Data Privacy
pinaswin Privacy Policy
This Privacy Policy explains how pinaswin collects, uses, stores, discloses, and protects your personal information when you use our platform. We are committed to handling your data responsibly and in compliance with Philippine data privacy law.
1 Who We Are and Scope of This Policy
pinaswin operates the online gaming platform accessible at pinaswin.vip, offering casino games, sports betting, live dealer tables, bingo, and instant games to eligible Filipino players. For the purposes of Philippine data protection law, pinaswin acts as the personal information controller in respect of personal data collected through the platform.
This Privacy Policy applies to all personal information collected through the pinaswin website, mobile-optimized platform, and any associated communications — including emails, SMS messages, and live chat interactions — between you and pinaswin. It applies to all registered Players and to individuals who browse the platform without registering.
Where pinaswin engages third-party processors (such as payment processors, game providers, and identity verification services) to handle personal data on its behalf, pinaswin ensures that appropriate data processing agreements are in place requiring those parties to maintain the same standard of data protection as pinaswin itself.
2 Categories of Personal Data We Collect
pinaswin collects the following categories of personal information from Players and platform visitors. We do not collect personal data beyond what is necessary for the purposes described in this policy.
| Category | Examples of Data | Collected From |
|---|---|---|
| Identity Data | Full legal name, date of birth, nationality, government-issued ID type and number | Registration form, KYC verification upload |
| Contact Data | Philippine mobile number (+63), email address, city/province of residence | Registration form, account settings updates |
| Financial Data | GCash account reference, Maya account reference, bank account name and number (BPI, BDO, Metrobank), transaction history | Cashier / payment processing flow |
| Gaming Data | Game session records, bet history, game outcomes, bonus usage, wagering activity | Platform activity logs |
| Technical Data | IP address, device type, browser type and version, operating system, session duration, pages visited | Automatic collection via platform access |
| Communications Data | Live chat transcripts, support email correspondence, SMS OTP logs | Customer support interactions |
| Responsible Gaming Data | Self-exclusion status, deposit and loss limits set, cool-off period history, self-reported gambling history | Account settings, support communications |
Sensitive Personal Information
Under RA 10173, certain categories of information are classified as sensitive personal information and attract a higher level of protection. In the context of pinaswin's operations, government-issued ID numbers (required for KYC) constitute sensitive personal information. pinaswin collects this data solely to comply with PAGCOR's mandatory identity verification requirements and applicable anti-money laundering regulations. It is not used for any other purpose without your explicit consent.
3 How We Collect Your Personal Data
pinaswin collects personal data through the following channels:
- Direct collection: Information you provide when registering an account, completing KYC verification, making deposits or withdrawals, contacting support, or updating your account settings;
- Automated collection: Technical data collected automatically when you access the platform, including IP addresses, device identifiers, and browsing behavior, through server logs and analytics tools;
- Third-party sources: Identity verification data cross-referenced through accredited KYC service providers; transaction data from payment processors such as GCash and Maya; fraud detection signals from anti-fraud service partners; and PAGCOR's Exclusion Registry, which pinaswin is required to check as part of its licensing obligations;
- Cookies and similar technologies: Session cookies, preference cookies, and analytics cookies placed on your device when you access the pinaswin platform (see Section 7 for full details).
4 Legal Basis for Processing
Under the Data Privacy Act of 2012 and its Implementing Rules, pinaswin processes personal data on the following legal bases:
- Contractual necessity: Processing required to establish and manage your Player account, process deposits and withdrawals, provide gaming services, and handle support requests — all of which are necessary to deliver the services you have contracted with us to receive;
- Legal obligation: Processing required to comply with PAGCOR's licensing requirements, the Anti-Money Laundering Act (RA 9160, as amended), the Data Privacy Act, and other applicable Philippine laws — including mandatory KYC verification, suspicious transaction reporting to the AMLC, and age verification;
- Legitimate interests: Processing for fraud prevention, platform security, responsible gaming monitoring, and improvement of services, where these interests are not overridden by your rights and freedoms;
- Consent: Processing for direct marketing communications and optional analytics, where your explicit consent has been obtained. You may withdraw consent for marketing at any time by contacting support or updating your notification preferences.
5 How pinaswin Uses Your Personal Data
pinaswin uses personal data collected from Players and platform visitors for the following purposes:
5.1 Account Management and Service Delivery
Your identity and contact data are used to create and maintain your Player account, verify your eligibility (including the mandatory 21+ age check), process login requests, and deliver the gaming services you have requested. Without this data, it is not possible to operate a Player account on the pinaswin platform.
5.2 Payment Processing and Financial Compliance
Financial data — including your GCash or Maya account reference and any linked bank account details — is used exclusively to process deposits, withdrawals, and refunds. pinaswin does not store full payment credentials on its own servers. Payment data is processed by certified payment service providers operating under their own data security standards. Transaction records are retained for the periods required by Philippine tax law and PAGCOR's record-keeping requirements.
5.3 Identity Verification and Anti-Money Laundering Compliance
Government-issued ID data collected during KYC verification is processed for the sole purpose of confirming your identity, age, and eligibility to use pinaswin's services. This processing is mandatory under PAGCOR's licensing conditions and the Anti-Money Laundering Act. pinaswin is required to file suspicious transaction reports (STRs) and covered transaction reports (CTRs) with the Anti-Money Laundering Council (AMLC) where legally required — this is a non-negotiable legal obligation.
5.4 Responsible Gaming and Player Protection
Gaming activity data and responsible gaming settings are used to operate self-imposed limits, monitor for signs of problem gambling behavior, check against PAGCOR's exclusion registry, and comply with pinaswin's responsible gaming obligations. This processing is conducted in the interests of player welfare and in accordance with PAGCOR's requirements for licensed operators.
5.5 Security and Fraud Prevention
Technical data (including IP addresses, device identifiers, and login patterns) is used to detect and prevent fraudulent account access, bonus abuse, multi-accounting, money laundering, and other prohibited activities. This processing is conducted on the basis of pinaswin's legitimate interest in maintaining platform integrity and protecting all Players from harm.
5.6 Communications and Support
Contact data and communications history are used to respond to support requests, send transactional notifications (deposit confirmations, withdrawal status, security alerts), and — where you have consented — to send promotional communications about pinaswin offers and game updates. You may opt out of marketing communications at any time.
5.7 Platform Improvement and Analytics
Aggregated and anonymized technical and gaming data is used to analyze platform performance, improve user experience, and inform product development decisions. Where individual-level analytics are used, this is conducted on the basis of legitimate interests or consent, and you retain the right to object.
6 Data Sharing and Disclosure
pinaswin shares personal data only in the circumstances described below. All sharing is governed by data processing agreements that require recipients to maintain data protection standards consistent with RA 10173.
- Payment processors: GCash (Mynt/G-Xchange), Maya (PayMaya Philippines), BPI, BDO, Metrobank — for the sole purpose of processing your deposits and withdrawals;
- KYC and identity verification providers: Accredited verification service providers used to confirm your identity and cross-reference government ID data for compliance purposes;
- Game content providers: Licensed game studios and platform providers who supply game titles on pinaswin may receive session and bet data in accordance with their operator agreements, solely to facilitate game delivery and audit functions;
- Regulatory and law enforcement authorities: PAGCOR (as the licensing regulator), the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and any other competent Philippine government authority, where disclosure is required by law or lawful order;
- Fraud prevention and security partners: Third-party fraud detection services that process technical data to identify and prevent prohibited platform activity;
- Professional advisors: Legal counsel, auditors, and compliance consultants engaged by pinaswin, bound by confidentiality obligations.
pinaswin does not transfer personal data outside the Philippines except where required by an international regulatory framework applicable to PAGCOR-licensed operators, and only where appropriate safeguards are in place as required by RA 10173.
7 Cookies and Tracking Technologies
The pinaswin platform uses cookies and similar technologies to deliver a functional, secure, and personalized experience. Below is a summary of the cookie categories used:
| Cookie Type | Purpose | Can Be Disabled? |
|---|---|---|
| Strictly Necessary | Maintain login sessions, process transactions, enforce security measures, and operate core platform functions. These cannot be disabled without breaking the platform. | No |
| Functional | Remember your language and display preferences, game lobby layout settings, and responsible gaming tool configurations between sessions. | Yes (with reduced experience) |
| Analytics | Aggregate, anonymized data on platform usage patterns — which game categories are most visited, page load times, error rates — used to improve platform performance. | Yes (via consent settings) |
| Security | Device fingerprinting and session integrity signals used by fraud prevention systems to detect unauthorized access and multi-accounting attempts. | No (required for account security) |
You can manage non-essential cookies through your browser settings. Disabling cookies that are not strictly necessary may affect certain platform features. pinaswin does not use third-party advertising cookies or cross-site tracking technologies.
8 Data Retention
pinaswin retains personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. The following retention periods apply:
- Account and identity data: Retained for the duration of your active account and for a minimum of five (5) years following account closure, in accordance with PAGCOR's record-keeping requirements and the AMLA's retention obligations for covered transactions;
- Financial transaction records: Retained for a minimum of five (5) years from the date of the transaction, as required by the AMLA and Philippine tax regulations;
- Gaming activity records: Retained for the duration of your active account and for three (3) years following account closure, or longer if required for dispute resolution or regulatory investigation;
- KYC and verification documents: Retained for the duration of your active account and for five (5) years following account closure;
- Support communications: Retained for three (3) years from the date of the interaction, unless a longer period is required for ongoing dispute resolution;
- Technical and analytics data: Retained for up to twenty-four (24) months, after which it is aggregated or deleted.
Upon expiry of the applicable retention period, personal data is securely deleted or anonymized in a manner that prevents re-identification. Where data must be retained beyond these periods due to an active legal proceeding, regulatory investigation, or court order, pinaswin will retain only what is necessary and for only as long as required.
9 Data Security Measures
pinaswin implements technical and organizational security measures appropriate to the sensitivity of the personal data processed. These measures include, but are not limited to:
- Transport Layer Security (TLS/SSL) encryption for all data transmitted between your device and the pinaswin platform;
- Encryption at rest for sensitive personal data including government ID numbers and financial account references stored on pinaswin's servers;
- Role-based access controls ensuring that personal data is accessible only to pinaswin personnel who have a legitimate operational need for it;
- Two-factor authentication (2FA) available for Player accounts and mandatory for administrative access to production systems;
- Regular security assessments, penetration testing, and vulnerability scanning conducted in accordance with industry standards;
- Incident response procedures designed to detect, contain, and notify affected parties of any personal data breach within the timeframes prescribed by the National Privacy Commission.
While pinaswin implements robust security measures, no online platform can guarantee absolute security against all possible threats. Players are encouraged to use strong, unique passwords for their pinaswin accounts and to enable two-factor authentication as an additional layer of protection.
10 Your Rights as a Data Subject
Under the Data Privacy Act of 2012 (RA 10173), you have the following rights in relation to your personal data held by pinaswin. To exercise any of these rights, contact our Data Protection Officer (see Section 14).
- Right to be Informed: You have the right to be informed whether pinaswin holds personal data about you, the purposes for which it is processed, and to whom it has been disclosed. This Privacy Policy is the primary mechanism through which pinaswin fulfils this obligation.
- Right to Access: You have the right to request a copy of the personal data pinaswin holds about you, together with information about how it is being used. Requests will be fulfilled within thirty (30) days of receipt.
- Right to Correction: You have the right to request correction of inaccurate or outdated personal data. Where data is used for regulatory compliance purposes (such as KYC records), corrections may require submission of supporting documentation.
- Right to Erasure / Right to be Forgotten: You have the right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you withdraw consent (and no other legal basis applies), or where processing is unlawful. Note that this right may be limited where retention is required by law (e.g., AML and PAGCOR record-keeping obligations).
- Right to Object: You have the right to object to processing conducted on the basis of legitimate interests, including direct marketing. Objections to marketing will be honored immediately; objections to other legitimate-interest processing will be evaluated and a substantive response provided.
- Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to have it transmitted to another controller where technically feasible.
- Right to Damages: You have the right to be indemnified for damages suffered as a result of any inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized processing of your personal data by pinaswin.
- Right to File a Complaint: You have the right to file a complaint with the National Privacy Commission (NPC) of the Philippines if you believe pinaswin has processed your personal data in violation of RA 10173.
11 Children and Minors — Strict 21+ Policy
If pinaswin discovers that personal data has been collected from an individual who was under 21 at the time of registration, the account will be permanently suspended, all data will be deleted (except where retention is required for fraud investigation or regulatory reporting), and any deposited funds will be returned in accordance with pinaswin's account closure procedures.
If you are a parent or guardian and believe that your child or a minor in your care has registered or attempted to register on the pinaswin platform, please contact our support team immediately at [email protected]. We will investigate and take action without delay.
12 Third-Party Links and Embedded Content
The pinaswin platform may contain references to third-party services, such as payment processors, that operate under their own privacy policies. When you initiate a GCash or Maya payment, for example, you are directed to those providers' own interfaces, which are governed by their respective privacy policies.
pinaswin is not responsible for the privacy practices of third-party services. We recommend reviewing the privacy policies of any third-party services you interact with in connection with your pinaswin account. Our provision of a payment method option does not constitute an endorsement of that provider's data practices.
13 Changes to This Privacy Policy
pinaswin may update this Privacy Policy from time to time to reflect changes in our data processing practices, legal obligations, regulatory requirements, or platform features. The "Last Updated" date at the top of this page will be revised whenever material changes are made.
Where changes are material — meaning they significantly affect your rights or our data processing in a manner that could affect you adversely — pinaswin will notify registered Players via the email address or mobile number on file at least fourteen (14) days before the changes take effect. Continued use of the platform after the effective date of a revised Privacy Policy constitutes acceptance of the updated terms.
If you disagree with any changes to this Privacy Policy, you may close your account in accordance with the procedures described in the pinaswin Terms and Conditions. Closing your account will not affect pinaswin's obligation to retain certain data as required by law.
14 Contact Us & Data Protection Officer
pinaswin has designated a Data Protection Officer (DPO) responsible for overseeing compliance with the Data Privacy Act of 2012 and this Privacy Policy. If you have questions about this Privacy Policy, wish to exercise your data subject rights, or need to report a privacy concern, please contact us through the following channel:
pinaswin Data Protection Officer
Available via the 24/7 live chat support feature on the platform.
Email: [email protected]
Subject line: Privacy / Data Subject Request
Regulated by the Philippine Amusement and Gaming Corporation (PAGCOR).
Online gaming in the Philippines is regulated by PAGCOR under its Online Gaming Licensing Program (OGLP).
When submitting a data subject rights request, please include your registered account username, a clear description of your request, and any relevant reference numbers or dates. pinaswin will acknowledge receipt within five (5) business days and provide a substantive response within thirty (30) days, as required by the NPC's guidelines on data subject rights requests.
If you are not satisfied with pinaswin's response to your privacy concern, you have the right to escalate your complaint to the National Privacy Commission of the Philippines.
Data Protection Commitments
How pinaswin Protects Your Privacy
Six specific ways pinaswin treats your personal information with the care and transparency it deserves.
SSL Encryption on All Data
Every piece of data transmitted between your device and the pinaswin platform is protected by TLS/SSL encryption. Your login credentials, payment details, and personal information are never sent in plain text across any network.
No Data Sold to Third Parties
pinaswin does not sell, rent, or otherwise transfer your personal data to external parties for their marketing purposes. Data sharing is limited to what is strictly necessary for service delivery, regulatory compliance, and fraud prevention.
RA 10173 Compliance
pinaswin's data processing practices are designed to comply fully with Republic Act No. 10173 (Data Privacy Act of 2012) and its Implementing Rules, as administered by the National Privacy Commission (NPC) of the Philippines.
Meaningful Data Subject Rights
Your rights to access, correct, delete, and port your personal data are real and exercisable. pinaswin maintains a designated Data Protection Officer and a documented process for handling data subject rights requests within regulatory timelines.
Minimal Data Collection
pinaswin collects only the personal data necessary for the specific purposes described in this policy. We do not gather speculative or unnecessary information. KYC data collected is strictly required by PAGCOR's licensing conditions and the AMLA.
Opt-Out of Marketing Anytime
Promotional communications from pinaswin are always opt-in, and you may withdraw consent and opt out at any time without any effect on your ability to use the platform. Marketing preferences can be updated from your account settings or via the support team.
Play with Confidence
Your Data Is Safe — Now Let's Play
pinaswin is built for Filipino players who value transparency as much as they value a good game. Regulated by PAGCOR. Protected by RA 10173. Powered by GCash.