This Privacy Policy explains how phalaro collects, uses, stores, and protects the personal information of users of the phalaro Platform, in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations.
Last Updated: June 2026 | Effective Date: June 1, 2026 | Data Controller: phalaro (phalaro.club)
phalaro ("we," "us," "our," the "Company") operates the online gaming platform accessible at phalaro.club (the "Platform"). In the course of providing our services to registered users throughout the Philippines — from Makati and Quezon City to Cebu, Davao, and the wider regions — phalaro necessarily collects and processes certain personal information.
This Privacy Policy describes the types of personal information we collect, the purposes for which we use it, the conditions under which we may share it, and the rights you have as a data subject under Philippine law. This Policy applies to all users of the phalaro Platform, including visitors, registered account holders, and persons whose information we receive in the course of providing our services.
By using the phalaro Platform, you acknowledge that you have read and understood this Privacy Policy. This Policy should be read alongside our Terms & Conditions and Responsible Gaming Policy, both of which are incorporated by reference into the contractual relationship between you and phalaro.
For the purposes of the Philippine Data Privacy Act of 2012 (Republic Act No. 10173, "DPA") and its Implementing Rules and Regulations ("IRR"), the data controller in respect of personal information processed through the phalaro Platform is:
phalaro has designated a Data Protection Officer (DPO) responsible for overseeing compliance with the DPA and this Privacy Policy. The DPO may be contacted at [email protected] with the subject line "Data Privacy — DPO Inquiry."
phalaro collects the following categories of personal data in connection with your use of the Platform:
phalaro collects personal data through the following means:
phalaro processes your personal data on the following legal bases under the Philippine Data Privacy Act of 2012:
phalaro uses the personal data we collect for the following purposes:
phalaro may share your personal data with the following categories of recipients, strictly on a need-to-know basis and subject to appropriate data protection agreements:
phalaro is required to share certain user data with PAGCOR as part of its licensing obligations. phalaro may also disclose personal data to the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), law enforcement agencies, or courts where required by applicable Philippine law or a valid legal order.
To process your deposits and withdrawals, phalaro shares the minimum necessary financial data with its payment processing partners (GCash/GXI, PayMaya/Voyager, BPI, BDO, Metrobank). These providers are bound by their own privacy policies and applicable Philippine financial regulations.
phalaro engages certified third-party KYC service providers to assist in document verification. These providers process identity document data solely for verification purposes and are contractually prohibited from using the data for any other purpose.
phalaro works with technology service providers (including cloud infrastructure providers, game technology providers, and customer support platform providers) who may process personal data on phalaro's behalf as data processors. All such processors are bound by data processing agreements requiring compliance with the Philippine DPA.
In the event of a merger, acquisition, or sale of all or substantially all of phalaro's assets, user personal data may be transferred to the acquiring entity, subject to the same privacy protections described in this Policy. Users will be notified of any such transfer in accordance with the DPA's requirements.
phalaro retains personal data for the following minimum periods, or longer where required by law:
Following the applicable retention period, personal data will be securely deleted or anonymized in a manner that prevents re-identification.
phalaro implements industry-standard technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These measures include:
phalaro uses cookies and similar tracking technologies on the Platform for the following purposes:
Strictly necessary for Platform operation — including session management, login authentication, and security token storage. These cookies cannot be disabled without preventing access to core Platform features.
Remember your preferences (language settings, display preferences) to improve your Platform experience across sessions.
Collect aggregated, anonymized data about how users interact with the Platform — pages visited, session duration, error events — used solely to improve Platform performance and user experience. No individual user is identified in analytics reports.
You may manage cookie preferences through your browser settings. Please note that disabling certain cookies may impair Platform functionality. phalaro does not use cookies for advertising profiling or third-party behavioral tracking.
Under the Philippine Data Privacy Act of 2012, you have the following rights with respect to your personal data held by phalaro:
To exercise any of the above rights, please submit a written request to [email protected] with the subject line "Data Subject Rights Request — [Your Account Username]." phalaro will respond within fifteen (15) business days. Identity verification will be required before actioning any request.
Parents and guardians who believe a minor may have accessed the phalaro Platform should contact [email protected] immediately. phalaro will take prompt action to investigate and remediate any such situation.
phalaro's primary data processing infrastructure is located within the Philippines. In certain circumstances — particularly in connection with game technology providers and cloud infrastructure services — personal data may be processed by servers or service providers located outside the Philippines.
Where personal data is transferred outside the Philippines, phalaro ensures that appropriate safeguards are in place in accordance with the DPA's requirements for cross-border data transfers, including contractual data processing agreements that require the recipient to apply data protection standards equivalent to those required under Philippine law.
The phalaro Platform may contain references to PAGCOR and other regulatory entities for informational purposes. phalaro is not responsible for the privacy practices of any third-party websites. This Privacy Policy applies solely to the phalaro Platform at phalaro.club and does not extend to any external websites or services.
phalaro reserves the right to update this Privacy Policy at any time to reflect changes in law, regulatory requirements, or our data processing practices. Material changes will be communicated to registered users via email to the registered email address and/or a prominent notice on the Platform at least seven (7) days prior to the effective date of the change.
The current version of this Privacy Policy is always accessible at phalaro.club/privacy-policy. The "Last Updated" date at the top of this page indicates when the most recent revision was made. Continued use of the Platform after the effective date of any amendment constitutes acceptance of the revised Policy.
For any questions, concerns, or requests relating to this Privacy Policy or phalaro's data processing practices, please contact:
Six practical ways phalaro safeguards your personal data every time you log in, deposit, or play.
Every connection between your device and phalaro uses TLS encryption. Your login credentials, KYC documents, and GCash transaction data are protected in transit at all times — no exceptions.
phalaro does not sell, rent, or trade your personal data to third-party marketers. Your data is used only for the purposes described in this Privacy Policy — to run the Platform and comply with PAGCOR requirements.
phalaro's data practices are designed to comply with Republic Act No. 10173 (Data Privacy Act of 2012) and its IRR. You have full access to your DPA rights — access, correction, erasure, portability, and the right to complain to the NPC.
phalaro collects only the data genuinely required to provide services and meet regulatory obligations. We do not collect data speculatively or maintain data profiles beyond what is needed for Platform operation and PAGCOR compliance.
phalaro retains personal data only as long as required by law or to fulfil the stated purpose. Financial and KYC records are retained for five years as required by AMLA. After that, data is securely deleted or anonymized.
phalaro has appointed a Data Protection Officer responsible for privacy compliance. Any data subject rights request, privacy concern, or NPC inquiry can be directed to the DPO at [email protected] for prompt handling.
Register with confidence — phalaro is PAGCOR-regulated, DPA-compliant, and built for Filipino players who value both entertainment and security.
Create Your Free phalaro Account21+ only · PAGCOR regulated · Philippine DPA compliant · GCash & PayMaya accepted