taya555 Privacy Policy

This Privacy Policy ("Policy") describes how taya555 ("taya555", "Company", "we", "us", "our") collects, processes, stores, and protects the personal information of users ("Player", "User", "you") who access or use the taya555 online gaming platform available at taya555.co ("Platform").

This Policy applies to all personal data processing activities carried out by taya555 in connection with the Platform, including account registration, identity verification, payment processing, gaming activity, customer support interactions, promotional communications, and any other service offered through taya555.co.

This Policy is written in compliance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 of the Republic of the Philippines ("DPA"), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission ("NPC"). It is read alongside and forms part of the taya555 Terms & Conditions, which govern the overall use of the Platform.

taya555 acts as the Personal Information Controller within the meaning of the Data Privacy Act of 2012 with respect to all personal data collected through the Platform. As a Personal Information Controller, taya555 determines the purposes and means of processing your personal data and is accountable for ensuring that such processing is lawful, transparent, and proportionate.

taya555 has designated a Data Protection Officer (DPO) as required under the DPA and its Implementing Rules. The DPO is responsible for overseeing taya555's compliance with applicable data protection law, handling data subject requests, and acting as the primary point of contact for the National Privacy Commission.

All data protection queries, requests, and complaints may be directed to the taya555 DPO at the contact details provided in Section 15 of this Policy.

taya555 collects only the personal data that is necessary to deliver the services available on the Platform and to comply with applicable legal and regulatory obligations. The categories of personal data we collect are set out below:

taya555 collects personal data through the following channels and mechanisms:

• Direct Provision: Data you provide during account registration, KYC submission, deposit and withdrawal requests, customer support interactions, responsible gaming limit configurations, and promotional opt-ins.
• Automated Collection: Technical and behavioural data collected automatically when you access the Platform, including through cookies, session tracking technologies, server access logs, and analytics tools. See Section 8 for details on cookies.
• Payment Processor Integration: Transaction reference data received from GCash, Maya, BPI, BDO, Metrobank, and other integrated payment partners when you initiate a deposit or withdrawal. taya555 does not receive full payment credentials (e.g., GCash PINs, bank passwords) — only transaction confirmation references.
• Identity Verification Providers: Confirmation data received from third-party KYC and identity verification service providers used to validate government-issued identification documents submitted to taya555.
• Public Sources: In limited circumstances, taya555 may verify information against publicly available sources such as government databases or court records for fraud prevention and regulatory compliance purposes.

taya555 processes your personal data strictly for the following defined purposes. Any new purpose not covered by this Policy will require either a separate consent from you or a clear legal basis under applicable law:

• Account Registration and Management: Creating, maintaining, verifying, and closing your taya555 account.
• Identity and Age Verification: Confirming that you are 21 years of age or older and that your identity information is accurate, as required by PAGCOR and Philippine gaming law.
• Payment Processing: Facilitating GCash, Maya, and bank deposits and withdrawals; processing cashback and bonus credits to your account wallet.
• Service Delivery: Providing access to live casino, slots, sports betting, sabong, bingo, and all other gaming services available on the taya555 Platform.
• Legal and Regulatory Compliance: Meeting obligations under PAGCOR licensing conditions, the Anti-Money Laundering Act, the Data Privacy Act, and any other applicable Philippine law or regulatory directive.
• Fraud Prevention and Security: Detecting, investigating, and preventing fraudulent transactions, unauthorized account access, bonus abuse, and other security threats to the Platform.
• Responsible Gaming: Monitoring gaming patterns to identify potential problem gambling behavior and administering self-exclusion or account restriction requests in accordance with the taya555 Responsible Gaming Policy.
• Customer Support: Responding to account queries, resolving disputes, processing complaints, and providing technical assistance.
• Marketing Communications: Sending promotional offers, bonus notifications, and Platform updates to players who have opted in to receive marketing communications. You may withdraw this consent at any time.
• Platform Analytics and Improvement: Analysing usage data in aggregate or pseudonymized form to improve Platform features, user experience, and technical performance.

Under the Data Privacy Act of 2012, taya555 relies on the following lawful bases for processing your personal data:

• Consent (Section 12[a] DPA): For marketing communications and optional Platform features. You may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
• Contractual Necessity (Section 12[b] DPA): Processing necessary to fulfil the taya555 Terms & Conditions agreement, including account management, payment processing, and service delivery.
• Legal Obligation (Section 12[c] DPA): Processing required to comply with Philippine laws including PAGCOR licensing requirements, the Anti-Money Laundering Act (RA 9160 as amended), and NPC regulations.
• Legitimate Interests (Section 12[f] DPA): Processing for fraud prevention, Platform security, and analytics, provided such interests are not overridden by your rights and interests.

taya555 does not sell, rent, or trade your personal data to third parties for commercial purposes. Personal data may be shared in the following limited circumstances:

• Payment Service Providers: Transaction reference data is shared with GCash, Maya, GrabPay, and Philippine bank partners solely to process your deposits and withdrawals.
• KYC and Identity Verification Partners: Identity data is shared with accredited KYC verification service providers for the purpose of verifying your identity and age. These providers act as Personal Information Processors under contracts binding them to DPA-equivalent standards.
• Regulatory and Government Authorities: Data is disclosed to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission, the Bureau of Internal Revenue (BIR), and law enforcement agencies where required by law, court order, or regulatory directive.
• Technology Service Providers: Infrastructure, cloud hosting, security, analytics, and customer support technology providers who process data on behalf of taya555 under Data Processing Agreements. These providers are prohibited from using your data for any purpose other than providing services to taya555.
• Professional Advisors: Legal counsel, auditors, and compliance consultants, subject to professional confidentiality obligations.
• Business Transfers: In the event of a merger, acquisition, or sale of substantially all assets of taya555, personal data may be transferred to the acquiring entity, subject to equivalent privacy protections and prior notification to you.

taya555 uses cookies and similar tracking technologies on the Platform to ensure proper functionality, maintain session state, detect security threats, and analyze usage patterns. The following categories of cookies are used:

• Strictly Necessary Cookies: Essential for the Platform to function. These include session authentication cookies that keep you logged into your taya555 account and security tokens. These cookies cannot be disabled without preventing Platform use.
• Functional Cookies: Remember your preferences such as language settings, display options, and lobby navigation states. These improve your experience but are not essential.
• Analytics Cookies: Collect anonymized or pseudonymized data about how players use the taya555 Platform — which pages are visited most frequently, navigation paths, and error occurrences. This data is used solely to improve the Platform.
• Security Cookies: Help taya555 detect and prevent fraud, bot activity, and unauthorized access attempts by establishing device fingerprints and behavioral baselines.

taya555 does not use third-party advertising or retargeting cookies. You may manage cookie preferences through your browser settings. Note that disabling strictly necessary cookies will impair your ability to use the taya555 Platform.

taya555 retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, to comply with legal and regulatory obligations, and to resolve disputes or enforce agreements. The following general retention periods apply:

Upon expiry of the applicable retention period, personal data is securely deleted or anonymized in accordance with taya555's data disposal procedures.

taya555 implements a comprehensive set of technical, organizational, and physical security measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. Key measures include:

• Encryption in Transit: All data exchanged between your device and taya555 servers is encrypted using TLS 1.2 or TLS 1.3 (256-bit SSL). This applies to every page of the Platform, including the taya555 login page.
• Encryption at Rest: Sensitive personal information, including government ID data and financial records, is encrypted at rest using AES-256 encryption within taya555's secure database infrastructure.
• Access Controls: taya555 employee access to personal data is granted on a strict need-to-know basis. Access is controlled through role-based permissions, multi-factor authentication for internal systems, and comprehensive audit logging.
• Intrusion Detection and Monitoring: taya555 operates continuous security monitoring systems to detect and respond to unauthorized access attempts, DDoS attacks, and anomalous activity patterns.
• Penetration Testing: The Platform undergoes periodic third-party security penetration testing to identify and remediate vulnerabilities before they can be exploited.
• Data Breach Response: taya555 maintains a documented Personal Data Breach Response Plan. In the event of a breach that poses real risk to data subjects, taya555 will notify the National Privacy Commission within 72 hours of discovery and notify affected players without undue delay, as required under the DPA.

Under the Data Privacy Act of 2012, you have the following rights with respect to your personal data processed by taya555. To exercise any of these rights, please contact the taya555 DPO as described in Section 15:

taya555 will respond to all verified data subject requests within thirty (30) days of receipt, as required under the DPA. Where a request is complex or involves a large volume of data, taya555 may extend this period by a further thirty (30) days with appropriate notice to you.

The taya555 Platform is strictly intended for individuals who are 21 years of age or older as required under the laws of the Republic of the Philippines and PAGCOR regulations. taya555 does not knowingly collect personal data from persons under the age of 21.

If taya555 discovers or is informed that personal data has been collected from a person under 21, the following actions will be taken immediately:

• The associated taya555 account will be suspended pending investigation.
• Any real-money balances in the account will be frozen and returned subject to the outcome of the review.
• The personal data of the minor will be deleted from taya555 systems as soon as practicable, except where retention is required for legal or regulatory purposes.
• The matter will be reported to PAGCOR and, where appropriate, to relevant Philippine law enforcement authorities.

Some of the third-party service providers engaged by taya555 — including cloud infrastructure providers, KYC verification platforms, and security monitoring tools — may process personal data on servers located outside the Philippines. Where such transfers occur, taya555 ensures that:

• The recipient jurisdiction provides an adequate level of data protection, or
• Appropriate safeguards are in place through contractual mechanisms equivalent in effect to the requirements of the Philippine Data Privacy Act, including Data Processing Agreements that bind the receiving party to DPA-equivalent standards.
• Such transfers are limited to the minimum personal data necessary for the specific service being provided.

taya555 will not transfer your personal data to a third country or international organization unless the conditions above are met or an applicable exception under the DPA applies. For specific information about cross-border transfers, you may contact the taya555 DPO.

taya555 reserves the right to update or revise this Privacy Policy at any time to reflect changes in applicable law, regulatory requirements, taya555's data processing practices, or Platform features. When material changes are made to this Policy, taya555 will provide notice through the Platform and/or by email to your registered address, at least seven (7) days before the changes take effect.

The revised Policy will be posted at taya555.co/privacy-policy with an updated "Effective Date" at the top of the document. Your continued use of the taya555 Platform after the effective date of any revision constitutes acceptance of the updated Policy.

For any questions, concerns, requests, or complaints relating to this Privacy Policy or taya555's handling of your personal data, please contact the taya555 Data Protection Officer using the details below:

This Privacy Policy was last reviewed and is effective as of 1 January 2026. It supersedes all prior versions of the taya555 Privacy Policy. If you have a pending data request or complaint from a prior version, it will continue to be processed under the terms in effect at the time it was submitted.