masaya365 Privacy Policy

masaya365 ("the Company," "we," "us," "our") is the operator of the online gaming platform accessible at masaya365.asia and any associated subdomains or mobile-optimised pages (collectively, the "Platform"). We understand that your personal information is important to you, and we are fully committed to protecting it.

This Privacy Policy ("Policy") explains how masaya365 collects, uses, stores, shares, and protects your personal data when you access or use the Platform, create an account, make deposits or withdrawals, participate in promotions, or interact with our customer support team. It applies to all registered and prospective players of masaya365 located in the Philippines or accessing the Platform from the Philippines.

This Policy should be read alongside the masaya365 Terms & Conditions, which govern the general rules for using the Platform. By using masaya365, you acknowledge that you have read, understood, and agreed to the practices described in this Policy.

For the purposes of the Data Privacy Act of 2012, masaya365 is the personal information controller in respect of the personal data it collects and processes about registered players and website visitors.

As personal information controller, masaya365 determines the purposes for which and the means by which your personal data is processed. masaya365 has designated a Data Protection Officer (DPO) who is responsible for ensuring the Company's ongoing compliance with applicable data privacy laws and for handling data subject requests and privacy-related complaints.

To reach masaya365's Data Protection Officer, players may contact the support team via live chat or email at [email protected] with the subject line "Data Privacy Inquiry."

masaya365 collects only the personal data that is necessary to operate the Platform, comply with legal obligations, and provide you with a secure and personalised gaming experience. The categories of personal data we collect include:

3.1 Identity and Account Data

• Full legal name as it appears on government-issued identification;
• Username chosen at registration;
• Date of birth (for age verification — players must be 21 or older);
• Nationality and country of residence;
• Gender (where provided);
• Copies of government-issued identification documents (e.g., Philippine passport, SSS ID, PhilSys national ID, driver's licence) submitted during KYC verification.

3.2 Contact Data

• Philippine mobile number (used for OTP verification and two-factor authentication);
• Email address (used for account management and communications);
• Residential address (collected during KYC where required for identity verification).

3.3 Financial Data

• GCash or Maya mobile wallet number;
• Bank account name and number for withdrawals via BPI, BDO, UnionBank, or other linked bank accounts;
• Transaction records including deposits, withdrawals, bet amounts, and winnings — required for regulatory and AML compliance;
• Cryptocurrency wallet addresses where applicable.

3.4 Technical and Usage Data

• IP address and approximate geolocation at time of access;
• Device type, operating system, and browser information;
• Session duration and login timestamps;
• Game activity logs including games played, stakes, and outcomes;
• Referral source and marketing attribution data (where applicable).

3.5 Communications Data

• Content of support chat transcripts and email correspondence;
• Feedback, complaints, and dispute records;
• Responses to surveys or promotional opt-ins (where provided).

masaya365 collects personal data through the following means:

• Directly from you — when you register an account, complete KYC verification, make a deposit or withdrawal, contact customer support, or participate in a promotion;
• Automatically — through cookies, web beacons, and similar tracking technologies as you browse and interact with the Platform (see Section 10 — Cookies & Tracking);
• From payment processors — GCash, Maya, BPI, BDO, and other payment service providers may share transaction confirmation data with masaya365 to facilitate account crediting and withdrawal processing;
• From identity verification services — third-party KYC and age verification providers may share verification results with masaya365 as part of the account onboarding process;
• From fraud prevention partners — masaya365 may receive risk signals or flagging information from fraud detection services to protect the Platform's integrity.

masaya365 processes your personal data for the following purposes:

• Account management — creating, maintaining, and managing your masaya365 player account, including login authentication and session management;
• Age and identity verification — confirming that you meet the minimum age requirement of 21 years and that your identity is genuine, as required by PAGCOR;
• Payment processing — facilitating deposits to and withdrawals from your masaya365 wallet via GCash, Maya, bank transfer, or cryptocurrency;
• Regulatory compliance — satisfying PAGCOR's requirements for licensed online gaming operators, including transaction monitoring, KYC retention, and Anti-Money Laundering Council (AMLC) reporting obligations;
• Fraud prevention and security — detecting, investigating, and preventing fraudulent activity, account takeovers, money laundering, and other illegal activities on the Platform;
• Customer support — responding to your inquiries, resolving disputes, and processing complaints;
• Responsible gaming — monitoring gameplay patterns to identify potential problem gambling indicators and administering self-exclusion and limit tools;
• Marketing communications — sending promotional offers, bonus notifications, and news about masaya365 to players who have opted in to receive such communications;
• Platform improvement — analysing usage data and feedback to improve the masaya365 Platform, game library, and user experience;
• Legal proceedings — where necessary, to establish, exercise, or defend legal claims.

Under the Data Privacy Act of 2012, masaya365 processes your personal data on one or more of the following legal bases:

• Performance of a contract — processing necessary to deliver the masaya365 Platform services you have subscribed to, including account management, payment processing, and game provision;
• Compliance with a legal obligation — processing required to fulfil masaya365's obligations under Philippine law, including PAGCOR regulations, the Anti-Money Laundering Act, and the Data Privacy Act;
• Legitimate interests — processing necessary for masaya365's legitimate business interests, such as fraud prevention, Platform security, and service improvement, where such interests are not overridden by your rights;
• Consent — where masaya365 relies on your freely given, specific, informed, and unambiguous consent, such as for the sending of direct marketing communications. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.

masaya365 does not sell, rent, or trade your personal information. We share your data only in the following limited circumstances, and only to the extent necessary for the stated purpose:

• Payment service providers — GCash, Maya, BPI, BDO, UnionBank, Coins.ph, and other processors who require transaction data to process your deposits and withdrawals;
• Game providers — WM Live, Ezugi, Pragmatic Play, PG Soft, Jili, and other certified game studios may receive your anonymised or pseudonymised session data for the purpose of delivering game content and resolving disputes;
• Identity verification and KYC partners — third-party providers who assist in verifying your identity and age as required by PAGCOR;
• Fraud detection and security services — providers of risk management tools who process transactional and behavioural signals to detect suspicious activity;
• Regulatory and law enforcement authorities — PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and law enforcement bodies, where disclosure is required by law or where masaya365 has a legal obligation or legitimate reason to make such disclosure;
• Professional advisers — legal counsel, auditors, and compliance consultants, subject to professional confidentiality obligations;
• Business transfer — in the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity, provided that equivalent data protection standards are maintained.

masaya365 retains your personal data for as long as is necessary to fulfil the purposes for which it was collected, subject to the following retention principles:

• Active accounts — personal data associated with active masaya365 accounts is retained for the duration of the account's active status;
• Closed accounts — following account closure, masaya365 retains core identity data, KYC documentation, and transaction records for a minimum of five (5) years from the date of closure, as required by PAGCOR regulations and the Anti-Money Laundering Act;
• Marketing data — where you have opted in to marketing communications, your marketing preferences and communication history are retained until you withdraw your consent or request deletion, whichever is earlier;
• Support records — customer support transcripts and complaint records are retained for three (3) years from resolution to allow for audit, regulatory review, and dispute resolution purposes;
• Technical logs — server access logs and session data are retained for a period of twelve (12) months for security and fraud prevention purposes, after which they are deleted or anonymised.

Upon the expiry of the applicable retention period, masaya365 will securely delete or anonymise your personal data unless continued retention is required by law or for the establishment, exercise, or defence of legal claims.

masaya365 takes the security of your personal data seriously and implements a range of technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction.

Key security measures employed by masaya365 include:

• SSL/TLS encryption — all data transmitted between your browser and masaya365 servers is encrypted using industry-standard SSL/TLS protocols;
• Password hashing — masaya365 account passwords are stored using strong, salted cryptographic hashing algorithms; we do not store passwords in plain text;
• Two-factor authentication (2FA) — players are offered optional SMS-based 2FA to add a second verification step to the masaya365 login process;
• Access controls — access to personal data within masaya365's systems is restricted on a need-to-know basis; employee access rights are reviewed regularly;
• Intrusion detection and monitoring — masaya365 employs automated monitoring and intrusion detection systems to identify and respond to security threats in real time;
• Data breach response — masaya365 maintains a documented data breach response procedure. In the event of a breach that poses a risk to your rights, masaya365 will notify the National Privacy Commission and affected players within the timeframes required by the Data Privacy Act.

masaya365 uses cookies and similar tracking technologies to operate and improve the Platform, authenticate user sessions, analyse usage patterns, and deliver relevant content.

Types of cookies used by masaya365:

• Essential cookies — strictly necessary for the Platform to function. These include session cookies that maintain your masaya365 login state and security cookies that help detect fraudulent activity. These cannot be disabled without significantly affecting Platform functionality.
• Analytical cookies — used to collect anonymised information about how Players interact with masaya365, which pages are visited most frequently, and where errors occur. This data helps the masaya365 team improve the Platform experience over time.
• Functional cookies — remember your preferences, such as language settings, display preferences, and last-played games, to personalise your experience across sessions.
• Performance cookies — help masaya365 monitor Platform load times, server response, and technical performance to maintain a responsive experience on Philippine mobile networks.

masaya365 does not use third-party advertising cookies for the purpose of tracking you across other websites or displaying targeted advertisements on other platforms.

You may manage or disable non-essential cookies through your browser settings. Note that disabling essential cookies will affect your ability to use the masaya365 Platform, including the ability to maintain a login session.

Under the Data Privacy Act of 2012 of the Philippines, masaya365 players have the following rights in respect of their personal data. To exercise any of these rights, contact masaya365 support via live chat or email at [email protected].

masaya365 is strictly an adults-only platform. In compliance with PAGCOR's requirements for online gambling in the Philippines, only persons who are at least 21 years of age are permitted to register and use the Platform.

masaya365 does not knowingly collect personal data from individuals under the age of 21. Age is verified during the account registration process via OTP mobile verification and, more thoroughly, during the KYC process where a government-issued identification document confirming date of birth is required.

In the event that masaya365 becomes aware that personal data has been collected from an individual who has not yet reached the age of 21, masaya365 will immediately close the associated account, return any verified deposited funds, void any associated winnings, and securely delete all personal data associated with the account as soon as regulatory retention obligations permit.

If you are a parent or guardian and believe that a minor has registered a masaya365 account, please contact support immediately via live chat so that we can investigate and take prompt action.

masaya365 reserves the right to update or modify this Privacy Policy at any time to reflect changes in our data processing practices, applicable laws, or regulatory requirements. The date of the most recent revision is displayed at the top of this Policy.

Where masaya365 makes material changes to this Policy — for example, changes to the categories of data collected, changes to the purposes for which data is used, or changes to the rights available to you — masaya365 will notify registered players via the registered email address or through a prominent notice on the Platform at least seven (7) days prior to the changes taking effect, except where changes are required to comply with urgent legal or regulatory requirements.

Your continued use of the masaya365 Platform after any updated Privacy Policy becomes effective constitutes your acceptance of the updated terms. If you do not agree to the changes, you should cease using the Platform and contact support to close your account.

For any questions, concerns, or requests relating to this Privacy Policy or masaya365's data processing practices, please contact us through the following channels:

• Live Chat: Available 24/7 via the masaya365 website — the fastest way to reach our support team for privacy-related questions.
• Email: [email protected] — please include "Data Privacy Inquiry" or "Data Subject Request" in your subject line for faster routing to our Data Protection Officer.

For formal data subject rights requests, please provide your full registered name, account username, and a clear description of the request. masaya365 may require identity verification before processing any data subject request to protect against unauthorised access to another person's data.