Privacy Policy

This Privacy Policy ("Policy") describes how aplado ("aplado," "we," "us," or "our"), operator of the online gaming platform at aplado.vip, collects, uses, discloses, stores, and protects the personal data of its users ("Player," "User," or "you").

aplado is committed to processing personal data lawfully, fairly, and transparently in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and all issuances of the National Privacy Commission (NPC) of the Philippines. aplado also complies with applicable data handling requirements imposed by PAGCOR as a condition of its gaming license.

By registering an aplado account, using the Platform, or providing personal data to us in any form, you acknowledge that you have read and understood this Policy and consent to the processing of your personal data as described herein. If you do not consent, you must not use the aplado Platform.

aplado acts as the Personal Information Controller (PIC) in respect of all personal data collected through the Platform, as defined under the Data Privacy Act of 2012. This means aplado determines the purposes and means of processing your personal data.

Where aplado engages third-party service providers to process personal data on its behalf — such as payment processors including GCash and Maya, or identity verification services — those parties act as Personal Information Processors (PIPs) under written agreements that impose data protection obligations consistent with this Policy and applicable Philippine law.

aplado's designated Data Privacy Officer (DPO) oversees compliance with the Data Privacy Act and this Policy. Contact details for the DPO are provided in Section 14.

aplado collects the following categories of personal data, depending on how you interact with the Platform:

3.1 Registration and Identity Data

• Full legal name as it appears on government-issued identification
• Date of birth (to verify the 21+ age requirement under PAGCOR regulations)
• Philippine mobile number or email address
• Username and encrypted password credentials
• Residential address and province/city of residence

3.2 Identity Verification (KYC) Data

• Government-issued photo identification (e.g., Philippine passport, Driver's License, UMID, SSS/GSIS ID, Voter's ID, PhilHealth ID)
• Proof of address documentation (e.g., utility bills, barangay certification)
• Selfie or facial image for document-to-face matching, where required
• Proof of payment method ownership

3.3 Financial and Transaction Data

• Deposit amounts, timestamps, and payment method details (e.g., GCash number, Maya account reference)
• Withdrawal requests, amounts, and processing records
• Betting history, game session records, and win/loss records
• Bonus and promotion redemption records

3.4 Technical and Usage Data

• IP address and approximate geolocation derived from IP
• Device type, operating system, and browser information
• Session timestamps, login history, and access logs
• Cookies, pixel tags, and similar tracking technologies (see Section 8)
• Pages visited, features used, and navigation patterns within the Platform

3.5 Communications Data

• Customer support chat transcripts, emails, and call recordings (where applicable)
• Responsible gaming self-assessment responses and limit-setting records
• Feedback, survey responses, and complaint submissions

aplado collects personal data through the following means:

• Directly from you: When you register an aplado account, complete identity verification, make deposits or withdrawals, contact customer support, participate in promotions, or submit any form on the Platform.
• Automatically via the Platform: Through cookies, server logs, and similar technologies when you access and navigate aplado.vip or any aplado application. See Section 8 for full details on cookies.
• From third-party payment processors: GCash, Maya, BDO, BPI, and other payment partners may share transaction confirmation data with aplado to credit your wallet and maintain accurate financial records.
• From identity verification providers: Third-party KYC service providers engaged by aplado may share verification outcomes and risk scores with aplado as part of the account approval process.
• From fraud prevention and AML screening services: aplado may receive data from sanctions lists, politically exposed persons (PEP) databases, and fraud intelligence services as required under Philippine Anti-Money Laundering Act (AMLA) obligations.

aplado processes your personal data for the following specific, declared purposes:

• Account creation and management: Registering your aplado account, authenticating logins, and maintaining your account profile.
• Age and identity verification: Confirming that you meet the 21+ age requirement as required by PAGCOR and verifying your identity in compliance with AMLA and KYC obligations.
• Payment processing: Processing deposits via GCash, Maya, and other Philippine payment channels, and processing withdrawal requests to your designated payment method.
• Game service delivery: Enabling access to aplado's casino games, bingo, racing, slots, and all other Platform services, and maintaining accurate records of gaming activity.
• Fraud prevention and security: Detecting, investigating, and preventing fraudulent activity, unauthorised account access, money laundering, and other prohibited conduct.
• Regulatory compliance and reporting: Meeting aplado's obligations under PAGCOR's licensing conditions, the AMLA, the Data Privacy Act, and all other applicable Philippine laws and regulations.
• Customer support: Responding to your queries, complaints, and requests, and maintaining records of support interactions.
• Responsible gaming: Administering deposit limits, session reminders, cooling-off periods, and self-exclusion requests; monitoring for indicators of problem gambling behaviour.
• Marketing and promotions (opt-in only): Sending promotional communications, bonus offers, and platform updates to players who have provided explicit consent to receive such communications.
• Platform improvement: Analysing aggregated, anonymised usage data to improve the aplado Platform, optimise game performance, and enhance user experience.

aplado processes personal data only where a lawful basis under the Data Privacy Act of 2012 exists. The applicable legal bases for aplado's processing activities are:

• Contractual necessity: Processing necessary for the performance of the contract between you and aplado — including account registration, payment processing, and game service delivery.
• Legal obligation: Processing required to comply with PAGCOR licensing conditions, AMLA reporting obligations, NPC registration requirements, and other mandatory Philippine legal obligations.
• Legitimate interests: Processing for fraud prevention, platform security, and aggregated analytics where such interests are not overridden by your data protection rights.
• Consent: Processing for marketing communications and any other purpose where consent is the designated legal basis. You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Vital interests / public interest: Processing that may be required in connection with responsible gaming interventions or regulatory reporting where player welfare or public interest considerations apply.

aplado does not sell personal data. Data is shared only in the following limited circumstances, and only to the minimum extent necessary:

7.1 Service Providers (PIPs)

aplado engages third-party service providers who process data on our behalf, including: payment processors (GCash, Maya, BDO, BPI, InstaPay), identity verification and KYC providers, fraud detection and AML screening services, cloud hosting and IT infrastructure providers, and customer support platform vendors. All PIPs are bound by written agreements requiring data protection standards consistent with this Policy.

7.2 Regulatory and Law Enforcement Disclosure

aplado will disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), or other competent Philippine authorities when required by law, court order, or regulatory directive. aplado will also cooperate with lawful law enforcement requests and investigations.

7.3 Business Transfers

In the event of a merger, acquisition, or sale of all or part of aplado's assets, personal data held by aplado may be transferred to the successor entity. Affected players will be notified prior to any such transfer, and the successor will be bound by obligations no less protective than this Policy.

7.4 No Third-Party Marketing Sharing

aplado does not share personal data with third parties for their own marketing or advertising purposes. This restriction applies without exception.

aplado uses cookies and similar technologies (pixel tags, local storage) on the Platform for the following purposes:

• Essential cookies: Required for core Platform functionality — including session management, login authentication, and security. These cannot be disabled without impairing Platform use.
• Functional cookies: Store your preferences (e.g., preferred game category, language settings) to improve your experience on subsequent visits.
• Analytics cookies: Collect anonymised data about how the Platform is used — which pages are visited, how long sessions last, and which features are most popular — to help aplado improve the service.
• Marketing cookies (opt-in): Used only where you have consented, to deliver relevant promotional content about aplado within the Platform. aplado does not use third-party advertising networks.

You can manage cookie preferences through your browser settings. Disabling non-essential cookies will not prevent you from accessing the core aplado Platform.

aplado implements technical, organisational, and physical security measures appropriate to the nature and volume of personal data processed, including:

• Encryption in transit: 256-bit SSL/TLS encryption on all data transmitted between players and aplado's servers.
• Encryption at rest: AES-256 encryption for sensitive personal data and financial records stored in aplado's database systems.
• Access controls: Role-based access restrictions limiting internal access to personal data on a need-to-know basis, with all access logged and auditable.
• Multi-factor authentication: Mandatory MFA for all aplado staff accessing systems containing personal data.
• Penetration testing and security audits: Regular independent security assessments of the Platform and its underlying infrastructure.
• Incident response: A documented data breach response procedure, including NPC notification within 72 hours where a breach is likely to result in serious harm to data subjects, as required under NPC Circular 16-03.

While aplado employs robust security measures, no system is entirely immune to risk. Players are also responsible for maintaining the security of their own account credentials and devices used to access the Platform.

aplado retains personal data for no longer than is necessary to fulfil the purposes for which it was collected, subject to applicable legal retention requirements. The following retention periods apply:

• Account and identity data: Retained for the duration of the account relationship and for five (5) years following permanent account closure, consistent with PAGCOR and AMLA requirements.
• Transaction and betting records: Retained for five (5) years from the date of the transaction, as required under the Revised Implementing Rules of the AMLA.
• KYC documents: Retained for five (5) years following the end of the business relationship, or longer where required by a specific PAGCOR or AMLC directive.
• Customer support records: Retained for two (2) years from the date of the last interaction, or longer if the interaction relates to an ongoing dispute or regulatory matter.
• Marketing consent records: Retained for the duration of the consent period plus one (1) year to demonstrate compliance.
• Analytics data: Anonymised after thirty (30) days and retained in anonymised form indefinitely for platform improvement purposes.

Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised. Data subject to an active legal hold will be retained until the hold is lifted.

Under the Data Privacy Act of 2012, you have the following rights in respect of your personal data held by aplado:

• Right to be Informed: To be notified of the collection and processing of your personal data, the purposes thereof, and the identity of the data controller — as provided in this Policy.
• Right of Access: To request a copy of the personal data aplado holds about you and information about how it is processed.
• Right to Rectification: To request correction of inaccurate or incomplete personal data. You may update most account information directly through your aplado account settings.
• Right to Erasure or Blocking: To request deletion or blocking of your personal data where it is no longer necessary for the purpose it was collected, where consent has been withdrawn, or where processing is unlawful — subject to aplado's overriding legal retention obligations.
• Right to Object: To object to processing based on legitimate interests or for direct marketing purposes. Objection to marketing will be acted upon immediately. Objection to other processing will be assessed against aplado's compelling legitimate grounds or legal obligations.
• Right to Data Portability: To receive your personal data in a structured, commonly used, and machine-readable format where technically feasible and where processing is based on consent or contract.
• Right to Damages: To be indemnified for damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorised use of personal data, consistent with Section 16(f) of the Data Privacy Act.

To exercise any of these rights, submit a written request to aplado's Data Privacy Officer using the contact details in Section 14. aplado will respond within 15 business days of receiving a verifiable request.

aplado's Platform is strictly intended for adults aged 21 years and above, in accordance with PAGCOR regulations governing online gaming in the Philippines. aplado does not knowingly collect personal data from individuals under the age of 21.

If aplado discovers that personal data has been collected from a person under 21 years of age, that account will be immediately suspended, all related personal data will be deleted, and any deposits will be returned to the source payment method net of any bonuses received.

If you are a parent or guardian and believe that a minor under your care has provided personal data to aplado or created an account, please contact aplado's Data Privacy Officer immediately using the details in Section 14.

aplado reviews this Privacy Policy periodically and will update it to reflect changes in our data processing practices, changes in applicable Philippine law, or updated NPC guidance. The date of the most recent revision is displayed at the top of this page.

Material changes to this Policy will be communicated to registered players via email or in-platform notification at least seven (7) days before taking effect, except where a shorter notice period is required by law or regulatory directive. Where changes affect how we process data for which consent is the legal basis, we will seek renewed consent where required.

Continued use of the aplado Platform after the effective date of a revised Policy constitutes acceptance of the updated terms. If you do not accept the revised Policy, you must cease using the Platform and may request account closure and withdrawal of any remaining balance.

For any questions, concerns, or requests relating to this Privacy Policy, the exercise of your data privacy rights, or any data protection matter, please contact aplado's designated Data Privacy Officer:

Data Privacy Officer — aplado
Email: [email protected]
Subject Line: Data Privacy Request
Response Time: Within 15 business days of receipt of a verifiable written request
Support Hours: 24/7, Philippine Standard Time (UTC+8)

For general platform support, visit our FAQ page or contact support through your aplado account dashboard.

For responsible gaming assistance and self-exclusion, please visit our Responsible Gaming page.

For our full Terms of Service, please visit our Terms & Conditions page.