rahaph Privacy Policy

rahaph ("rahaph," "we," "us," or "our") is committed to protecting the privacy and personal data of every player who uses the rahaph online gaming platform at rahaph.app (the "Platform"). This Privacy Policy describes how rahaph collects, uses, stores, discloses, and protects your personal information when you access or use the Platform, register an account, make deposits or withdrawals, participate in games, or interact with our customer support team.

This Privacy Policy applies to all users of the rahaph Platform, including registered players, visitors who browse the Platform without registering, and individuals who contact rahaph through any channel. By accessing the Platform or registering a rahaph account, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your personal data as described herein.

This Privacy Policy should be read together with rahaph's Terms and Conditions, which are incorporated herein by reference. Capitalized terms not defined in this Privacy Policy have the meanings given to them in the Terms and Conditions.

rahaph collects various categories of personal data depending on how you interact with the Platform. The following table summarizes the main categories of personal data we collect and why we collect them:

Where rahaph is required by law or regulation to collect certain personal data and you fail to provide it when requested, rahaph may be unable to provide you with access to the Platform or specific services. rahaph will notify you if this is the case at the time of the request.

rahaph collects personal data through the following methods:

• Direct interactions: Data you provide when registering a rahaph account, completing KYC verification, making deposits or withdrawals, contacting customer support, or responding to surveys and promotions.
• Automated technologies: Technical and usage data collected automatically when you access the Platform, including through cookies, web beacons, pixel tags, and similar tracking technologies. See Section 7 for more details on our use of cookies.
• Third-party sources: Identity and fraud-check data from KYC verification service providers; financial data from payment processors such as GCash, PayMaya, and Philippine banking partners; analytics data from platform analytics providers.
• Publicly available sources: Information from public databases, government registries, or other publicly available sources where necessary for identity verification or fraud prevention purposes.

rahaph uses the personal data we collect for the following purposes:

• Account management: To register and maintain your rahaph account, verify your identity and age (21+ requirement), and manage your account settings and preferences.
• Service delivery: To provide you with access to the Platform's games, betting markets, and features, and to process your deposits and withdrawals in Philippine Peso (PHP).
• Transaction processing: To process and record all financial transactions on your account, including deposits via GCash, PayMaya, BPI, BDO, and Metrobank, and to facilitate withdrawals to your nominated payment method.
• Legal and regulatory compliance: To comply with applicable Philippine laws and regulations, including anti-money laundering (AML) obligations, Know Your Customer (KYC) requirements, and responsible gaming regulations.
• Fraud prevention and security: To detect, investigate, and prevent fraudulent transactions, unauthorized account access, money laundering, and other illegal or prohibited activities on the Platform.
• Responsible gaming: To monitor gaming patterns and identify players who may be at risk of problem gambling, and to administer responsible gaming tools such as deposit limits, cooling-off periods, and self-exclusion.
• Customer support: To respond to your inquiries, complaints, and support requests, and to maintain records of our communications with you.
• Marketing and promotions: To send you information about rahaph promotions, bonuses, and new features, where you have consented to receive such communications. You may opt out at any time.
• Platform improvement: To analyze usage patterns, conduct research, and improve the functionality, performance, and user experience of the rahaph Platform.
• Dispute resolution: To investigate and resolve disputes between players or between a player and rahaph, including the review of game logs and transaction records.

rahaph processes your personal data on the following legal bases under the Data Privacy Act of 2012 and applicable Philippine regulations:

• Contractual necessity: Processing is necessary for the performance of the contract between you and rahaph — specifically, to provide you with access to the Platform, process your transactions, and manage your account.
• Legal obligation: Processing is necessary for rahaph to comply with applicable legal and regulatory obligations, including AML laws, KYC requirements, tax reporting obligations, and gaming regulations.
• Legitimate interests: Processing is necessary for rahaph's legitimate business interests, including fraud prevention, platform security, responsible gaming monitoring, and service improvement, provided that such interests are not overridden by your rights and interests.
• Consent: For certain processing activities — such as sending marketing communications or using non-essential cookies — rahaph relies on your freely given, specific, informed, and unambiguous consent. You have the right to withdraw your consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

rahaph does not sell, rent, or trade your personal data to third parties for their own marketing purposes. We may share your personal data with the following categories of recipients, strictly on a need-to-know basis and subject to appropriate data protection safeguards:

• Payment processors: GCash, PayMaya, BPI, BDO, Metrobank, and other Philippine payment service providers, for the purpose of processing your deposits and withdrawals.
• KYC and identity verification providers: Third-party service providers that assist rahaph in verifying your identity, age, and the authenticity of documents submitted during the KYC process.
• Game providers: Third-party game software providers whose games are available on the rahaph Platform, to the extent necessary for the provision of those games and the resolution of game-related disputes.
• IT and platform service providers: Cloud hosting providers, cybersecurity firms, and other technology service providers that support the operation and security of the rahaph Platform.
• Analytics providers: Service providers that help rahaph analyze Platform usage and improve user experience, subject to appropriate data anonymization or pseudonymization measures.
• Regulatory and law enforcement authorities: Government agencies, regulators, law enforcement bodies, and courts in the Philippines, where rahaph is required by law to disclose your personal data, or where disclosure is necessary to protect the rights, property, or safety of rahaph, its players, or the public.
• Professional advisers: Lawyers, auditors, accountants, and other professional advisers who provide services to rahaph, subject to binding confidentiality obligations.

All third parties with whom rahaph shares personal data are required to process that data in accordance with applicable data protection laws and rahaph's data processing requirements. rahaph remains responsible for ensuring that your personal data is handled appropriately by our service providers.

rahaph uses cookies and similar tracking technologies to enhance your experience on the Platform, analyze usage patterns, and support Platform security. A cookie is a small text file placed on your device when you visit the Platform. The following types of cookies are used on rahaph:

• Strictly necessary cookies: Essential for the Platform to function correctly. These include session cookies that keep you logged in to your rahaph account and security cookies that help protect against fraudulent activity. These cookies cannot be disabled.
• Functional cookies: Allow the Platform to remember your preferences, such as your preferred language, display settings, and responsible gaming limits. Disabling these cookies may affect Platform functionality.
• Analytics cookies: Help rahaph understand how players use the Platform by collecting aggregated, anonymized data about page visits, session duration, and feature usage. This data is used solely to improve the Platform.
• Marketing cookies: Used to deliver relevant promotional content about rahaph to you, based on your interests and Platform activity. These cookies are only placed with your consent.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of the rahaph Platform. For more information on managing cookies, refer to your browser's help documentation.

rahaph retains your personal data for as long as is necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements. The following general retention periods apply:

• Account data: Retained for the duration of your active account and for a minimum of five (5) years following account closure, in accordance with Philippine AML and gaming regulatory requirements.
• Transaction records: Retained for a minimum of five (5) years from the date of the transaction, as required by Philippine financial regulations.
• KYC documents: Retained for a minimum of five (5) years following the end of the business relationship, or longer if required by applicable law.
• Customer support communications: Retained for a minimum of two (2) years from the date of the last communication, or longer if the communication relates to an ongoing dispute or legal matter.
• Marketing consent records: Retained for the duration of your consent and for a reasonable period thereafter to demonstrate compliance.

When personal data is no longer required for the purposes for which it was collected and no legal obligation requires its continued retention, rahaph will securely delete or anonymize that data in accordance with our data disposal procedures.

rahaph takes the security of your personal data seriously and implements a comprehensive set of technical and organizational measures to protect your data against unauthorized access, disclosure, alteration, loss, or destruction. Our security measures include:

• 256-bit SSL/TLS encryption: All data transmitted between your device and the rahaph Platform is encrypted using industry-standard SSL/TLS protocols.
• Encryption at rest: Sensitive personal data stored on rahaph's servers, including financial data and government ID information, is encrypted at rest using AES-256 encryption.
• Access controls: Access to personal data is restricted to rahaph personnel and authorized service providers who have a legitimate need to access it. All access is logged and monitored.
• Two-factor authentication: rahaph supports two-factor authentication (2FA) for player accounts via Philippine mobile numbers, providing an additional layer of account security.
• Regular security audits: rahaph conducts regular security assessments, penetration testing, and vulnerability scans to identify and address potential security weaknesses.
• Staff training: All rahaph personnel who handle personal data receive regular data privacy and security training.

While rahaph implements robust security measures, no method of transmission over the internet or electronic storage is completely secure. You are responsible for maintaining the confidentiality of your rahaph account credentials and for ensuring the security of the device you use to access the Platform.

As a data subject under the Data Privacy Act of 2012 of the Philippines, you have the following rights with respect to your personal data held by rahaph:

To exercise any of your data privacy rights, please contact rahaph's Data Protection Officer using the contact details provided in Section 15 of this Privacy Policy. rahaph will respond to all verified data subject requests within thirty (30) days of receipt, in accordance with the Data Privacy Act of 2012. In complex cases, this period may be extended by a further thirty (30) days, and you will be notified accordingly.

The rahaph Platform is strictly intended for adults aged 21 years and above, in accordance with Philippine gaming regulations. rahaph does not knowingly collect, process, or store personal data from individuals under the age of 21. If rahaph becomes aware that personal data has been collected from a person under 21 years of age, we will take immediate steps to delete that data and close the associated account.

rahaph encourages parents and guardians to use parental control software and to monitor their children's online activity to prevent access to online gaming platforms. The 21+ age restriction is strictly enforced through our KYC verification process.

rahaph primarily processes and stores personal data within the Philippines. However, some of our third-party service providers — including cloud hosting providers, game software providers, and analytics platforms — may process personal data outside of the Philippines.

Where personal data is transferred outside the Philippines, rahaph ensures that appropriate safeguards are in place to protect your data, including:

• Transferring data only to countries or organizations that provide an adequate level of data protection as recognized under Philippine law.
• Implementing contractual data protection clauses with all international service providers that require them to process personal data in accordance with the Data Privacy Act of 2012 and rahaph's data protection standards.
• Conducting due diligence on all international service providers to verify their data security practices before engaging their services.

By using the rahaph Platform, you acknowledge and consent to the transfer of your personal data to countries outside the Philippines where necessary for the provision of the Platform's services, subject to the safeguards described above.

The rahaph Platform may contain links to third-party websites or services. This Privacy Policy applies solely to the rahaph Platform and does not cover the privacy practices of any third-party websites or services. rahaph is not responsible for the privacy practices, content, or data handling of any third-party websites, even if they are accessible via a link on the rahaph Platform.

We encourage you to review the privacy policies of any third-party websites you visit. The inclusion of a link to a third-party website on the rahaph Platform does not constitute an endorsement of that website or its privacy practices by rahaph.

rahaph reserves the right to update, modify, or replace this Privacy Policy at any time to reflect changes in our data processing practices, applicable laws and regulations, or the features and services offered on the Platform. The date of the most recent revision is indicated at the top of this page.

When material changes are made to this Privacy Policy, rahaph will notify registered players via the email address or mobile number associated with their account, or by posting a prominent notice on the Platform. Your continued use of the rahaph Platform following the effective date of any updated Privacy Policy constitutes your acceptance of the revised policy.

We encourage you to review this Privacy Policy periodically to stay informed about how rahaph collects, uses, and protects your personal data.

If you have any questions, concerns, or requests regarding this Privacy Policy or rahaph's handling of your personal data, please contact our Data Protection Officer (DPO). Our DPO is responsible for overseeing rahaph's compliance with the Data Privacy Act of 2012 and this Privacy Policy.

You may reach our Data Protection Officer by email at: [email protected]

For general customer support inquiries, you may contact our support team at: [email protected]

rahaph aims to respond to all privacy-related inquiries and data subject requests within thirty (30) days of receipt. If you are not satisfied with rahaph's response to your privacy concern, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines.