bossphl Privacy Policy

1 Introduction

bossphl ("bossphl," "we," "us," or "our") is committed to protecting the privacy and personal data of all individuals who access or use the bossphl online gaming platform at bossphl.club (the "Platform"). This Privacy Policy ("Policy") describes how bossphl collects, uses, discloses, stores, and protects your personal information when you register an account, use our services, or interact with us in any way.

This Policy is issued in compliance with Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA), and its Implementing Rules and Regulations, as administered by the National Privacy Commission (NPC) of the Philippines. By accessing the Platform or registering a bossphl account, you acknowledge that you have read and understood this Policy and consent to the collection and processing of your personal data as described herein.

2 Personal Data We Collect

bossphl collects the following categories of personal data from players and visitors to the Platform:

• Identity Data: Full legal name, date of birth, nationality, and government-issued identification number (e.g., Philippine National ID, passport, driver's license, SSS/GSIS number).
• Contact Data: Email address, mobile phone number, and residential address (including barangay, city/municipality, province, and postal code).
• Account Data: Username, encrypted password, account preferences, and communication settings.
• Financial Data: Payment method details (e.g., GCash account number, PayMaya/Maya account, bank account details for BPI, BDO, Metrobank, UnionBank, Landbank, PNB, Security Bank, or debit card information), transaction history, deposit and withdrawal records.
• KYC Verification Data: Copies of government-issued identification documents, proof of address documents, and selfie/liveness verification images submitted during the Know Your Customer (KYC) process.
• Gaming Data: Game history, wagering activity, session duration, bonus usage, and responsible gaming settings (e.g., deposit limits, self-exclusion status).
• Technical Data: IP address, device type and model, operating system, browser type and version, time zone, and other technical identifiers collected automatically when you access the Platform.
• Usage Data: Pages visited, features used, click-through data, and other behavioral data collected through cookies and similar tracking technologies.
• Communications Data: Records of your communications with bossphl customer support, including live chat transcripts, email correspondence, and support ticket history.

3 How We Collect Your Data

bossphl collects personal data through the following means:

• Direct Collection: Information you provide when registering an account, completing KYC verification, making deposits or withdrawals, contacting customer support, or participating in promotions.
• Automated Collection: Technical and usage data collected automatically through cookies, web beacons, pixel tags, and similar technologies when you access or interact with the Platform.
• Third-Party Sources: Identity verification data from KYC service providers; fraud detection signals from anti-fraud partners; payment verification data from payment processors (GCash, PayMaya, banks).
• Regulatory Sources: Information received from regulatory authorities, law enforcement agencies, or other government bodies in connection with our legal compliance obligations.

4 How We Use Your Personal Data

bossphl processes your personal data for the following purposes:

• Account Management: To register and maintain your bossphl player account, verify your identity, and manage your account settings and preferences.
• Service Delivery: To provide access to games, process deposits and withdrawals, credit bonuses, and deliver all features of the bossphl Platform.
• KYC & AML Compliance: To verify your identity and age (21+), comply with anti-money laundering (AML) obligations, and fulfill our regulatory reporting requirements under Philippine law.
• Fraud Prevention & Security: To detect, investigate, and prevent fraudulent activity, unauthorized account access , cheating, and other prohibited conduct on the Platform.
• Customer Support: To respond to your inquiries, resolve complaints, and provide technical assistance.
• Responsible Gaming: To monitor gaming activity, enforce responsible gaming tools (deposit limits, self-exclusion), and identify players who may need support.
• Marketing Communications: To send you promotional offers, bonus notifications, and platform updates — but only where you have provided consent or where permitted by applicable law. You may opt out at any time.
• Platform Improvement: To analyze usage patterns, conduct research, and improve the features, performance, and user experience of the bossphl Platform.
• Legal Compliance: To comply with applicable Philippine laws and regulations, respond to lawful requests from government authorities, and enforce our Terms & Conditions.

5 Legal Basis for Processing

bossphl processes your personal data on the following legal bases under the Data Privacy Act of 2012:

• Contractual Necessity: Processing required to perform our obligations under the bossphl Terms & Conditions, including account management, game delivery, and payment processing.
• Legal Obligation: Processing required to comply with applicable Philippine laws, including AML regulations, KYC requirements, and regulatory reporting obligations.
• Legitimate Interests: Processing necessary for fraud prevention, platform security, and responsible gaming monitoring, where such interests are not overridden by your privacy rights.
• Consent: Processing for marketing communications and non-essential cookies, where you have provided explicit consent. You may withdraw consent at any time without affecting the lawfulness of prior processing.

6 Data Sharing & Disclosure

bossphl does not sell your personal data to third parties. We may share your personal data with the following categories of recipients, strictly on a need-to-know basis:

• KYC & Identity Verification Providers: Third-party service providers who assist in verifying your identity and age as required by our regulatory obligations.
• Payment Processors: GCash, PayMaya/Maya, and banking partners (BPI, BDO, Metrobank, UnionBank, Landbank, PNB, Security Bank) for the purpose of processing deposits and withdrawals.
• Fraud Prevention & Security Partners: Service providers who assist in detecting and preventing fraudulent activity, money laundering, and other prohibited conduct.
• IT & Platform Service Providers: Cloud hosting, data storage, and technical infrastructure providers who support the operation of the bossphl Platform.
• Customer Support Platforms: Third-party tools used to manage live chat, email support, and ticketing systems.
• Regulatory & Law Enforcement Authorities: Philippine government agencies, regulatory bodies, and law enforcement authorities where disclosure is required by law or in response to a lawful order.
• Professional Advisors: Legal counsel, auditors, and compliance consultants, subject to professional confidentiality obligations.

All third-party service providers engaged by bossphl are required to process personal data only in accordance with our instructions and to implement appropriate security measures consistent with the Data Privacy Act of 2012.

7 Cookies & Tracking Technologies

bossphl uses cookies and similar tracking technologies to enhance your experience on the Platform, analyze usage, and support security functions. The following types of cookies are used:

• Strictly Necessary Cookies: Essential for the Platform to function. These include session authentication cookies and security tokens. These cannot be disabled.
• Functional Cookies: Remember your preferences (e.g., language, display settings) to personalize your experience on bossphl.
• Analytics Cookies: Collect aggregated, anonymized data about how players use the Platform to help us improve performance and features.
• Marketing Cookies: Used to deliver relevant promotional content. These are only set with your consent.

You may manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of the bossphl Platform. For more information, refer to the cookie management options available in your account settings.

8 Data Retention

bossphl retains your personal data for as long as necessary to fulfill the purposes described in this Policy, or as required by applicable law. The following general retention periods apply:

• Account Data: Retained for the duration of your active account and for a minimum of five (5) years following account closure, in compliance with AML and regulatory record-keeping requirements.
• KYC & Identity Documents: Retained for a minimum of five (5) years from the date of submission, or longer if required by applicable regulations.
• Transaction Records: Retained for a minimum of five (5) years from the date of each transaction.
• Customer Support Records: Retained for three (3) years from the date of the last interaction.
• Marketing Consent Records: Retained for the duration of your account and for three (3) years following opt-out, as evidence of consent management.

Upon expiry of the applicable retention period, personal data is securely deleted or anonymized in accordance with bossphl's data disposal procedures.

9 Data Security

bossphl implements a comprehensive set of technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, loss, or destruction. These measures include:

• Encryption: All data transmitted between your device and the bossphl Platform is encrypted using TLS (Transport Layer Security). Sensitive data at rest, including payment information and identity documents, is encrypted using AES-256 or equivalent standards.
• Access Controls: Access to personal data is restricted to authorized bossphl personnel and service providers on a strict need-to-know basis. All access is logged and audited.
• Secure Infrastructure: The bossphl Platform is hosted on secure, access-controlled infrastructure with regular security patching and vulnerability assessments.
• Incident Response: bossphl maintains a data breach response plan. In the event of a personal data breach that poses a risk to your rights and freedoms, bossphl will notify the National Privacy Commission and affected individuals in accordance with the Data Privacy Act of 2012.

10 Your Privacy Rights

Under the Philippine Data Privacy Act of 2012, you have the following rights with respect to your personal data held by bossphl:

• Right to Be Informed: The right to be informed of how your personal data is collected, used, and processed — as set out in this Privacy Policy.
• Right of Access: The right to request a copy of the personal data bossphl holds about you, along with information about how it is being processed.
• Right to Rectification: The right to request correction of inaccurate or incomplete personal data. You may update most account information directly through your bossphl account settings.
• Right to Erasure: The right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal retention obligations.
• Right to Object: The right to object to the processing of your personal data for direct marketing purposes. You may exercise this right at any time by updating your communication preferences or contacting support.
• Right to Data Portability: The right to receive a copy of your personal data in a structured, commonly used, machine-readable format.
• Right to Lodge a Complaint: The right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines if you believe your data privacy rights have been violated.

To exercise any of the above rights, please contact our Data Protection Officer using the details provided in Section 14 of this Policy. bossphl will respond to all verified data subject requests within fifteen (15) business days.

11 Children's Privacy

The bossphl Platform is strictly intended for individuals aged 21 years and above. bossphl does not knowingly collect personal data from individuals under the age of 21. If bossphl becomes aware that personal data has been collected from a person under 21, the account will be immediately closed and all associated data will be deleted in accordance with our data disposal procedures.

If you believe that a minor has registered an account on bossphl, please contact our support team or Data Protection Officer immediately so that we can take appropriate action.

12 International Data Transfers

bossphl primarily processes and stores personal data within the Philippines. Where it is necessary to transfer personal data to service providers or infrastructure located outside the Philippines (for example, cloud hosting or KYC verification services), bossphl ensures that such transfers are conducted in compliance with the Data Privacy Act of 2012, including by implementing appropriate contractual safeguards such as data processing agreements that require the recipient to maintain data protection standards equivalent to those required under Philippine law.

13 Updates to This Privacy Policy

bossphl reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or regulatory requirements. Where changes are material, bossphl will provide advance notice to registered players via email or an on-platform notification prior to the updated Policy taking effect.

The effective date at the top of this Policy indicates when it was last updated. Your continued use of the bossphl Platform following the effective date of any update constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Policy periodically.

14 Contact & Data Protection Officer

bossphl has appointed a Data Protection Officer (DPO) responsible for overseeing compliance with the Data Privacy Act of 2012 and this Privacy Policy. If you have any questions, concerns, or requests regarding your personal data or this Policy, please contact us:

• Data Protection Officer: bossphl DPO
• Email: privacy bossphl.club
• Live Chat: Available 24/7 through the bossphl Platform
• Mailing Address: bossphl, Philippines

bossphl will acknowledge all privacy-related inquiries within five (5) business days and will endeavor to resolve all requests within fifteen (15) business days. For complex requests, we will notify you if additional time is required.