Privacy Policy – robet Philippines Online Casino

01

Introduction

robet ("we", "us", "the Platform", "robet") is an online gaming platform operating at robet.bio, serving players in the Philippines. As a Philippines-first platform, robet is deeply committed to protecting the privacy and personal data of every registered player and site visitor.

This Privacy Policy describes in plain, specific terms how robet collects, uses, stores, shares, and protects your personal data. It is written in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and the guidelines issued by the National Privacy Commission (NPC) of the Philippines.

The personal information you share with robet — your name, mobile number, GCash account, government ID — is treated with the same care you expect from a Philippine bank. It is never used for purposes you haven't been informed about, and it is never sold. That is the baseline robet commits to in this document.

robet may update this Privacy Policy from time to time. The most current version is always available at robet.bio/privacy-policy with the "Last Updated" date displayed prominently at the top of the page.

02

Data Controller Identity

For the purposes of the Philippine Data Privacy Act of 2012 and this Privacy Policy, robet is the personal information controller responsible for the personal data of registered Players and visitors to the robet.bio platform.

robet has designated a Data Privacy Officer (DPO) as required by the NPC. The DPO is responsible for overseeing robet's compliance with RA 10173, handling data subject requests, and managing data breach notifications in accordance with NPC requirements.

You may contact robet's Data Privacy Officer directly at the email address provided in Section 15 of this Privacy Policy, using "Data Privacy — DPO" in the subject line of your communication. The DPO will respond to all qualifying data subject requests within thirty (30) calendar days of receipt.

03

Personal Data We Collect

robet collects personal data across several categories. The specific data collected depends on the nature of your interaction with the platform — a registered Player will have more data collected than an anonymous visitor browsing the site without an account.

Category	Specific Data Points	Collection Trigger
Identity Data	Full legal name, date of birth, government ID number and type, selfie photograph	Account registration; KYC verification
Contact Data	Philippine mobile number (Globe/Smart/DITO), email address, residential address	Account registration; address verification
Financial Data	GCash number, Maya account ID, bank account name/number (BPI, BDO, UnionBank), deposit and withdrawal transaction records	Deposit/withdrawal processing; KYC
Gaming Activity Data	Game session records, bet amounts, win/loss history, bonus utilization, wagering activity logs	Ongoing platform use
Technical Data	IP address, device type and OS, browser type and version, session tokens, login timestamps, geolocation (approximate)	Platform access; security systems
Communication Data	Live chat transcripts, email correspondence, support ticket content	Customer support interactions
Preferences Data	Language preference, responsible gaming tool settings, marketing communication preferences	Account settings; player-initiated changes

robet does not collect sensitive personal information — as defined under Section 3(l) of RA 10173 — such as race, religion, health records, political affiliations, or biometric data beyond what is strictly necessary for identity verification purposes.

04

How We Collect Your Data

robet collects personal data through the following channels and mechanisms:

Direct Collection Information you provide directly when registering an account, completing KYC verification, contacting customer support, or updating your account settings. This includes your name, mobile number, email address, ID documents, and payment details.

Automated Collection Technical data collected automatically when you access the robet platform, including your IP address, device identifiers, browser information, session data, and platform interaction logs. This data is collected through server logs and cookies as described in Section 8.

Third-Party Collection robet may receive personal data about you from third-party service providers in limited circumstances, including: identity verification results from KYC processing partners; fraud and anti-money laundering screening data from compliance providers; and payment confirmation data from GCash, Maya, BPI, BDO, and UnionBank. All third-party data sharing is governed by contractual data processing agreements.

Platform Behavioral Collection Gaming activity data, including the games you play, bet amounts placed, and session durations, is generated automatically as a byproduct of your use of the robet gaming platform. This data is used for account management, responsible gaming monitoring, and platform improvement.

05

Purposes of Data Processing

robet processes your personal data for the following specific, legitimate purposes:

Account Management: Creating, maintaining, and operating your robet account, including processing deposits, withdrawals, and your gaming activity across all platform categories;
Identity Verification (KYC): Verifying your identity and age (21+) in compliance with PAGCOR licensing requirements and Philippine anti-money laundering regulations;
Payment Processing: Processing deposits and withdrawals via GCash, Maya, BPI, BDO, UnionBank, and other supported payment methods, including communicating with those payment providers to complete transactions;
Fraud Prevention and Security: Detecting, investigating, and preventing fraudulent activity, money laundering, unauthorized account access, and other illegal or prohibited conduct on the robet platform;
Regulatory Compliance: Meeting robet's obligations under Philippine law, including PAGCOR licensing conditions, the Anti-Money Laundering Act (RA 9160 as amended), and the Data Privacy Act (RA 10173);
Responsible Gaming: Monitoring gaming activity to identify potential signs of problem gambling and activating responsible gaming tools including deposit limits, session limits, and self-exclusion where necessary or requested;
Customer Support: Responding to your inquiries, resolving disputes, and providing assistance through live chat and email support channels;
Platform Improvement: Analyzing aggregate, anonymized usage data to improve platform performance, game selection, and user experience;
Communications: Sending service-related notifications including transaction confirmations, security alerts, and updates to robet's terms or policies. Marketing communications are sent only where you have given express consent, and may be withdrawn at any time.

06

Legal Bases for Processing

Under the Philippine Data Privacy Act of 2012, robet processes your personal data on the following legal bases, each applicable to different categories of processing activity:

Contractual Necessity: Processing necessary to perform the contract between robet and you as a registered Player — including account management, payment processing, and game service delivery — is carried out on this basis;
Legal Obligation: Processing required by Philippine law, including KYC/AML obligations under PAGCOR regulations and the Anti-Money Laundering Act, is carried out to fulfill robet's mandatory legal obligations as a licensed gaming operator;
Legitimate Interest: Processing for fraud prevention, platform security, and internal analytics is carried out on the basis of robet's legitimate interest in operating a secure, fair, and legally compliant gaming platform, where such interests are not overridden by your fundamental rights;
Consent: Processing for marketing communications, optional personalization features, and non-essential cookies is carried out only with your prior, informed, and freely given consent. You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

07

Sharing Your Personal Data

robet shares your personal data only with the following categories of recipients, and only to the extent strictly necessary for the stated purpose:

KYC and Identity Verification Partners robet works with licensed KYC processing service providers to verify the identity documents and age declarations submitted during account verification. These partners receive only the identity data necessary to perform their specific verification function and are contractually prohibited from using it for any other purpose.

Payment Processors To process deposits and withdrawals, robet shares necessary transaction data with payment service providers including GCash, Maya, BPI, BDO, UnionBank, 7-Eleven (via payment network), Coins.ph, and the USDT TRC20 network. These entities receive only the transaction-specific data required to process your payment instruction.

Game Content Providers Licensed game providers (JILI, Pragmatic Play, PG Soft, Evolution Gaming, SA Gaming, and others) receive a session token and anonymized player identifier when you launch a game. They do not receive your full name, government ID, mobile number, or financial details. Game results and session data generated by providers are returned to robet and stored in your account.

Regulatory and Law Enforcement Authorities robet will disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission, and other competent Philippine government authorities where required by law, court order, or regulatory direction. robet will notify affected Players of such disclosures where permitted by law.

robet does not share personal data with advertising networks, data brokers, or any other commercial third parties for purposes unrelated to the operation of the robet platform.

We Do Not Sell Your Data. robet has never sold, rented, or commercially transferred personal data to any third party and has no intention of doing so. Your personal data is processed for the operation of your robet account and for compliance with Philippine law — nothing else.

08

Cookies and Tracking Technologies

robet uses cookies and similar tracking technologies to operate the platform and improve your experience. A cookie is a small text file stored on your device when you visit a website. robet uses the following categories of cookies:

Strictly Necessary Cookies: Essential for the operation of the robet platform — session authentication, security tokens, and load balancing. These cannot be disabled without affecting platform functionality;
Functional Cookies: Remember your preferences such as language settings, lobby layout preferences, and responsible gaming tool settings. These persist between sessions to avoid you having to re-enter preferences each time you log in;
Analytical Cookies: Aggregate and anonymized data on how players use the platform — which pages load slowest, which game categories are most visited — used solely to improve platform performance. These are set only with your consent;
Security Cookies: Support robet's fraud detection and account security systems, including detection of unusual login patterns and multi-device activity flags.

robet does not use third-party advertising cookies or allow external advertising networks to set cookies on the robet platform. You may manage your cookie preferences through your browser settings, though disabling strictly necessary cookies will affect your ability to log in and use the platform.

09

Data Security Measures

robet employs a layered security architecture to protect your personal data from unauthorized access, disclosure, alteration, or destruction. The following technical and organizational measures are in place:

Encryption in Transit: All data transmitted between your device and robet's servers is encrypted using Transport Layer Security (TLS 1.3 or higher). This applies to all platform pages and API calls, including login, deposit, and game launch requests;
Encryption at Rest: Personal data stored in robet's databases is encrypted using AES-256, including government ID images, KYC documents, and financial records;
Access Controls: Access to personal data is restricted to robet employees who require it to perform their specific job function. Access logs are maintained and reviewed regularly. No employee has unrestricted access to all personal data categories;
Penetration Testing: robet's platform infrastructure undergoes periodic penetration testing and vulnerability assessment by qualified security professionals to identify and remediate potential weaknesses before they can be exploited;
Incident Response: robet maintains a documented data breach response procedure. In the event of a personal data breach that poses a risk to data subjects, robet will notify the National Privacy Commission within seventy-two (72) hours of becoming aware of the breach, and will notify affected Players as required under NPC Circular No. 16-03.

While robet takes all reasonable and legally required precautions to protect your personal data, no data transmission over the internet or electronic storage system can be guaranteed to be 100% secure. You are responsible for maintaining the confidentiality of your robet login credentials and for using secure devices and networks when accessing the platform.

10

Data Retention

robet retains personal data for only as long as is necessary for the purpose for which it was collected, subject to mandatory retention requirements under Philippine law. The following retention periods apply:

Data Category	Retention Period	Legal Basis
Identity and KYC documents	5 years from account closure	AMLA (RA 9160 as amended); PAGCOR
Financial transaction records	5 years minimum from transaction date	AMLA; PAGCOR compliance
Gaming activity logs	3 years from account closure	PAGCOR licensing conditions
Account credentials (hashed)	Until account deletion + 90 days	Contractual; security
Support communications	2 years from last interaction	Legitimate interest; dispute resolution
Session and technical logs	90 days on active servers; 1 year on archived storage	Security; fraud detection
Marketing consent records	3 years from consent grant or withdrawal	RA 10173 accountability obligation

Upon expiry of the applicable retention period, personal data is securely deleted from robet's active systems and any backup media within a reasonable archival purge cycle. Anonymized, aggregated data that cannot be re-identified may be retained indefinitely for statistical purposes.

11

Your Rights as a Data Subject

Under the Philippine Data Privacy Act of 2012 (RA 10173), you have the following rights with respect to your personal data held by robet. You may exercise any of these rights by contacting robet's Data Privacy Officer as described in Section 15.

Right to Be Informed

You have the right to be informed of how your personal data is collected, used, stored, shared, and protected. This Privacy Policy fulfills robet's obligation under this right. You may request additional clarification at any time.

Right to Access

You may request a copy of the personal data robet holds about you, including the categories of data, the purposes for which it is being processed, and the identity of third parties with whom it has been shared. robet will respond to access requests within thirty (30) calendar days.

Right to Rectification

If any personal data robet holds about you is inaccurate, incomplete, or outdated, you have the right to request correction. Most contact and preference data can be updated directly through your robet Account dashboard. Identity and KYC data corrections require documentary evidence.

Right to Erasure

You may request the deletion of your personal data where it is no longer necessary for the purpose it was collected, where consent has been withdrawn, or where processing is unlawful. This right is subject to overriding legal retention obligations — robet cannot delete financial transaction records required by the AMLA even upon request.

Right to Object

You may object to the processing of your personal data for direct marketing or where processing is based on robet's legitimate interests. Where you object to marketing, robet will cease all marketing communications immediately upon receipt of your objection.

Right to Data Portability

You may request a copy of your personal data in a structured, commonly used, and machine-readable format (such as CSV or JSON) where technically feasible, so that you may transmit it to another service provider of your choosing.

Right to Complain

If you believe robet has violated your rights under RA 10173, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines. robet encourages Players to contact our DPO first to attempt resolution before filing a formal NPC complaint.

12

Children and Minors

The robet platform is strictly intended for adults aged twenty-one (21) years and older, as mandated by Philippine law and PAGCOR regulations governing online gaming. robet does not knowingly collect personal data from individuals below this age threshold.

robet's registration process requires age confirmation and, through the KYC verification process, documentary proof of age. Any account where the registered Player is found to be under 21 years of age is immediately and permanently terminated, and any funds deposited are returned to the originating payment method after deduction of any applicable processing costs.

If you believe a minor has accessed or registered on the robet platform, please notify robet's support team immediately via live chat or at the contact details in Section 15. robet will investigate and take immediate action upon receiving a credible report of underage access.

13

Cross-Border Data Transfers

Some of robet's service providers — particularly certain game content providers and cloud infrastructure partners — may process data in data centers located outside the Philippines. Where such cross-border data transfers occur, robet ensures that:

The receiving country or organization provides a level of data protection comparable to RA 10173 standards;
Appropriate contractual safeguards, including Standard Contractual Clauses or equivalent binding data processing agreements, are in place before any personal data is transferred;
Cross-border transfers are registered with the National Privacy Commission where required under applicable NPC issuances;
The data transferred is limited to the minimum necessary for the third party to perform its contracted function.

Game session tokens transmitted to game providers during gameplay are pseudonymized — they do not contain your full name, government ID, or financial details. Full personal data is never transmitted to game content providers for cross-border processing.

14

Changes to This Privacy Policy

robet may update this Privacy Policy from time to time to reflect changes in our data processing practices, regulatory requirements, or platform features. All changes are published on this page at robet.bio/privacy-policy with the "Last Updated" date revised accordingly.

Where changes are material — meaning they affect your rights, the categories of data we collect, the purposes for which we use your data, or the parties with whom we share it — robet will notify registered Players via the email address and/or mobile number on file, with at least fourteen (14) days' notice before the revised policy takes effect.

Your continued use of the robet platform following notification of a material change constitutes your acceptance of the updated Privacy Policy. If you do not agree with any changes, you should cease using the platform and contact robet's DPO to request Account closure and data deletion to the extent permitted by applicable retention obligations.

15

Contact and Data Privacy Officer

For all privacy-related inquiries, data subject rights requests, or concerns regarding robet's handling of your personal data, please contact robet's designated Data Privacy Officer through the following channels:

Email Address all data privacy correspondence to: [email protected] — please use the subject line "Data Privacy Request — [Your Request Type]" to ensure your message is directed to the DPO's queue without delay.

Live Chat robet's 24/7 live chat support team can handle general privacy inquiries and can escalate formal data subject rights requests to the DPO on your behalf. Live chat response time is typically under 3 minutes.

robet will acknowledge all data privacy requests within five (5) business days and will resolve or respond substantively within thirty (30) calendar days, consistent with the requirements of RA 10173.

This Privacy Policy was last updated in January 2026 and is effective immediately for all new and existing registered Players of the robet platform at robet.bio.

robet Privacy Policy

How robet Treats Your Personal Data

We Collect Only What We Need

We Never Sell Your Data

Bank-Grade Security

You Control Your Data

Defined Retention Periods

RA 10173 Compliance