GGPOKER

PRIVACY POLICY

PRIVACY POLICY

This Privacy Policy is effective from June 28, 2024

GGPoker is operated by GOOD GAMES SOLUTIONS PILIPINAS INC. (onward as "GGPoker", "we", or "us"). GGPoker is committed to protecting your privacy. Towards this end, we will ensure that our collection and processing of your personal information and sensitive personal information (collectively, "personal data") complies with the requirements of the Republic Act No. 10173, also known as the Data Privacy Act of 2012, its implementing rules and regulations, and the circulars and advisories issued by the National Privacy Commission (collectively, the "Data Privacy Act").

1. Introduction

1.1 This Privacy Policy sets out how we collect, process, retain and protect your personal data.

1.2 By utilizing our Services, you acknowledge that you have read, and that you agree to, the terms of this Privacy Policy and that you consent to the use by GGPoker of your Personal Data for the purposes set out in section 3 of this Privacy Policy. If you do not wish to provide your personal data on the basis set out in this Privacy Policy, you should not enter the relevant information on the Website or otherwise provide your personal data to us. However, if you do not provide your personal data, you may not be able to utilize or access all the Services.

1.3 Capitalized terms that are not defined in this Privacy Policy shall have the meanings given to them in the Terms & Conditions. This Privacy Policy is incorporated into, and forms part of, the Terms & Conditions.

1.4 Definitions:

  • The following terms, "Data Subject", "Right to Data Portability" (Data Portability), "Personal Data", "Processing", used in this document shall have the same meaning as in the Data Privacy Act.
  • "You" means the player, the 'Data Subject' who is using the Services of GGPoker.
  • "Visitor" means an individual other than a user, who uses the public area, but has no access to the restricted areas of the Site or Service.

1.5 Principles:

In processing your personal data, we endeavor to adhere to the Data Privacy Act’s general principles of transparency, legitimate purpose, and proportionality, as well as other principles, policies, and standards as may be required by the Data Privacy Act and other applicable law, including that:

  • Collection must be for a declared, specified, and legitimate purpose;
  • Personal data shall be processed fairly and lawfully;
  • Processing should ensure data quality;
  • Adequate and not excessive in relation to the purpose for which they are collected and processed;
  • Personal data shall not be retained longer than necessary;
  • Further processing shall have adequate safeguards;
  • Data sharing shall be allowed when it is expressly authorized by law; and
  • Data sharing shall be allowed if the data subject consents to data sharing.

2. The Information we collect

2.1 In order for us to provide you with the Services, we collect your personal data upon your registering for an account. We collect, use, store and transfer the following kinds of personal data about you:

  • Full name,
  • Date and place of birth,
  • Present address,
  • Permanent address,
  • Contact number,
  • Nationality,
  • Nature of Work / Occupation,
  • Name of Employer/ Business,
  • Source of Funds,
  • Signature,
  • Government ID information,
  • Supporting documents to verify identity and address,
  • Electronic location information, and
  • Electronic device information.

2.2 As part of providing you with the Services, we also collect information about the transactions you undertake, including but not limited to details of payment cards used, details of the games you played and underlying gaming transactions.

2.3 We also collect, use and share aggregated data such as statistical data for any purpose. Aggregated data could be derived from your personal data but it is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate data relating to the use of the Services by you and other customers. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

3. How we will use your Personal Information

3.1 When providing our Services we ensure that we collect, retain and process your Personal Data in accordance with the Data Privacy Act. We will Process your Personal Data to enable us to:

3.1.1 Set-up, administer and manage your Account and records (including processing deposits and withdrawals);

3.1.2 Provide and personalize the Services (including allowing you to wager and play our games);

3.1.3 Receive and respond to your communications and requests;

3.1.4 Notify you about updates to the Software and/or the Services;

3.1.5 Ensure that we are able to fulfill our regulatory obligations regarding your Account, including by verifying the accuracy of any information you give us;

3.1.6 Comply with our obligations under the applicable laws and to regulatory bodies in the Philippines;

3.1.7 Investigate, and assist with the investigation of, suspected unlawful, fraudulent or other improper activity connected with the Services (including, where appropriate, dealing with requests from authorized entities/Authorities for the sharing of information);

3.1.8 Carry out market research campaigns;

3.1.9 Preparing statistics relating to the use of the Services by you and other customers;

3.1.10 Provide you with information about, and support for, the Services, including changes to the Services, technical updates and changes to the Terms & Conditions (including this Privacy Policy);

3.1.11 Provided that you "opt-in" and don’t "opt-out" from this option, keep you informed on offers and promotions in relation to our products and Services;

3.1.12 To share your information with other members of the group to receive assistance in providing the services;

3.1.13 To comply with any responsible gambling limits, that you have set;

3.1.14 To ensure we are able to fulfill our regulatory obligations for identity verification, affordability checking, fraud prevention, anti-money laundering, and tracing.

3.1.15 To share your information with our professional advisors for legitimate interests to obtain professional advice for legal, business needs, and to prevent fraud & cheating.

3.1.16 Support any other purpose necessary for the performance of our contractual obligations or specifically stated at the time at which you provided your Personal Data. These are the "Purposes" for which we may collect your Personal Data.

3.1.17 In order to comply with all applicable regulations, we will supply some of your personal information to third parties (including financial institutions, age verification, and credit reference agencies). Credit reference agencies provide services for identity verification, credit risk and affordability checking, fraud prevention, anti-money laundering, and tracing. A record of the search and results will be retained, and the third party may use the information to assist other companies for verification purposes (legitimate purpose).

3.2 Your stored payment details will be used to facilitate future transactions initiated by you within the GGPoker Cashier.

3.3 If at any time you wish us to stop processing your personal data for the above purposes, then you must contact us and we will take the appropriate steps to stop doing so. Please note that this may mean that your Account will be closed.

3.4 To ensure a good quality of our Services, we may monitor any communication you have with us whether in writing or by electronic mail ("recordings"). Any recordings remain the property of GGPoker and will be used only for the purposes listed above.

3.5 In the event that the purposes for processing your information would change, we will inform you of the changes and seek any additional consent that may be required.

4. Disclosing your Personal Data

4.1 Except as described in this Policy, we will not intentionally disclose the personal data that we collect and/or retain on the Service to third parties without your prior explicit consent. We may disclose Personal Data to third parties without such prior consent in the following circumstances:

  • Any company within our group (including to its employees and subcontractors) which assists us in providing the Services or which otherwise has a need to know such information;
  • Any third party which assists us in providing the Services, including (but not limited to) payment processors and marketing service providers;
  • Any third party which can assist us in verifying the accuracy of your Personal Data, including financial institutions and credit reference agencies (a record of the search may be retained by such third party. Security use/plan to use will fall under this category for ID and Document checks;
  • Any third party who assists us in monitoring use of the Services, including the detection and prevention of fraud, cheating and collusion;
  • Any contractors or other advisers auditing any of our business Processes or who have the need to access such information for the purpose of advising us;
  • Any law enforcement body which may have any reasonable requirement to access your personal data;
  • Other online gaming sites, banks, credit card companies, and appropriate agencies, where you are found to have cheated or attempted to defraud us or any other user of our services based on our and other online gaming sites legitimate interest or legal obligation to prevent fraud and/or cheating;
  • Any regulatory body or authorized entity which may have any reasonable requirement to access your personal data;
  • Any potential purchaser of GGPoker or any investors in it or in any company within our group (including in the event of insolvency).

4.2 We shall keep you informed and ensure that our trusted partners and/or third parties will abide with the mandatory data protection measures. During such data transmission we shall take all appropriate organizational, technical and legal protection measures.

4.3 GGPoker gives its customers the possibility to make use of "chat rooms" where players are able to communicate with each other. Whilst we will ensure that the players follow the terms as set in the "chat policy", we will not be responsible for any data breaches that might arise from the use of our chat rooms. Therefore, you accept responsibility and agree to hold GGPoker free and harmless and under no circumstance shall GGPoker be held responsible for any damages that might arise from any breach of data arising from the use of our chat rooms.

4.4 If at any time you wish us to stop processing your personal data for the above purposes, then you must contact us and we will take the appropriate steps to stop doing so. Please note that this may mean that your Account will be closed.

5. Your Rights as a Data Subject

5.1 We respect your privacy rights and provide you with reasonable access to the personal data that you may have provided through your use of the Services. Your principal rights under the Data Privacy Act are, among others:

  • the right to be informed;
  • the right to object;
  • the right to access;
  • the right to rectification;
  • the right to suspend, withdraw, erasure or blocking; and
  • the right to be indemnified for any damages;
  • the right to data portability;
  • the right of transmissibility; and
  • the right to file a complaint.

5.2 If you wish to access or amend any other personal data we hold about you, or to request that we delete any Personal Data about you, you may contact us via the details set out in this Privacy Policy. We will acknowledge your request within seventy-two (72) hours and handle it promptly. GGPoker will respond to these requests within 30 days, with a possibility to extend this period for particularly complex requests in accordance with the Data Privacy Act. We shall keep records including a ‘log’ of these requests. We will retain your information for as long as your account is active, as needed to provide you with our Services, or to comply with our legal obligations, resolve disputes and enforce our agreements.

5.3 You may update, correct, or delete your Account information and preferences at any time by accessing your Account settings page on the ‘My Account’ tab in the Cashier. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so. Where appropriate and possible we may apply anonymisation or pseudonymisation to personal data to reduce the risks to the data subjects.

5.4 You may decline to share certain personal data with us, in which case we may not be able to provide to you some or all of the features and functionality of the Service.

5.5 At any time, you may suspend, withdraw or order the blocking, removal or destruction of your personal data stored with us, on grounds provided under the Data Privacy Act. Where you have been asked to consent to the processing of your personal information, you can withdraw consent at any time, such as by contacting us. Any withdrawal of consent will not affect the lawfulness of the processing based on your consent before the withdrawal. Please also note that where you withdraw consent, we will only stop processing your personal information that relates to the withdrawal of consent. We may still process personal information where it is under a contractual or other legal obligation to do so or we are so required by law.

5.6 You have the right to data portability, whereby you may request to receive your personal data retained by us free of charge in a structured, commonly used and machine-readable format. However, we reserve the right to charge a fee for complying with such requests if they are deemed manifestly unfounded or excessive. The Company may charge a reasonable administrative-cost fee if further copies are requested. We shall keep records including a ‘log’ of these requests.

5.7 When we receive requests to dispose of personal data records by data subjects, We shall ensure that these requests are handled within a reasonable time frame.

5.8 We shall also strive in obtaining adequate disposal mechanisms to ensure no personal data is leaked outside of the organization.

5.9 Should we fail in abiding with the required data protection obligations, you shall have the right of complaint to the applicable authority.

6. How to Contact Us

6.1 Should you have questions, concerns or complaints about GGPoker’s processing of your personal information or wish to exercise your data protection rights, please contact our data protection officer at:

  • Contact: Data Protection Officer
  • Email: [email protected]
  • Address: Unit 603, Platinum 2000, #7 Annapolis St. Brgy. Greenhills, San Juan City Philippines 1502.

7. Advertising and use of Cookies

7.1 Cookies are pieces of information that a website transfers to your computer’s hard disc for record keeping purposes. Cookies can make the web more useful by storing information about your preferences on particular sites, thus enabling website owners to provide more useful features for their users. They contain no name or address information or any information that will enable anyone to contact you via telephone, e-mail or any other means. Most browsers are initially set to accept cookies. If you prefer, you can set your browser to disable cookies or inform you when they are set.

7.2 Information on how to disable cookies can be obtained by referring to either your Operating Systems Manual or your Browser Guide, or by contacting your Internet Service Provider. However, given that GGPoker may sometimes use cookies, you may not be able to take full advantage of our Website if you do disable them.

7.3 Our Online poker service uses session cookies to establish and maintain your session with us. With cookies enabled, you shouldn’t notice any difference to the service. GGPoker requires your web browser to accept a session cookie before you can log on or register for the service. Session cookies only exist until you close down your web browser, as opposed to permanent cookies which your browser stores until they expire. If your browser is set to disable cookies, you may restrict your access to GGPoker.

7.4 GGPoker web pages may contain electronic images, known as web beacons or spotlight tags. These enable GGPoker to count users who have visited certain pages on our website. Web beacons and spotlight tags are not used by us to access your personal information, they are simply a tool we use to analyze which web pages customers view, in an aggregated manner.

7.5 If you object to cookies or want to delete any cookies that are already stored on your computer, you should follow the instructions for deleting existing cookies and disabling future cookies on your web browser or equivalent software. Further information is available at www.aboutcookies.org. Please note that by deleting or disabling cookies you may not be able to access certain areas or features of the Website.

7.6 As part of the Website’s operation, and for our own statistical analysis of site traffic, our Website automatically logs internet IP addresses. We do not log any email address of visitors to the Website. Our advertising system logs IP addresses to supply more accurate advertising features, such as language-specific banners.

7.7 While the Website may contain links to websites operated by parties other than us, we are not responsible for the privacy practices or content of such websites.

8. Minors and Children’s Privacy

8.1 Protecting the privacy of minors is especially important. Our Service is not directed to children or persons under the age of 21, and we do not knowingly collect personal data from children or persons under the age of 21. If you are under 21 years of age, then please do not use or access the Service at any time or in any manner. If we learn that personal data has been collected on the Service from persons under 21 years of age, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child has obtained an Account on the Service, then you may alert us at [email protected] and request that we delete your child’s personal data from our systems.

9. Security

9.1 We take appropriate security measures to protect against loss, misuse and unauthorized access, alteration, disclosure, or destruction of your information. GGPoker has taken steps to ensure the ongoing confidentiality, integrity, availability, and resilience of systems and services processing personal data, and will restore the availability and access to information in a timely manner in the event of a physical or technical incident.

9.2 Your winnings and cash-outs are kept strictly confidential, and winnings information is stored in secure operating environments. We do not provide winnings information to any third party unless such information is required to be disclosed by law, regulation or a similar governmental authority.

9.3 No method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, however, we shall ensure that adequate security mechanisms designed to protect personal data will be used to prevent personal data from being stolen, misused or abused, and to prevent personal data breaches. If you believe your personal data has been compromised, please contact us [email protected].

10. Data Breach

10.1 When we learn of a suspected or actual personal data breach, We shall perform an internal investigation and take appropriate remedial measures in a timely manner. Where there is any risk to the rights and freedoms of data subjects, we will notify the relevant authorities without undue delay and, when possible, within 72 hours.

10.2 In the event that a personal data breach is likely to result in a high risk to the rights and freedoms of the data subject, the data protection officer must ensure that all affected data subjects are informed of the breach without undue delay.

11. Privacy Settings

11.1 Although we may allow you to adjust your privacy settings to limit access to certain personal data, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users with whom you may choose to share your information. We cannot and do not guarantee that information you post on or transmit to the Service will not be viewed by unauthorized persons. We have taken the necessary steps to protect as much as possible your Personal Data in transit by utilizing HTTPS on our Website and TLS 1.2 (a strong protocol), ECDHE_RSA with P-256 (a strong key exchange), and AES_256_GCM (a strong cipher).

12. Data Retention

12.1 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

12.2 We only retain the personal data collected from you for as long as your account is active or otherwise for a limited period of time as long as we need it to fulfill the purposes for which we have initially collected it, unless otherwise required by law.

12.3 Retention periods may vary from a few months in relation to enquiries to over a few years to comply with our legal obligations and in line with our data retention policy, resolve disputes, and enforce our agreements or in order to protect your vital interests or the vital interests of another natural person.

12.4 For payment processing information, Your payment details will be stored for a maximum of eight years. If you wish to remove your saved payment details at any point, this can be facilitated via the GGPoker Cashier.

12.5 We shall ensure that all employees, agents, contractors, sub-contractors, suppliers and any other third party will abide by the retention periods set by us and will be appropriately trained to do so.

13. Data Protection Officer/Representative

13.1 Our data protection representative who is responsible for matters relating to privacy and data protection at GGPoker can be reached at: [email protected]

13.2 In accordance with the applicable legal regulations governing the protection of personal data, each request/inquiry will be responded to within 30 days from the receipt of the request.

13.3 When contacting and posting such requests, we will invest reasonable efforts to confirm your identity and to prevent unauthorized Personal Data processing.

14. Accountability

14.1 We shall be responsible for and be able to demonstrate compliance with the principles outlined above.

14.2 GGPoker shall perform Privacy Impact Assessment (PIA) periodically and/or for any changes to data processing activity according to the NPC Advisory No. 2017-03 (Guidelines on Privacy Impact Assessments).

15. GGPass Service

15.1 GGPass is a service offered to provide You with a Single Sign-On (SSO) for enhanced onboarding and account management across other platforms within the GGNetwork.

15.2 By utilising GGPass to facilitate access to other platforms within the GGNetwork, You agree to the transferring of your data to a third party. The legal basis for the transferring of that data is your Consent. However, the third party acts as a separate Data Controller, and any data processing performed by it, is done independently of Us. If You use GGPass to facilitate the onboarding and account management with a third party, that third party becomes a Data Controller of your Personal Data.

15.3 User information that will be transferred through the GGPass service includes the following (where available):

  • first name
  • surname
  • email address
  • gender
  • address
  • nationality
  • place of birth
  • mobile number
  • date of birth
  • account status
  • player notes
  • Proof of Identity documents (Government ID, Passport)
  • Proof of Address documents (Utility Bills, Bank Statement and Government correspondence)

15.4 By utilizing GGPass, you expressly consent to the processing of your personal data as described herein, authorizing and ratifying the transfer of such data to Group entities for the provision of GGPass services, or to third parties, as chosen by You.

16. Governing Law

16.1 This Policy is intended to comply with the laws and regulations in the Philippines. In the event of any conflict between this Policy and applicable laws and regulations, the latter shall prevail.

17. Changes to this Privacy Policy

17.1 As the Company evolves, there may be the need to update this Policy to keep pace with changes to the website, software, services, business, and Applicable Laws. We will, however, always maintain our commitment to respect the Data Subject’s privacy. We will ensure that we will notify the Data Subjects with any material changes under this Policy by email (the most recent email provided by the Data Subject) or post any other revisions to this Policy along with their effective date, in an easy-to-find area of the website.

18. Validity

18.1 This document is effective as of June 28, 2024.