Phmapalad Privacy Protection Policy
Your Data Security, Our Supreme Mission
Last Updated: April 2025
Continued use of Phmapalad constitutes acceptance of this policy. To withdraw consent, discontinue use immediately.
Core Privacy Commitments
▸ Minimal Collection → Only essential data
▸ Transparent Processing → Clear purpose for each data point
▸ Military-Grade Protection → Multi-layered encryption & monitoring
▸ User Sovereignty → Full control over data flow
Data Collection Scope
| Category | Details | Purpose |
|---|---|---|
| Identity Verification | Name, phone number, KYC documents (ID/passport) | Prevent underage gambling & money laundering |
| Financial Traces | Last 5 digits of bank accounts, crypto wallet addresses, transaction timestamps | AML compliance |
| Behavioral Fingerprints | Device model, IP geolocation, keystroke patterns, gaming preferences | Detect anomalies & personalize services |
| Risk Flags | High-frequency win/loss volatility, multi-account links, cross-platform activity logs | Proactively prevent addiction & fraud |
Data Protection Mechanisms
- Encryption Technology
- Transmission Layer: TLS 1.3 + quantum-resistant key exchange
- Static Data: AES-256 segmented encryption + decentralized cold storage
- Biometrics: Irreversible hash conversion of fingerprints/facial features
- Monitoring Systems
- AI Risk Control: Full-platform transaction scans every 0.5 seconds
- White-Hat Hackers: Monthly penetration tests with bug bounty rewards
- Access Control
- Activity Audits: Blockchain-based immutable logs (retained for 7 years)
- Least Privilege Principle: Only 3 executives have full data access
Data Usage Standards
- Essential Processing
- Real-time win/loss calculations & payout distribution
- Auto-lock for suspicious activities (e.g., 5 failed login attempts)
- Optimization Processing
- Game recommendations based on preferences (disable in Privacy Dashboard)
- “Healthy Gaming Reports” with rest reminders
- Legal Compliance
- Provide transaction records to judicial authorities
- Submit anonymized risk analyses to regulators
User Rights
- Immediate Control
In Privacy Dashboard:
- Set auto-deletion periods (30/90/180 days)
- Disable personalized ad tracking
- Download full data copies (including risk score explanations)
- Formal Requests
Mail to Level 25, Tower A, BGC, Taguig to request:
- Biometric template destruction
- Third-party data sharing audit reports
- Redress Channels
- Emergency Data Shutdown: Suspend all processing for 72 hours
- Cross-Border Complaints: Direct appeals to Singapore PDPC
Cross-Border Data Transfers
| Data Type | Destination | Safeguards |
|---|---|---|
| KYC Documents | Estonia Servers | GDPR SCCs + local backup destruction |
| Transaction Records | Swiss Cold Storage | Air-gapped + military-grade physical security |
| Behavioral Logs | Japan AI Center | Differential privacy + 48h auto-anonymization |
Cookies & Tracking Technologies
- Essential
- Session maintenance (cannot disable)
- CSRF attack prevention (auto-enabled)
- Optional
- Language preference memory (manual deletion)
- Game loading optimization (30% latency reduction)
- Analytical
- Heatmap generation (anonymous device cluster analysis)
- Ad conversion tracking (7-day auto-deletion)
Policy Update Mechanism
- Notifications
- Major Changes: GCash encrypted messages + mandatory login confirmation
- Minor Adjustments: Website banners for 14 days
- Version Comparison
- Policy Time Machine: Compare historical versions
- Multilingual Voice Guide: Supports Tagalog/English/Chinese
Privacy Support System
- Immediate Channels
- Telegram @phmapalad_ph (8-minute average response)
- Emergency Hotline: +63 912 345 6789 (24/7 multilingual service)
- In-Depth Processing
- Submit “Data Impact Assessment Form” → resolved within 48 hours
- Schedule CPO meetings (opens 15th monthly)
Notes: User-Centric Design
▸ Leak Simulation: Personalized protection advice via breach scenarios
▸ Privacy Credit System: Earn gaming tokens for completing security settings