hiyabet Privacy Policy

This Privacy Policy explains how hiyabet collects, uses, stores, and protects your personal information when you use the hiyabet Platform. We are committed to full compliance with the Philippines Data Privacy Act of 2012.

Last Updated: June 2026  |  Effective Date: June 1, 2026  |  Governing Law: Republic Act No. 10173 (Data Privacy Act of 2012)
Contents
  1. Introduction & Scope
  2. Data Controller
  3. Information We Collect
  4. How We Use Your Data
  5. Legal Basis for Processing
  6. Data Sharing & Disclosure
  7. Cookies & Tracking
  8. Data Retention
  9. Data Security
  10. Your Rights
  11. Children & Minors
  12. International Transfers
  13. Amendments
  14. Contact & Complaints

1. Introduction & Scope

hiyabet ("hiyabet," "we," "us," "our") is committed to protecting the privacy and personal data of all users of the hiyabet platform located at hiyabet.org and all associated interfaces (collectively, the "Platform"). This Privacy Policy ("Policy") describes how hiyabet collects, receives, stores, uses, processes, retains, transfers, discloses, and disposes of personal information in accordance with the Philippines Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and all applicable issuances of the National Privacy Commission (NPC) of the Philippines.

This Policy applies to all personal information collected through the hiyabet Platform — whether submitted during account registration, KYC verification, deposit and withdrawal transactions, customer support interactions, or through automated collection methods such as cookies and log data. By registering an account or using any part of the hiyabet Platform, you acknowledge that you have read, understood, and consented to the data practices described in this Policy.

This Policy should be read together with the hiyabet Terms & Conditions. In the event of any conflict between this Policy and the Terms & Conditions regarding data privacy matters, this Policy shall prevail.

2. Data Controller

hiyabet acts as the personal information controller ("PIC") in respect of all personal data collected through the Platform. As the PIC, hiyabet determines the purposes and means of processing your personal information. hiyabet has designated a Data Protection Officer (DPO) responsible for ensuring compliance with the Data Privacy Act of 2012 and this Policy.

Data Protection Officer Contact:
Email: [email protected]
Subject line: "DATA PRIVACY ENQUIRY"
Response time: Within 15 business days as required under NPC regulations.

3. Information We Collect

hiyabet collects the following categories of personal information:

Category Examples Collection Method
Identity Data Full legal name, date of birth, gender, nationality Registration form, KYC submission
Contact Data Email address, Philippine mobile number, residential address Registration form, account settings
Identity Documents PhilSys ID, passport, driver's licence, UMID, SSS ID — front and back images, selfie KYC verification upload
Financial Data GCash account reference, Maya account reference, bank account name and number, transaction amounts Deposit and withdrawal processes
Transaction Data Deposit history, withdrawal history, bet records, game session logs, balance history Automatically generated through Platform use
Technical Data IP address, browser type, device type, operating system, session data Automatic collection via server logs and cookies
Usage Data Pages visited, games played, time spent on Platform, click patterns Cookies and analytics tools
Communications Data Customer support messages, live chat transcripts, email correspondence Direct communication with hiyabet

hiyabet does not collect sensitive personal information (as defined under the Data Privacy Act) beyond what is strictly necessary for identity verification and regulatory compliance purposes (specifically, government-issued ID photographs required for PAGCOR-mandated KYC). We do not collect or process data relating to health, political or religious beliefs, or biometric data beyond facial image comparison for KYC purposes.

4. How We Use Your Personal Information

hiyabet uses your personal information for the following purposes:

  • Account Creation and Management: To register your hiyabet account, verify your identity, and manage your account settings, preferences, and security;
  • Age and Identity Verification (KYC): To verify that you meet the mandatory 21+ age requirement as required by PAGCOR and to confirm your identity in compliance with Anti-Money Laundering Act (AMLA) obligations;
  • Payment Processing: To process deposits and withdrawals via GCash, Maya, bank transfer, and other supported Philippine payment methods; to detect and prevent fraudulent transactions;
  • Service Delivery: To provide access to the hiyabet game lobby, live casino, sports betting, bingo, and all other Platform features;
  • Regulatory Compliance: To fulfil all obligations under PAGCOR licensing conditions, the AMLA, the Data Privacy Act, and other applicable Philippine laws and regulations, including transaction reporting requirements;
  • Customer Support: To respond to your enquiries, complaints, and support requests;
  • Responsible Gaming: To monitor player behaviour for indicators of problem gambling and to administer self-exclusion and deposit limit requests;
  • Promotions and Marketing: To send you information about hiyabet promotions, bonuses, and rewards that you have opted in to receive. You may opt out of marketing communications at any time through your account preferences or by contacting support;
  • Platform Improvement: To analyse usage patterns, diagnose technical issues, and improve the hiyabet Platform and user experience;
  • Fraud Prevention and Security: To detect, investigate, and prevent fraudulent activity, cheating, money laundering, and other illegal or prohibited activities on the Platform.

5. Legal Basis for Processing

Under the Data Privacy Act of 2012, hiyabet processes your personal information on the following legal bases:

  • Consent: You provide consent at account registration and through your continued use of the Platform;
  • Contractual Necessity: Processing is necessary to perform the contract between you and hiyabet (the Terms & Conditions) — including account management, payment processing, and game access;
  • Legal Obligation: Processing is required to comply with hiyabet's obligations under PAGCOR regulations, AMLA, and the Data Privacy Act, including KYC and transaction reporting;
  • Legitimate Interests: Processing for fraud prevention, platform security, and service improvement where hiyabet's legitimate interests are not overridden by your data protection rights.

6. Data Sharing & Disclosure

hiyabet does not sell, rent, or trade your personal information to third parties for commercial purposes. hiyabet may share your personal data with the following categories of recipients strictly as necessary:

  • PAGCOR and Regulatory Authorities: hiyabet is required to submit player data and transaction records to PAGCOR and other Philippine regulatory and law enforcement authorities upon lawful request or as required under PAGCOR licensing conditions;
  • Anti-Money Laundering Council (AMLC): Transaction data that triggers reporting thresholds under the AMLA must be reported to the AMLC. hiyabet complies fully with all AMLA reporting obligations;
  • Payment Service Providers: Financial data is shared with GCash, Maya, BPI, BDO, Metrobank, and other payment processors strictly as necessary to process deposits and withdrawals;
  • Game Providers: Limited technical data (session tokens, game round IDs) is shared with licensed game providers (JILI, PG Soft, Pragmatic Play, etc.) to facilitate game delivery. These providers process data under their own privacy policies and are bound by data processing agreements with hiyabet;
  • Technology Service Providers: hiyabet uses third-party cloud hosting, analytics, and security service providers who process data as personal information processors under data processing agreements that bind them to comply with the Data Privacy Act;
  • Legal and Professional Advisors: In connection with legal proceedings, regulatory investigations, or professional advisory services, under strict confidentiality obligations.
All third-party service providers who process hiyabet player data on hiyabet's behalf are required to enter into data processing agreements that impose data security obligations and restrict use of personal data to the specific purposes for which it was shared.

7. Cookies & Tracking Technologies

hiyabet uses cookies and similar tracking technologies on the Platform to enhance your experience, maintain your session, and collect usage data. The following types of cookies are used:

  • Strictly Necessary Cookies: Required for the Platform to function — including session authentication, security tokens, and language preferences. These cannot be disabled without affecting Platform functionality;
  • Performance and Analytics Cookies: Used to collect aggregate, anonymised data about how users interact with the Platform — pages visited, session durations, error rates. This data is used solely to improve the Platform;
  • Functional Cookies: Used to remember your preferences — such as your preferred game category or last login device — to provide a more personalised experience.

You may manage or disable non-essential cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the hiyabet Platform, including your ability to maintain a logged-in session.

8. Data Retention

hiyabet retains personal information for the following periods:

  • Account Data: For the duration of your active account and for a minimum of five (5) years following account closure, as required by PAGCOR regulations and AMLA record-keeping obligations;
  • Transaction Records: A minimum of five (5) years from the date of the transaction, in compliance with AMLA;
  • KYC Documents: For the duration of your account and five (5) years after closure;
  • Customer Support Records: Three (3) years from the date of the support interaction;
  • Marketing Data: Until you withdraw your marketing consent, after which it is deleted or anonymised within 30 days.

Following the expiry of applicable retention periods, personal data is securely deleted or irreversibly anonymised. Anonymised aggregate data may be retained indefinitely for statistical and platform improvement purposes.

9. Data Security

hiyabet implements appropriate technical and organisational security measures to protect your personal information against unauthorised access, disclosure, alteration, or destruction. These measures include:

  • SSL/TLS encryption for all data transmitted between your browser and hiyabet's servers;
  • Encryption at rest for sensitive personal data, including KYC documents and financial information;
  • Access controls and role-based permissions restricting employee access to personal data on a need-to-know basis;
  • Regular security audits, vulnerability assessments, and penetration testing;
  • Two-Factor Authentication (2FA) available for all player accounts to prevent unauthorised access.
Data Breach Notification: In the event of a personal data breach that poses a real risk of serious harm to affected data subjects, hiyabet will notify the National Privacy Commission within 72 hours of becoming aware of the breach, and will notify affected players without undue delay, in accordance with NPC Circular 16-03.

10. Your Rights as a Data Subject

Under the Data Privacy Act of 2012, you have the following rights in relation to your personal data held by hiyabet:

  • Right to be Informed: The right to be notified of the personal data hiyabet collects and how it is processed — fulfilled by this Privacy Policy;
  • Right of Access: The right to request a copy of the personal data hiyabet holds about you;
  • Right to Rectification: The right to correct inaccurate or incomplete personal data. Most personal details can be updated directly in your account settings; KYC-related corrections require contacting support;
  • Right to Erasure: The right to request deletion of your personal data where processing is no longer necessary or lawful, subject to hiyabet's legal retention obligations under PAGCOR regulations and AMLA;
  • Right to Object: The right to object to processing of your personal data for marketing purposes at any time;
  • Right to Data Portability: The right to receive a copy of your personal data in a structured, commonly used, machine-readable format;
  • Right to Lodge a Complaint: The right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines if you believe hiyabet has processed your data in violation of the Data Privacy Act.

To exercise any of these rights, please contact hiyabet's Data Protection Officer at [email protected] with the subject line "DATA SUBJECT RIGHTS REQUEST." hiyabet will respond within fifteen (15) business days.

11. Children & Minors

The hiyabet Platform is strictly intended for persons aged 21 years and older. hiyabet does not knowingly collect personal information from persons under 21 years of age. As part of mandatory KYC verification, hiyabet verifies the age of all registered players using government-issued Philippine identification. Any account found to belong to a person under 21 years of age will be immediately closed, and any funds deposited will be returned after deducting any winnings generated, which will be forfeited, as required by PAGCOR regulations. If you believe that a person under 21 has registered on the hiyabet Platform, please notify us immediately at [email protected].

12. International Data Transfers

Some of hiyabet's third-party service providers — including cloud infrastructure providers and game providers — may process data in locations outside the Philippines. Where such transfers occur, hiyabet ensures that appropriate safeguards are in place in compliance with NPC issuances on cross-border data transfers, including standard contractual clauses or equivalent protections that provide a level of data protection substantially equivalent to that afforded under the Data Privacy Act of 2012. hiyabet does not transfer personal data to countries or organisations that do not provide adequate data protection standards without appropriate contractual safeguards.

13. Amendments to This Policy

hiyabet reserves the right to update this Privacy Policy from time to time to reflect changes in applicable law, regulatory requirements, or our data processing practices. When material changes are made, we will post the updated Policy on this page with a revised "Last Updated" date and will notify registered players via email or in-platform notification where required by law. Your continued use of the hiyabet Platform after the effective date of any updated Policy constitutes your acceptance of the changes. If you do not agree to the updated Policy, you should close your hiyabet account.

14. Contact & Complaints

For any questions, concerns, or requests relating to this Privacy Policy or hiyabet's data processing practices, please contact:

hiyabet Data Protection Officer
Email: [email protected]
Subject: "DATA PRIVACY ENQUIRY" or "DATA SUBJECT RIGHTS REQUEST"
Response time: Within 15 business days (as required under NPC regulations)

If you are unsatisfied with hiyabet's response to your data privacy concern, you have the right to file a complaint with the National Privacy Commission of the Philippines. Information on how to file a complaint with the NPC is available on the NPC's official website.

hiyabet's Data Privacy Commitments

DPA 2012 Compliant

Every aspect of hiyabet's data processing is designed to comply with the Philippines Data Privacy Act of 2012 and NPC regulations. We have a designated Data Protection Officer and follow NPC-prescribed breach notification procedures.

SSL Encryption & Secure Storage

All data transmitted to and from hiyabet is protected by SSL/TLS encryption. KYC documents and financial data are encrypted at rest. Access is restricted to authorised personnel only, on a need-to-know basis.

No Third-Party Data Sales

hiyabet does not sell, rent, or trade your personal data to any third party for commercial or marketing purposes. Data shared with service providers is governed by data processing agreements that restrict use to specific, stated purposes.

Full Data Subject Rights

hiyabet honours all data subject rights under the DPA 2012 — access, rectification, erasure, portability, and the right to object to marketing. Submit requests to [email protected] and receive a response within 15 business days.

AMLA & PAGCOR Compliant

hiyabet fulfils all data collection and retention obligations under PAGCOR licensing and the Anti-Money Laundering Act — including KYC requirements, transaction record-keeping, and AMLC reporting. Regulatory compliance protects every player.

Breach Notification Ready

In the event of a data breach posing risk to data subjects, hiyabet will notify the National Privacy Commission within 72 hours and inform affected players without delay — in full compliance with NPC Circular 16-03.

Play on hiyabet — Your Data Is Protected

hiyabet handles your personal information responsibly and in compliance with Philippine law. Log in to your account to review your privacy settings, manage your data preferences, or access the responsible gaming tools in your account dashboard.

Login to hiyabet