9piso Privacy Policy —
Your Data, Your Rights

1. Introduction

// SECTION 1.0

9piso ("we," "us," "our," "the Company") operates the online gaming platform accessible at 9piso.net (the "Platform"). We are committed to protecting the privacy and personal data of all users ("you," "Player," "User") who access or use the Platform.

This Privacy Policy ("Policy") describes how 9piso collects, uses, stores, shares, and protects your personal information in connection with your use of the Platform. It also explains your rights under Republic Act No. 10173, the Data Privacy Act of 2012 ("DPA"), and its Implementing Rules and Regulations.

By registering an Account or using the Platform in any capacity, you acknowledge that you have read and understood this Policy and consent to the collection and processing of your personal data as described herein. If you do not agree to this Policy, you must not use the Platform.

2. Data Controller

// SECTION 2.0

9piso is the personal information controller ("PIC") for all personal data collected through the Platform, as defined under the DPA. This means 9piso determines the purposes and means of processing your personal data.

9piso operates under the regulatory oversight of the Philippine Amusement and Gaming Corporation (PAGCOR). Our data processing activities are conducted in compliance with PAGCOR's requirements and the DPA.

For all privacy-related inquiries, requests, and complaints, you may contact our designated Data Protection Officer (DPO) using the contact details provided in Section 14 of this Policy.

3. Personal Data We Collect

// SECTION 3.0

3.1 Data You Provide Directly. When you register an Account, complete KYC verification, make deposits or withdrawals, or contact our support team, you provide us with personal data including:

• Full legal name as it appears on your government-issued ID;
• Date of birth (used to verify the 21+ age requirement);
• Residential address in the Philippines;
• Email address and mobile number;
• Government-issued ID details (ID type, ID number, expiry date);
• Payment method details (GCash number, Maya account, bank account details — stored in tokenized form only);
• Any information you provide when contacting our support team.

3.2 Data Collected Automatically. When you use the Platform, we automatically collect certain technical and behavioral data, including:

• IP address and approximate geographic location;
• Device type, operating system, and browser information;
• Session data including login times, session duration, and pages visited;
• Game activity data including games played, wagers placed, and outcomes;
• Transaction history including deposits, withdrawals, and bonus usage;
• Cookie and tracking data as described in Section 7.

3.3 Data from Third Parties. In limited circumstances, 9piso may receive personal data about you from third parties, including:

• Payment processors (for transaction verification and fraud prevention);
• Identity verification service providers (for KYC compliance);
• PAGCOR and other regulatory bodies (for compliance purposes).

4. How We Use Your Personal Data

// SECTION 4.0

9piso uses your personal data for the following purposes:

Purpose	Description
Account Management	Creating, maintaining, and securing your 9piso Account.
Identity Verification (KYC)	Verifying your identity and age as required by PAGCOR regulations before processing withdrawals.
Payment Processing	Processing deposits and withdrawals via GCash, Maya, bank transfer, and debit card.
Regulatory Compliance	Meeting our obligations under PAGCOR licensing, the DPA, and anti-money laundering (AML) laws.
Fraud Prevention	Detecting and preventing fraudulent activity, unauthorized access, and abuse of the Platform.
Customer Support	Responding to your inquiries, resolving disputes, and providing technical assistance.
Responsible Gaming	Monitoring gaming behavior to identify problem gambling patterns and enforce self-exclusion requests.
Platform Improvement	Analyzing usage data to improve the Platform's features, performance, and user experience.
Communications	Sending you account notifications, security alerts, and — with your consent — promotional offers.

9piso will not use your personal data for any purpose that is incompatible with the purposes listed above without first obtaining your explicit consent.

5. Legal Basis for Processing

// SECTION 5.0

Under the Philippine Data Privacy Act, 9piso processes your personal data on the following legal bases:

• Contractual Necessity: Processing required to fulfill our obligations under the Terms & Conditions you agreed to upon registration, including account management, payment processing, and game operation.
• Legal Obligation: Processing required to comply with PAGCOR regulations, the Anti-Money Laundering Act (AMLA), the DPA, and other applicable Philippine laws.
• Legitimate Interests: Processing necessary for fraud prevention, platform security, and responsible gaming monitoring, where these interests are not overridden by your rights.
• Consent: Processing for marketing communications and non-essential cookies, where you have given explicit, informed consent. You may withdraw this consent at any time.

6. Data Sharing and Disclosure

// SECTION 6.0

6.1 We Do Not Sell Your Data. 9piso does not sell, rent, or trade your personal information to any third party for commercial or marketing purposes. Full stop.

6.2 Authorized Third-Party Processors. 9piso shares your personal data with carefully selected third-party service providers ("personal information processors") who assist us in operating the Platform. These include:

• Payment processors and e-wallet providers (GCash, Maya, partner banks) — for transaction processing;
• KYC and identity verification providers — for regulatory compliance;
• Cloud hosting and infrastructure providers — for Platform operation and data storage;
• Customer support platform providers — for managing support interactions;
• Analytics providers — for aggregated, anonymized Platform usage analysis.

All third-party processors are bound by data processing agreements that require them to handle your data in accordance with the DPA and this Policy. They are permitted to use your data only for the specific purposes for which it was shared.

6.3 Regulatory Disclosures. 9piso may be required to disclose your personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), law enforcement agencies, or courts of competent jurisdiction, where required by law or a valid legal order. We will notify you of such disclosures where legally permitted to do so.

6.4 Business Transfers. In the event of a merger, acquisition, or sale of all or substantially all of 9piso's assets, your personal data may be transferred to the acquiring entity. You will be notified of any such transfer and the privacy practices of the acquiring entity prior to the transfer taking effect.

7. Cookies and Tracking Technologies

// SECTION 7.0

7.1 What Are Cookies. Cookies are small text files placed on your device when you visit the Platform. They help us recognize your device, remember your preferences, and analyze how the Platform is used.

7.2 Types of Cookies We Use.

• Strictly Necessary Cookies: Essential for the Platform to function. These include session cookies that keep you logged in and security cookies that prevent fraudulent use. These cannot be disabled.
• Functional Cookies: Remember your preferences such as language settings and display options to improve your experience.
• Analytics Cookies: Collect anonymized data about how players use the Platform, helping us identify areas for improvement. Used only with your consent.
• Marketing Cookies: Used to deliver relevant promotional content. Used only with your explicit consent and can be withdrawn at any time.

7.3 Managing Cookies. You can manage your cookie preferences through your browser settings. Note that disabling strictly necessary cookies may affect the functionality of the Platform. For analytics and marketing cookies, you may withdraw consent at any time by adjusting your cookie preferences in your Account settings.

8. Data Security

// SECTION 8.0

9piso implements a comprehensive set of technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, and destruction. These measures include:

• 256-bit SSL/TLS encryption for all data transmitted between your device and our servers;
• AES-256 encryption for sensitive data stored at rest, including payment details and ID documents;
• Multi-factor authentication (MFA) options for player accounts;
• Role-based access controls limiting employee access to personal data on a strict need-to-know basis;
• Regular security audits and penetration testing by independent security professionals;
• 24/7 intrusion detection and monitoring systems;
• Tokenization of payment method details so that raw financial data is never stored on our servers.

While 9piso takes all reasonable steps to protect your data, no system is completely immune to security risks. In the event of a data breach that poses a risk to your rights and freedoms, 9piso will notify you and the National Privacy Commission (NPC) within 72 hours of becoming aware of the breach, as required by the DPA.

9. Data Retention

// SECTION 9.0

9piso retains your personal data for the following periods:

Data Category	Retention Period	Reason
Account registration data	Duration of account + 5 years	PAGCOR regulatory requirement
KYC / identity documents	Duration of account + 5 years	AMLA and PAGCOR compliance
Transaction records	Duration of account + 5 years	AMLA compliance and dispute resolution
Game activity logs	2 years from date of activity	Dispute resolution and fairness audits
Support communications	3 years from last interaction	Quality assurance and dispute resolution
Marketing consent records	Until consent is withdrawn + 1 year	DPA compliance
Self-exclusion records	Indefinitely	Responsible gaming obligations

Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymized. Data that has been anonymized is no longer considered personal data and may be retained for statistical and analytical purposes.

10. Your Data Privacy Rights

// SECTION 10.0

Under the Philippine Data Privacy Act (RA 10173), you have the following rights with respect to your personal data held by 9piso:

• Right to be Informed: The right to know that your personal data is being collected and processed, and the purposes for which it is used — which is the purpose of this Policy.
• Right to Access: The right to request a copy of the personal data 9piso holds about you, including information on how it is being processed.
• Right to Correction: The right to request correction of any inaccurate, incomplete, or outdated personal data we hold about you.
• Right to Erasure: The right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal retention obligations.
• Right to Object: The right to object to the processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.
• Right to Data Portability: The right to receive your personal data in a structured, commonly used, machine-readable format.
• Right to Lodge a Complaint: The right to lodge a complaint with the National Privacy Commission (NPC) if you believe your data privacy rights have been violated.

11. Children's Privacy

// SECTION 11.0

The 9piso Platform is strictly intended for persons aged 21 years and above, in accordance with Philippine law governing casino-style gambling. 9piso does not knowingly collect personal data from persons under the age of 21.

If 9piso becomes aware that personal data has been collected from a person under 21 years of age, we will immediately close the associated Account, delete the personal data, and — where required — report the matter to PAGCOR. If you believe that a minor has registered on the Platform, please contact us immediately at [email protected].

12. Third-Party Links

// SECTION 12.0

The Platform may contain links to third-party websites or services. This Privacy Policy applies solely to the 9piso Platform. 9piso is not responsible for the privacy practices of any third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

13. Updates to This Privacy Policy

// SECTION 13.0

9piso reserves the right to update this Privacy Policy at any time to reflect changes in our data processing practices, legal obligations, or regulatory requirements. Material changes will be communicated to registered players via the email address on file or via a prominent notice on the Platform at least seven (7) days before the changes take effect.

Your continued use of the Platform following the effective date of any updated Policy constitutes your acceptance of the revised terms. The current version and effective date are always displayed at the top of this page.

14. Contact and Data Protection Officer

// SECTION 14.0

For all privacy-related inquiries, data subject requests, or complaints, please contact 9piso's designated Data Protection Officer:

• Role: Data Protection Officer (DPO), 9piso
• Email: [email protected]
• General Support: [email protected]
• Live Chat: Available 24/7 via the Platform

If you are not satisfied with our response to your privacy concern, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines.

Last Updated: 01 January 2026  |  Version: 2.4  |  Governing Law: Republic Act No. 10173 (Data Privacy Act of 2012)  |  Regulator: PAGCOR / NPC