Data Protection
At 22php, we take the privacy of our players seriously. This Privacy Policy explains what personal information we collect when you use the 22php Platform, how we use and protect it, who we share it with, and what rights you have under Philippine law regarding your data. This policy is compliant with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173).
// privacy.meta
Our Privacy Commitments
All data transmitted between your browser or device and the 22php Platform is encrypted using TLS 1.3. Personal and financial data stored in our systems is encrypted at rest using AES-256. Your GCash or Maya account details are never stored on 22php servers β payments are processed through their respective secure APIs.
22php does not sell, rent, or trade your personal data to third-party marketers or data brokers. Your information is shared only with service providers who are contractually bound to process it solely for 22php's stated purposes β and with regulators when legally required.
22php operates in full compliance with the Philippine Data Privacy Act of 2012 (RA 10173) and its Implementing Rules and Regulations. We are registered with the National Privacy Commission (NPC) and maintain a Data Protection Officer responsible for ensuring ongoing DPA compliance.
Under the DPA 2012, you have the right to access, correct, erase, and port your personal data held by 22php. You can also object to processing or restrict it in certain circumstances. 22php provides a clear process for exercising all of these rights β detailed in Section 9 of this Policy.
22php does not retain your personal data indefinitely. Retention periods are set based on the purpose for which data was collected and applicable legal obligations. Transaction records, for example, are retained for a minimum of 5 years per AMLA requirements. Data no longer required is securely deleted.
In the unlikely event of a personal data breach that poses a real risk to your rights, 22php will notify affected players and the National Privacy Commission within 72 hours of becoming aware of the breach, in accordance with NPC Circular 16-03 and DPA 2012 requirements.
// table_of_contents
22php ("the Company," "we," "us") is the data controller for all personal data processed in connection with the 22php Platform. As data controller, 22php determines the purposes and means of processing your personal data and is accountable for ensuring that such processing complies with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations.
22php has designated a Data Protection Officer (DPO) who is responsible for overseeing the Company's data protection strategy and ensuring compliance with applicable privacy law. The DPO can be contacted via the details in Section 13 of this Policy.
22php collects personal data necessary to provide the Platform, comply with legal obligations, and protect the interests of our players and the integrity of the Platform. The categories of personal data we collect include:
| Category | Examples | Purpose |
|---|---|---|
| Identity Data | Full name, date of birth, government ID type and number | KYC / age verification |
| Contact Data | Email address, Philippine mobile number | Account access, support, notifications |
| Financial Data | GCash/Maya registered name, BPI/BDO account name, transaction IDs | Payment processing, AML compliance |
| Gaming Data | Game history, bet amounts, win/loss records, bonus usage | Account management, responsible gaming |
| Technical Data | IP address, device type, browser, OS, session timestamps | Security, fraud prevention, platform optimisation |
| Communication Data | Live chat logs, support email content | Customer support, dispute resolution |
| KYC Documents | ID card images, selfie verification, proof of address | Identity verification, regulatory compliance |
22php does not collect sensitive personal information (as defined by the DPA 2012, such as health information, political affiliations, or biometric data) except where strictly required by law or with your explicit consent.
22php collects personal data through the following means:
Information you provide directly to 22php when you: register an account; complete KYC verification; make a deposit or request a withdrawal; contact customer support; participate in promotions; or respond to surveys or feedback requests.
When you access and use the 22php Platform, we automatically collect technical data such as your IP address, device type, browser, operating system, session duration, pages visited, and actions taken within the Platform. This data is collected using cookies, web beacons, server logs, and similar technologies. Please refer to Section 7 for full details on our cookie practices.
22php may receive personal data about you from third parties in limited circumstances, including: identity verification service providers used during KYC processing; payment processors (GCash, Maya, BPI, BDO) who confirm transaction status and account ownership; fraud prevention and AML screening services; and PAGCOR or other regulatory bodies where legally required.
22php uses personal data collected from players for the following purposes:
Under the Philippine Data Privacy Act of 2012, 22php processes your personal data on the following legal bases:
22php does not sell, rent, or trade your personal data to third parties for commercial purposes. We share personal data only in the following circumstances:
22php engages trusted third-party service providers to assist in operating the Platform, including: payment processors (GCash, Maya, BPI, BDO); identity and KYC verification providers; cloud hosting and infrastructure providers; fraud prevention and AML screening services; customer support software providers; and analytics platforms. All service providers are bound by data processing agreements that prohibit them from using your data for any purpose other than providing services to 22php.
22php may disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), law enforcement agencies, or courts when required to do so by applicable Philippine law, a valid legal order, or regulatory requirement. 22php will notify affected players of such disclosures where legally permitted.
In the event of a merger, acquisition, or transfer of all or part of 22php's business, your personal data may be transferred to the successor entity. You will be notified of any such transfer and of any material changes to how your data is processed as a result.
Where personal data is transferred to service providers located outside the Philippines, 22php ensures that such transfers comply with the DPA 2012 cross-border transfer requirements, including that the recipient jurisdiction provides an adequate level of protection or that appropriate contractual safeguards are in place.
22php uses cookies and similar tracking technologies to operate and improve the Platform. Cookies are small data files stored on your device when you visit 22php.org.
You can manage or disable non-essential cookies through your browser settings at any time. Note that disabling certain cookies may affect the functionality of some features on the 22php Platform.
22php retains personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable law. Our standard retention periods are:
When data reaches the end of its retention period, it is securely deleted or anonymized so it can no longer be linked to any individual.
Under the Philippine Data Privacy Act of 2012, you have the following rights with respect to personal data held by 22php:
Request a copy of the personal data 22php holds about you and information about how it is processed.
Request correction of inaccurate or incomplete personal data held by 22php in your account records.
Request deletion of your personal data where it is no longer necessary for the purpose it was collected, subject to legal retention obligations.
Request your personal data in a structured, commonly used, machine-readable format to transfer to another service.
Object to processing of your data for marketing purposes or based on legitimate interests, including profiling based on gaming activity.
Request that 22php restricts processing of your data in certain circumstances, such as while a correction request is being resolved.
To exercise any of these rights, contact 22php's Data Protection Officer at [email protected] with the subject line "Data Rights Request." We will respond within 30 days of receiving your request. Identity verification may be required before processing certain requests to protect account security.
If you are not satisfied with how 22php has handled your data rights request, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines.
The 22php Platform is strictly intended for individuals aged 21 years and above. 22php does not knowingly collect personal data from individuals under the age of 21. The minimum gambling age of 21 is set by PAGCOR regulations applicable to online gambling in the Philippines.
22php employs age verification measures during account registration and KYC processes. If 22php discovers that personal data has been collected from an individual under 21, that data will be deleted immediately and the account will be permanently suspended.
If you are a parent or guardian and believe that a minor under your care has registered a 22php account, please contact us immediately at [email protected] so we can take appropriate action.
22php implements appropriate technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. Our security measures include:
While 22php takes all reasonable steps to protect your personal data, no online platform can guarantee absolute security. You are responsible for maintaining the security of your 22php login credentials and for promptly reporting any suspected unauthorized access to your account.
22php reserves the right to update or modify this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or regulatory requirements. Material changes will be communicated to registered players via email notification or a prominent notice on the 22php Platform prior to the change taking effect.
The date at the top of this Policy indicates when it was last updated. The most current version of this Privacy Policy is always available at 22php.org/privacy-policy. Your continued use of the Platform following notification of a material change constitutes acceptance of the revised Policy.
For all data privacy inquiries, rights requests, concerns, or complaints related to how 22php processes your personal data, please contact our Data Protection Officer:
If you are not satisfied with our response to your privacy concern, you may escalate your complaint to the National Privacy Commission (NPC) of the Philippines, the regulatory authority responsible for enforcing the Data Privacy Act of 2012.
Your Data, Your Rights
22php is built on transparency and trust. We collect only what we need, protect it with industry-standard encryption, and give you full control over your data rights as a Filipino player. Deposit from β±100 via GCash or Maya. 21+ only. PAGCOR compliant.
21+ only Β· DPA 2012 compliant Β· Play responsibly