At hiyabet, your privacy is not an afterthought — it is a core part of how we build and operate our platform. This Privacy Policy explains exactly what personal data we collect, why we collect it, and how we keep it safe.
This Privacy Policy ("Policy") describes how hiyabet ("hiyabet," "we," "us," or "our") collects, uses, stores, discloses, and protects the personal information of users ("you" or "your") who access or use the hiyabet online gaming platform at hiyabet.app ("Platform").
hiyabet is committed to protecting your personal data in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission (NPC). We also comply with the data handling requirements imposed by the Philippine Amusement and Gaming Corporation (PAGCOR) as part of our regulatory obligations.
Your consent matters. By registering an account with hiyabet or continuing to use the Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein. If you do not agree, please discontinue use of the Platform.
This Policy should be read alongside our Terms & Conditions and Responsible Gaming Policy, which together form the complete framework governing your relationship with hiyabet.
For the purposes of the Philippine Data Privacy Act of 2012, hiyabet acts as the Personal Information Controller (PIC) in respect of the personal data you provide when using the Platform. As PIC, hiyabet determines the purposes and means of processing your personal information and is responsible for ensuring that such processing is carried out lawfully, fairly, and transparently.
Where hiyabet engages third-party service providers to process personal data on its behalf (for example, payment processors, identity verification providers, or cloud hosting services), those parties act as Personal Information Processors (PIPs) and are contractually bound to process your data only on hiyabet's documented instructions and in compliance with applicable Philippine data privacy law.
hiyabet collects the following categories of personal data from registered users and Platform visitors:
hiyabet does not collect sensitive personal information beyond what is strictly necessary for identity verification, regulatory compliance, and responsible gaming obligations. We do not collect biometric data beyond liveness checks required for KYC, and we do not collect information about your religious beliefs, political opinions, or health conditions unless you voluntarily disclose such information in a support communication.
hiyabet collects personal data through the following means:
The table below sets out the purposes for which hiyabet processes your personal data and the corresponding legal basis under the Philippine Data Privacy Act of 2012:
| Purpose | Data Categories Used | Legal Basis (RA 10173) |
|---|---|---|
| Account registration and management | Identity, contact, KYC documents | Performance of contract; legal obligation |
| Age and identity verification (KYC) | Identity, KYC documents, device data | Legal obligation (PAGCOR / AML regulations) |
| Processing deposits and withdrawals | Financial information, identity | Performance of contract |
| Fraud prevention and security monitoring | Technical data, financial data, gaming activity | Legitimate interests; legal obligation |
| Anti-money laundering (AML) compliance | Identity, financial, gaming activity | Legal obligation (AMLA, PAGCOR) |
| Responsible gaming monitoring | Gaming activity, responsible gaming settings | Legal obligation; legitimate interests |
| Customer support and dispute resolution | Identity, communications, gaming activity | Performance of contract; legitimate interests |
| Platform improvement and analytics | Technical data, gaming activity (aggregated) | Legitimate interests |
| Promotional communications (with consent) | Contact information, gaming preferences | Consent |
| Regulatory reporting to PAGCOR / NPC | Identity, financial, gaming activity | Legal obligation |
Where hiyabet relies on your consent as the legal basis for processing (for example, for marketing communications), you have the right to withdraw that consent at any time by contacting our support team or updating your account notification preferences. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
hiyabet does not sell, rent, or trade your personal data to third parties for their own marketing purposes. We may share your personal data only in the following circumstances:
hiyabet is required by Philippine law to disclose certain personal and financial data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), and other competent government authorities upon lawful request or as part of mandatory regulatory reporting obligations.
We share identity documents and verification data with accredited third-party KYC and fraud detection providers solely for the purpose of verifying your identity and eligibility to use the Platform. These providers are contractually bound to process your data only for this purpose and in compliance with RA 10173.
Transaction data is shared with payment service providers — including GCash, PayMaya, and partner banks (BPI, BDO, Metrobank, UnionBank, Landbank, PNB, Security Bank) — to the extent necessary to process your deposits and withdrawals. These providers operate under their own privacy policies and applicable Philippine financial regulations.
hiyabet uses cloud infrastructure and technology service providers to operate the Platform. These providers may process personal data on our behalf as Personal Information Processors and are bound by data processing agreements that restrict their use of your data to the provision of services to hiyabet.
In the event of a merger, acquisition, restructuring, or sale of all or part of hiyabet's business, your personal data may be transferred to the acquiring entity as part of that transaction. We will notify you of any such transfer and the applicable privacy terms before your data is transferred to a new controller.
We will never share your personal data with unauthorized third parties, advertisers, data brokers, or any party not described in this section. Any request purporting to be from hiyabet asking you to share your personal data via unofficial channels should be treated as suspicious and reported to our support team immediately.
hiyabet retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable Philippine law and PAGCOR regulations. The following general retention periods apply:
Upon expiry of the applicable retention period, hiyabet will securely delete or anonymize your personal data in accordance with NPC-recommended data disposal procedures. Anonymized, aggregated data that can no longer identify you may be retained indefinitely for statistical and analytical purposes.
hiyabet implements a comprehensive set of technical, organizational, and physical security measures to protect your personal data against unauthorized access, disclosure, alteration, loss, or destruction. These measures include:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, hiyabet will notify the National Privacy Commission within 72 hours of becoming aware of the breach, and will notify affected users without undue delay, in accordance with NPC Circular No. 16-03.
hiyabet uses cookies and similar tracking technologies to operate the Platform, remember your preferences, analyze usage patterns, and support security functions. The following types of cookies are used:
You can manage cookie preferences through your browser settings. Please note that disabling strictly necessary cookies may prevent you from accessing certain features of the hiyabet Platform. hiyabet does not use cookies for third-party advertising or behavioral profiling for commercial purposes unrelated to the Platform.
Under the Philippine Data Privacy Act of 2012, you have the following rights with respect to your personal data held by hiyabet. You may exercise any of these rights by contacting our Data Protection Officer (see Section 14):
hiyabet will respond to all verified data privacy rights requests within fifteen (15) business days of receipt. In complex cases, this period may be extended by a further fifteen (15) business days, and you will be notified of the extension and the reason for it. Please note that certain rights may be limited where hiyabet is required to retain or process your data to comply with a legal obligation, such as PAGCOR or AMLA requirements.
The hiyabet Platform is strictly intended for adults aged 21 years and above, in accordance with PAGCOR regulations governing online casino-style gaming in the Philippines. hiyabet does not knowingly collect personal data from individuals under the age of 21.
If hiyabet becomes aware that personal data has been collected from a person under 21 years of age, we will immediately suspend the associated account, delete the personal data in question, and take appropriate steps to prevent further access. If you believe that a minor has registered on the hiyabet Platform, please contact our support team immediately.
Gambling is addictive. Know when to stop. If you are concerned about underage gambling or problem gambling in your household, please visit our Responsible Gaming page for guidance and support resources.
In the course of operating the hiyabet Platform, your personal data may be transferred to and processed in countries other than the Philippines — for example, where our cloud infrastructure providers or technology partners maintain data centers. hiyabet ensures that any such cross-border transfer of personal data is carried out in compliance with Section 21 of the Philippine Data Privacy Act of 2012 and the relevant NPC issuances on cross-border data flows.
Specifically, hiyabet will only transfer personal data to a foreign country or international organization if that country or organization provides an adequate level of protection for personal data, or if appropriate safeguards are in place — such as contractual clauses approved by the NPC or binding corporate rules — to ensure that your rights as a data subject are protected throughout the transfer.
hiyabet reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or regulatory requirements. When material changes are made, we will notify registered users via email or an in-platform notification at least seven (7) days before the changes take effect, where practicable.
The updated Policy will be posted on this page with a revised "Last Updated" date at the top. Your continued use of the hiyabet Platform after the effective date of any amendment constitutes your acceptance of the revised Privacy Policy. We encourage you to review this page periodically to stay informed about how hiyabet protects your personal data.
hiyabet has appointed a Data Protection Officer (DPO) in accordance with Section 21(c) of the Philippine Data Privacy Act of 2012. If you have any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data, please contact our DPO:
hiyabet Data Protection Officer
Email:
General Support:
Response Time: Within 15 business days of receipt of your request
Language: English and Filipino
If you are not satisfied with hiyabet's response to your data privacy concern, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines, which is the supervisory authority responsible for enforcing the Data Privacy Act of 2012.
Privacy at hiyabet is not just a legal checkbox — it is built into every layer of how we operate. Here is what that looks like in practice.
Every piece of data you send to hiyabet — from your login credentials to your GCash transaction details — is protected by 256-bit SSL/TLS encryption in transit and encrypted at rest on our servers. Your information is never transmitted in plain text.
hiyabet's data practices are fully aligned with the Philippine Data Privacy Act of 2012 (RA 10173) and NPC regulations. We have a registered Data Protection Officer and maintain a Privacy Management Program as required by Philippine law.
hiyabet will never sell, rent, or trade your personal data to advertisers, data brokers, or any unauthorized third party. Your information is used solely to operate the Platform, comply with regulations, and improve your experience.
As a PAGCOR-regulated platform, hiyabet undergoes regular compliance audits that include data security assessments. Our security posture is reviewed not just internally but by external regulatory bodies, giving you an additional layer of assurance.
Under RA 10173, you have the right to access, correct, delete, and port your personal data. hiyabet makes it straightforward to exercise these rights — just contact our DPO and we will respond within 15 business days.
In the unlikely event of a data breach, hiyabet is committed to notifying the NPC within 72 hours and informing affected users without undue delay — because you deserve to know if your data is ever at risk, and to take action quickly.
Now that you know how hiyabet handles your personal data, you can enjoy our games with full confidence. From slots and bingo to live casino and instant-win scratch games — hiyabet is the secure, PAGCOR-regulated choice for Filipino players aged 21 and above.
21+ only. Please play responsibly. Gambling is addictive. Know when to stop.