eeji Privacy Policy

This Privacy Policy ("Policy") describes the privacy practices of eeji ("eeji," "we," "our," or "us") with respect to personal information collected from individuals ("you," "Player," or "Data Subject") who access, register on, or use the eeji platform at eeji.asia (the "Platform").

eeji operates as a PAGCOR-licensed online gaming service provider in the Philippines, offering bingo, slot games, live casino, fishing arcade, mines games, and sports betting services to Filipino players who are twenty-one (21) years of age and older. Given the nature of real-money gaming services, the collection and processing of certain categories of personal information is a regulatory and operational necessity — and one we approach with the highest standard of care and transparency.

This Policy applies to all personal information that eeji processes in connection with your use of the Platform, including information collected during registration, during gameplay, during financial transactions, through customer support interactions, and through automated means such as cookies and device identifiers. It does not apply to third-party websites, payment processors, or game content providers, who each maintain their own independent privacy practices.

If you have questions about this Policy or about how eeji handles your personal data, please refer to Section 15 for our Data Protection Officer ("DPO") contact details.

For the purposes of the DPA and this Policy, eeji acts as the Personal Information Controller ("PIC") in respect of all personal data processed on the Platform. As PIC, eeji determines the purposes and means of processing your personal data and is responsible for ensuring that such processing is lawful, fair, and transparent.

eeji has appointed a Data Protection Officer ("DPO") as required under the DPA. The DPO is responsible for overseeing eeji's data protection compliance program, handling Data Subject requests, and serving as the primary point of contact with the National Privacy Commission. Contact details for the DPO are provided in Section 15 of this Policy.

eeji's Platform is registered with PAGCOR and the National Privacy Commission as required by Philippine law. eeji cooperates fully with both regulatory bodies in connection with data privacy investigations and complaints.

eeji collects the following categories of personal data about you, depending on how you interact with the Platform:

eeji does not collect sensitive personal information (as defined under the DPA) unless strictly required for regulatory compliance, such as government ID numbers required for KYC purposes. We do not collect biometric data, health records, or political or religious affiliation data.

eeji collects your personal data through the following methods:

• Direct registration: When you create an eeji Account, you provide Identity Data, Contact Data, and account credentials directly through the registration form.
• KYC submission: When you submit identity documents for account verification before your first withdrawal, eeji collects the submitted documentation and associated identity data.
• Financial transactions: When you deposit or withdraw funds, payment processor integrations (GCash, Maya, BPI, BDO, etc.) transmit the relevant transaction identifiers and account details to eeji.
• Platform usage: Your gameplay activity, session behavior, and navigation patterns are recorded automatically through eeji's logging infrastructure as you use the Platform.
• Device and browser data: Technical Data is collected automatically through cookies, local storage, and server-side logging each time you access eeji.asia.
• Customer support: When you contact eeji via live chat or email, the content of your communications and any personal data you share during the interaction is recorded.
• Third-party providers: Certain fraud detection and analytics service providers may share technical or behavioral signals with eeji in connection with our fraud prevention and responsible gaming programs.

Under the DPA and its IRR, eeji processes your personal data on the following lawful bases:

• Performance of a contract: Processing necessary to provide you with an eeji Account and deliver the gaming services you have requested — including account management, transaction processing, and gameplay delivery.
• Compliance with a legal obligation: Processing required to comply with PAGCOR regulations, the Anti-Money Laundering Act (RA 9160, as amended), the Data Privacy Act, and applicable NPC issuances — including KYC verification, transaction monitoring, and regulatory reporting.
• Legitimate interests: Processing necessary to pursue eeji's legitimate interests, including fraud detection, platform security, responsible gaming monitoring, and the improvement of our services — provided these interests are not overridden by your rights and interests.
• Consent: Processing for marketing communications and certain optional data sharing activities, where your explicit, informed consent has been obtained. You may withdraw consent at any time without affecting the lawfulness of prior processing.

eeji uses your personal data for the following specific purposes:

• Account creation and management: To register your Account, authenticate your identity at login, and manage your account settings and preferences;
• Service delivery: To provide access to the game lobby, process bets, display game results, and manage your eeji wallet balance;
• Payment processing: To process deposits and withdrawals via your nominated payment methods, reconcile transactions, and manage refunds or disputes;
• Identity verification (KYC): To verify that you meet the eligibility requirements for real-money gaming under PAGCOR regulations, including the 21+ age requirement;
• Fraud and security: To detect, investigate, and prevent unauthorized account access, fraudulent transactions, bonus abuse, collusion, and other prohibited activities;
• Regulatory compliance: To meet eeji's PAGCOR, AMLA, and NPC reporting obligations, including the reporting of suspicious transactions to the Anti-Money Laundering Council;
• Responsible gaming: To monitor gaming patterns, identify potential problem gambling behaviors, and deliver protective interventions in line with PAGCOR's responsible gaming mandate;
• Customer support: To respond to your inquiries, resolve complaints, and maintain records of our communications for quality assurance and dispute resolution purposes;
• Platform improvement: To analyze aggregate usage patterns, performance data, and player feedback for the purpose of improving the eeji Platform's functionality and user experience;
• Marketing (with consent): To send you promotional materials, bonus offers, event notifications, and newsletters via SMS or email, where you have opted in to receive such communications.

eeji does not use your personal data for automated decision-making that produces legal or similarly significant effects without human review.

eeji may share your personal data with the following categories of recipients in the circumstances described:

• PAGCOR: As our licensing authority, PAGCOR may require access to player data for regulatory audits, compliance reviews, and investigations. eeji is legally obligated to cooperate.
• Anti-Money Laundering Council (AMLC): Suspicious transactions and covered transactions meeting AMLA reporting thresholds must be reported to the AMLC as required by Philippine law.
• National Privacy Commission (NPC): In the event of a personal data breach or NPC investigation, eeji is required to notify and cooperate with the NPC.
• Payment processors: GCash, Maya, BPI, BDO, Metrobank, and other payment service providers receive the minimum data necessary to process your deposit or withdrawal transactions.
• Game content providers: Game software providers may receive technical session data (such as Player ID and bet amount) for the purpose of game round delivery, result verification, and progressive jackpot systems.
• Identity verification services: Third-party KYC verification providers may receive copies of your identity documents and data to perform automated document authentication and fraud screening.
• IT and security service providers: Cloud infrastructure, cybersecurity, and fraud detection vendors may process Technical Data and Account Data as Personal Information Processors (PIPs) acting under eeji's instructions and bound by data processing agreements.
• Legal and law enforcement: Where required by a valid court order, subpoena, or legal process, or where necessary to protect eeji's legal rights or the safety of users.

All third parties with whom eeji shares personal data are required, where applicable, to enter into Data Processing Agreements or equivalent contractual arrangements that obligate them to process personal data only in accordance with eeji's instructions and applicable Philippine privacy law.

eeji retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, and as required by applicable law and regulation. The following general retention periods apply:

• Account and Identity Data: Retained for the duration of your Account plus a minimum of five (5) years following Account closure, in line with PAGCOR record-keeping requirements and the Anti-Money Laundering Act;
• Financial and transaction records: Retained for a minimum of five (5) years from the date of each transaction, as required by the AMLA;
• KYC documentation: Retained for a minimum of five (5) years from the date of verification or Account closure, whichever is later;
• Gaming activity logs: Retained for a minimum of two (2) years for operational purposes, and longer where subject to a regulatory audit or active dispute;
• Support and communications records: Retained for two (2) years following the resolution of the last interaction;
• Marketing preference data: Retained until you withdraw consent or close your Account, whichever is earlier.

Upon expiry of the applicable retention period, eeji will securely delete or anonymize your personal data, unless a legal obligation requires continued retention.

eeji implements technical, organizational, and administrative security measures designed to protect your personal data against unauthorized access, disclosure, alteration, and destruction. These measures include:

• TLS/SSL encryption: All data transmitted between your browser and eeji's servers is encrypted using industry-standard Transport Layer Security (TLS) protocols;
• Password hashing: Account passwords are never stored in plaintext. They are stored as salted cryptographic hashes using current industry-standard algorithms;
• Access controls: Access to production systems and personal data is restricted to authorized eeji personnel on a need-to-know basis, with role-based access controls and multi-factor authentication requirements;
• Intrusion detection: Network monitoring and intrusion detection systems are in operation 24/7 to identify and respond to potential security threats;
• Regular security audits: eeji conducts periodic internal and third-party security assessments, including vulnerability scanning and penetration testing;
• Incident response: eeji maintains a documented data breach response procedure. In the event of a personal data breach that is likely to result in risk to your rights and freedoms, eeji will notify the NPC within seventy-two (72) hours and affected Data Subjects as required by NPC Circular 16-03.

While eeji takes all reasonable precautions to protect your data, no internet transmission is completely secure. You are responsible for maintaining the security of your own login credentials and for reporting any suspected unauthorized access to your Account immediately.

eeji uses cookies and similar tracking technologies (including local storage, session storage, and pixel tags) on eeji.asia for the following purposes:

• Strictly necessary cookies: Required for the Platform to function — including session authentication, wallet balance display, and game state preservation. These cannot be disabled without impairing Platform functionality.
• Performance and analytics cookies: Aggregate, anonymized data on Platform usage patterns to help eeji understand which features are most used and where technical improvements are needed.
• Security cookies: Used to detect fraudulent activity, bot traffic, and device fingerprinting for fraud prevention and account security purposes.
• Preference cookies: Store your language preference, notification settings, and other personalization choices across sessions.

You may manage cookie preferences through your browser's cookie settings. Disabling strictly necessary cookies will impair your ability to log in and use the Platform. eeji does not use third-party advertising cookies or cross-site tracking cookies for the purpose of serving behavioral advertisements.

Under the Data Privacy Act of 2012, you have the following rights with respect to your personal data held by eeji. To exercise any of these rights, please contact eeji's DPO using the details in Section 15. eeji will respond to verified requests within fifteen (15) working days of receipt.

Please note that certain rights are subject to conditions and limitations under the DPA — for example, erasure requests may be declined where retention is required by PAGCOR regulations or the AMLA. eeji will inform you of any applicable limitations when responding to your request.

eeji takes all reasonable technical and procedural steps to prevent underage access to the Platform, including date-of-birth verification at registration and documentary age verification as part of the KYC process. If eeji discovers or is notified that personal data has been collected from a person under the age of 21, eeji will promptly close the affected Account, refund any verified deposits, and securely delete the associated personal data, except where retention is required for AMLA or PAGCOR compliance purposes.

If you have reason to believe that a minor is using eeji, please notify us immediately via live chat or through the contact details in Section 15.

eeji's primary data processing infrastructure is located within the Philippines. However, certain technical service providers — including cloud infrastructure, cybersecurity, and game content providers — may process data from servers located outside the Philippines.

Where cross-border transfers of personal data are necessary, eeji ensures that adequate safeguards are in place in accordance with NPC regulations, including:

• Contractual data processing agreements requiring the recipient to maintain equivalent data protection standards;
• Adequacy assessments to confirm that the destination country or organization provides a level of protection at least comparable to the DPA;
• Notification to the NPC of cross-border data sharing arrangements involving sensitive personal information, where required.

eeji does not transfer personal data to jurisdictions that lack adequate legal frameworks for data protection without first establishing appropriate contractual safeguards.

eeji reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or PAGCOR regulatory requirements. Material changes to this Policy will be communicated to registered Players via a prominent notice on the Platform and, where the change significantly affects your rights, via SMS to your registered mobile number, at least seven (7) days before the amended Policy takes effect.

The "Last Updated" date at the top of this page reflects the date of the most recent revision. We encourage you to review this Policy periodically. Your continued use of the Platform after the effective date of any amendment constitutes acceptance of the revised Policy.

If you do not accept the amended Privacy Policy, you may request Account closure. The privacy practices that applied to your data during the period before closure will continue to govern that data as required by applicable retention obligations.

If you have questions about this Privacy Policy, wish to exercise your Data Subject rights, or need to report a potential data breach or privacy concern, please contact eeji through the following channels:

You also have the right to file a complaint directly with the National Privacy Commission of the Philippines if you are not satisfied with eeji's response to your privacy concern. The NPC's contact information and complaint procedures are publicly available through the NPC's official channels.

This Privacy Policy was last reviewed and is effective as of 1 January 2026.