jilio Casino Privacy Policy

1.1 jilio Casino is the data controller for personal data collected through jilio.co. As data controller, jilio determines the purposes and means of processing your personal data in connection with the operation of the jilio platform and services.

1.2 jilio operates under PAGCOR compliance guidelines. Our data protection practices are designed to meet the requirements of the Data Privacy Act of 2012 (Republic Act No. 10173, "DPA") and its Implementing Rules and Regulations ("IRR"), as administered by the National Privacy Commission ("NPC") of the Philippines.

1.3 For all privacy-related enquiries, requests, and complaints, you may contact jilio's designated Data Protection Officer ("DPO") using the contact information provided in Section 12 of this Policy.

2.1 jilio collects personal data in the following categories, depending on how you interact with the platform:

2.2 jilio does not intentionally collect sensitive personal information as defined under the DPA (e.g., health data, religious beliefs, political affiliations) except where specifically required for responsible gaming assessments or regulatory compliance.

2.3 Where you provide personal data relating to a third party (for example, a payment account registered to another person), you represent and warrant that you have obtained the consent of that third party to provide their data to jilio.

3.1 jilio processes your personal data for the following purposes:

• Account Registration and Management: To create and maintain your jilio account, authenticate your identity at login, and manage your account preferences and settings.
• Identity Verification (KYC): To verify your identity and age (21+ requirement) in compliance with PAGCOR regulatory requirements and anti-money laundering obligations under Philippine law.
• Payment Processing: To process deposits and withdrawals via GCash, PayMaya, and Philippine bank channels, and to maintain accurate transaction records.
• Platform Operation: To deliver the gaming services, promotions, bonuses, and features available on the jilio platform.
• Responsible Gaming: To monitor gaming activity for signs of problem gambling behaviour and to administer self-exclusion, deposit limit, and cooling-off requests made by players.
• Legal and Regulatory Compliance: To comply with PAGCOR licensing requirements, Philippine anti-money laundering laws, tax reporting obligations, and any other applicable legal requirements.
• Fraud Prevention and Security: To detect, investigate, and prevent fraudulent activity, unauthorised account access, and other security incidents.
• Customer Support: To respond to your queries, complaints, and support requests through jilio's 24/7 support channels.
• Marketing Communications: To send you promotional offers, bonus notifications, and platform updates — subject to your communication preferences and applicable consent requirements.

4.1 jilio processes your personal data on the following legal bases under the DPA and its IRR:

• Contractual Necessity: Processing required to perform our contract with you — the Terms & Conditions you accepted at registration — including account management, payment processing, and game delivery.
• Legal Obligation: Processing required to comply with jilio's legal and regulatory obligations, including PAGCOR requirements, AML compliance, and age verification.
• Legitimate Interests: Processing for fraud prevention, platform security, responsible gaming monitoring, and improvement of jilio's services, where these interests are not overridden by your rights and freedoms.
• Consent: Where consent is the legal basis — for example, for marketing communications — we will obtain your express consent. You may withdraw consent at any time without affecting the lawfulness of prior processing.

5.1 jilio does not sell your personal data. We may share your data with the following categories of recipients only to the extent necessary for the stated purpose:

• Payment Processors: GCash (GXI), PayMaya, and Philippine banking partners — to process deposits and withdrawals to and from your jilio account.
• Identity Verification Providers: Third-party KYC and AML service providers engaged to assist with identity verification and fraud screening.
• Game Providers: Certified game studios whose titles are available on jilio — to the limited extent required for game operation and RNG certification.
• Regulatory Authorities: PAGCOR, the National Privacy Commission, the Anti-Money Laundering Council (AMLC), and other competent Philippine government authorities, where required by law.
• Technology and Infrastructure Providers: Cloud hosting, cybersecurity, and platform infrastructure providers engaged by jilio under contractual data processing agreements.

5.2 All third-party service providers who process personal data on jilio's behalf are contractually required to process such data only on jilio's documented instructions and to maintain appropriate security measures in compliance with the DPA.

6.1 jilio retains personal data for as long as your jilio account remains active and for such further period as required by law or regulatory obligation. The following indicative retention periods apply:

• Account and Identity Data: Duration of account plus five (5) years following account closure, as required by PAGCOR record-keeping and AML regulations.
• Transaction Records: Five (5) years from the date of each transaction, consistent with Philippine AML reporting requirements.
• Support Communications: Three (3) years from the date of each interaction, for dispute resolution and quality assurance purposes.
• Technical Logs: Ninety (90) days, unless extended by an active security investigation.

6.2 Upon expiry of the applicable retention period, jilio will securely delete or anonymise your personal data in accordance with its data disposal procedures.

7.1 jilio implements appropriate technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, and destruction. These measures include but are not limited to: 256-bit SSL/TLS encryption for all data in transit; encryption of sensitive data at rest; role-based access controls with multi-factor authentication for jilio personnel; regular penetration testing and vulnerability assessments; and a documented incident response and breach notification procedure.

7.2 Whilst jilio takes data security seriously and invests in maintaining a secure platform, no internet transmission or electronic storage system is completely secure. You accept this inherent risk as a condition of using the jilio platform. You are responsible for maintaining the security of your own account credentials.

8.1 Under the Data Privacy Act of 2012 (RA 10173), you have the following rights with respect to your personal data held by jilio:

• Right to Be Informed: The right to be notified of the collection and processing of your personal data — fulfilled by this Policy.
• Right of Access: The right to request a copy of the personal data jilio holds about you and information about how it is processed.
• Right to Rectification: The right to request correction of inaccurate or incomplete personal data held by jilio.
• Right to Erasure: The right to request deletion of your personal data where jilio no longer has a lawful basis to retain it, subject to jilio's legal retention obligations.
• Right to Object: The right to object to processing of your personal data carried out on the basis of legitimate interests, including direct marketing.
• Right to Data Portability: The right to receive your personal data in a structured, commonly used format, to the extent technically feasible.
• Right to Lodge a Complaint: The right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines if you believe jilio has processed your personal data in violation of the DPA.

8.2 To exercise any of these rights, please contact jilio's Data Protection Officer using the contact details in Section 12. jilio will respond to all verifiable requests within thirty (30) calendar days as required under the DPA IRR.

9.1 jilio uses cookies and similar tracking technologies on jilio.co for the following purposes: maintaining your logged-in session; remembering your platform preferences; monitoring platform performance and uptime; and analysing aggregate usage patterns to improve the jilio experience.

9.2 Essential Cookies are necessary for the jilio platform to function correctly and cannot be disabled. Analytical Cookies help jilio understand how players interact with the platform and are used only in aggregate, anonymised form. Preference Cookies remember your settings between sessions.

9.3 You may manage cookie preferences through your browser settings. Disabling non-essential cookies will not prevent you from using the jilio platform, though some personalisation features may not function as intended.

10.1 The jilio platform is strictly intended for individuals aged twenty-one (21) years and older, in accordance with PAGCOR regulations governing online gaming in the Philippines. jilio does not knowingly collect personal data from individuals under the age of 21.

10.2 If jilio becomes aware that personal data has been collected from an individual under 21 years of age, it will take immediate steps to delete that data and close the associated account. If you believe jilio may have inadvertently collected data from a minor, please contact us immediately via the DPO contact information in Section 12.

11.1 jilio may update this Privacy Policy from time to time to reflect changes in our data practices, applicable law, or regulatory requirements. Material changes will be communicated to registered players via the email address on your jilio account at least seven (7) days before the changes take effect.

11.2 The "Last Updated" date at the top of this Policy indicates when it was most recently revised. Your continued use of the jilio platform following the effective date of any revised Policy constitutes your acknowledgement of, and agreement to, the updated terms.

12.1 For all privacy-related enquiries, data subject rights requests, or complaints regarding jilio's data practices, please contact jilio's designated Data Protection Officer:

12.2 jilio will acknowledge all DPO contact submissions within three (3) business days and will endeavour to resolve all data privacy matters within thirty (30) calendar days of receipt.

12.3 If you are not satisfied with jilio's response to a privacy complaint, you have the right to escalate the matter to the National Privacy Commission of the Philippines (privacy.gov.ph).