55bme Privacy Policy

This Privacy Policy ("Policy") describes how 55bme ("the Company," "we," "us," or "our"), operator of the online gaming platform accessible at 55bme.org, collects, uses, stores, shares, and protects the personal information of registered players and visitors ("you," "your," or "the Data Subject") in connection with your use of the 55bme platform and all associated services.

55bme is committed to protecting the privacy and personal data of all Filipino players and website visitors. This Policy is prepared in compliance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 ("DPA"), and its Implementing Rules and Regulations as enforced by the National Privacy Commission ("NPC") of the Philippines. This Policy also reflects the data governance obligations imposed on 55bme as a PAGCOR-regulated gaming operator.

By creating an account on 55bme, accessing the website, or otherwise interacting with our platform, you acknowledge that you have read and understood this Policy and that you consent to the collection and processing of your personal data as described herein. If you do not agree to the terms of this Policy, please discontinue use of the 55bme platform.

55bme acts as the Personal Information Controller ("PIC") in respect of the personal data collected through the 55bme platform. As the PIC, 55bme is responsible for determining the purposes and means of the processing of personal data collected from platform users.

In compliance with Section 21 of the Data Privacy Act and its Implementing Rules, 55bme has designated a Data Protection Officer ("DPO") who is responsible for overseeing compliance with this Policy and with applicable data privacy laws. The DPO monitors 55bme's data processing activities, ensures that data protection impact assessments are conducted where required, responds to data subject requests, and serves as the point of contact for the National Privacy Commission.

Data subjects may direct any privacy-related queries, requests, or complaints to the 55bme Data Protection Officer using the contact information provided in Section 15 of this Policy. All requests addressed to the DPO will be acknowledged within five (5) business days of receipt.

55bme collects the following categories of personal data in connection with platform registration, account operation, regulatory compliance, and service delivery:

55bme collects personal data through the following channels and mechanisms:

• Account registration form — name, date of birth, email address, mobile number, and chosen credentials.
• KYC identity verification submission — government ID images and selfie photograph.
• Payment setup and transaction initiation — GCash, PayMaya, or bank account details submitted when making deposits or requesting withdrawals.
• Customer support interactions — information you share during live chat sessions or email correspondence with the 55bme support team.
• Responsible gaming tool configuration — deposit limit settings, self-exclusion requests, and related account management actions.

• Device and technical data collected through your browser or mobile browser session each time you access the 55bme platform.
• IP address and approximate geolocation, used to verify that you are accessing the platform from within the Philippines and to detect suspicious login activity.
• Cookies and similar tracking technologies — see Section 10 for full details.
• Gaming activity logs generated automatically each time you place a bet, enter a game room, or complete a transaction on the platform.

• Payment verification data from GCash, PayMaya, BPI, BDO, and Metrobank for the purpose of confirming deposit and withdrawal transactions.
• Identity verification data from third-party KYC service providers engaged by 55bme to assist with document authentication.
• Fraud prevention data from payment processors and financial crime detection services in connection with AML obligations.

55bme processes your personal data for the following specific and legitimate purposes:

• Account Creation and Management: To create, verify, maintain, and administer your 55bme player account, including processing login authentication and account settings changes.
• KYC and Identity Verification: To verify your identity and age (21+) as required by PAGCOR's player registration requirements and to prevent the creation of fraudulent or underage accounts.
• Payment Processing: To process your deposits via GCash, PayMaya, BPI, BDO, and Metrobank, and to execute your withdrawal requests to your verified payment method in PHP.
• Regulatory Compliance and AML: To comply with PAGCOR's operator obligations, the Anti-Money Laundering Act of the Philippines (RA 9160 as amended), and applicable NPC regulations, including transaction monitoring, suspicious activity reporting to the AMLC, and PAGCOR audit cooperation.
• Customer Support: To respond to your inquiries, resolve disputes, process responsible gaming requests, and provide assistance through live chat and email.
• Platform Security and Fraud Prevention: To detect and prevent unauthorized account access, bonus abuse, multi-accounting, and any prohibited conduct listed in our Terms & Conditions.
• Gaming Service Delivery: To provide access to casino games, bingo, slots, and sports betting; to track gaming activity for fair play verification; and to process bonus credits and wagering requirements accurately.
• Responsible Gaming Monitoring: To monitor gaming behavior for indicators of problem gambling, to enforce player-set limits, and to apply compulsory limits where 55bme determines intervention is necessary in the player's interest.
• Marketing Communications (Consent-Based): Where you have explicitly opted in, to send promotional offers, bonus notifications, and platform updates via email and SMS. Marketing processing is based solely on your freely given, informed consent and may be withdrawn at any time.
• Platform Improvement: To analyze aggregated, anonymized usage patterns for the purpose of improving the 55bme platform's user experience, game library, and service reliability.

Under the Data Privacy Act of 2012, 55bme processes your personal data on one or more of the following lawful bases, as applicable to each processing activity:

• Consent (Section 12(a) DPA): Where you have provided freely given, specific, informed consent — primarily for optional marketing communications. You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Contract Performance (Section 12(b) DPA): Processing necessary to fulfill the contractual obligations set out in the 55bme Terms & Conditions — including account management, game access, payment processing, and customer support.
• Legal Obligation (Section 12(c) DPA): Processing required by applicable Philippine law, including KYC verification under PAGCOR regulations, AML transaction monitoring and AMLC reporting obligations, and compliance with NPC data governance requirements.
• Legitimate Interests (Section 12(f) DPA): Processing for the purposes of platform security, fraud detection, multi-accounting prevention, and aggregated analytics for platform improvement, where such interests are not overridden by your fundamental rights and freedoms.

55bme does not sell, rent, or trade your personal data to any third party for their own commercial or marketing purposes. Personal data is shared only in the limited circumstances described below:

55bme engages third-party service providers who process personal data strictly on 55bme's behalf and according to our instructions. These include:

• Payment processors — GCash (G-Xchange Inc.), PayMaya Philippines, BPI, BDO, and Metrobank — for the execution of deposit and withdrawal transactions.
• KYC and identity verification service providers for document authentication and biometric liveness checking.
• Cloud hosting and infrastructure providers who store platform data in secure, encrypted environments.
• Customer support platform providers who power the live chat system.
• Fraud detection and AML screening service providers.

All third-party service providers engaged by 55bme are bound by data processing agreements that prohibit any use of your data beyond the specified service purpose.

55bme may disclose personal data to the following authorities where required by law or in response to a lawful order:

• PAGCOR, in connection with regulatory inspections, audits, licensing reviews, or player complaint investigations.
• Anti-Money Laundering Council (AMLC), as required by the Anti-Money Laundering Act for covered and suspicious transaction reports.
• National Privacy Commission (NPC), in connection with compliance audits or data breach notification obligations.
• Philippine courts and law enforcement authorities in response to a valid court order, subpoena, or lawful enforcement request.

55bme retains personal data only for as long as it is necessary to fulfill the purpose for which it was collected, or as required by applicable law and regulation. The following retention periods apply:

• Active account data: Retained for the duration of your active account relationship with 55bme, plus a minimum of five (5) years following account closure, in compliance with PAGCOR record-keeping requirements and AMLA record retention obligations.
• KYC and identity verification documents: Retained for a minimum of five (5) years following the date of last transaction or account closure, whichever is later, as required by AMLA regulations.
• Transaction records (deposits and withdrawals): Retained for a minimum of five (5) years in compliance with AMLA and PAGCOR financial record-keeping requirements.
• Gaming activity logs: Retained for five (5) years from the date of each recorded session or transaction to support regulatory audit, dispute resolution, and responsible gaming assessment.
• Customer support communications: Retained for three (3) years from the date of the interaction for quality assurance, dispute resolution, and compliance purposes.
• Marketing consent records: Retained for three (3) years from the date of opt-in, or until consent is withdrawn, whichever occurs first.

Upon expiry of the applicable retention period, personal data will be securely deleted or anonymized such that it can no longer be linked to an identifiable individual.

55bme implements organizational, technical, and physical security measures designed to protect your personal data against unauthorized access, disclosure, alteration, and destruction. Our security framework includes:

• Encryption in transit: All data transmitted between your device and the 55bme platform is encrypted using TLS 1.2 or higher (SSL). The platform is accessible exclusively over HTTPS.
• Encryption at rest: Sensitive data stored on 55bme servers — including KYC documents, payment details, and account credentials — is encrypted using AES-256 encryption.
• Password security: Player passwords are stored as salted cryptographic hashes using industry-standard algorithms. Plain-text passwords are never stored. 55bme employees cannot view your password.
• Access controls: Internal access to player personal data is restricted to authorized personnel only, on a need-to-know basis, with role-based access controls and full audit logging of data access events.
• Two-factor authentication: Optional 2FA is available to all 55bme players, adding an additional layer of protection to the login process beyond the username and password combination.
• Penetration testing and vulnerability management: 55bme conducts regular security assessments and vulnerability scans of the platform infrastructure. Critical security patches are applied on an expedited basis.
• Session management: Active login sessions expire after a defined period of inactivity to reduce the risk of unauthorized access from unattended devices.

While 55bme maintains robust security practices, no online system can guarantee absolute security. Players are reminded of their own responsibility to maintain the security of their account credentials and to report any suspected unauthorized access to 55bme support immediately.

55bme uses cookies and similar tracking technologies to operate and improve the platform. A cookie is a small text file placed on your device by the 55bme website when you visit. Cookies help us recognize your device, maintain your login session, and understand how the platform is being used.

• Strictly Necessary Cookies: Essential for the operation of the 55bme platform, including session management, login authentication, and security functions. These cannot be disabled without affecting platform functionality.
• Functional Cookies: Remember your preferences — such as language settings, game lobby filters, and display preferences — to personalize your experience across sessions.
• Performance and Analytics Cookies: Collect anonymized, aggregated data about how players use the platform — which pages are visited most frequently, where errors occur, and how navigation flows are used — to help 55bme improve the user experience.
• Security Cookies: Used for fraud detection and prevention, including IP-based session validation and bot detection.

You may manage non-essential cookies through your browser settings. Most modern browsers allow you to view, disable, and delete cookies stored on your device. Please note that disabling strictly necessary cookies will affect the functionality of the 55bme platform and may prevent you from logging in or completing transactions. 55bme does not use third-party advertising or retargeting cookies.

Under the Data Privacy Act of 2012, you have the following rights with respect to your personal data held by 55bme. To exercise any of these rights, please contact the 55bme Data Protection Officer using the contact details in Section 15.

The 55bme platform is strictly intended for persons aged twenty-one (21) years and above in accordance with PAGCOR's age restriction requirements for online gambling in the Philippines. 55bme does not knowingly collect, process, or retain personal data from any person under the age of 21.

Age is verified during the registration process through date-of-birth declaration and confirmed through KYC identity verification before any withdrawal is processed. 55bme employs additional detection mechanisms to identify potential age misrepresentation, including document authentication and data consistency checks.

If 55bme discovers or is notified that an account belongs to a person under 21, the account will be immediately and permanently closed in accordance with our Terms & Conditions and PAGCOR's underage gambling enforcement guidelines. Any personal data associated with an underage account will be handled in accordance with applicable legal requirements, which may include retention for regulatory reporting purposes.

If you have reason to believe that a person under 21 has registered on or is using the 55bme platform, please notify our support team immediately at the contact details provided in Section 15.

In the event that 55bme becomes aware of a personal data breach that is likely to result in a risk to the rights and freedoms of affected data subjects, 55bme will take the following actions in accordance with NPC Circular 16-03 and the DPA's breach notification requirements:

• Internal response: 55bme's incident response team will immediately contain the breach, assess its scope and severity, and document all relevant details in accordance with our internal data breach response protocol.
• NPC notification: If the breach involves sensitive personal information or poses a real risk of serious harm to affected data subjects, 55bme will notify the National Privacy Commission within seventy-two (72) hours of becoming aware of the breach.
• Data subject notification: Where the breach is likely to adversely affect your rights and freedoms, 55bme will notify affected data subjects without undue delay, providing information about the nature of the breach, the data affected, the measures taken to address the breach, and recommended steps for affected individuals to protect themselves.

If you suspect that your 55bme account has been compromised or that your personal data has been accessed without authorization, please contact 55bme support immediately via live chat or email so that our security team can investigate and take appropriate protective action.

55bme reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, PAGCOR regulatory requirements, or NPC guidelines. The "Last Updated" date at the top of this Policy indicates when the most recent revision was made.

Material changes to this Policy — meaning changes that significantly affect how we collect, use, or share your personal data — will be communicated to registered 55bme players via email notification to the address on file, at a minimum of seven (7) days prior to the changes taking effect. Non-material changes, such as typographical corrections or clarifications that do not alter the substance of data processing activities, may be made without individual notice.

Your continued use of the 55bme platform following the effective date of any revised Privacy Policy constitutes your acknowledgment of and agreement to the revised Policy. We encourage you to review this Policy periodically to stay informed about how 55bme protects your personal data.

For any questions, concerns, or requests relating to this Privacy Policy or to the processing of your personal data by 55bme, please use the following contact channels: