Sinagph Privacy Policy

1 Introduction

Sinagph ("Sinagph," "we," "us," or "our") is committed to protecting the privacy and personal data of all individuals who use the Sinagph online gaming platform ("Platform"). This Privacy Policy ("Policy") describes how Sinagph collects, processes, stores, shares, and protects personal data in connection with your use of the Platform.

This Policy is issued in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173, "DPA"), its Implementing Rules and Regulations ("IRR"), and the relevant issuances of the National Privacy Commission ("NPC") of the Philippines. Sinagph takes its obligations as a personal information controller seriously and processes your data only in accordance with the principles of transparency, legitimate purpose, and proportionality as required under Philippine law.

This Policy applies to all players, registered users, visitors, and any other individuals whose personal data is processed by Sinagph in connection with the Platform, whether accessed from Manila, Cebu, Davao, Quezon City, Makati, or anywhere else in the Philippines.

2 Data Controller

For the purposes of the Philippine Data Privacy Act of 2012, Sinagph acts as the Personal Information Controller in respect of the personal data collected through the Platform. This means Sinagph determines the purposes and means by which your personal data is processed.

Where Sinagph engages third-party service providers to process personal data on its behalf — such as payment processors, KYC verification providers, or analytics platforms — those parties act as Personal Information Processors and are contractually bound to process your data only on Sinagph's instructions and in accordance with applicable data privacy law.

If you have any questions or concerns about how Sinagph processes your personal data, or if you wish to exercise any of your rights under the DPA, please contact our Data Protection Officer using the details provided in Section 14 of this Policy.

3 Personal Data We Collect

Sinagph collects the following categories of personal data in connection with your use of the Platform:

Sinagph does not intentionally collect sensitive personal information as defined under the DPA (such as health data, religious beliefs, or political affiliations) unless specifically required by law or with your explicit consent. Where such data is incidentally disclosed, it will be treated with the highest level of protection.

4 How We Collect Your Data

Sinagph collects personal data through the following means:

• Direct collection: Data you provide when registering an account, completing KYC verification, making deposits or withdrawals, contacting customer support, or participating in promotions.
• Automated collection: Technical and usage data collected automatically when you access the Platform, including through cookies, web beacons, log files, and similar tracking technologies. See Section 11 for our full Cookies Policy.
• Third-party sources: Identity and fraud-check data received from KYC verification providers, payment processors, and fraud prevention services. Sinagph only receives data from third parties where you have authorised that third party to share your information, or where Sinagph is legally entitled to receive it.
• Publicly available sources: In limited circumstances, Sinagph may verify information against publicly available records for fraud prevention or regulatory compliance purposes.

5 How We Use Your Personal Data

Sinagph uses your personal data for the following purposes:

• Account management: Creating, maintaining, and administering your Sinagph account, including verifying your identity and age (21+ requirement).
• Service delivery: Processing deposits and withdrawals, providing access to games, and delivering the core features of the Sinagph Platform.
• Legal and regulatory compliance: Meeting our obligations under Philippine law, including anti-money laundering (AML) requirements, Know Your Customer (KYC) obligations, and any requirements imposed by relevant regulatory authorities.
• Fraud prevention and security: Detecting, investigating, and preventing fraudulent activity, cheating, money laundering, and other prohibited conduct on the Platform.
• Responsible gaming: Monitoring gaming behaviour to identify potential problem gambling patterns and to administer responsible gaming tools such as deposit limits, session limits, and self-exclusion.
• Customer support: Responding to your enquiries, resolving disputes, and providing technical assistance.
• Marketing communications: Sending you promotional offers, bonus notifications, and platform updates — but only where you have provided your consent or where we have a legitimate interest to do so. You may opt out of marketing communications at any time.
• Platform improvement: Analysing usage patterns to improve the functionality, performance, and user experience of the Sinagph Platform.
• Legal proceedings: Establishing, exercising, or defending legal claims where necessary.

Sinagph will not use your personal data for any purpose that is incompatible with the purposes listed above without first obtaining your consent or establishing a separate legal basis for the new processing activity.

6 Legal Basis for Processing

Sinagph processes your personal data on the following legal bases under the Philippine Data Privacy Act of 2012:

• Contractual necessity: Processing that is necessary to perform the contract between you and Sinagph — i.e., to provide you with access to the Platform and its services.
• Legal obligation: Processing that is required to comply with applicable Philippine laws and regulations, including AML, KYC, and gaming regulatory requirements.
• Legitimate interests: Processing that is necessary for Sinagph's legitimate business interests, such as fraud prevention, platform security, and service improvement, provided those interests are not overridden by your rights and interests.
• Consent: Where Sinagph relies on your consent as the legal basis for processing — such as for direct marketing communications — you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

7 Data Sharing and Disclosure

Sinagph does not sell your personal data. We may share your personal data with the following categories of recipients only to the extent necessary and in accordance with applicable law:

• Payment processors: GCash, PayMaya, BPI, BDO, Metrobank, and other approved payment service providers, for the purpose of processing your deposits and withdrawals.
• KYC and identity verification providers: Third-party services engaged to verify your identity and age as required by our regulatory obligations.
• Fraud prevention and AML services: Specialist providers that assist Sinagph in detecting and preventing fraudulent activity and money laundering.
• IT and platform service providers: Cloud hosting, data storage, and technical infrastructure providers who process data on Sinagph's behalf under strict data processing agreements.
• Regulatory and law enforcement authorities: Where required by Philippine law, court order, or regulatory instruction, Sinagph may disclose your personal data to competent authorities including the National Privacy Commission, law enforcement agencies, and relevant gaming regulators.
• Professional advisers: Lawyers, auditors, and other professional advisers where necessary for the conduct of Sinagph's business, subject to confidentiality obligations.

All third parties with whom Sinagph shares personal data are required to maintain appropriate technical and organisational security measures and to process your data only for the specified purposes and in accordance with Sinagph's instructions.

8 Data Retention

Sinagph retains your personal data for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable Philippine law. The following general retention periods apply:

• Account and identity data: Retained for the duration of your account and for a minimum of five (5) years following account closure, in accordance with AML and regulatory record-keeping requirements.
• Financial transaction data: Retained for a minimum of five (5) years from the date of the transaction, as required by Philippine AML regulations.
• Gaming history: Retained for a minimum of three (3) years from the date of each gaming session, for dispute resolution and regulatory compliance purposes.
• Customer support communications: Retained for two (2) years from the date of the last communication, unless a longer period is required for ongoing dispute resolution.
• Marketing consent records: Retained for the duration of your consent and for one (1) year following withdrawal of consent, as evidence of the consent given.
• Technical and usage data: Generally retained for up to twelve (12) months, unless a longer period is required for security or fraud investigation purposes.

Upon expiry of the applicable retention period, Sinagph will securely delete or anonymise your personal data in accordance with its data disposal procedures. Anonymised data that can no longer be linked to you may be retained indefinitely for statistical and analytical purposes.

9 Data Security

Sinagph implements appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures include:

• Transport Layer Security (TLS) encryption for all data transmitted between your device and the Sinagph Platform.
• Encryption of sensitive data at rest, including financial information and government ID data.
• Access controls ensuring that personal data is accessible only to authorised Sinagph personnel who require it to perform their duties.
• Regular security assessments, penetration testing, and vulnerability scanning of the Platform.
• Two-factor authentication options for player accounts to reduce the risk of unauthorised access.
• Staff training on data privacy and security obligations.
• Incident response procedures to detect, report, and address personal data breaches promptly.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, Sinagph will notify the National Privacy Commission and, where required, affected individuals in accordance with the timeframes prescribed under the DPA and NPC regulations.

While Sinagph takes all reasonable steps to protect your data, no online platform can guarantee absolute security. You are responsible for keeping your Sinagph account credentials confidential and for notifying us immediately if you suspect any unauthorised access to your account.

10 Your Data Subject Rights

Under the Philippine Data Privacy Act of 2012, you have the following rights in relation to your personal data held by Sinagph. To exercise any of these rights, please contact our Data Protection Officer using the details in Section 14.

Sinagph will respond to all verified data subject requests within fifteen (15) business days of receipt, in accordance with NPC guidelines. In complex cases, this period may be extended by a further fifteen (15) business days, and you will be notified of the extension and the reason for it.

Sinagph may need to verify your identity before processing a data subject request to ensure that personal data is not disclosed to an unauthorised person. We may ask you to provide a copy of a valid Philippine government-issued ID for this purpose.

11 Cookies and Tracking Technologies

Sinagph uses cookies and similar tracking technologies on the Platform to enhance your experience, analyse usage patterns, and support security functions. A cookie is a small text file placed on your device when you visit the Platform.

Sinagph uses the following types of cookies:

• Strictly necessary cookies: Essential for the Platform to function correctly. These include session management cookies, authentication cookies, and security cookies. These cannot be disabled without affecting Platform functionality.
• Performance and analytics cookies: Used to collect anonymised information about how visitors use the Platform, such as which pages are visited most frequently. This data helps Sinagph improve the Platform experience.
• Functional cookies: Used to remember your preferences and settings, such as your preferred language or display settings, to provide a more personalised experience.
• Marketing cookies: Used to deliver relevant promotional content and to measure the effectiveness of Sinagph's marketing campaigns. These are only placed with your consent.

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse or delete cookies. Please note that disabling certain cookies may affect the functionality of the Sinagph Platform. Your cookie preferences can also be managed through the cookie consent tool displayed when you first visit the Platform.

12 Minors and Age Restriction

The Sinagph Platform is strictly intended for individuals who are 21 years of age or older, in accordance with Philippine gaming regulations. Sinagph does not knowingly collect personal data from individuals under the age of 21.

If Sinagph becomes aware that personal data has been collected from a person under 21 years of age, it will take immediate steps to delete that data and close the associated account. All deposits, bonuses, and winnings associated with such an account will be forfeited.

If you are a parent or guardian and believe that your child has registered on the Sinagph Platform, please contact our Data Protection Officer immediately using the contact details in Section 14 so that we can take appropriate action.

13 Changes to This Privacy Policy

Sinagph reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, legal obligations, or Platform features. When material changes are made, Sinagph will notify registered players by email or through a prominent notice on the Platform prior to the changes taking effect.

The updated Privacy Policy will display a revised "Last Updated" date at the top of this page. We encourage you to review this Policy periodically to stay informed about how Sinagph protects your personal data. Your continued use of the Platform following the publication of an updated Privacy Policy constitutes your acknowledgment of the changes.

14 Contact Us and Data Protection Officer

If you have any questions, concerns, or requests relating to this Privacy Policy or Sinagph's handling of your personal data, please contact our Data Protection Officer (DPO). Sinagph has designated a DPO in accordance with the requirements of the Philippine Data Privacy Act of 2012.

Data Protection Officer — Sinagph
Email: [email protected]
General Support: [email protected]
Live Chat: Available 24/7 on the Sinagph Platform
Platform: sinagph.one

Email addresses above are displayed as plain text for reference. For the fastest response, please use the live chat feature available directly on the Sinagph Platform. We aim to acknowledge all privacy-related enquiries within two (2) business days.

If you are not satisfied with Sinagph's response to your privacy concern, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines, which is the supervisory authority responsible for enforcing the Data Privacy Act of 2012.