jilli 1 Privacy Policy — How We Handle Your Personal Data

This Privacy Policy applies to the online gaming platform operating under the brand name jilli 1, accessible at jilli1.club (the "Platform"). jilli 1 is the data controller responsible for personal information collected through the Platform in connection with account registration, gaming activity, payment processing, and customer support.

jilli 1 operates in compliance with Republic Act No. 10173, the Data Privacy Act of 2012 of the Philippines ("DPA"), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission ("NPC"). Where the Platform's activities intersect with PAGCOR's regulatory framework, jilli 1 also complies with any applicable PAGCOR data governance directives.

jilli 1 collects the following categories of personal data, limited to what is necessary for the specified purposes:

jilli 1 collects personal data through the following channels:

• Account Registration: Information you provide directly when creating your jilli 1 account, including your mobile number, name, and date of birth.
• KYC Submission: Identity documents and selfie photographs submitted during the identity verification process.
• Payment Transactions: Financial details provided when making deposits or requesting withdrawals, collected directly and through our licensed payment processing partners.
• Platform Use: Technical and gaming activity data generated automatically as you navigate and interact with the jilli 1 platform, collected through server logs, session management systems, and first-party analytics tools.
• Customer Support Interactions: Information you share when contacting jilli 1 via live chat, email, or other support channels.
• Cookies and Similar Technologies: Data collected via cookies and session tokens as described in Section 8 of this Policy.

jilli 1 processes your personal data on one or more of the following legal bases under the Data Privacy Act of the Philippines:

• Contractual Necessity: Processing required to perform our contractual obligations to you under the jilli 1 Terms & Conditions — including account management, payment processing, game delivery, and customer support.
• Legal Obligation: Processing required to comply with mandatory obligations under Philippine law — including anti-money laundering requirements under RA 9160, PAGCOR regulatory obligations, tax reporting, and responses to lawful orders from Philippine authorities.
• Legitimate Interests: Processing for jilli 1's legitimate business interests where those interests do not override your fundamental rights — including fraud detection, platform security, internal analytics for service improvement, and responsible gaming monitoring.
• Consent: Processing for purposes beyond those above where we have obtained your freely given, specific, informed, and unambiguous consent — for example, marketing communications. You may withdraw consent at any time without affecting the lawfulness of prior processing.

jilli 1 uses the personal data it collects for the following purposes:

• Account Creation and Management: Creating and maintaining your jilli 1 player account, verifying your identity, processing login and OTP authentication, and managing account settings.
• KYC and Age Verification: Verifying that you are 21 years of age or older and confirming your identity in compliance with PAGCOR requirements and the DPA's provisions on sensitive personal information.
• Payment Processing: Facilitating deposits to and withdrawals from your jilli 1 wallet via GCash, PayMaya, BPI, BDO, Metrobank, and other supported payment channels.
• Anti-Money Laundering Compliance: Monitoring transactions, maintaining transaction records, and reporting to PAGCOR and the Anti-Money Laundering Council (AMLC) as required under RA 9160 as amended by RA 10365.
• Responsible Gaming: Monitoring gaming activity patterns to identify indicators of problem gambling behaviour and administering responsible gaming tools such as deposit limits, cooling-off periods, and self-exclusion.
• Fraud and Security: Detecting, investigating, and preventing fraudulent activity, unauthorised account access, collusion, and other prohibited conduct outlined in the Terms & Conditions.
• Customer Support: Responding to your enquiries, resolving disputes, and maintaining records of support interactions for quality assurance and dispute resolution purposes.
• Platform Improvement: Analysing aggregated, anonymised usage data to understand how players use jilli 1 and to improve platform features, game selection, and user experience. Individual-level data is not used for these purposes beyond what is necessary for the analysis.
• Marketing Communications (with consent): Sending promotional notifications, bonus offers, and platform updates via SMS where you have consented to receive such communications. Opt-out options are provided in every marketing communication and are available in Account Settings.

jilli 1 does not sell your personal data. We share personal data with third parties only in the following limited circumstances:

• Payment Processors: Financial data is shared with our licensed payment processing partners (including GCash/GXI, PayMaya, and banking partners) solely to process your transactions. These partners are regulated entities and are bound by their own privacy and data security obligations.
• KYC Service Providers: Identity documents and selfie data are processed by our third-party KYC verification partner for the purpose of identity verification only. This partner operates under a data processing agreement with jilli 1 and may not use your data for any independent purpose.
• Game Content Providers: Limited technical and session data (such as session tokens and game-round identifiers) is shared with licensed game providers to deliver their content on the platform. Game providers do not receive your identity or financial data.
• Regulatory and Law Enforcement Authorities: jilli 1 is required by Philippine law to disclose transaction and player data to PAGCOR, the AMLC, the National Privacy Commission, and other competent Philippine authorities upon lawful request or as required by mandatory reporting obligations.
• Dispute Resolution: In the event of a formal legal dispute involving your account, relevant account data may be disclosed to legal advisers, courts, or arbitral bodies as necessary to conduct or defend proceedings.

jilli 1 retains personal data for no longer than is necessary for the purpose for which it was collected, subject to the following retention guidelines:

• Account and Identity Data: Retained for the duration of your account and for a period of five (5) years following account closure, in compliance with PAGCOR record-keeping requirements and applicable Philippine anti-money laundering laws.
• KYC Documents: Retained for five (5) years following the date of verification or account closure, whichever is later, as required under RA 9160.
• Financial Transaction Records: Retained for five (5) years from the date of each transaction as required under Philippine AML regulations.
• Gaming Activity Logs: Retained for three (3) years for operational and compliance purposes, after which logs are anonymised or deleted.
• Support Communications: Retained for two (2) years from the date of the interaction, or longer if the subject of the communication is subject to ongoing investigation or dispute proceedings.
• Technical and Log Data: Retained for twelve (12) months and then deleted or anonymised, except where specific logs are subject to a security investigation or legal hold.

Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised. Data subject to a legal hold will be retained until the hold is lifted before the standard retention timeline resumes.

jilli 1 uses cookies and similar session-management technologies to operate the platform and improve your experience. We do not use third-party advertising or cross-site tracking cookies.

• Essential Cookies: Required for the platform to function — session authentication tokens, login persistence (if "Remember Me" is selected), CSRF protection tokens, and load-balancing identifiers. These cannot be disabled without breaking platform functionality.
• Functional Cookies: Store your platform preferences such as language settings, last-visited game category, and notification preferences to improve your session experience.
• Analytics Cookies: First-party analytics cookies that help jilli 1 understand aggregate usage patterns — such as which game categories are most popular, typical session durations, and performance bottlenecks. No individually identifiable data is reported to or retained in these analytics systems. Third-party analytics platforms are not used.
• Security Cookies: Used to detect unusual login patterns, flag potential session hijacking attempts, and support our fraud-detection systems.

You may configure your browser to block or delete cookies; however, blocking essential cookies will prevent jilli 1 from functioning correctly. Browser-level cookie controls are the primary mechanism for managing non-essential cookies on the platform.

As a data subject under Republic Act No. 10173 (Data Privacy Act of 2012), you have the following rights with respect to personal data held by jilli 1:

To exercise any of these rights, contact our Data Protection Officer at the details provided in Section 14. jilli 1 will respond to data subject requests within the timeframes prescribed by the DPA's implementing rules — generally within 15 calendar days of receiving a complete, verifiable request.

jilli 1 is not directed at persons under the age of 21 years. The minimum age requirement of 21 years for participation in real-money gaming activities is mandated by PAGCOR regulations for online gaming in the Philippines.

jilli 1 does not knowingly collect, store, or process personal data belonging to persons under 21 years of age. Age is verified during the KYC process through examination of government-issued identification documents. Where jilli 1 becomes aware that an account has been registered by or on behalf of a person under 21 years, the account will be immediately suspended, all associated data reviewed, and the matter reported to PAGCOR as required.

jilli 1 implements appropriate technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, destruction, or alteration. These measures include:

• Encryption: All data transmitted between your device and jilli 1's servers is encrypted using TLS 1.2 or higher. Personal data stored in our databases is encrypted at rest using AES-256.
• Access Controls: Access to personally identifiable data is restricted on a strict need-to-know basis. All internal access is logged, and access logs are reviewed regularly. Multi-factor authentication is required for all personnel with access to production data systems.
• Security Testing: jilli 1 conducts regular security vulnerability assessments and annual penetration testing of its platform and infrastructure. Critical vulnerabilities are remediated within defined SLA timelines.
• Data Breach Response: jilli 1 maintains a documented data breach response procedure. In the event of a breach, the procedure requires immediate containment, assessment, notification to the NPC within 72 hours where required, and communication to affected data subjects.
• Staff Training: All jilli 1 personnel with access to personal data receive data privacy and security training at onboarding and annually thereafter.

Notwithstanding the above measures, no data transmission over the internet or electronic storage system can be guaranteed as 100% secure. jilli 1 will continue to review and improve its security posture in line with evolving threats and best practices.

Certain third-party service providers engaged by jilli 1 — including licensed game content providers and the KYC verification platform — may process personal data outside of the Philippines. Where such transfers occur, jilli 1 ensures that appropriate safeguards are in place in accordance with the Data Privacy Act's provisions on cross-border data transfers.

These safeguards include data processing agreements that impose data protection obligations at least equivalent to those required under Philippine law, and where applicable, standard contractual clauses approved by the National Privacy Commission. jilli 1 only transfers personal data to jurisdictions or recipients offering adequate levels of protection.

jilli 1 reserves the right to update this Privacy Policy from time to time to reflect changes in applicable law, regulatory requirements, platform operations, or data processing practices. The effective date at the top of this document will be updated with each revision.

When material changes are made to this Privacy Policy, jilli 1 will notify registered players by displaying a prominent notice on the platform's login screen and, where appropriate, via SMS to registered mobile numbers. Continued use of the jilli 1 platform following notification of an amended Privacy Policy constitutes acceptance of the revised terms.

Previous versions of this Privacy Policy are retained in our records and may be made available upon request to our Data Protection Officer.

If you wish to exercise your data subject rights, have a question about how jilli 1 processes your personal data, or wish to raise a privacy concern, please contact our Data Protection Officer:

If you are not satisfied with jilli 1's response to a privacy concern, you have the right to lodge a formal complaint with the National Privacy Commission of the Philippines:

This Privacy Policy was last reviewed and updated on January 1, 2026. This version supersedes all prior versions of the jilli 1 Privacy Policy.