Data Protection • Your Rights • Philippine Law
Our Privacy Commitments
aplado's approach to data privacy is built around the requirements of the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and PAGCOR's regulatory obligations. Here are the six principles that guide how we handle your personal information.
aplado collects personal information exclusively for specified, legitimate purposes directly related to operating a licensed online gaming platform — account management, payment processing, PAGCOR regulatory compliance, fraud prevention, and responsible gaming enforcement. We do not collect data for unrelated commercial purposes.
Your personal data is stored in encrypted systems with access restricted to aplado personnel and authorised third parties who need it to fulfil their specific function. We apply a strict minimum-access policy — no team member or system accesses more data than their role requires, and all access events are logged.
Under the Philippine Data Privacy Act, you have the right to access, correct, delete, and object to the processing of your personal data. aplado provides mechanisms to exercise all of these rights. Account holders may submit data requests through the support channel, and aplado commits to responding within the timeframes required by applicable law.
aplado does not sell, rent, or trade your personal information to third parties for marketing, advertising, or any other commercial purpose unrelated to the operation of the aplado platform. Data shared with third parties is limited to what is necessary to deliver platform services and comply with regulatory obligations.
aplado retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable Philippine law and PAGCOR regulations — including AML record-keeping obligations. When data is no longer required, it is securely deleted or anonymised.
In the event of a personal data breach that poses a real risk to you, aplado will notify affected players and the National Privacy Commission (NPC) within the timeframes specified by the Philippine Data Privacy Act and its implementing rules, and will take immediate steps to contain and remediate the breach.
This Privacy Policy ("Policy") describes how aplado ("aplado," "we," "us," or "our"), operator of the online gaming platform at aplado.org, collects, uses, stores, discloses, and protects the personal information of users ("you," "Player," or "Data Subject") who register for or use the aplado platform and associated services.
aplado is committed to protecting your personal information in compliance with Republic Act No. 10173, the Data Privacy Act of 2012 ("DPA"), its Implementing Rules and Regulations, and the applicable regulations of the National Privacy Commission ("NPC") of the Philippines. aplado is also subject to the data governance requirements imposed by the Philippine Amusement and Gaming Corporation ("PAGCOR") as a condition of its gaming license.
By creating an aplado account, accessing the aplado platform, or otherwise providing your personal information to aplado, you acknowledge that you have read and understood this Policy and consent to the collection, use, and processing of your personal information as described herein.
Note: This Privacy Policy should be read alongside aplado's Terms and Conditions and Responsible Gaming Policy. This Policy applies to all personal information processed by aplado in connection with the operation of the aplado platform in the Philippines.
For the purposes of the Philippine Data Privacy Act of 2012, the Personal Information Controller (PIC) responsible for your personal data is:
aplado has designated a Data Protection Officer as required under the DPA and NPC regulations. The DPO is responsible for overseeing aplado's data privacy compliance program, serving as the point of contact for data subject requests, and liaising with the National Privacy Commission.
aplado collects the following categories of personal information from Players, the specific items within each category depending on the stage of the player relationship and applicable regulatory requirements:
| Category | Examples | Purpose |
|---|---|---|
| Identity Data | Full legal name, date of birth, nationality, government ID number and type | Account creation, KYC verification, age verification (21+), AML compliance |
| Contact Data | Philippine mobile number, email address (if provided), residential address | Account communication, OTP delivery, KYC address verification, support |
| Financial Data | GCash number, bank account details, deposit and withdrawal history, transaction amounts | Payment processing, fraud prevention, AML monitoring, withdrawal processing |
| Gaming Activity Data | Game sessions, bet amounts, win/loss records, bonus activity, time-on-site | Responsible gaming monitoring, dispute resolution, PAGCOR regulatory reporting |
| Technical Data | IP address, device type, browser, operating system, login timestamps | Security, fraud detection, geographic compliance, session management |
| Communication Data | Support chat transcripts, email correspondence, feedback submissions | Customer service, dispute resolution, quality improvement, compliance records |
| KYC Documents | Government ID images (PhilSys, SSS UMID, passport, LTO license), selfie verification | Identity verification, AML compliance, PAGCOR regulatory obligations |
Sensitive Personal Information: Government-issued ID numbers and financial account details are classified as sensitive personal information under the DPA. aplado processes these categories strictly for the purposes listed above and applies heightened security controls to their storage and handling.
aplado collects personal information through the following channels:
Under the Philippine Data Privacy Act of 2012, aplado processes your personal information on the following legal bases:
aplado uses your personal information for the following purposes, each tied to one or more of the legal bases described in Section 5:
aplado does not sell, rent, or trade your personal information to third parties. aplado may share your personal data with third parties only in the following circumstances and to the minimum extent necessary:
aplado engages licensed third-party service providers who process personal data on aplado's behalf under binding data processing agreements that require them to maintain confidentiality and comply with the DPA. These include: identity verification (KYC) providers, payment processors (GCash, PayMaya, banking partners), cloud hosting and data storage providers, fraud and AML screening services, customer support platform providers, and game software providers where technically required.
aplado may disclose personal information to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), the Bureau of Internal Revenue (BIR), or any other competent Philippine government authority where disclosure is required by law, regulation, court order, or lawful regulatory direction. aplado will notify affected players of such disclosures to the extent permitted by applicable law.
In the event of a merger, acquisition, sale of assets, or restructuring involving aplado, personal data held by aplado may be transferred to the acquiring entity as part of the transaction, subject to equivalent data protection obligations being assumed by the transferee.
No Data Sales: aplado will never sell your personal information to data brokers, advertising networks, or any third party for commercial purposes unrelated to operating the aplado platform. This prohibition applies regardless of any changes to aplado's ownership or corporate structure.
aplado uses cookies and similar tracking technologies on its platform to ensure the proper functioning of the website, maintain your login session, enable security features, and collect aggregated analytics data to improve platform performance.
You may manage cookie preferences through your browser settings. Disabling strictly necessary cookies will impair or prevent your ability to use the aplado platform. Disabling functional or analytics cookies will not prevent you from using the platform but may reduce personalisation features. Detailed cookie management instructions are available in the help documentation of your browser.
aplado retains personal data for the periods set out below, after which data is securely deleted or irreversibly anonymised, unless a longer retention period is required by law:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account identity and KYC records | 5 years after account closure | Anti-Money Laundering Act (RA 9160) mandatory record-keeping; PAGCOR requirements |
| Financial transaction records | 5 years after each transaction | Anti-Money Laundering Act; BIR records requirements |
| Gaming activity records | 3 years after account closure | PAGCOR regulatory obligations; dispute resolution |
| Support communication records | 2 years from last interaction | Legitimate interest in dispute resolution and quality assurance |
| Marketing consent records | Duration of consent + 1 year | DPA compliance; ability to demonstrate consent if queried |
| Technical/security logs | 12 months from generation | Security monitoring and fraud prevention |
Where retention is extended beyond the periods above due to a specific legal obligation, investigation, or litigation, aplado will document the reason for extended retention and restrict access to the minimum number of personnel required.
Under the Philippine Data Privacy Act of 2012, you have the following rights in relation to your personal information held by aplado. To exercise any of these rights, contact aplado's Data Protection Officer through the support channel.
You have the right to be informed whether aplado holds any personal information about you and the details of how it is being processed, before data collection occurs and upon request thereafter.
You may request a copy of the personal information aplado holds about you, information about the purposes for which it is processed, and details of any third parties with whom it has been shared.
You have the right to request correction of inaccurate or incomplete personal information held by aplado. Corrections to KYC identity data require supporting documentation.
You may request deletion of your personal data where it is no longer necessary for the purpose collected, your consent has been withdrawn, or processing is unlawful — subject to legal and regulatory retention obligations.
You may object to the processing of your personal data based on legitimate interests, including processing for direct marketing purposes. aplado will cease such processing unless it can demonstrate compelling legitimate grounds that override your interests.
You may request that aplado provide your personal data in a structured, commonly used, and machine-readable format where technically feasible, to facilitate transfer to another service provider at your request.
If you believe aplado has violated your data privacy rights, you may file a complaint directly with aplado's DPO. If unsatisfied with aplado's response, you may escalate to the National Privacy Commission (NPC) of the Philippines.
Under the DPA, you are entitled to claim compensation for damages sustained due to inaccurate, incomplete, outdated, false, or unlawfully obtained personal information processed by aplado, in proportion to the injury suffered.
Response Timeframes: aplado commits to acknowledging data subject requests within five (5) business days and providing a substantive response within thirty (30) calendar days, in compliance with NPC guidelines. Complex requests may require an extension, which aplado will communicate to you with an explanation of the reason for the delay.
aplado implements organisational and technical security measures appropriate to the risk level of the personal data processed. These include, but are not limited to:
No Absolute Security Guarantee: While aplado takes its data security obligations seriously and applies robust protections, no internet-connected system can be guaranteed to be completely immune from breach. aplado encourages all players to use strong, unique passwords and to report any suspicious account activity immediately.
aplado does not knowingly collect personal information from individuals under the age of twenty-one (21) years. The aplado platform is strictly intended for adults who meet the minimum age requirement under PAGCOR regulations and applicable Philippine law.
All aplado accounts are subject to identity verification (KYC) procedures that include confirmation of date of birth. Any account found to belong to a person under 21 years of age will be permanently closed immediately upon discovery. Personal data associated with such accounts will be handled in accordance with the DPA and the specific requirements applicable to processing personal information of minors.
If you are a parent or guardian and believe that your child has provided personal information to aplado or has accessed the aplado platform, please contact aplado's support team immediately. aplado will investigate promptly, close the account if confirmed, and delete any personal information attributable to the minor as permitted by applicable legal retention requirements.
21+ Policy: The minimum age of 21 for casino gambling in the Philippines is established by PAGCOR regulations and applicable law. aplado enforces this requirement without exceptions and reports suspected underage access to PAGCOR in accordance with its licensing obligations.
aplado reserves the right to update this Privacy Policy at any time to reflect changes in applicable Philippine law, NPC guidance, PAGCOR regulatory requirements, or aplado's data processing activities. All updates will be posted on this page with a revised "Last Updated" date.
For material changes — that is, changes that significantly affect how we collect, use, or share your personal information — aplado will provide notice to registered players via the mobile number associated with their account or through a prominent notice on the aplado platform prior to the change taking effect.
Your continued use of the aplado platform after the effective date of an updated Privacy Policy constitutes your acceptance of the revised Policy. If you do not agree to the updated Policy, you should discontinue use of the aplado platform and contact support to discuss your account options.
For any questions about this Privacy Policy, to exercise your data subject rights, or to report a privacy concern, please contact aplado's Data Protection Officer through the following channels:
If you are not satisfied with aplado's response to your privacy complaint or data subject request, you have the right to escalate your complaint to the National Privacy Commission (NPC) of the Philippines, the independent regulatory authority responsible for enforcing the Data Privacy Act.
National Privacy Commission (NPC): The NPC is the competent supervisory authority for data privacy matters in the Philippines under Republic Act No. 10173. Filipino players who believe their data privacy rights have been violated may file a complaint with the NPC through its official channels as published on the NPC's official government website.
Play With Confidence
aplado is a PAGCOR-licensed Philippine online casino that takes your privacy and data security as seriously as we take your gaming experience. Create your free account — 21+ only.
For players aged 21 and above only • PAGCOR-regulated • DPA-compliant • Always gamble responsibly
aplado Casino is strictly for players aged 21 and above, as required by PAGCOR. Gambling involves real financial risk — never wager amounts you cannot afford to lose. aplado provides free tools including deposit limits, session timers, cooling-off periods, and self-exclusion through your account settings. For support information and responsible gaming resources, visit our Responsible Gaming page.