Data Protection & Privacy

phream Privacy Policy

At phream, your privacy is not an afterthought — it is built into everything we do. This Privacy Policy explains exactly how we collect, use, store, and protect your personal information when you use the phream platform.

Effective Date: January 1, 2026
Jurisdiction: Philippines
DPA Compliant

Table of Contents

Our Privacy Commitments

How phream Protects Your Data

These six principles guide every decision phream makes about your personal data. They summarize our approach — the full legal details are in the policy sections below.

256-Bit SSL Encryption

Every piece of data transmitted between your device and phream is protected by industry-standard 256-bit SSL encryption. Your personal and financial information is never sent in plain text.

Secure Data Storage

phream stores your personal data on secure, access-controlled servers. We apply strict internal access policies so that only authorized personnel can access your information, and only when necessary.

Your Rights, Respected

Under the Philippine Data Privacy Act of 2012 (Republic Act 10173), you have the right to access, correct, and delete your personal data. phream makes it easy to exercise these rights at any time.

No Unauthorized Sharing

phream does not sell, rent, or trade your personal data to third parties for marketing purposes. We only share your information with trusted partners who are strictly bound by confidentiality agreements and data protection obligations.

Transparent Cookie Use

We use cookies only to improve your experience on phream. Our cookie policy is clear and straightforward — we explain exactly what we collect, why we collect it, and how you can manage your preferences.

DPA 2012 Compliance

phream fully complies with the Philippine Data Privacy Act of 2012 and the regulations issued by the National Privacy Commission (NPC). We are committed to upholding the highest standards of data protection for all Filipino players.

Last Updated: January 1, 2026

Article 1 Introduction and Scope

phream ("we," "us," "our," or the "Company") is committed to protecting the privacy and personal data of all users of the phream platform, including the website at phream.com and all associated mobile applications and services (collectively, the "Platform"). This Privacy Policy describes how phream collects, uses, stores, shares, and protects your personal information in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173, or "DPA") and its implementing rules and regulations.

This Privacy Policy applies to all individuals who access or use the phream Platform, including registered players, visitors, and prospective users located in the Philippines, including those in Metro Manila, Cebu, Davao, Quezon City, Makati, and other regions across the country. By accessing or using the phream Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein.

This Privacy Policy should be read together with the phream Terms & Conditions. In the event of any conflict between this Privacy Policy and the Terms & Conditions with respect to data privacy matters, this Privacy Policy shall prevail.

Article 2 Information We Collect

phream collects personal data that is necessary to provide you with a safe, secure, and enjoyable gaming experience. The categories of personal data we collect include:

2.1 Information You Provide Directly

  • Registration Data: Full legal name, date of birth, gender, nationality, and residential address (including city and province within the Philippines).
  • Contact Information: Email address and mobile phone number.
  • Identity Verification Documents: Government-issued identification (such as a Philippine passport, SSS ID, UMID, driver's license, or PhilSys National ID), proof of address, and other KYC documents as required.
  • Financial Information: Payment method details, including GCash account numbers, PayMaya account details, BPI, BDO, or Metrobank account information, and transaction history.
  • Account Preferences: Username, password (stored in encrypted form), language preferences, and communication preferences.
  • Support Communications: Records of your correspondence with phream customer support, including chat logs, emails, and support tickets.

2.2 Information Collected Automatically

  • Device Information: Device type, operating system, browser type and version, device identifiers, and screen resolution.
  • Usage Data: Pages visited, games played, session duration, click patterns, and navigation paths within the phream Platform.
  • Transaction Data: Details of all deposits, withdrawals, wagers, bonuses, and game results associated with your account.
  • Location Data: IP address and approximate geographic location (country and region level) to verify that you are accessing the Platform from within the Philippines.
  • Log Data: Server logs, error reports, and diagnostic data generated during your use of the Platform.

2.3 Information from Third Parties

phream may receive personal data about you from third-party sources, including identity verification service providers, payment processors, fraud detection agencies, and regulatory bodies such as PAGCOR. We may combine this information with data we have collected directly from you to improve the accuracy of our records and to comply with our legal obligations.

Note: phream only collects personal data that is adequate, relevant, and limited to what is necessary for the purposes described in this Privacy Policy. We do not collect sensitive personal information beyond what is required for identity verification and regulatory compliance.

Article 3 How We Use Your Information

phream uses your personal data for the following purposes:

Purpose Description
Account Management To create, maintain, and manage your phream account, including verifying your identity and age (21+) as required by Philippine gaming regulations.
Service Delivery To provide you with access to phream games, features, and services, including processing deposits and withdrawals via GCash, PayMaya, BPI, BDO, and Metrobank.
Legal Compliance To comply with applicable Philippine laws and regulations, including the DPA, anti-money laundering (AML) laws, PAGCOR licensing requirements, and KYC obligations.
Fraud Prevention To detect, investigate, and prevent fraudulent activity, cheating, money laundering, and other prohibited conduct on the phream Platform.
Customer Support To respond to your inquiries, resolve disputes, and provide technical assistance in English and Tagalog.
Platform Improvement To analyze usage patterns, conduct research, and improve the features, performance, and user experience of the phream Platform.
Responsible Gaming To monitor gameplay patterns and identify players who may be at risk of problem gambling, and to enforce responsible gaming tools such as deposit limits and self-exclusion.
Marketing Communications To send you promotional offers, bonuses, and updates about phream, subject to your communication preferences and applicable opt-out rights.

Article 4 Legal Basis for Processing

phream processes your personal data on the following legal bases as recognized under the Philippine Data Privacy Act of 2012:

  • Consent: Where you have given your explicit consent to the processing of your personal data for a specific purpose, such as receiving marketing communications from phream.
  • Contractual Necessity: Where processing is necessary for the performance of the contract between you and phream, including the provision of gaming services, processing of transactions, and management of your account.
  • Legal Obligation: Where processing is necessary for phream to comply with applicable Philippine laws and regulations, including AML laws, PAGCOR requirements, and the DPA itself.
  • Legitimate Interests: Where processing is necessary for the legitimate interests of phream, such as fraud prevention, platform security, and improving our services, provided that such interests are not overridden by your rights and freedoms.

Where phream relies on your consent as the legal basis for processing, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to the withdrawal.

Article 5 Sharing Your Information

phream does not sell, rent, or trade your personal data to third parties for their own marketing purposes. We may share your personal data with the following categories of recipients, strictly on a need-to-know basis and subject to appropriate data protection safeguards:

  • Payment Processors: GCash, PayMaya, BPI, BDO, Metrobank, and other authorized payment service providers, for the purpose of processing your deposits and withdrawals.
  • Identity Verification Providers: Third-party KYC and identity verification service providers who assist phream in verifying your identity and age in compliance with Philippine regulations.
  • Fraud Detection and Security Providers: Third-party fraud detection, cybersecurity, and risk management service providers who help phream protect the Platform and its users.
  • Regulatory Authorities: PAGCOR, the National Privacy Commission (NPC), the Anti-Money Laundering Council (AMLC), and other Philippine government agencies, where disclosure is required by law or regulation.
  • Legal and Professional Advisors: Lawyers, auditors, and other professional advisors who are bound by strict confidentiality obligations.
  • Technology Service Providers: Cloud hosting providers, data analytics platforms, and other technology vendors who process data on phream's behalf under strict data processing agreements.
Important: All third parties with whom phream shares your personal data are required to implement appropriate technical and organizational measures to protect your data and to process it only in accordance with phream's instructions and applicable Philippine law.

Article 6 Data Retention

phream retains your personal data for as long as is necessary to fulfill the purposes for which it was collected, or as required by applicable Philippine laws and regulations. The following retention periods apply:

  • Account Data: Retained for the duration of your account and for a minimum of five (5) years after account closure, in compliance with PAGCOR licensing requirements and AML regulations.
  • Transaction Records: Retained for a minimum of five (5) years from the date of the transaction, as required by Philippine AML laws.
  • KYC and Identity Verification Documents: Retained for a minimum of five (5) years after account closure or the completion of the relevant transaction.
  • Customer Support Records: Retained for a minimum of three (3) years from the date of the last interaction.
  • Marketing Data: Retained until you withdraw your consent or opt out of marketing communications, after which it will be deleted or anonymized within thirty (30) days.

Upon expiry of the applicable retention period, phream will securely delete or anonymize your personal data in accordance with our data disposal procedures. Where data cannot be immediately deleted due to technical constraints, it will be securely isolated and protected until deletion is possible.

Article 7 Data Security

phream implements a comprehensive set of technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, loss, or destruction. These measures include:

  • 256-bit SSL/TLS encryption for all data transmitted between your device and the phream Platform.
  • Encryption of sensitive data at rest, including passwords (stored using industry-standard hashing algorithms) and financial information.
  • Strict access controls and role-based permissions to limit access to personal data to authorized personnel only.
  • Regular security audits, vulnerability assessments, and penetration testing conducted by independent third-party security experts.
  • Multi-factor authentication (MFA) for internal systems that process personal data.
  • Comprehensive employee training on data protection and information security best practices.
  • Incident response procedures to detect, report, and respond to personal data breaches in accordance with the DPA's breach notification requirements.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, phream will notify the National Privacy Commission (NPC) within seventy-two (72) hours of becoming aware of the breach, and will notify affected individuals without undue delay, as required by the DPA.

While phream takes all reasonable steps to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. You are responsible for maintaining the confidentiality of your phream account credentials and for notifying us immediately if you suspect any unauthorized access to your account.

Article 8 Cookies and Tracking Technologies

phream uses cookies and similar tracking technologies to enhance your experience on the Platform, to analyze usage patterns, and to deliver relevant content. The types of cookies we use include:

  • Strictly Necessary Cookies: These cookies are essential for the operation of the phream Platform. They enable core functions such as account login, session management, and security. These cookies cannot be disabled.
  • Performance and Analytics Cookies: These cookies collect information about how you use the phream Platform, such as which pages you visit most frequently and how long you spend on each page. This data is used to improve the Platform's performance and user experience.
  • Functional Cookies: These cookies allow the phream Platform to remember your preferences, such as your language settings and game preferences, to provide a more personalized experience.
  • Marketing Cookies: These cookies are used to deliver promotional content and offers that are relevant to your interests. They may track your browsing activity across the phream Platform.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of the phream Platform. For more information on how to manage cookies, refer to your browser's help documentation.

Article 9 Your Rights Under the DPA

Under the Philippine Data Privacy Act of 2012, you have the following rights with respect to your personal data held by phream:

Right to be Informed — Know how your data is collected and used.
Right to Access — Request a copy of your personal data held by phream.
Right to Rectification — Correct inaccurate or incomplete personal data.
Right to Erasure — Request deletion of your personal data where no longer necessary.
Right to Object — Object to the processing of your data for certain purposes.
Right to Block — Request suspension of processing pending resolution of a dispute.
Right to Data Portability — Receive your data in a structured, machine-readable format.
Right to Damages — Seek compensation for damages caused by inaccurate or unlawfully processed data.

To exercise any of these rights, please contact the phream Data Protection Officer (DPO) using the contact details provided in Article 13 of this Privacy Policy. phream will respond to all data subject requests within thirty (30) days of receipt, as required by the DPA. In complex cases, this period may be extended by a further thirty (30) days, and you will be notified accordingly.

If you believe that phream has not adequately addressed your data privacy concerns, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines.

Article 10 Children's Privacy

The phream Platform is strictly intended for individuals who are at least 21 years of age, in accordance with Philippine gaming regulations. phream does not knowingly collect personal data from individuals under the age of 21. If you are under 21 years of age, you are not permitted to register for or use the phream Platform.

If phream becomes aware that personal data has been collected from an individual under the age of 21 without verifiable parental or guardian consent, we will take immediate steps to delete such data from our systems and terminate the associated account. If you believe that phream may have inadvertently collected personal data from a minor, please contact us immediately using the details in Article 13.

Article 11 International Data Transfers

phream primarily stores and processes your personal data within the Philippines. In certain circumstances, your personal data may be transferred to, stored in, or processed by service providers located outside the Philippines, such as cloud hosting providers or technology vendors with international operations.

Where such international transfers occur, phream ensures that appropriate safeguards are in place to protect your personal data in accordance with the DPA and the regulations of the National Privacy Commission. These safeguards may include contractual clauses that impose data protection obligations on the recipient, or transfers to countries that have been recognized as providing an adequate level of data protection.

By using the phream Platform, you consent to the transfer of your personal data to countries outside the Philippines where necessary for the provision of our services, subject to the safeguards described above.

Article 12 Changes to This Privacy Policy

phream reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable laws, or regulatory requirements. Any changes to this Privacy Policy will be effective immediately upon posting on the phream Platform. The "Last Updated" date at the top of this page will reflect the date of the most recent revision.

Where changes to this Privacy Policy are material, phream will notify registered players via email or through a prominent notice on the Platform prior to the changes taking effect. We encourage you to review this Privacy Policy periodically to stay informed about how phream protects your personal data.

Continued use of the phream Platform after any amendments to this Privacy Policy constitutes your acceptance of the revised policy. If you do not agree with any changes, you must immediately cease using the Platform and may request account closure in accordance with the phream Terms & Conditions.

Article 13 Contact and Data Controller

phream is the data controller responsible for your personal data collected through the phream Platform. If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please contact our Data Protection Officer (DPO):

Data Protection Officer — phream
Email: [email protected]
General Support: [email protected]
Support Hours: 24/7 (English and Tagalog support available)
Response Time: Within 30 days of receipt of your request, as required by the DPA.

If you are not satisfied with phream's response to your data privacy concern, you may lodge a complaint with the National Privacy Commission (NPC) of the Philippines through their official channels.

Play with Confidence on phream

Your data is safe with us. Join thousands of Filipino players who trust phream for a secure, fair, and exciting online gaming experience — built with your privacy in mind.

Sign In to phream