This Privacy Policy explains how p282 collects, uses, discloses, stores, and protects the personal data of Players and visitors in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and applicable PAGCOR regulatory requirements. Please read this policy carefully before registering an account or providing personal information to p282.
1.1 This Privacy Policy applies to all personal data collected and processed by p282 in connection with the operation of the p282 online gaming platform at https://p282.vip, including all games, account services, payment facilities, support interactions, and promotional communications.
1.2 Data Controller. For the purposes of the Philippine Data Privacy Act of 2012, p282 is the personal information controller in respect of all personal data collected through the platform. p282 determines the purposes and means of processing your personal data and is responsible for ensuring that processing is lawful, proportionate, and compliant with applicable Philippine law.
1.3 This Privacy Policy should be read together with the p282 Terms and Conditions and the Responsible Gaming Policy, all of which form part of the agreement between you and p282.
2.1 p282 collects personal data from you directly, automatically through your use of the platform, and in some cases from third-party sources. The categories of data collected are described below.
3.1 p282 processes personal data only for specified, explicit, and legitimate purposes. The table below sets out the primary processing purposes, the data categories used, and the legal basis for each purpose under the Philippine Data Privacy Act.
| Processing Purpose | Data Categories Used | Legal Basis (DPA) |
|---|---|---|
| Account registration and management | Registration data, contact details | Performance of contract |
| Identity and age verification (KYC) | KYC documents, registration data | Legal obligation (PAGCOR, AMLA) |
| Processing deposits and withdrawals | Financial data, identity data | Performance of contract |
| Providing gaming services | Usage data, account data | Performance of contract |
| Fraud detection and prevention | Technical data, usage data, financial data | Legitimate interest; legal obligation |
| Anti-money laundering compliance | KYC data, financial data, transaction history | Legal obligation (AMLA) |
| Responsible gaming monitoring | Usage data, limit preferences, game history | Legal obligation (PAGCOR); legitimate interest |
| Customer support | Support communications, account data | Performance of contract; legitimate interest |
| Promotional communications | Contact details, usage preferences | Consent |
| Platform analytics and improvement | Usage data, technical data (aggregated) | Legitimate interest |
| PAGCOR regulatory reporting | All required categories as mandated | Legal obligation (PAGCOR regulations) |
3.2 Where p282 relies on consent as the legal basis for processing — for example, for sending promotional messages — you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.
3.3 Where p282 relies on legitimate interests as the legal basis, p282 has conducted a balancing assessment and determined that the interests pursued do not override your fundamental rights and freedoms as a data subject.
4.1 p282 uses cookies and similar tracking technologies to operate the platform, maintain your session, prevent fraud, and improve the user experience. The categories of cookies used are described below.
4.2 You may manage cookie preferences through your browser settings. Please note that disabling strictly necessary cookies will prevent you from using the p282 platform. Disabling other cookie categories may affect functionality but will not prevent access.
5.1 p282 does not sell, rent, or trade personal data to third parties. p282 shares personal data only in the circumstances described below and only to the extent necessary for each purpose.
5.2 Service Providers. p282 engages carefully selected third-party service providers to support platform operations, including: KYC and identity verification providers; payment processing partners (GCash, PayMaya, and banking partners); IT infrastructure and cloud hosting providers; customer support platform providers; and fraud detection and analytics providers. All service providers are bound by data processing agreements that restrict their use of personal data to the specific service being provided.
5.3 Regulatory and Government Authorities. p282 is required by Philippine law to disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other competent Philippine government authorities. p282 will disclose the minimum amount of personal data required to satisfy any lawful regulatory demand.
5.4 Law Enforcement. p282 will disclose personal data to the Philippine National Police, the National Bureau of Investigation, or other law enforcement bodies where required by a lawful court order, subpoena, or equivalent legal process.
5.5 Business Transfers. In the event of a merger, acquisition, restructuring, or sale of assets involving p282, personal data may be transferred to the acquiring or successor entity. p282 will notify affected Players of any such transfer and of any material changes to how their data is processed as a result.
6.1 p282 retains personal data for as long as necessary to fulfil the purposes described in this Privacy Policy, to maintain compliance with applicable Philippine law, and to resolve disputes or enforce agreements. The specific retention periods for key data categories are set out below.
| Data Category | Retention Period | Basis |
|---|---|---|
| Account registration data | Duration of account plus 5 years after closure | PAGCOR regulations; AMLA |
| KYC identity documents | Duration of account plus 5 years after closure | AMLA; PAGCOR regulatory requirements |
| Financial transaction records | 5 years from transaction date | AMLA; PAGCOR; tax obligations |
| Game history and wagering data | 3 years from activity date | PAGCOR reporting; dispute resolution |
| Support communications | 2 years from last interaction | Legitimate interest; legal claims |
| Marketing preferences (consented) | Until consent is withdrawn | Consent |
| Technical and access logs | 12 months from collection | Security; fraud prevention |
6.2 At the end of the applicable retention period, personal data is securely deleted or anonymised in accordance with p282's data destruction procedures. Anonymised data that can no longer identify any individual is not subject to this Privacy Policy and may be retained for analytical purposes indefinitely.
7.1 p282 implements industry-standard technical and organisational security measures to protect personal data from unauthorised access, disclosure, alteration, loss, or destruction. These measures include:
7.2 Data Breach Response. In the event of a personal data breach that poses a real risk of serious harm to affected data subjects, p282 will notify the National Privacy Commission within 72 hours of becoming aware of the breach and will notify affected Players without undue delay. Notification will describe the nature of the breach, the data affected, the likely consequences, and the measures taken to address it.
8.1 Under the Philippine Data Privacy Act of 2012, you have the following rights in respect of personal data that p282 holds about you. To exercise any of these rights, contact p282 support via live chat or at the email address in Section 12. p282 will respond to all valid requests within 30 calendar days.
You have the right to be informed of how your personal data is being processed. This Privacy Policy fulfils that obligation; you may request a plain-language summary at any time.
You have the right to request a copy of the personal data that p282 holds about you, including the categories of data, the purposes of processing, and the recipients to whom it has been disclosed.
If any personal data that p282 holds about you is inaccurate or incomplete, you have the right to request correction. Update your registered details from your account dashboard or contact support.
You may request deletion of your personal data in certain circumstances — for example, where data is no longer necessary for its original purpose. This right is subject to legal retention obligations that may require p282 to retain data notwithstanding your request.
You have the right to object to processing of your personal data where that processing is based on legitimate interests or is carried out for direct marketing purposes. Objection to direct marketing will be honoured immediately.
You have the right to receive a copy of personal data you have provided to p282 in a structured, commonly used, and machine-readable format, and to request transfer to another controller where technically feasible.
Where processing is based on consent (such as marketing communications), you may withdraw consent at any time. Withdrawal does not affect lawfulness of processing prior to withdrawal.
If you believe p282 has processed your personal data unlawfully, you have the right to lodge a complaint with the National Privacy Commission of the Philippines.
9.1 The p282 platform is strictly restricted to persons who are 21 years of age or older as required by PAGCOR. p282 does not knowingly collect personal data from persons under the age of 21.
9.2 Age verification is conducted through mandatory KYC procedures that require submission of a valid Philippine government-issued identification document confirming the Player's date of birth. Accounts that fail age verification will be closed immediately and any personal data collected in connection with the registration will be deleted, save where retention is required by law.
9.3 If you believe that p282 has inadvertently collected personal data from a person under the age of 21, please notify p282 support immediately. p282 will take prompt action to delete the relevant data and close the associated account.
10.1 In certain circumstances, personal data processed by p282 may be transferred to, or accessed from, locations outside the Philippines — for example, where p282 engages cloud hosting or KYC service providers with infrastructure located in other countries.
10.2 p282 ensures that any cross-border transfer of personal data is conducted in accordance with the requirements of the Philippine Data Privacy Act and its Implementing Rules. Before transferring personal data internationally, p282 requires that the receiving country or organisation provides an adequate level of data protection, either by reason of a National Privacy Commission adequacy finding or by means of appropriate contractual safeguards such as Standard Contractual Clauses.
10.3 Where a cross-border transfer is required by Philippine law — for example, a lawful request from a foreign law enforcement body through a treaty mechanism recognised under Philippine law — p282 will comply with that request and will notify affected Players to the extent permitted by law.
11.1 p282 may amend this Privacy Policy from time to time to reflect changes in Philippine law, PAGCOR regulatory requirements, platform services, or processing activities. The current version of this Privacy Policy is always published at https://p282.vip/privacy-policy.
11.2 Where an amendment materially affects your rights or the way p282 processes your personal data, p282 will notify you via your registered mobile number or email address at least 7 days before the amendment takes effect. The effective date and version number at the top of this document will be updated at the time of each revision.
11.3 Continued use of the p282 platform after the effective date of an amendment to this Privacy Policy constitutes acceptance of the revised policy. If you do not agree to a revision, you may close your Account before the revision takes effect.
12.1 For any questions about this Privacy Policy, to exercise your data subject rights, or to raise a concern about p282's data processing practices, please contact the p282 Data Privacy team:
12.2 National Privacy Commission. If you are not satisfied with p282's response to a privacy complaint, you have the right to lodge a complaint with the National Privacy Commission of the Philippines. Information on the NPC's complaint process is available on the NPC official website.
Six concrete commitments p282 makes to every Filipino player regarding their personal data
Every connection to p282 is protected by 256-bit SSL — the same standard used by Philippine banks like BPI and BDO. Your login credentials, payment details, and personal data are never transmitted in plain text.
p282 processes personal data strictly in accordance with the Philippine Data Privacy Act of 2012. Every processing activity has a documented legal basis, a defined retention period, and appropriate security controls.
p282 will never sell, rent, or trade your personal data to advertisers, data brokers, or any third party for commercial gain. Personal data shared with service providers is restricted by contract to the specific service being delivered.
Under the Philippine Data Privacy Act, you have eight data subject rights at p282 — including access, rectification, erasure, objection, and portability. p282 responds to all rights requests within 30 calendar days.
In the event of a data breach affecting your personal data, p282 will notify the National Privacy Commission within 72 hours and notify you without undue delay — explaining what happened, what data was affected, and what steps are being taken.
p282 retains personal data only for as long as required by law or the purposes stated in this policy. Once retention periods expire, data is securely deleted using cryptographic erasure or physical destruction procedures.
PAGCOR-licensed, DPA-compliant, and built specifically for Filipino players. Your personal data is protected by Philippine law and by p282's own security standards. Create your account and play knowing your privacy is taken seriously.