phmaca is committed to protecting the personal information of every Filipino player who uses our platform. This Privacy Policy explains what data we collect, why we collect it, how we use it, and the rights you have over your information under Philippine law.
All data transmitted between your device and the phmaca platform is protected by 256-bit SSL encryption — the same standard used by Philippine banking institutions like BPI and BDO.
phmaca processes personal data in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and all NPC regulations applicable to online gaming operators.
phmaca does not sell, rent, or trade your personal information to third parties for their own marketing purposes. Your data is used exclusively to operate and improve your phmaca experience.
Under the Data Privacy Act of 2012, you have the right to access, correct, object to, and request erasure of your personal data held by phmaca, subject to our legal retention obligations under PAGCOR regulations and AML law.
We tell you exactly what we collect, why we collect it, and how long we keep it. No hidden data practices, no undisclosed sharing arrangements. What you read here is what phmaca actually does.
The data controller responsible for your personal information collected through the phmaca platform (accessible at phmaca.app) is phmaca's licensed operating entity, which holds a valid PAGCOR interactive gaming licence and is registered to conduct online gaming operations in the Philippines.
phmaca is registered with the National Privacy Commission (NPC) of the Philippines in accordance with the requirements of the Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations. For all data privacy enquiries, please contact our Data Protection Officer at [email protected].
phmaca collects the following categories of personal data from Players and prospective Players:
phmaca collects personal data through the following means:
phmaca processes your personal data for the following purposes:
| Purpose | Data Categories Used |
|---|---|
| Account registration and management | Registration data, technical data |
| Age and identity verification (KYC) | Registration data, KYC data |
| Processing deposits and withdrawals | Financial data, KYC data |
| Anti-money laundering (AML) compliance | Financial data, KYC data, transaction logs |
| PAGCOR regulatory reporting | All categories as required by PAGCOR |
| Customer support and dispute resolution | Communications data, account data |
| Fraud detection and platform security | Technical data, financial data |
| Responsible gaming monitoring | Game activity logs, account data |
| Marketing communications (with consent) | Registration data, game preferences |
| Platform improvement and analytics | Technical data, usage data (aggregated) |
Under the Data Privacy Act of 2012 and its Implementing Rules, phmaca processes personal data on the following legal bases:
phmaca does not sell or rent your personal data to any third party. We share personal data only in the following circumstances:
phmaca is required to provide transaction records, player data, and suspicious transaction reports to PAGCOR, the Anti-Money Laundering Council (AMLC), and other Philippine government authorities, in accordance with our licence conditions and applicable law. We comply with all lawful requests from Philippine law enforcement and regulatory bodies.
phmaca engages third-party service providers who process data on our behalf under data processing agreements. These include KYC and identity verification providers, payment processors (GCash/PayMaya/banking partners), IT infrastructure and cloud service providers, and customer support platform operators. All service providers are contractually bound to process data only for the purposes specified by phmaca and to implement appropriate security measures.
Game providers (such as JILI, PG Soft, Pragmatic Play, and Evolution Gaming) receive limited technical data necessary to deliver games and verify game outcomes. They do not receive financial data or full KYC documentation unless required for specific regulatory audits.
Some of phmaca's service providers and game providers are located outside the Philippines. Where personal data is transferred internationally, phmaca ensures that adequate data protection safeguards are in place, consistent with NPC guidelines on cross-border data transfers.
phmaca uses cookies and similar tracking technologies on the Platform. The categories of cookies used are:
You may manage your cookie preferences through the phmaca cookie settings panel, accessible from the Platform footer. Disabling non-essential cookies will not affect your ability to access games or account features.
phmaca retains personal data for the following periods:
Following the expiry of the applicable retention period, phmaca will securely delete or anonymise your personal data, unless a longer retention period is required by applicable Philippine law.
phmaca implements the following technical and organisational security measures to protect your personal data:
While phmaca takes every reasonable measure to protect your personal data, no online platform can guarantee absolute security. You are responsible for maintaining the security of your Account credentials and for logging out of shared devices after each session.
Under the Data Privacy Act of 2012 and applicable NPC regulations, you have the following rights in respect of your personal data held by phmaca:
To exercise any of these rights, please contact the phmaca Data Protection Officer at [email protected]. phmaca will respond to data subject requests within fifteen (15) working days. Requests that are manifestly unfounded or excessive may be declined, with written reasons provided.
If you are unsatisfied with phmaca's response to a data privacy concern, you may lodge a complaint with the National Privacy Commission (NPC) of the Philippines.
The phmaca Platform is strictly for persons aged 21 years and above. phmaca does not knowingly collect personal data from persons under 21 years of age. If phmaca discovers or is notified that an Account has been registered by or for a person under 21, the Account will be immediately suspended, all associated data will be reviewed, and the matter will be reported to PAGCOR in accordance with our licence conditions.
If you believe a person under 21 has registered an Account on phmaca, please contact us immediately at [email protected].
phmaca may update this Privacy Policy from time to time to reflect changes in our data practices, applicable Philippine law, or PAGCOR regulatory requirements. Material changes will be communicated to registered Players via SMS to their registered Philippine mobile number or by prominent notice on the Platform at least seven (7) calendar days before the revised Policy takes effect.
The "Last Revised" date at the top of this Policy will always indicate when the most recent update was made. Your continued use of the phmaca Platform following the effective date of a revised Privacy Policy constitutes your acknowledgement of the updated terms.
For all data privacy enquiries, access requests, correction requests, or complaints, please contact phmaca's designated Data Protection Officer:
For complaints that are not resolved to your satisfaction through phmaca's internal process, you may contact the National Privacy Commission (NPC) of the Philippines through their official website and complaints channels.
phmaca is built on transparency and trust. PAGCOR regulated, Data Privacy Act compliant, 256-bit encrypted. 500+ games, GCash deposits, Filipino-language support — all under one account. 21+ only.
21+ only · PAGCOR regulated · Play responsibly · Gambling involves financial risk