If phiery becomes aware that personal data has been collected from a person under 21, the relevant account will be immediately closed, all data associated with the account will be deleted, and any balance will be forfeited.

If you are a parent or guardian and believe that a minor in your care has created a phiery account, please contact phiery support immediately via live chat so that we can take appropriate action.

13. Exercising Your Data Rights

13.1 To exercise any of your rights described in this Privacy Policy or under the Philippine Data Privacy Act, please submit a written request to phiery's Data Protection Officer via live chat or at [email protected] with the subject line "Data Privacy Request".

13.2 For security purposes, all data rights requests must be accompanied by sufficient information to verify your identity. phiery will not disclose or modify personal data in response to an unverified request.

13.3 phiery will respond to all verified data rights requests within thirty (30) calendar days of receipt. Where a request is complex or voluminous, phiery may extend this period by a further thirty (30) days, with written notice provided to you.

13.4 Where phiery is required by law to retain certain data (for example, KYC records and transaction logs under AML legislation), erasure requests in respect of that data may be declined, and phiery will explain the basis for such refusal.

13.5 If you are not satisfied with phiery's response to a data rights request, you have the right to escalate the matter to the Philippine National Privacy Commission (NPC).

14. Data Protection Officer

phiery has designated a Data Protection Officer (DPO) as required by the Philippine Data Privacy Act. The phiery DPO is responsible for overseeing compliance with the DPA, this Privacy Policy, and all related data governance obligations.

15. Policy Amendments

15.1 phiery reserves the right to update this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or regulatory requirements. Material changes will be communicated to registered account holders via email or on-Platform notification at least seven (7) days prior to the amended Policy taking effect.

15.2 The date of the most recent revision is always displayed at the top of this Privacy Policy. Your continued use of the phiery Platform after the effective date of any amendment constitutes your acceptance of the revised Policy.

16. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the Republic of the Philippines, including the Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations. Any disputes arising from or relating to this Privacy Policy shall be subject to the jurisdiction of the competent courts of the Republic of the Philippines and, where applicable, the complaint resolution mechanisms of the National Privacy Commission.

17. Contact

For all privacy-related enquiries, data rights requests, or to report a suspected data breach or privacy concern, please contact phiery using the following details: