hugph is committed to protecting your personal data in full compliance with the Data Privacy Act of 2012 (Republic Act No. 10173) of the Philippines and PAGCOR's data protection requirements for licensed online gaming operators.
Request a copy of all personal data hugph holds about you at any time via Account Settings or by contacting our DPO.
Request correction of inaccurate or incomplete personal data in your hugph account without undue delay.
Request deletion of personal data subject to hugph's legal retention obligations under PAGCOR and AML regulations.
Object to processing of your data for direct marketing purposes at any time by updating your communication preferences.
Six core commitments that govern how hugph handles every Filipino player's personal data — from the moment you register through every hugph login and game session.
hugph processes all personal data in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173) of the Philippines. Our Data Protection Officer (DPO) is registered with the National Privacy Commission (NPC) and ensures that hugph's data practices remain compliant with all NPC issuances and circulars applicable to online gaming operators.
All personal data transmitted between your device and hugph's servers — including login credentials, payment details, and account information — is protected using 256-bit TLS/SSL encryption. This is the same security standard used by Philippine banks for their online banking platforms. Data at rest within hugph's systems is encrypted using AES-256 encryption.
hugph collects only the personal data necessary for specific, legitimate purposes — primarily account management, payment processing, PAGCOR compliance, and responsible gaming monitoring. hugph does not sell your personal data to third parties for their own commercial use. Data collected for KYC purposes is used exclusively for identity verification and AML compliance.
hugph retains personal data only for as long as necessary for the purpose for which it was collected, or as required by Philippine law. Account data is retained for a minimum of 5 years following account closure to satisfy AML record-keeping requirements under Republic Act No. 9160. Marketing consent data is retained only while consent is active.
As a hugph player and a data subject under Philippine law, you have the right to access, correct, delete, and port your personal data, and to object to certain processing activities. hugph provides dedicated channels for exercising these rights — including a DPO contact address and in-account request tools — and responds to all data subject requests within 30 days.
In the event of a personal data breach that poses a real risk of serious harm to hugph players, hugph will notify affected individuals and the National Privacy Commission within 72 hours of becoming aware of the breach — consistent with NPC Circular 16-03 and the breach notification requirements of RA 10173's Implementing Rules and Regulations.
This Privacy Policy describes how hugph ("hugph," "we," "us," or "our"), the operator of the online gaming platform at hugph.one, collects, uses, stores, shares, and protects the personal data of individuals ("you," "your," or "Player") who access or use the hugph Platform. This Policy is issued in compliance with the Data Privacy Act of 2012 (Republic Act No. 10173) of the Philippines, its Implementing Rules and Regulations, and all applicable issuances of the National Privacy Commission (NPC). By registering a hugph Account, completing your hugph login, or using any hugph service, you acknowledge that you have read and understood this Privacy Policy.
1.1 This Privacy Policy applies to all personal data processed by hugph in connection with: the hugph.one website and all sub-pages; the hugph Account registration and hugph login process; all hugph casino games, bingo sessions, slot play, and sports betting activities; deposit and withdrawal transactions via GCash, Maya, BPI, BDO, Metrobank, InstaPay, and GrabPay; hugph customer support interactions via live chat and email; hugph promotional and marketing communications; and hugph's compliance with PAGCOR licensing and Philippine AML obligations.
1.2 This Policy does not apply to data processing practices of third-party websites that may be linked from hugph.one. hugph is not responsible for the privacy practices of external websites. Players should review the privacy policies of any third-party services they use in connection with hugph, including GCash, Maya, and bank partners.
2.1 The data controller responsible for your personal data processed through the hugph Platform is hugph, the operator of hugph.one. hugph has appointed a Data Protection Officer (DPO) in accordance with Section 21 of RA 10173 and has registered its data processing systems with the National Privacy Commission.
2.2 Contact details for hugph's Data Protection Officer are set out in Section 15 of this Policy. The DPO can be contacted for all matters relating to hugph's personal data processing activities, to exercise your data subject rights, or to raise a concern about hugph's data practices.
3.1 hugph collects and processes the following categories of personal data about Players:
| Category | Examples | Required? |
|---|---|---|
| Identity Data | Full legal name, date of birth, nationality, gender, government ID number and type (PhilSys, SSS, UMID, Driver's License, Passport) | Mandatory (KYC) |
| Contact Data | Philippine mobile number (Globe/Smart/DITO), email address, residential address including barangay, city/municipality, and province | Mandatory |
| Account Data | Username, hashed password, account creation date, session history, device identifiers used at hugph login | Mandatory |
| Financial Data | GCash/Maya account number (partial), bank account details for withdrawal, deposit and withdrawal history, PHP wallet balance history | Mandatory |
| Gaming Data | Game session logs, bet amounts, game outcomes, wagering history, bonus usage, VIP tier status | Mandatory |
| Technical Data | IP address, device type and OS, browser type and version, session duration and timestamps, geolocation (city-level) | Automatic |
| KYC Document Data | Images or scans of government-issued identification documents submitted for identity and age verification | Mandatory (full KYC) |
| Communications Data | Records of customer support interactions via live chat and email, complaint submissions | Automatic |
| Marketing Preferences | Communication opt-in/opt-out status, promotion participation history, preferred contact channel | Optional |
3.2 hugph does not collect sensitive personal information as defined under Section 3(l) of RA 10173 — such as racial or ethnic origin, political opinions, religious beliefs, trade union membership, or health data — except where health information is voluntarily provided in connection with a responsible gaming self-exclusion request, in which case it is processed solely for responsible gaming purposes.
4.1 Directly from You. hugph collects personal data you provide directly during: Account registration; the hugph login and OTP verification process; KYC document upload; deposit and withdrawal requests; completion of responsible gaming preference settings; customer support interactions; and participation in promotions or surveys.
4.2 Automatically During Platform Use. When you access hugph.one or log in to your hugph Account, technical data is collected automatically by hugph's servers and analytics systems — including your IP address, device identifiers, browser characteristics, page views, session duration, and game interaction logs. This collection is technically necessary for platform operation and security monitoring.
4.3 From Third-Party Payment Providers. When you initiate a GCash or Maya deposit or withdrawal, hugph receives transaction confirmation data from those payment providers — including masked account identifiers and transaction reference numbers. hugph does not receive or store full GCash or Maya login credentials. Similar limited data exchange applies to bank transfer transactions via BPI, BDO, Metrobank, InstaPay, and GrabPay.
4.4 From PAGCOR and Regulatory Sources. hugph may receive information about Players from PAGCOR or other Philippine regulatory or law enforcement authorities as part of regulatory compliance activities, including KYC cross-checking, problem gambling registers, and AML screening.
5.1 hugph processes personal data for the following purposes and on the following legal bases under RA 10173:
| Purpose | Legal Basis |
|---|---|
| Account registration, hugph login authentication, and Account management | Performance of contract (Account Agreement) |
| KYC identity and age verification (21+ compliance) | Legal obligation (PAGCOR regulations; RA 10173) |
| Processing deposits and withdrawals via GCash, Maya, and bank channels | Performance of contract |
| Fraud detection, security monitoring, and unauthorized access prevention | Legitimate interest / legal obligation |
| AML screening and suspicious transaction reporting to AMLC | Legal obligation (RA 9160 as amended) |
| PAGCOR regulatory reporting and license compliance | Legal obligation (PAGCOR licensing terms) |
| Responsible gaming monitoring — session tracking, limit enforcement, self-exclusion | Legal obligation / legitimate interest (player protection) |
| Customer support query handling and complaint resolution | Performance of contract / legitimate interest |
| Platform performance analytics and game improvement | Legitimate interest |
| Direct marketing communications (promotional offers, VIP updates) | Consent (separately obtained and withdrawable) |
6.1 hugph does not sell personal data to third parties for their own commercial purposes. hugph shares personal data only with the following categories of recipients, strictly for the purposes described, and subject to confidentiality obligations:
6.2 All third-party service providers who receive hugph player data are contractually required to process that data only for specified purposes, to maintain appropriate security measures, and to comply with RA 10173 requirements applicable to personal information processors.
7.1 Some of hugph's game software providers and IT infrastructure partners operate servers outside the Philippines. Where personal data is transferred to recipients in other countries, hugph ensures that appropriate safeguards are in place as required by Section 21 of RA 10173 — including contractual data transfer agreements that provide equivalent protection to that available under Philippine law.
7.2 hugph maintains a record of all international data transfers and the safeguards applied, which is available for review by the National Privacy Commission upon request. Players may request information about specific international transfers by contacting hugph's DPO.
8.1 hugph retains personal data for no longer than necessary for the purposes for which it was collected, subject to minimum retention periods required by Philippine law:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account and identity data | 5 years from account closure | AML record-keeping (RA 9160) |
| Financial transaction data | 5 years from transaction date | AML / tax obligations |
| KYC documents | 5 years from account closure | PAGCOR / AML requirements |
| Gaming session logs | 3 years from session date | Dispute resolution / PAGCOR |
| Customer support records | 3 years from interaction date | Dispute resolution / legal claims |
| Marketing consent records | Until consent withdrawn + 1 year | Evidence of consent |
| Technical / server logs | 12 months from generation | Security monitoring |
| Self-exclusion records | Duration of exclusion + 5 years | PAGCOR responsible gaming compliance |
8.2 Upon expiry of the applicable retention period, hugph will securely delete or anonymize personal data so that it can no longer be associated with an identifiable individual.
9.1 hugph implements a comprehensive set of technical and organizational security measures to protect personal data against unauthorized access, disclosure, alteration, and destruction:
9.2 While hugph applies industry-standard security measures, no online platform can guarantee absolute security. Players are responsible for maintaining the security of their hugph login credentials and should use the OTP 2FA and session management features available in Account Settings.
10.1 hugph uses cookies and similar tracking technologies on hugph.one for the following purposes:
10.2 hugph does not use third-party advertising cookies or cross-site tracking technologies that share Player data with external advertising networks. All cookies used by hugph are first-party cookies operated exclusively for Platform functionality and security purposes.
10.3 Players may manage cookie preferences through their browser settings. Disabling strictly necessary cookies will affect Platform functionality including the hugph login process.
11.1 As a data subject under the Data Privacy Act of 2012 (RA 10173), you have the following rights with respect to your personal data processed by hugph:
11.2 How to Exercise Your Rights. To exercise any of the above rights, contact hugph's Data Protection Officer using the contact details in Section 15 below. hugph will acknowledge receipt of your request within 5 business days and provide a substantive response within 30 days, consistent with NPC timelines. In cases of complex requests, hugph may extend this period by a further 30 days with notice to you.
11.3 hugph will not charge a fee for processing data subject requests unless requests are manifestly unfounded or excessive. Identity verification may be required before a request is processed to prevent unauthorized disclosure.
12.1 hugph is strictly an adult platform. In compliance with PAGCOR's regulations, access to hugph is limited to individuals aged 21 years and older. hugph does not knowingly collect personal data from individuals under the age of 21.
12.2 hugph's age verification measures — including Philippine mobile number OTP at registration and government ID review at KYC — are specifically designed to prevent access by minors. Any Account found to have been created by or on behalf of a person under 21 years of age will be immediately and permanently closed, and any collected personal data will be deleted except where retention is required by PAGCOR or AML regulations.
12.3 If you become aware that a minor has created a hugph Account or provided personal data to hugph, please contact hugph's DPO immediately so that the data can be deleted and the Account closed without delay.
13.1 hugph sends marketing communications — including promotional offers, bonus announcements, VIP Club updates, and new game launches — only to Players who have given explicit consent to receive such communications at Account registration or through Account Settings.
13.2 Marketing consent is separate from consent to this Privacy Policy and from acceptance of hugph's Terms & Conditions. Declining marketing communications does not affect your ability to hold and use a hugph Account.
13.3 Opting Out. You may withdraw your marketing consent and unsubscribe from hugph marketing communications at any time by: updating your Communication Preferences in Account Settings; clicking the unsubscribe link in any hugph marketing email; or contacting hugph customer support or the DPO directly. Withdrawal of marketing consent will take effect within 48 hours for electronic channels (SMS, email) and within 10 business days for any direct mail.
13.4 hugph sends transactional communications — such as deposit confirmations, withdrawal notifications, OTP messages, and responsible gaming alerts — regardless of marketing consent status, as these are necessary for account operation and player protection.
14.1 hugph reviews this Privacy Policy periodically and may update it to reflect changes in hugph's data practices, changes in applicable Philippine law or NPC regulations, or changes in PAGCOR's data protection requirements for licensed online gaming operators.
14.2 Material changes — defined as changes that significantly affect how hugph processes your personal data or that diminish your data subject rights — will be communicated to registered Players via: a prominent notice on hugph.one for not less than 14 days prior to the change taking effect; and direct notification to the email address registered to your hugph Account.
14.3 The "Effective Date" shown at the top of this Policy will be updated each time the Policy is revised. The version number will also be incremented. Archived versions of previous Privacy Policies are available upon request from hugph's DPO.
14.4 Your continued use of the hugph Platform following the effective date of a revised Privacy Policy constitutes your acknowledgement of the revised terms. If you do not accept a material change, you may close your Account before the change takes effect.
15.1 For all matters relating to this Privacy Policy, the exercise of your data subject rights, concerns about hugph's data processing practices, or to report a potential personal data breach, please contact hugph's Data Protection Officer through the following channels:
15.2 If you are not satisfied with hugph's handling of your data subject request or privacy concern, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines. The NPC's contact details and complaint procedures are published on the NPC's official website at privacy.gov.ph.
Your personal data is protected under RA 10173 and hugph's industry-standard security measures. Register securely and start playing in Philippine Peso with GCash and Maya today.