These cards summarize jli7's core privacy commitments. They are for orientation only — the full legally binding policy follows below.
jli7 does not sell, rent, or trade your personal information to advertisers, data brokers, or any unaffiliated third parties. Your data is used exclusively to operate your account, process transactions, and comply with regulatory requirements.
All personal data transmitted between your device and jli7 servers is protected by 256-bit SSL/TLS encryption — the same standard used by Philippine banks. Data at rest in jli7 databases is encrypted using AES-256.
As a Philippine data subject, you have the right to access, correct, erase, object to processing, and port your personal data. jli7 provides mechanisms to exercise all statutory data subject rights described in this Policy.
Data is shared with third parties only where strictly necessary — payment processors like GCash and Maya, identity verification providers, and PAGCOR where required by regulation. All third parties are bound by confidentiality and data processing agreements.
jli7 retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable Philippine law. Transaction records are retained for the minimum period required by PAGCOR and AML regulations.
In the event of a personal data breach that poses a real risk to affected data subjects, jli7 will notify the National Privacy Commission (NPC) within 72 hours and will inform affected players without undue delay, as required by RA 10173 and NPC Circular 16-03.
This Privacy Policy ("Policy") explains how jli7 ("jli7," "we," "us," or "our") collects, uses, discloses, stores, and protects the personal information of players and visitors ("you" or "Data Subject") in connection with the jli7 online gaming platform at jli7.vip. This Policy is issued in compliance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012, its Implementing Rules and Regulations, and all relevant issuances of the National Privacy Commission (NPC). By registering an account with jli7 or using the Platform, you acknowledge that you have read and understood this Policy.
1.1 jli7 is committed to protecting the privacy and security of every player's personal information. We understand that Filipino players — from Metro Manila to Davao — trust us with sensitive financial and identity data when they create an account, make a GCash deposit, or complete KYC verification. That trust is not something we take lightly.
1.2 This Policy applies to all personal data processed by jli7 in connection with the operation of the Platform, including data collected during registration, account use, payment processing, customer support interactions, and marketing communications where consent has been obtained.
1.3 This Policy should be read together with the jli7 Terms & Conditions and the Responsible Gaming Policy, both of which are incorporated by reference.
2.1 For the purposes of RA 10173, jli7 is the Personal Information Controller (PIC) in respect of all personal data collected through the Platform. As PIC, jli7 determines the purposes for which personal data is collected and the means by which it is processed.
2.2 jli7 operates the Platform under the regulatory framework established by the Philippine Amusement and Gaming Corporation (PAGCOR) for licensed online gaming operators in the Philippines.
2.3 jli7 has appointed a Data Protection Officer (DPO) responsible for overseeing compliance with RA 10173, managing data subject rights requests, and serving as the primary contact point for the National Privacy Commission. Contact details for the DPO are provided in Section 15.
3.1 jli7 collects only the personal data that is necessary for the lawful purposes described in this Policy. The categories of personal data we collect are set out in the table below.
| Category | Data Elements | Purpose |
|---|---|---|
| Identity Data | Full legal name, date of birth, nationality, government ID number and type | Account registration, age verification, KYC compliance |
| Contact Data | Email address, Philippine mobile number (09xx format), residential address | Account communication, OTP delivery, support, regulatory notices |
| Financial Data | GCash/Maya account reference, bank account details (for withdrawals), deposit and withdrawal history, transaction amounts | Payment processing, withdrawal verification, AML monitoring |
| Technical Data | IP address, device type and OS, browser type, session timestamps, login locations | Security monitoring, fraud detection, session management |
| Usage Data | Game history, betting patterns, session duration, feature interactions | Platform improvement, responsible gaming monitoring, personalization |
| Communications Data | Support chat transcripts, email correspondence, feedback submissions | Support resolution, quality assurance, dispute handling |
| Marketing Preferences | Consent records, opted-in promotion categories, communication channel preferences | Consent-based promotional communications |
3.2 Sensitive Personal Information. jli7 may collect sensitive personal information within the meaning of RA 10173 — specifically government-issued ID documents (which may reveal nationality and civil status) — solely for the purpose of identity verification and KYC compliance. Such information is processed under stricter access controls and is retained only for the period required by applicable regulations.
We do not collect: Social media login credentials, full credit card numbers (payments are processed by PCI-DSS compliant third-party processors), biometric data beyond what may be contained in government ID photographs submitted for KYC, or medical or health information.
4.1 Directly from You. The majority of personal data jli7 holds is provided directly by you at registration, during KYC verification, when you contact support, or when you update your account profile.
4.2 Automatically During Platform Use. Technical and Usage Data is collected automatically when you access the Platform. This includes server log data, IP address, device identifiers, and game interaction records. This collection is necessary for Platform security, fraud prevention, and responsible gaming monitoring.
4.3 From Payment Service Providers. When you make a deposit or withdrawal via GCash, Maya, BPI, BDO, or other accepted payment methods, jli7 receives transaction confirmation data from the relevant payment service provider. jli7 does not receive or store full card numbers or e-wallet PINs.
4.4 From Identity Verification Providers. Where jli7 uses third-party KYC providers to assist with identity and age verification, those providers may return verification results and associated data to jli7. All third-party KYC providers are bound by data processing agreements and are required to comply with RA 10173.
4.5 From PAGCOR and Regulatory Authorities. jli7 may receive data from PAGCOR or other regulatory bodies in connection with compliance obligations, self-exclusion registers, or investigations.
5.1 jli7 processes personal data only where it has a lawful basis to do so under RA 10173. The applicable legal bases for jli7's processing activities are:
Where jli7 relies on legitimate interests as the legal basis for processing, a Legitimate Interests Assessment (LIA) has been conducted. Summaries of completed LIAs are available upon request to the Data Protection Officer.
6.1 jli7 uses collected personal data for the following purposes:
6.2 jli7 does not use automated decision-making in ways that produce legal or similarly significant effects on Data Subjects without human oversight, except in limited circumstances required by law (e.g., automated AMLC reporting triggers).
7.1 jli7 does not sell, rent, or trade personal data. Personal data is shared with third parties only in the circumstances described below, and only to the extent necessary for the specified purpose.
7.2 Payment Service Providers. Transaction data is shared with GCash, Maya, BPI, BDO, Metrobank, UnionBank, and other payment processors solely to facilitate deposits and withdrawals. These providers are required by jli7 to maintain confidentiality and data security standards consistent with RA 10173.
7.3 Identity Verification Providers. KYC documentation and verification requests are processed by third-party identity verification services under data processing agreements that bind them to RA 10173 compliance standards.
7.4 Regulatory Authorities. jli7 is required by law to disclose certain information to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other governmental bodies with lawful authority to request or compel disclosure. Such disclosures are made only to the extent required by applicable law.
7.5 Technology and Infrastructure Providers. Certain technical service providers (cloud hosting, database management, security monitoring) may have access to personal data in the course of providing services to jli7. All such providers operate under data processing agreements and are prohibited from using jli7 player data for their own purposes.
7.6 Professional Advisors. Legal counsel, auditors, and compliance consultants may access personal data on a confidential, need-to-know basis in connection with legal advice, audit procedures, or regulatory matters.
Important: jli7 will never share your personal information with companies for advertising, marketing profiling, or data monetization purposes. If you receive a communication claiming to be from jli7 that requests personal or financial information, treat it as suspicious and contact jli7 support immediately.
8.1 The jli7 Platform uses cookies and similar tracking technologies (including local storage and session tokens) to operate essential Platform functions and to improve the user experience. The types of cookies used are described below.
8.2 jli7 does not use third-party advertising cookies or behavioral tracking cookies for targeted advertising purposes. No player data is shared with advertising networks through cookie mechanisms.
8.3 You can manage cookie settings through your browser's privacy controls. Note that disabling essential cookies will impair your ability to log in and use the Platform. Clearing session cookies will end your active jli7 session.
9.1 jli7 retains personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable Philippine law and regulatory obligations.
9.2 Active Account Data. Personal data associated with an active jli7 account is retained for the duration of the account relationship and for a period of five (5) years following account closure, unless a longer retention period is required by law.
9.3 Transaction Records. Financial transaction records, including deposit and withdrawal histories, are retained for a minimum of five (5) years from the date of the transaction, as required by the Anti-Money Laundering Act and PAGCOR licensing conditions.
9.4 KYC Documentation. Identity verification documents are retained for the minimum period required by applicable AML/KYC regulations, and are securely destroyed thereafter in accordance with jli7's data destruction policy.
9.5 Support Communications. Customer support interaction records are retained for a period of three (3) years from the date of the last interaction.
9.6 Marketing Consent Records. Records of marketing consent and withdrawal are retained for a period sufficient to demonstrate compliance with consent obligations under RA 10173.
9.7 Upon expiry of the applicable retention period, personal data is securely deleted or anonymized in a manner that prevents re-identification.
10.1 jli7 implements appropriate technical and organizational measures to protect personal data against unauthorized access, accidental loss, alteration, disclosure, or destruction. These measures include:
10.2 Notwithstanding the measures above, no data transmission over the internet or electronic storage system can be guaranteed to be 100% secure. Players are encouraged to use strong, unique passwords and to enable two-factor authentication to reduce the risk of unauthorized account access.
Your role in security: The strongest technical protections can be undermined by weak passwords or credential sharing. jli7 recommends: using a password unique to your jli7 account, enabling 2FA via SMS OTP, avoiding login on public Wi-Fi, and reviewing your login history regularly in account settings.
11.1 Under Republic Act No. 10173, you have the following rights with respect to your personal data held by jli7. To exercise any of these rights, contact the jli7 Data Protection Officer using the details in Section 15.
You have the right to request a copy of the personal data jli7 holds about you, information about how it is being used, who it has been shared with, and how long it will be retained. jli7 will respond to verified access requests within fifteen (15) business days.
You have the right to request correction of any inaccurate or incomplete personal data jli7 holds about you. Most contact data can be updated directly in your account profile. Changes to name or date of birth require supporting documentation and DPO review.
You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing. Note that certain data may be retained where required by law (e.g., AML transaction records) even after an erasure request.
You have the right to object to processing of your personal data where jli7 relies on legitimate interests as its legal basis. You also have the right to object to direct marketing at any time without giving reasons. Marketing objections will be actioned within five (5) business days.
Where processing is based on consent or contractual necessity, you have the right to receive your personal data in a structured, commonly used, machine-readable format, and to transmit it to another personal information controller where technically feasible.
If you believe jli7 has processed your personal data in violation of RA 10173, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines. jli7 encourages you to contact us first to attempt informal resolution, but this does not affect your right to complain to the NPC.
To exercise any of the above rights, submit a written request to the jli7 Data Protection Officer at [email protected]. We may require identity verification before processing your request to protect against unauthorized access to your data.
12.1 The jli7 Platform is strictly intended for individuals aged twenty-one (21) years and above. jli7 does not knowingly collect personal data from persons under 21 years of age.
12.2 jli7 employs age verification controls at registration to screen for underage applicants. Where jli7 becomes aware — through post-registration review or third-party notification — that an account belongs to a person under 21 years of age, the account will be immediately terminated and all personal data associated with the account will be deleted or anonymized in accordance with applicable law, subject to any mandatory retention requirements.
12.3 Parents or guardians who believe that their child has registered or attempted to register on jli7 should contact the DPO immediately using the details in Section 15. jli7 will act on such notifications without delay.
13.1 jli7's primary data processing infrastructure is located within or operates in compliance with Philippine data sovereignty requirements. However, certain service providers — particularly cloud infrastructure and security monitoring providers — may process data on servers located outside the Philippines.
13.2 Where personal data is transferred outside the Philippines, jli7 ensures that adequate safeguards are in place to protect the data to a standard equivalent to that required by RA 10173. These safeguards may include: contractual clauses binding the recipient to RA 10173 standards, transfers to jurisdictions with substantially similar data protection frameworks, or transfers pursuant to explicit consent from the Data Subject.
13.3 Information about specific cross-border transfer safeguards is available from the jli7 Data Protection Officer upon request.
14.1 jli7 reviews and updates this Privacy Policy periodically to reflect changes in our data processing activities, regulatory requirements, or the services offered on the Platform. The "Last Updated" date at the top of this page indicates when the most recent revision was made.
14.2 Material changes to this Policy — particularly changes that affect your rights as a Data Subject or that involve new categories of data or processing purposes — will be communicated to registered players via their registered email address at least fourteen (14) days before the change takes effect.
14.3 Continued use of the jli7 Platform after the effective date of a Policy update constitutes acknowledgment of the revised Policy. If you do not accept a material change, you may close your account and request deletion of your personal data in accordance with Section 11.
15.1 For all privacy-related inquiries, data subject rights requests, or complaints, please contact the jli7 Data Protection Officer:
15.2 National Privacy Commission. If you are unsatisfied with jli7's handling of your privacy concern, you have the right to file a complaint with the National Privacy Commission of the Philippines. Information about the NPC's complaint process is available at the NPC's official channels. jli7 cooperates fully with NPC investigations.
jli7's Data Protection Officer is registered with the National Privacy Commission as required under RA 10173 and NPC Advisory Opinion No. 2017-049. All data subject rights requests received by jli7 are logged and tracked in our DPO management system to ensure timely and documented responses.