masaya365 Privacy Policy

1.1 For the purposes of the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations, the data controller responsible for your personal information is masaya365, operating the online gaming platform accessible at masaya365.vip (the "Platform").

1.2 masaya365 is responsible for determining the purposes and means of processing your personal data collected through the Platform. If you have any questions or concerns about how masaya365 handles your personal information, please refer to Section 13 (Contact Us) of this Privacy Policy.

1.3 masaya365 has designated a Data Protection Officer (DPO) in accordance with the requirements of the National Privacy Commission of the Philippines. The DPO can be contacted via the details provided in Section 13.

2.1 masaya365 collects the following categories of personal data from players:

2.2 masaya365 does not intentionally collect sensitive personal information (as defined under the Data Privacy Act) beyond what is strictly necessary for identity verification and regulatory compliance. Where sensitive data is collected, masaya365 applies heightened security and access controls.

3.1 masaya365 collects personal data through the following means:

• Direct interactions: Information you provide when registering an account, completing KYC verification, making deposits or withdrawals, contacting customer support, or participating in promotions.
• Automated technologies: Technical and usage data collected automatically when you access the masaya365 Platform, including through cookies, web beacons, and server logs.
• Third-party sources: Identity verification data from KYC service providers; fraud and risk data from security partners; payment confirmation data from GCash, Maya, and banking partners.

3.2 masaya365 does not purchase personal data from data brokers or third-party marketing lists.

4.1 masaya365 processes your personal data only where a lawful basis exists under the Data Privacy Act of 2012. The primary legal bases relied upon by masaya365 are:

• Contractual necessity: Processing required to provide the masaya365 gaming services you have registered for, including account management, game access, and payment processing.
• Legal obligation: Processing required to comply with Philippine law, including PAGCOR regulatory requirements, Anti-Money Laundering Act (AMLA) obligations, and tax reporting requirements.
• Legitimate interests: Processing for fraud prevention, platform security, responsible gaming monitoring, and service improvement, where these interests are not overridden by your data protection rights.
• Consent: Processing for marketing communications and non-essential cookies, where you have provided explicit consent. You may withdraw consent at any time.

4.2 masaya365 will not use your personal data for purposes incompatible with those described in this Privacy Policy without first obtaining your consent or establishing another lawful basis.

5.1 masaya365 does not sell, rent, or trade your personal data to third parties for their own marketing purposes. masaya365 may share your personal data with the following categories of recipients, strictly on a need-to-know basis:

• Payment processors: GCash (Mynt), PayMaya/Maya, and Philippine banking partners, for the purpose of processing deposits and withdrawals.
• Identity verification providers: Third-party KYC and AML screening services used to verify your identity and comply with Philippine regulatory requirements.
• Technology service providers: Cloud hosting, cybersecurity, and platform infrastructure providers who process data on behalf of masaya365 under strict data processing agreements.
• Regulatory and law enforcement authorities: The Philippine Amusement and Gaming Corporation (PAGCOR), the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other competent Philippine authorities, where disclosure is required by law or court order.
• Professional advisers: Legal counsel, auditors, and compliance consultants, subject to professional confidentiality obligations.

5.2 All third parties with whom masaya365 shares personal data are required to handle that data in accordance with applicable Philippine data protection law and masaya365's data processing standards.

6.1 masaya365 retains personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable Philippine law.

6.2 The following retention periods apply as a general guide:

• Account and identity data: Retained for the duration of your masaya365 account and for a minimum of five (5) years following account closure, in accordance with AMLA record-keeping requirements.
• Financial transaction records: Retained for a minimum of five (5) years from the date of the transaction, as required by Philippine AML regulations.
• Technical and usage data: Retained for up to twenty-four (24) months from collection, unless required for longer periods for security or legal purposes.
• Customer support communications: Retained for up to three (3) years from the date of the communication.

6.3 Upon expiry of the applicable retention period, masaya365 will securely delete or anonymise your personal data in accordance with its data disposal procedures.

7.1 masaya365 implements appropriate technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures include:

• Encryption in transit: All data transmitted between your device and the masaya365 Platform is encrypted using industry-standard TLS/SSL protocols.
• Encryption at rest: Sensitive personal data stored on masaya365 servers is encrypted using AES-256 or equivalent encryption standards.
• Access controls: Access to personal data is restricted to authorised masaya365 personnel and service providers on a strict need-to-know basis, enforced through role-based access controls and multi-factor authentication.
• Intrusion detection: masaya365 employs continuous network monitoring, intrusion detection systems, and regular security audits to identify and respond to potential threats.
• Incident response: masaya365 maintains a documented data breach response procedure. In the event of a personal data breach that poses a risk to your rights and freedoms, masaya365 will notify the National Privacy Commission and affected players in accordance with the timelines prescribed by the Data Privacy Act.

7.2 While masaya365 takes all reasonable steps to protect your personal data, no method of electronic transmission or storage is completely secure. You are responsible for maintaining the confidentiality of your masaya365 account credentials and for notifying masaya365 immediately if you suspect any unauthorised access to your account.

8.1 masaya365 uses cookies and similar tracking technologies to operate and improve the Platform. A cookie is a small text file placed on your device when you visit the masaya365 website. The following categories of cookies are used:

8.2 masaya365 does not use advertising or third-party tracking cookies that share your data with external advertising networks.

8.3 You can manage or delete cookies through your browser settings at any time. Please note that disabling strictly necessary cookies will affect the functionality of the masaya365 Platform.

9.1 Under the Philippine Data Privacy Act of 2012, you have the following rights with respect to your personal data held by masaya365:

• Right to be informed: You have the right to be informed about how masaya365 collects and uses your personal data, as set out in this Privacy Policy.
• Right of access: You have the right to request a copy of the personal data masaya365 holds about you, along with information about how it is being processed.
• Right to rectification: You have the right to request correction of any inaccurate or incomplete personal data masaya365 holds about you.
• Right to erasure: You have the right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to masaya365's legal retention obligations.
• Right to object: You have the right to object to the processing of your personal data where masaya365 relies on legitimate interests as the legal basis, or where your data is used for direct marketing purposes.
• Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that masaya365 transmit that data to another controller where technically feasible.
• Right to lodge a complaint: You have the right to lodge a complaint with the National Privacy Commission of the Philippines if you believe masaya365 has not handled your personal data in accordance with the Data Privacy Act.

9.2 To exercise any of the above rights, please contact the masaya365 Data Protection Officer using the details in Section 13. masaya365 will respond to all verified data subject requests within thirty (30) days of receipt, in accordance with the Data Privacy Act.

9.3 masaya365 may need to verify your identity before processing a data subject request to ensure that personal data is not disclosed to unauthorised parties.

10.1 masaya365 is strictly intended for individuals aged 21 years and above, in accordance with Philippine gambling regulations. masaya365 does not knowingly collect personal data from individuals under the age of 21.

10.2 If masaya365 becomes aware that personal data has been collected from an individual under the age of 21, it will take immediate steps to delete that data and close the associated account. Any funds held in such an account will be handled in accordance with applicable Philippine law.

10.3 If you are a parent or guardian and believe that your child has provided personal data to masaya365, please contact our support team immediately using the details in Section 13.

11.1 masaya365 primarily stores and processes personal data within the Philippines. Where it is necessary to transfer personal data to service providers or infrastructure partners located outside the Philippines, masaya365 will ensure that such transfers are made in compliance with the Data Privacy Act of 2012 and the cross-border data transfer rules issued by the National Privacy Commission.

11.2 masaya365 will only transfer personal data internationally where adequate safeguards are in place, including contractual data processing agreements that impose data protection obligations equivalent to those required under Philippine law.

12.1 masaya365 reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable Philippine law, or regulatory guidance from the National Privacy Commission.

12.2 When material changes are made to this Privacy Policy, masaya365 will notify registered players via the email address associated with their account and will update the "Last Updated" date at the top of this page.

12.3 Your continued use of the masaya365 Platform following the publication of an updated Privacy Policy constitutes your acknowledgement of the changes. If you do not agree to the updated policy, you should stop using the Platform and may close your account in accordance with the masaya365 Terms & Conditions.

13.1 If you have any questions, concerns, or requests relating to this Privacy Policy or the way masaya365 handles your personal data, please contact our Data Protection Officer through any of the following channels:

13.2 masaya365 aims to acknowledge all privacy-related enquiries within two (2) business days and to resolve them within thirty (30) days, in accordance with the Data Privacy Act of 2012.

13.3 If you are not satisfied with masaya365's response to your privacy concern, you have the right to escalate your complaint to the National Privacy Commission of the Philippines.