jil7 Privacy Policy — How We Handle Your Personal Data

1.1  jil7 recognizes that the privacy of your personal information is important to you, and we take our obligations as a personal information controller seriously. The primary purpose of this Policy is to ensure that you are fully informed about how your personal data is handled when you use the jil7 platform, so that you can make an informed decision about whether to register and continue using the service.

1.2  jil7 operates under the regulatory oversight of the Philippine Amusement and Gaming Corporation ("PAGCOR"), which imposes specific obligations on licensees regarding the collection and handling of player identity and financial information. Much of the personal data jil7 collects is required by PAGCOR licensing conditions and Philippine anti-money laundering regulations, and cannot be waived at the player's election.

1.3  Where jil7 collects data for purposes beyond regulatory requirements — such as for marketing communications or platform analytics — the legal basis for that processing and any opt-out mechanisms available to you are described in detail in this Policy.

2.1  jil7 acts as the personal information controller in respect of all personal data collected from players and visitors through jil7.asia. As the controller, jil7 determines the purposes and means of processing your personal data and is responsible for implementing appropriate safeguards to protect it.

2.2  Questions, concerns, or requests regarding this Privacy Policy or jil7's data processing practices may be directed to jil7's data privacy contact at: [email protected]

2.3  Where third-party service providers process personal data on jil7's behalf — such as KYC verification providers, payment processors, or analytics platforms — they do so as personal information processors under contractual obligations that require processing consistent with this Policy and with the DPA.

3.1  The following table summarizes the categories of personal data jil7 collects, and the primary purpose for collecting each category:

3.2  Sensitive Personal Information. Government-issued ID documents submitted for KYC verification constitute sensitive personal information under the DPA. jil7 processes this information solely for identity verification and regulatory compliance purposes and applies heightened security controls to its storage and handling.

4.1  jil7 collects personal data through the following means:

• Registration and KYC forms: Information you provide directly when creating your jil7 account and completing identity verification, including your name, date of birth, contact details, and government ID documents;
• Deposits and withdrawals: Payment information submitted when you make a deposit or request a withdrawal through GCash, Maya, bank transfer, or card payment;
• Platform activity: Data generated automatically as you use jil7 — game sessions, bets placed, wagers settled, login and logout times;
• Device and browser data: Technical information collected automatically via standard web server logs and first-party cookies when you access jil7.asia;
• Customer support interactions: Information provided during live chat, email, or other support communications;
• Responsible gaming tool submissions: Limit settings, cooling-off requests, and self-exclusion applications submitted through your account settings.

4.2  jil7 does not collect personal data from third-party data brokers or social media platforms. All personal data jil7 holds is information that you have provided directly or that has been generated by your own activity on the platform.

5.1  Under the Data Privacy Act of 2012, jil7 must have a lawful basis for each category of personal data it processes. The applicable legal bases are as follows:

• Contractual necessity: Processing required to create and manage your jil7 account, execute deposits and withdrawals, and provide gaming services. This is the primary legal basis for most operational processing.
• Legal obligation: Processing required to comply with PAGCOR licensing conditions, AMLA obligations, and any other applicable Philippine law, including mandatory KYC verification and transaction reporting.
• Legitimate interests: Processing for fraud prevention, platform security, abuse detection, and improving platform performance — where such interests are not overridden by your privacy rights.
• Consent: Processing for marketing communications and personalized promotional offers, where jil7 has obtained your explicit opt-in consent at the time of registration or through subsequent account settings. You may withdraw this consent at any time.

6.1  jil7 uses personal data for the following specific purposes:

1. Account creation and management: Creating your account, verifying your identity, maintaining accurate account records, and communicating account-related information;
2. Service delivery: Enabling you to play games, make deposits, request withdrawals, participate in promotions, and access all platform features;
3. Regulatory compliance: Fulfilling PAGCOR reporting requirements, AMLA transaction monitoring and reporting obligations, and responding to lawful requests from government authorities;
4. Fraud and security: Detecting, investigating, and preventing fraudulent transactions, unauthorized account access, money laundering, bonus abuse, and other prohibited conduct;
5. Responsible gaming: Monitoring gaming activity to identify potential problem gambling indicators, administering voluntary responsible gaming tool selections, and complying with PAGCOR's player protection requirements;
6. Customer support: Addressing your inquiries, resolving disputes, and maintaining records of support interactions;
7. Platform improvement: Analyzing aggregated, de-identified usage data to improve platform performance, game selection, and user experience;
8. Marketing (consent-based): Sending promotional offers, bonus announcements, and gaming content to players who have opted in to marketing communications.

6.2  jil7 does not use automated decision-making or profiling that produces legal or similarly significant effects on individual players without human review.

7.1  jil7 does not sell your personal data to third parties. Personal data may be shared with the following categories of recipients, strictly to the extent necessary for the purposes described in this Policy:

• PAGCOR: As required by jil7's gaming license, certain player activity data and regulatory reports are submitted to PAGCOR;
• Philippine government authorities: Law enforcement, the AMLC (Anti-Money Laundering Council), the NPC, and other government bodies where disclosure is required by applicable Philippine law;
• KYC verification service providers: Third-party identity verification platforms that process government ID documents on jil7's behalf under data processing agreements that bind them to DPA-compliant practices;
• Payment service providers: GCash, Maya, BPI, BDO, Metrobank, Visa, Mastercard, and other payment processors, to the extent necessary to execute deposits and withdrawals;
• Game providers: Third-party game developers and live studio operators whose games are featured on jil7 may receive minimal technical session data required for game integrity and RTP certification purposes;
• Fraud prevention and security providers: Technical services that assist in detecting unauthorized access, fraudulent transactions, and abuse patterns.

7.2  All third-party processors are bound by contractual data processing agreements that require DPA-compliant handling and prohibit the use of jil7 player data for any purpose beyond the specific service being provided.

7.3  In the event that jil7 undergoes a corporate restructuring, merger, or acquisition, player data may be transferred to a successor entity provided that the successor entity assumes jil7's obligations under this Policy and applicable law.

8.1  jil7.asia uses first-party cookies and similar browser-based technologies to support the operation of the platform and to improve the player experience. jil7 does not use third-party advertising cookies or tracking pixels for cross-site behavioral advertising.

8.2  The following categories of cookies are used on jil7.asia:

• Strictly Necessary Cookies: Essential for the operation of the platform — maintaining your login session, remembering language and currency preferences, enabling game loading, and supporting security functions. These cannot be disabled without impairing platform functionality;
• Functional Cookies: Remember your preferences and settings to provide a more personalized experience on return visits, such as remembered device settings and responsible gaming preference storage;
• Analytics Cookies: Collect aggregated, de-identified information about how players use jil7.asia — page visit frequency, session duration, popular game categories — used to improve platform performance. These are first-party analytics only.

8.3  You may configure your browser to block or delete cookies. Note that blocking strictly necessary cookies will impair your ability to log in and use the jil7 platform. Instructions for managing cookie settings are available through your browser's help documentation.

9.1  jil7 implements technical and organizational security measures that are proportionate to the sensitivity and volume of personal data it holds. These measures include:

• 256-bit SSL/TLS encryption for all data transmitted between your browser or device and jil7's servers;
• Encrypted storage for sensitive personal data at rest, including KYC documents and financial account references;
• Access controls limiting internal access to personal data on a need-to-know basis, with authentication requirements for staff accessing player data systems;
• Login anomaly detection that monitors for unusual access patterns, including logins from new devices or unexpected geographic locations;
• Regular security assessments of platform infrastructure and third-party provider security postures;
• Incident response procedures consistent with NPC data breach notification requirements under the DPA.

9.2  In the event of a personal data breach that is reasonably likely to give rise to a risk to the rights and freedoms of affected data subjects, jil7 will notify the NPC within 72 hours of becoming aware of the breach and will notify affected individuals without undue delay, as required by the DPA.

9.3  While jil7 employs robust security measures, no online platform can guarantee absolute security. You are responsible for maintaining the security of your account credentials. jil7 recommends enabling two-factor authentication and using a unique, strong password for your jil7 account.

10.1  jil7 retains personal data for the periods set out below, after which data is securely deleted or anonymized unless a longer retention period is required by applicable law:

10.2  Where retention beyond these periods is required by a PAGCOR directive, court order, or other applicable law, jil7 will retain data for the legally required period and will document the basis for extended retention.

11.1  As a data subject under the Data Privacy Act of 2012, you have the following rights with respect to the personal data jil7 holds about you:

• Right to be Informed: To be informed that your personal data is being collected and processed, and for what purposes — which is the primary function of this Privacy Policy;
• Right of Access: To request a copy of the personal data jil7 holds about you and information about how it is being processed;
• Right to Rectification: To request correction of inaccurate or incomplete personal data held in your jil7 account;
• Right to Erasure: To request deletion of your personal data in circumstances where continued processing is no longer necessary or lawful. Note that this right is subject to limitations where jil7 is required to retain data by PAGCOR licensing conditions or AMLA obligations;
• Right to Object: To object to processing of your personal data where that processing is based on legitimate interests rather than legal obligation or contractual necessity — including the right to opt out of marketing communications at any time;
• Right to Data Portability: To request a structured, machine-readable copy of personal data you have provided to jil7, in cases where processing is based on consent or contract;
• Right to File a Complaint: To lodge a complaint with the National Privacy Commission if you believe jil7 has not complied with its obligations under the DPA.

11.2  To exercise any of these rights, please submit a written request to [email protected] with the subject line "Data Rights Request." jil7 will acknowledge your request within five (5) business days and will respond substantively within thirty (30) days, in accordance with NPC guidelines.

12.1  jil7 is strictly an adults-only platform. Access is limited to persons who are 21 years of age or older, in accordance with PAGCOR's minimum age requirement for online gaming in the Philippines. jil7 does not knowingly collect or process personal data from persons under the age of 21.

12.2  Age verification is a mandatory component of the KYC process. Registration without government ID confirmation of age eligibility is not possible. Where jil7 becomes aware that an account has been created by a person under 21 years of age, the account will be immediately suspended, gaming activity will be voided, and data retention will be managed in accordance with PAGCOR reporting requirements for underage access incidents.

12.3  If you are a parent or guardian and believe that a minor has accessed or registered on jil7 using false information, please contact jil7 support immediately at [email protected].

13.1  jil7 processes personal data primarily within the Republic of the Philippines. Some third-party service providers engaged by jil7 — including live game studio operators and certain technical infrastructure providers — may process data in other countries.

13.2  Where personal data is transferred outside the Philippines, jil7 ensures that such transfers are subject to appropriate safeguards consistent with NPC guidelines on cross-border data transfers. These safeguards include contractual obligations on recipient processors requiring data protection standards equivalent to those imposed by the DPA.

13.3  jil7 does not transfer personal data to countries or organizations that are subject to NPC restrictions on data transfers without applicable safeguards in place.

14.1  jil7 reserves the right to update or amend this Privacy Policy from time to time to reflect changes in its data processing practices, applicable law, or PAGCOR regulatory requirements. The current version of this Policy, with its "Last Updated" date, is always available at jil7.asia/privacy-policy.

14.2  Where a material change to this Policy affects the way jil7 processes your personal data, jil7 will notify you via email to your registered address or via a notice displayed upon your next login. Your continued use of the jil7 platform following notification of a material change constitutes your acknowledgment of the updated Policy.

14.3  For non-material updates — such as clarifications, formatting changes, or corrections that do not change the substance of jil7's data processing practices — the Policy will be updated without specific individual notification.

15.1  For any questions, concerns, or requests regarding this Privacy Policy or jil7's data processing practices, please contact us through any of the following channels:

• Email: [email protected] — for data rights requests, please include "Data Rights Request" in the subject line
• Live Chat: Available 24 hours a day, 7 days a week via the in-platform chat widget at jil7.asia
• Response Time: jil7 will acknowledge privacy-related inquiries within 5 business days and provide a substantive response within 30 days

15.2  If you are not satisfied with jil7's response to a privacy-related request or complaint, you have the right to escalate the matter to the National Privacy Commission of the Philippines. The NPC's contact information is publicly available through official Philippine government channels.