Privacy Policy

9apps ("we," "us," "our," or "the Platform") is committed to protecting the personal information of all individuals who interact with our platform, including registered players, prospective players who browse the 9apps website, and individuals who contact our support team. This Privacy Policy ("Policy") sets out the principles and practices that govern how 9apps handles personal data in connection with the operation of the 9apps online casino and sports betting platform accessible at https://9apps.bio.

This Policy applies to all personal data collected through the 9apps website, mobile web interface, player registration process, KYC verification procedures, financial transactions, customer support interactions, and marketing communications. It should be read in conjunction with the 9apps Terms & Conditions and Responsible Gaming Policy, both of which are published on this website.

9apps processes personal data in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations, under the oversight of the National Privacy Commission (NPC) of the Philippines. 9apps is also subject to PAGCOR data governance requirements applicable to licensed online gaming operators.

9apps collects the following categories of personal data in connection with your use of the platform. The specific data collected depends on the nature of your interaction with 9apps — not all categories apply to every user.

9apps does not collect sensitive personal information as defined under Section 3(l) of the Philippine Data Privacy Act — including racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data — unless specifically required for compliance with applicable legal obligations, in which case such collection will be disclosed to you at the point of collection.

9apps collects personal data through the following means:

3.1 Directly from You

The majority of personal data held by 9apps is provided directly by you during account registration, KYC document submission, financial transactions, customer support communications, and when you update your account profile or responsible gaming settings. This data is provided voluntarily, though certain fields are mandatory for regulatory compliance — accounts with incomplete required fields cannot process withdrawals.

3.2 Automatically Through Platform Use

When you access and use the 9apps platform, certain technical data is collected automatically through server logs, analytics tools, and cookies. This includes your IP address, device information, browser characteristics, session timestamps, pages visited, and in-platform navigation patterns. This data is used for security monitoring, platform performance optimisation, and aggregate analytics — it is not used to build individual marketing profiles without your consent.

3.3 From Third-Party Sources

9apps may receive limited personal data from third parties in specific contexts:

• Payment Providers: GCash, Maya, BPI, BDO, and Metrobank may provide transaction confirmation data when you deposit or withdraw from 9apps.
• Identity Verification Services: Where 9apps uses an automated KYC verification service, that provider may return identity verification results and risk flags based on the documents you submit.
• Fraud Prevention Services: Third-party fraud detection platforms may provide risk scores or flagging data associated with specific IP addresses, device fingerprints, or payment instruments to assist 9apps in detecting fraudulent account activity.

9apps processes your personal data for the following purposes:

• Account Management: To create, maintain, and administer your 9apps player account, process your 9apps login authentication, and manage account security settings including two-factor authentication.
• Identity Verification & KYC Compliance: To verify your identity and age (21+ requirement) in accordance with PAGCOR licensing conditions and the Philippine Anti-Money Laundering Act (AMLA) as administered by the Anti-Money Laundering Council (AMLC).
• Transaction Processing: To process deposits via GCash, Maya, and bank transfer; to process withdrawal requests; and to maintain complete and accurate financial records for each player account in compliance with Philippine financial regulations.
• Game & Betting Service Provision: To operate the 9apps Casino games, sports betting markets, bingo rooms, and all other platform services you access using your account.
• Responsible Gaming: To monitor gaming activity patterns for indicators of problem gambling behaviour, to enforce responsible gaming limits you have set on your account, and to process self-exclusion requests in accordance with PAGCOR responsible gaming guidelines.
• Fraud Prevention & Security: To detect, investigate, and prevent fraudulent account activity, multi-accounting, bonus abuse, money laundering, and other prohibited conduct as defined in the 9apps Terms & Conditions.
• Customer Support: To respond to your support requests, investigate disputes, and improve the quality of the 9apps support service.
• Legal & Regulatory Compliance: To comply with PAGCOR reporting requirements, AMLC suspicious transaction reporting obligations, NPC data breach notification requirements, and any other applicable Philippine legal obligations.
• Marketing Communications: To send you promotional offers, bonus notifications, and platform updates where you have provided consent or where permitted by applicable law. You may withdraw marketing consent at any time via your account settings.
• Platform Improvement: To analyse aggregate usage patterns, identify platform performance issues, and develop new features and game categories based on player behaviour trends.

Under the Philippine Data Privacy Act of 2012, personal data may only be processed where a valid legal basis exists. 9apps relies on the following legal bases for its data processing activities:

• Contractual Necessity: Processing required to perform the contract represented by the 9apps Terms & Conditions — including account management, game provision, transaction processing, and customer support.
• Legal Obligation: Processing required to comply with PAGCOR licensing conditions, AMLA obligations, NPC requirements, and other applicable Philippine statutory duties — including KYC verification, transaction monitoring, and regulatory reporting.
• Legitimate Interests: Processing carried out in the legitimate interests of 9apps or our players where those interests are not overridden by the individual's privacy rights — including fraud prevention, platform security, and service improvement analytics.
• Consent: Where 9apps relies on your explicit consent as the legal basis for processing — primarily for direct marketing communications — you have the right to withdraw that consent at any time without affecting the lawfulness of prior processing.

9apps does not sell your personal data to third parties. We do not share your data with advertising networks or data brokers. We share personal data with third parties only in the limited circumstances set out below:

6.1 Service Providers & Data Processors

9apps engages third-party service providers who process personal data on our behalf as data processors under contractual arrangements that require them to protect your data in accordance with applicable law. These include:

• Payment processing providers (GCash, Maya, banking partners) for deposit and withdrawal processing.
• Identity verification and KYC technology providers for document verification and age confirmation.
• Cloud infrastructure providers for platform hosting and data storage.
• Fraud detection and cybersecurity service providers for platform security monitoring.
• Customer support software providers for live chat and ticket management.
• Email and SMS communication providers for transactional and marketing communications.
• Game content providers (including providers of certified RNG games and live dealer streaming) where those providers process game session data within their own infrastructure.

6.2 Regulatory Authorities

9apps is legally required to share certain player data with Philippine regulatory and law enforcement authorities in specific circumstances, including:

• PAGCOR — as part of licensee reporting obligations and in response to formal regulatory inquiries.
• Anti-Money Laundering Council (AMLC) — for suspicious transaction reports (STRs) and covered transaction reports (CTRs) as required under the AMLA.
• National Privacy Commission (NPC) — for data breach notifications as required under the Data Privacy Act.
• Relevant courts or law enforcement agencies — in response to lawful orders or warrants.

The 9apps website uses cookies and similar tracking technologies to support platform functionality, maintain your login session, and analyse platform usage. The following categories of cookies are used:

• Strictly Necessary Cookies: Required for core platform functionality including maintaining your authenticated session after 9apps login, remembering your responsible gaming settings, and maintaining shopping cart state during deposit flows. These cannot be disabled without affecting platform functionality.
• Performance & Analytics Cookies: Used to collect aggregate data about how players use the platform — which pages are visited most frequently, where players experience errors, and how navigation flows perform. This data is analysed in aggregate form and does not identify individual users.
• Functional Cookies: Used to remember your preferences including language settings, lobby display preferences, and last-played game categories to personalise your platform experience.
• Security Cookies: Used to support fraud detection, device fingerprinting for multi-account detection, and session integrity verification.

9apps does not use third-party advertising cookies or cookies that track your browsing activity outside the 9apps platform. You may manage cookie preferences through your browser settings, though disabling strictly necessary cookies will affect platform functionality. A cookie consent banner is displayed to new visitors to the 9apps website.

9apps retains personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable law. The following retention periods apply:

Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised in accordance with 9apps' data destruction procedures. Where data cannot be immediately deleted due to technical constraints, it will be isolated from active processing until deletion is complete.

Under the Philippine Data Privacy Act of 2012, you have the following rights in respect of the personal data 9apps holds about you:

• Right to Be Informed: The right to be notified of how your personal data is being collected and processed — which this Policy satisfies.
• Right of Access: The right to request a copy of the personal data that 9apps holds about you, along with information about how it is processed.
• Right to Rectification: The right to request correction of inaccurate or incomplete personal data held in your 9apps account. Some corrections (such as legal name changes) require documentary evidence.
• Right to Erasure / Right to Be Forgotten: The right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to overriding legal or regulatory retention requirements. Note that AMLA and PAGCOR requirements mean that certain financial and identity data must be retained for a minimum of 5 years regardless of an erasure request.
• Right to Object: The right to object to the processing of your personal data for direct marketing purposes. You may withdraw marketing consent at any time via your account settings. You may also object to processing based on legitimate interests, subject to our right to demonstrate compelling grounds for continued processing.
• Right to Data Portability: The right to receive a copy of your personal data in a structured, commonly used, and machine-readable format where processing is based on consent or contractual necessity.
• Right to Damages: The right to be indemnified for damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorised use of personal data, in accordance with the Data Privacy Act.

To exercise any of these rights, please contact the 9apps Data Privacy Officer using the contact details provided in Section 13. 9apps will respond to verified data rights requests within 30 days of receipt. We may require identity verification before processing a data rights request to protect against fraudulent access to other players' data.

9apps implements appropriate technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

• Encryption: All data transmitted between your browser and 9apps servers is encrypted using TLS 1.2 or higher (256-bit SSL). Sensitive data stored in 9apps databases is encrypted at rest using industry-standard encryption algorithms.
• Access Controls: Personal data is accessible only to 9apps personnel and authorised third-party processors who have a legitimate operational need to access it. Access is governed by role-based access controls and requires individual authentication credentials.
• Two-Factor Authentication: Two-factor authentication is available for all 9apps player accounts and is required for administrative accounts that have access to player personal data.
• Security Monitoring: 9apps operates continuous security monitoring across its infrastructure, including intrusion detection systems, anomaly detection, and regular penetration testing.
• Third-Party Security Standards: Third-party service providers handling 9apps player data are required to maintain security standards commensurate with those applied by 9apps, and are subject to contractual data processing agreements.

In the event of a personal data breach that poses a risk to the rights and freedoms of affected individuals, 9apps will notify the National Privacy Commission within 72 hours of becoming aware of the breach, and will notify affected individuals without undue delay, in accordance with the Data Privacy Act and NPC Circular No. 16-03.

The 9apps platform is strictly intended for use by adults aged twenty-one (21) years and above, as required under PAGCOR regulations applicable to Philippine online gaming licensees. 9apps does not knowingly collect personal data from persons under the age of 21.

Age is verified as part of the KYC process before any withdrawal is processed. Where 9apps discovers or reasonably suspects that a registered account belongs to a person under 21 years of age, the account will be immediately suspended, all gaming activity will be reversed, and any deposited funds will be returned to the original payment method following an administrative review period. The personal data associated with the underage account will be retained only for the minimum period required for regulatory reporting purposes.

9apps reserves the right to update this Privacy Policy from time to time to reflect changes in our data practices, applicable law, or PAGCOR regulatory requirements. Material changes to this Policy — meaning changes that significantly affect your rights or the way we process your data — will be communicated to registered players by email to their registered address no fewer than 14 days prior to the effective date of the amended Policy, except where immediate amendment is required by law.

The effective date and last-updated date at the top of this document will be revised with each update. Where changes are material, a summary of key changes will be included in the notification email. Continued use of the 9apps platform after the effective date of any amendment constitutes your acknowledgement of the updated Policy. We recommend reviewing this page periodically to stay informed of any updates.

All privacy-related enquiries, data subject rights requests, and data breach reports should be directed to the 9apps Data Privacy Officer (DPO). The DPO is responsible for overseeing 9apps' compliance with the Philippine Data Privacy Act and this Privacy Policy.

9apps is registered with the National Privacy Commission of the Philippines as required for personal information controllers of the applicable scale. Our NPC registration details are maintained in current status and are available upon request.