At 29ph, your privacy is not an afterthought — it is built into everything we do. This Privacy Policy explains exactly what personal data we collect, why we collect it, how we use it, and the rights you have over your own information. Please read it carefully before using the 29ph platform.
The most important things to know about how 29ph handles your personal data
Every piece of data you share with 29ph — from registration details to payment information — is protected by 256-bit SSL encryption, the same standard used by Philippine banks. Your data is never transmitted in plain text across our systems.
29ph does not sell, rent, or trade your personal information to third parties for their own marketing purposes. Your data is used solely to operate the 29ph platform, comply with legal obligations, and improve your experience as a player.
29ph processes personal data in compliance with Republic Act No. 10173, the Data Privacy Act of 2012, and the regulations issued by the National Privacy Commission (NPC) of the Philippines. Your rights as a Filipino data subject are fully respected.
We tell you exactly what data we collect and why. No hidden data harvesting, no vague catch-all clauses. If 29ph collects a piece of your information, this Privacy Policy explains the specific purpose and legal basis for doing so.
As a 29ph player, you have the right to access, correct, delete, and port your personal data. You can also object to certain types of processing. These rights are real and exercisable — contact our support team to make a data request at any time.
29ph only collects the personal data that is strictly necessary for the purposes described in this policy. We do not collect data speculatively or "just in case." Every data point we hold serves a defined, legitimate purpose under applicable law.
This Privacy Policy ("Policy") is issued by 29ph ("29ph," "we," "us," or "our") and applies to all personal data collected, processed, and stored in connection with your use of the 29ph online gaming platform, accessible at 29ph.one, including any associated mobile-optimized interfaces and related services (collectively, the "Platform").
29ph is committed to protecting the privacy and security of your personal information. This Policy is designed to comply with Republic Act No. 10173, the Data Privacy Act of 2012 of the Philippines ("DPA"), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission ("NPC"). Where applicable, 29ph also observes the data protection requirements of PAGCOR and other relevant Philippine regulatory bodies.
By accessing the Platform, creating a 29ph account, or otherwise providing us with your personal data, you acknowledge that you have read and understood this Policy and consent to the collection and processing of your personal data as described herein. If you do not agree with this Policy, please do not use the Platform.
This Policy should be read together with the 29ph Terms & Conditions and Responsible Gaming Policy, both of which are incorporated by reference.
29ph collects personal data only to the extent necessary to provide the Platform and comply with our legal obligations. The categories of personal data we collect are described below.
| Category | Examples | When Collected |
|---|---|---|
| Identity Data | Full legal name, date of birth, gender, nationality | Account registration & KYC verification |
| Contact Data | Email address, mobile number, residential address | Account registration |
| Identity Documents | Government-issued ID (Passport, UMID, Driver's License, Voter's ID), proof of address | KYC verification |
| Financial Data | GCash number, Maya account, bank account details, debit card details | Deposit & withdrawal processing |
| Account Credentials | Username, hashed password | Account registration |
| Communications | Support chat logs, email correspondence, feedback submissions | When you contact 29ph support |
When you access the Platform, 29ph automatically collects certain technical and behavioral data, including:
29ph may receive personal data about you from third-party sources, including: identity verification service providers, payment processors (GCash, Maya, BPI, BDO, Metrobank, UnionBank, Landbank, PNB, Security Bank, and debit card networks), fraud detection services, and PAGCOR or other regulatory bodies where required by law.
We do not collect sensitive personal information such as racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data, except where strictly required by law (e.g., facial recognition for identity verification where mandated by PAGCOR regulations).
29ph uses your personal data for the following specific purposes. We do not use your data for any purpose that is incompatible with the purposes listed below without first obtaining your consent or establishing a new legal basis.
Under the Data Privacy Act of 2012 and its Implementing Rules and Regulations, 29ph processes your personal data on the following legal bases:
Where 29ph relies on legitimate interests as a legal basis, we conduct a balancing test to ensure that our interests do not override your fundamental rights. You may request information about this balancing test by contacting our Data Protection Officer.
29ph does not sell, rent, or trade your personal data to third parties. We may share your personal data with the following categories of recipients, strictly on a need-to-know basis and subject to appropriate data protection safeguards:
29ph engages trusted third-party service providers to assist in operating the Platform. These include: identity verification and KYC providers, payment processors (GCash, Maya, BPI, BDO, Metrobank, UnionBank, Landbank, PNB, Security Bank, and debit card networks), fraud detection and cybersecurity providers, cloud hosting and infrastructure providers, customer support platform providers, and analytics service providers. All service providers are contractually bound to process your data only on 29ph's instructions and in accordance with applicable data protection law.
29ph may disclose your personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), the Bureau of Internal Revenue (BIR), or other Philippine government authorities where required by law, court order, or regulatory directive. 29ph will notify you of such disclosures where legally permitted to do so.
In the event of a merger, acquisition, restructuring, or sale of all or part of 29ph's business, your personal data may be transferred to the acquiring entity as part of that transaction. You will be notified of any such transfer and the privacy practices of the acquiring entity before your data is transferred.
29ph may share your personal data with other third parties where you have given your explicit prior consent to such sharing.
29ph will never share your personal data with third-party advertisers, data brokers, or marketing companies without your explicit consent. Your data is not a product.
29ph uses cookies and similar tracking technologies (such as web beacons and local storage) to operate and improve the Platform. Cookies are small text files stored on your device that help us recognize you, remember your preferences, and analyze how you use the Platform.
You can control non-essential cookies through your browser settings or through the cookie preference center available on the Platform. Please note that disabling certain cookies may affect the functionality of the Platform. For strictly necessary cookies, no opt-out is available as they are required for the Platform to operate.
29ph retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. The following retention periods apply:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account & Identity Data | Duration of account + 5 years after closure | PAGCOR & AML legal requirements |
| Transaction Records | 10 years from transaction date | Anti-Money Laundering Act (RA 9160) |
| KYC Documents | Duration of account + 5 years after closure | PAGCOR licensing conditions |
| Support Communications | 3 years from last interaction | Legitimate interests (dispute resolution) |
| Marketing Consent Records | Until consent is withdrawn + 3 years | Legal obligation (proof of consent) |
| Analytics & Usage Data | 24 months (rolling) | Legitimate interests (platform improvement) |
Upon expiry of the applicable retention period, 29ph will securely delete or anonymize your personal data in accordance with our data disposal procedures. Where data is anonymized rather than deleted, the anonymized data may be retained indefinitely for statistical and research purposes.
29ph implements a comprehensive set of technical and organizational security measures to protect your personal data against unauthorized access, accidental loss, destruction, alteration, or disclosure. Our security measures include:
While 29ph takes all reasonable steps to protect your data, no system is completely immune to security threats. You also play a role in keeping your account secure — use a strong, unique password and never share your 29ph login credentials with anyone.
Under the Data Privacy Act of 2012, you have the following rights with respect to your personal data held by 29ph. These rights are real and exercisable — contact our Data Protection Officer to make a request.
You have the right to obtain confirmation of whether 29ph holds personal data about you, and to receive a copy of that data along with information about how it is being processed.
You have the right to request correction of any inaccurate or incomplete personal data we hold about you. You can update basic account information directly through your account settings.
You have the right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and no other legal basis applies. Note that certain data must be retained to comply with legal obligations and cannot be deleted on request.
You have the right to object to the processing of your personal data where 29ph relies on legitimate interests as the legal basis, or where your data is used for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible.
You have the right to request that 29ph restricts the processing of your personal data in certain circumstances — for example, while the accuracy of data is being contested, or while an objection is being assessed.
Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
To exercise any of the above rights, please contact our Data Protection Officer using the details in Section 13. 29ph will respond to all verified data subject requests within fifteen (15) business days of receipt, in accordance with NPC guidelines.
The 29ph Platform is strictly intended for adults aged 21 years and above, in compliance with PAGCOR regulations governing real-money online gaming in the Philippines. 29ph does not knowingly collect personal data from individuals under the age of 21.
If 29ph becomes aware that personal data has been collected from a person under 21 years of age, we will immediately suspend the relevant account, delete the personal data, and forfeit any associated account balance in accordance with our Terms & Conditions and applicable law.
If you are a parent or guardian and believe that your child has registered on the 29ph Platform, please contact us immediately at the details provided in Section 13. We will take prompt action to close the account and delete all associated data.
29ph primarily processes and stores personal data within the Republic of the Philippines. However, some of our third-party service providers — including cloud infrastructure providers and certain technology vendors — may process data in other countries.
Where personal data is transferred outside the Philippines, 29ph ensures that appropriate safeguards are in place to protect your data to a standard equivalent to that required under the Data Privacy Act of 2012. These safeguards may include: standard contractual clauses approved by the NPC, binding corporate rules, or transfers to countries that the NPC has determined provide an adequate level of data protection.
You may request information about the specific safeguards applicable to any international transfer of your personal data by contacting our Data Protection Officer.
29ph reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or regulatory requirements. When material changes are made, 29ph will notify registered players by email and/or by posting a prominent notice on the Platform at least seven (7) days before the changes take effect.
The "Last Updated" date at the top of this Policy indicates when the most recent changes were made. We encourage you to review this Policy periodically to stay informed about how 29ph protects your personal data.
Your continued use of the Platform after the effective date of any revised Policy constitutes your acceptance of the updated terms. If you do not agree with the changes, you must cease using the Platform and may request account closure in accordance with our Terms & Conditions.
If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data by 29ph, please contact our Data Protection Officer:
Data Protection Officer — 29ph
Email: privacy@29ph.one
General Support: support@29ph.one
Response Time: Within 15 business days of receipt of a verified request.
If you believe that 29ph has violated your rights under the Data Privacy Act of 2012 and you are not satisfied with our response to your complaint, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines. The NPC is the independent regulatory body responsible for enforcing the DPA and protecting the data privacy rights of Filipino citizens.
We encourage you to contact 29ph directly first so we have the opportunity to resolve your concern. Our Data Protection Officer is committed to addressing all privacy-related inquiries promptly and fairly.
Now that you know how 29ph protects your privacy, explore our full game library — slots, live dealer, Bingo, Mines Gold, and more. GCash and PayMaya deposits from ₱100. Must be 21 or older.
21+ only · PAGCOR regulated · Gambling is addictive. Know when to stop.