tayaplus Privacy Policy

This Privacy Policy ("Policy") applies to all personal data processed by tayaplus in connection with your use of the tayaplus website (tayaplus.vip), mobile browser platform, account registration, gameplay, payment transactions, customer support interactions, and marketing communications.

tayaplus is committed to protecting the personal data of all players and visitors in compliance with Republic Act No. 10173, the Data Privacy Act of 2012 ("DPA"), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission ("NPC") of the Philippines. Our practices also align with PAGCOR's data handling requirements for licensed online gaming operators.

By creating a tayaplus account, accessing the tayaplus login page, or otherwise using the Platform, you acknowledge that you have read and understood this Policy and consent to the processing of your personal data as described herein. If you do not agree with this Policy, please do not use the tayaplus Platform.

For purposes of the Philippine Data Privacy Act of 2012, tayaplus acts as the personal information controller in respect of all personal data collected from players and visitors through the tayaplus Platform.

tayaplus operates under PAGCOR regulatory oversight and maintains a registered Data Protection Officer ("DPO") as required under Section 21 of the DPA. Contact details for our DPO are provided in Section 14 of this Policy.

tayaplus collects the following categories of personal data:

3.1 Identity & Registration Data

• Full legal name as it appears on your government-issued ID
• Date of birth (for age verification — 21+ requirement under PAGCOR regulations)
• Username and encrypted password
• Gender (optional, where provided)
• Nationality and country of residence

3.2 Contact Data

• Email address
• Mobile phone number (used for OTP verification and account security)
• Residential or billing address (for KYC verification)

3.3 Identity Verification (KYC) Data

• Copies of government-issued photo identification (passport, PhilSys ID, driver's license, SSS/GSIS ID)
• Proof of address documents (utility bills, bank statements, barangay certificates)
• Selfie photographs with ID, where required for enhanced verification

3.4 Financial & Transaction Data

• Deposit and withdrawal history in PHP
• GCash or Maya account identifiers (partial, as provided during transactions)
• Bank account details (partial, for verified withdrawals via BPI, BDO, Metrobank, UnionBank)
• Cryptocurrency wallet addresses (for USDT TRC20 transactions)

3.5 Gaming & Behavioral Data

• Game history, wager amounts, win/loss records
• Session duration and login timestamps
• Responsible gaming limits set and self-exclusion status
• Bonus claims and promotion participation history

3.6 Technical & Device Data

• IP address and approximate geolocation (country/region level)
• Device type, operating system, and browser version
• Session tokens and authentication logs
• Cookie identifiers and analytics data (see Section 8)

3.7 Communications Data

• Support chat transcripts and email correspondence
• Feedback, survey responses, and complaint records

tayaplus collects personal data through the following means:

• Directly from you — when you register an account, complete KYC verification, make deposits or withdrawals, contact support, respond to surveys, or update your account profile
• Automatically — when you use the tayaplus Platform, through server logs, session tracking, cookies, and similar technologies that record your device and usage information
• From payment processors — GCash, Maya, and partner banks may transmit transaction confirmation data to tayaplus to verify deposits and process withdrawals
• From third-party identity verification services — tayaplus may use PAGCOR-approved third-party KYC providers to verify the authenticity of identity documents you submit
• From regulatory authorities — PAGCOR, the AMLC, and the NPC may provide or request data as part of their regulatory oversight functions

tayaplus uses personal data collected from players for the following purposes:

• Account management — creating and maintaining your tayaplus account, processing your tayaplus login, and authenticating your identity on each session
• Age and identity verification — ensuring all players meet the 21+ age requirement mandated by PAGCOR before granting access to real-money gaming
• Transaction processing — processing deposits and withdrawals in PHP via GCash, Maya, bank transfer, and other supported payment methods
• Game delivery — operating live dealer tables, slot games, bingo rooms, sportsbook, and instant games for your account
• Anti-Money Laundering compliance — fulfilling obligations under RA 9160 (Anti-Money Laundering Act) and PAGCOR's AMLA compliance framework, including transaction monitoring and suspicious activity reporting to the AMLC
• Responsible gaming — monitoring gameplay patterns for signs of problem gambling and enforcing self-exclusion and deposit limits set by players or imposed by tayaplus or PAGCOR
• Security and fraud prevention — detecting unauthorized access attempts, bot activity, collusion, and other prohibited conduct described in our Terms and Conditions
• Customer support — responding to inquiries, resolving disputes, and processing complaints
• Marketing communications — sending promotional offers and bonus notifications to players who have opted in, subject to opt-out rights described in Section 11
• Platform improvement — analyzing aggregated, anonymized usage data to improve game selection, site performance, and user experience
• Legal compliance — meeting obligations under Philippine law, PAGCOR regulations, and orders from competent courts or government authorities

Under the Philippine Data Privacy Act, tayaplus processes personal data on the following legal bases:

• Contractual necessity — processing required to perform the services you contracted for when registering a tayaplus account (account management, game access, payment processing)
• Legal obligation — processing required to comply with PAGCOR licensing conditions, the Anti-Money Laundering Act, and other applicable Philippine legislation
• Legitimate interests — processing for security, fraud prevention, and platform improvement, where these interests are not overridden by your data protection rights
• Consent — processing for direct marketing communications, where you have explicitly opted in. You may withdraw this consent at any time (see Section 11)

tayaplus does not sell your personal data to third parties for their independent marketing purposes. We share personal data only in the following circumstances:

7.1 Regulatory Authorities

tayaplus is required by law to disclose personal data and transaction records to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other competent Philippine government authorities upon lawful request or as mandated by applicable regulations.

7.2 Service Providers

tayaplus engages third-party service providers to operate elements of the Platform, including game software providers, payment processors (GCash, Maya, BPI, BDO, Metrobank, UnionBank), KYC verification services, cloud hosting providers, and customer support platforms. These providers process your data only as instructed by tayaplus under binding data processing agreements and are prohibited from using your data for their own purposes.

7.3 Legal Requirements

tayaplus may disclose personal data when required by valid court order, subpoena, or lawful direction from a Philippine government authority, or where disclosure is necessary to protect the rights, property, or safety of tayaplus, its players, or the public.

7.4 Business Transfers

In the event of a merger, acquisition, or transfer of substantially all assets of tayaplus, personal data held by tayaplus may be transferred to the acquiring entity, subject to the same data protection obligations under this Policy and applicable law.

tayaplus uses cookies and similar tracking technologies on the Platform for the following purposes:

• Essential cookies — required for the tayaplus login session, account authentication, and Platform functionality. These cannot be disabled without impairing the service.
• Security cookies — used to detect and prevent fraud, unauthorized access, and bot activity
• Analytics cookies — used in anonymized or aggregated form to understand how players navigate the Platform, which games are most popular, and where technical errors occur
• Preference cookies — used to remember your language settings, responsible gaming preferences, and display preferences between sessions

You may manage cookie preferences through your browser settings. Note that disabling essential cookies will prevent you from accessing your tayaplus account. tayaplus does not use third-party advertising cookies or permit ad networks to track players across external websites through the tayaplus Platform.

tayaplus retains personal data for as long as necessary to fulfill the purposes for which it was collected, subject to the following minimum retention periods required by applicable law:

• Account and KYC data — retained for a minimum of five (5) years from account closure, as required by PAGCOR and AMLC regulations
• Transaction records — retained for a minimum of five (5) years from the date of the transaction under RA 9160
• Gaming activity logs — retained for three (3) years from the date of the session
• Support communications — retained for two (2) years from the date of the interaction
• Marketing consent records — retained for the duration of your account plus two (2) years after account closure

After the applicable retention period, personal data is securely deleted or irreversibly anonymized. Players may request early deletion of non-mandatory data (see Section 11), subject to overriding legal retention obligations.

tayaplus implements appropriate technical and organizational security measures to protect your personal data against unauthorized access, accidental loss, disclosure, alteration, or destruction. These measures include:

• TLS/SSL encryption for all data transmitted between your device and the tayaplus Platform
• Encrypted storage of passwords using industry-standard hashing algorithms
• Two-factor authentication for new device logins
• Role-based access controls limiting staff access to personal data on a need-to-know basis
• Regular third-party security audits and penetration testing
• Incident response procedures aligned with NPC breach notification requirements

In the event of a personal data breach that is likely to result in risk to your rights and freedoms, tayaplus will notify the National Privacy Commission and affected players within the timeframes prescribed by the DPA and NPC regulations.

Under the Philippine Data Privacy Act of 2012 and its Implementing Rules and Regulations, you have the following rights with respect to your personal data held by tayaplus:

• Right to be informed — to know what personal data we hold about you and how we process it (this Policy)
• Right of access — to request a copy of the personal data tayaplus holds about you
• Right to rectification — to request correction of inaccurate or incomplete personal data
• Right to erasure or blocking — to request deletion or suppression of personal data where there is no longer a lawful basis for processing (subject to mandatory retention obligations)
• Right to data portability — to receive your personal data in a structured, commonly used format where technically feasible
• Right to object — to object to processing based on legitimate interests, including direct marketing
• Right to withdraw consent — to withdraw consent for marketing communications at any time, without affecting the lawfulness of processing carried out prior to withdrawal
• Right to lodge a complaint — to file a complaint with the National Privacy Commission if you believe tayaplus has violated your data privacy rights

To exercise any of these rights, submit a written request to tayaplus at [email protected] with the subject line "Data Privacy Request." tayaplus will acknowledge receipt within five (5) business days and respond substantively within fifteen (15) business days. Identity verification may be required before processing sensitive requests.

The tayaplus Platform is strictly restricted to individuals aged 21 years and above as mandated by PAGCOR for online gaming in the Philippines. tayaplus does not knowingly collect personal data from individuals under the age of 21.

If tayaplus discovers or has reasonable grounds to believe that an account is held by a person under 21 years of age, the account will be suspended immediately, all deposits will be returned (less any amounts already wagered), and the account will be permanently closed. Any personal data collected from minors will be deleted.

If you believe a minor has registered on the tayaplus Platform, please contact us immediately at [email protected].

tayaplus reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or PAGCOR regulatory requirements. Material changes to this Policy will be communicated to registered players via the email address on their tayaplus account or through a prominent notice on the Platform prior to the changes taking effect.

The date of the most recent revision is displayed at the top of this page. We encourage you to review this Policy periodically. Continued use of the tayaplus Platform after an updated Policy becomes effective constitutes your acceptance of the revised terms.

For any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data by tayaplus, please contact us:

Email: [email protected]
Subject line for data privacy matters: "Data Privacy Request"
Response time: Within 5 business days (acknowledgment); 15 business days (substantive response)

To contact the National Privacy Commission directly with a complaint or inquiry about Philippine data privacy rights, visit the NPC's official website or offices in Pasay City, Metro Manila.