aplado Privacy Policy

1. Introduction

This Privacy Policy applies to all personal data collected by aplado through the aplado.club website and all associated platform services, including casino games, sports betting, bingo, live dealer games, and customer support channels. It applies to all registered players regardless of their location within the Philippines — whether in Manila, Cebu, Davao, Quezon City, Makati, or any other province or region.

This Policy should be read alongside aplado's Terms & Conditions and Responsible Gaming Policy, all of which together form the complete framework governing your relationship with aplado. Capitalised terms not defined in this Policy have the meaning given to them in aplado's Terms & Conditions.

aplado processes personal data as a data controller under the Philippine Data Privacy Act of 2012 (DPA 2012) and the implementing rules issued by the National Privacy Commission (NPC). aplado is also subject to PAGCOR's data handling requirements as a regulated gaming operator.

2. Data Controller

For the purposes of the DPA 2012, the data controller responsible for your personal data is aplado, operated at aplado.club. All data-related queries, access requests, correction requests, and deletion requests should be directed to aplado's designated Data Protection Officer (DPO) using the contact details in Section 14 of this Policy.

aplado maintains a data processing register in accordance with NPC requirements. This register documents all categories of personal data processed, the purposes for which they are processed, and the legal bases relied upon.

3. Data We Collect

3.1 Registration Data

When you create an aplado account, we collect the following information:

• Full legal name (as it appears on your government-issued ID);
• Date of birth (for age verification — aplado requires players to be 21 or older);
• Philippine mobile number and/or email address;
• Residential address within the Philippines;
• Username and hashed password.

3.2 Identity Verification (KYC) Data

For Know Your Customer (KYC) compliance required under PAGCOR regulations and the Anti-Money Laundering Act (AMLA), aplado may collect:

• Copies of government-issued photo ID (SSS ID, UMID, PhilSys National ID, driver's licence, passport, or equivalent);
• Proof of address (utility bill, bank statement, or similar document with your Philippine address);
• Selfie or live photo for identity confirmation in specific circumstances.

3.3 Financial Data

aplado collects transaction-related data including deposit amounts, withdrawal requests, payment method identifiers (e.g., GCash number, bank account last digits), transaction timestamps, and balances. aplado does not store full bank account numbers or complete GCash credentials — payment processing is handled via secure third-party payment gateways.

3.4 Gaming Activity Data

aplado records game session data including game titles accessed, wagers placed, outcomes, bonus activations, session durations, and responsible gaming tool usage. This data is necessary for regulatory compliance, dispute resolution, and responsible gaming monitoring.

3.5 Technical Data

When you access aplado, we automatically collect certain technical information including your IP address, device type and operating system, browser type and version, pages visited within aplado, session duration, and referring URL. This data is used for security, fraud prevention, and platform performance optimisation.

3.6 Communications Data

aplado retains records of your communications with our support team, including live chat transcripts, emails, and any documents you submit during a support interaction. These records are retained for quality assurance, training, and dispute resolution purposes.

4. How We Use Your Data

aplado uses the personal data described in Section 3 for the following purposes:

• Account management: Creating, maintaining, and securing your aplado player account;
• Age and identity verification: Confirming that you meet aplado's 21+ age requirement and verifying your identity as required by PAGCOR and AMLA;
• Payment processing: Facilitating deposits and withdrawals through GCash, Maya, BPI, BDO, Metrobank, and other accepted payment methods;
• Game delivery: Providing access to aplado's casino games, live dealer tables, bingo, and sports betting services;
• Regulatory compliance: Meeting aplado's obligations under PAGCOR licensing conditions, the AMLA, and the DPA 2012;
• Responsible gaming: Monitoring gaming patterns to identify potential problem gambling behaviours and providing appropriate interventions or resources;
• Fraud and security: Detecting and preventing fraudulent activity, money laundering, account takeovers, and other security threats;
• Customer support: Responding to your enquiries, resolving disputes, and improving our support services;
• Marketing communications: Sending promotional offers, bonus notifications, and platform updates — only where you have provided consent and subject to your opt-out rights;
• Platform improvement: Analysing aggregated, anonymised usage data to improve aplado's user experience, game library, and technical performance.

5. Legal Basis for Processing

aplado processes your personal data on the following legal bases under the DPA 2012:

• Contractual necessity: Processing required to perform our contract with you — providing the aplado platform, processing payments, and managing your account;
• Legal obligation: Processing required to comply with PAGCOR licensing conditions, AMLA obligations, tax requirements, and NPC regulations;
• Legitimate interests: Processing for fraud prevention, platform security, and responsible gaming monitoring, where these interests are not overridden by your privacy rights;
• Consent: Processing for direct marketing communications, where we rely on your explicit, freely given consent. You may withdraw this consent at any time by contacting aplado support.

6. Data Sharing & Third Parties

6.1 Service Providers

aplado shares personal data with carefully selected third-party service providers who assist in operating the platform. These include payment gateway operators (for processing GCash, Maya, and bank transactions), game software providers, cloud infrastructure providers, KYC verification service providers, and customer support technology providers. All service providers are contractually bound to process your data only on aplado's instructions and in accordance with the DPA 2012.

6.2 Regulatory Authorities

aplado is required to share player data with PAGCOR and other Philippine government agencies (including the AMLC) where required by law, court order, or regulatory obligation. aplado will not share data beyond what is legally required in these circumstances.

6.3 No Sale of Data

aplado does not sell, rent, license, or otherwise transfer your personal data to third parties for their own commercial or marketing purposes. Your data is not a product — it is information held in trust by aplado for the purposes described in this Policy.

7. Cookies & Tracking Technologies

aplado uses cookies and similar tracking technologies to operate and improve the platform. These include:

• Essential cookies: Required for platform functionality including session management, authentication, and security. These cannot be disabled without preventing use of aplado;
• Analytical cookies: Used to understand how players interact with aplado — which pages are visited most, how long sessions last, and where technical issues occur. Data is aggregated and anonymised;
• Preference cookies: Store your language preferences, responsible gaming settings, and display preferences to personalise your aplado experience.

You can manage cookie preferences through your browser settings. Disabling non-essential cookies will not affect your core aplado gaming experience but may affect personalisation features.

8. Data Retention

aplado retains personal data for as long as necessary to fulfil the purposes described in this Policy and to comply with applicable legal and regulatory obligations. Specific retention periods include:

• Account data: Retained for the duration of your active aplado account and for five (5) years following account closure, in accordance with PAGCOR record-keeping requirements;
• Financial transaction records: Retained for a minimum of five (5) years from the date of the transaction in compliance with AMLA requirements;
• KYC documents: Retained for five (5) years post-account closure or as required by applicable PAGCOR and AMLA regulations;
• Support communications: Retained for two (2) years from the date of the interaction;
• Technical logs: Retained for ninety (90) days for security and fraud investigation purposes.

Following the expiry of applicable retention periods, aplado will securely delete or anonymise your personal data in accordance with NPC guidelines.

9. Data Security

aplado implements appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:

• SSL/TLS encryption for all data transmitted between your device and aplado's servers;
• Cryptographic hashing of passwords — aplado never stores your password in recoverable plain text;
• Multi-factor authentication options for account access;
• Role-based access controls limiting aplado staff access to personal data on a need-to-know basis;
• Regular security audits and penetration testing of aplado's technical infrastructure;
• Incident response procedures in accordance with NPC breach notification requirements.

In the event of a personal data breach that is likely to pose a real risk to your rights and freedoms, aplado will notify the NPC within seventy-two (72) hours of becoming aware of the breach, and will notify affected players without undue delay.

10. Your Data Rights

As a data subject under the DPA 2012, you have the following rights with respect to your personal data held by aplado:

• Right to be informed: You have the right to know what personal data aplado holds about you and how it is used — this Policy fulfils that obligation;
• Right of access: You may request a copy of the personal data aplado holds about you. aplado will respond within a reasonable period, typically within thirty (30) days;
• Right to rectification: You may request correction of inaccurate or incomplete personal data. Corrections can be requested via live chat or email;
• Right to erasure: You may request deletion of your personal data where it is no longer necessary for the purposes collected, subject to aplado's legal retention obligations;
• Right to object: You may object to processing based on aplado's legitimate interests, including direct marketing communications. You may opt out of marketing at any time;
• Right to data portability: You may request your personal data in a structured, commonly used, machine-readable format where processing is based on consent or contract;
• Right to lodge a complaint: You have the right to file a complaint with the National Privacy Commission (NPC) if you believe aplado has violated your data privacy rights under the DPA 2012.

To exercise any of these rights, please contact aplado via live chat within your account or by email using the contact details in Section 14.

11. Children's Privacy

aplado's platform is strictly for persons aged 21 and above in accordance with PAGCOR regulations and Philippine law. aplado does not knowingly collect personal data from individuals under 21 years of age. If aplado becomes aware that personal data has been collected from an underage individual, the account will be immediately suspended, all data reviewed, and if the individual is confirmed to be under 21, their data will be deleted and any deposits returned in accordance with applicable regulatory requirements.

12. Third-Party Links & Services

The aplado platform may contain references to third-party payment providers (GCash, Maya, BPI, BDO, etc.) and game software providers. While aplado selects these partners carefully, aplado is not responsible for the data privacy practices of third-party platforms. When you interact with a third-party payment system, the privacy policy of that third party governs the data you provide to them directly.

13. Changes to This Privacy Policy

aplado may update this Privacy Policy from time to time to reflect changes in our data processing practices, applicable laws, or regulatory requirements. Material changes will be communicated to registered aplado players via the mobile number or email address on file, and the "Last updated" date at the top of this page will be revised accordingly.

Your continued use of the aplado platform following notification of changes constitutes your acceptance of the updated Privacy Policy. If you do not agree with any changes, you may request account closure and data deletion as described in Section 10.

14. Contact & Data Protection Officer

For any privacy-related queries, data access requests, correction requests, deletion requests, or complaints, please contact aplado's Data Protection Officer:

• Email: [email protected] (plain text — not a clickable link)
• Subject Line: Include "Privacy Request" or "DPA Query" in your subject line for prioritised handling
• Live Chat: Available 24/7 inside your aplado account dashboard
• Response Time: Within ten (10) Philippine business days for data rights requests; within two (2) business days for general privacy queries

Alternatively, if you are not satisfied with aplado's response, you have the right to lodge a complaint directly with the National Privacy Commission of the Philippines (NPC). Information about NPC complaint procedures is available via the NPC's official publications and public resources.