Data Protection · Privacy Notice
At 39 gl, your privacy is not a formality — it is a core operational commitment. This Privacy Policy explains what personal information we collect from Philippine players, how we use it, how we protect it, and what rights you have over your data under the Republic Act No. 10173 (Data Privacy Act of 2012).
39 gl ("we," "us," "our," "the Platform") operates the online gaming platform accessible at 39gl.app and is committed to protecting the privacy and personal data of every individual who interacts with our services. This Privacy Policy ("Policy") describes how 39 gl collects, processes, stores, shares, and safeguards personal information in connection with your use of the Platform.
This Policy applies to all players, visitors, and registered account holders who access 39 gl from the Republic of the Philippines or whose personal data is processed by 39 gl in connection with the Philippine market. It is read together with, and forms part of, the 39 gl Terms & Conditions.
Your Consent: By registering a 39 gl account, accessing the platform, or using any of our services, you acknowledge that you have read and understood this Privacy Policy and consent to the processing of your personal data as described herein. If you do not consent, please do not register or continue to use the Platform.
39 gl processes personal data in compliance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission (NPC) of the Philippines.
For the purposes of the Data Privacy Act of 2012, the personal information controller for data processed in connection with the 39 gl platform is:
The Data Protection Officer (DPO) of 39 gl is responsible for overseeing compliance with data protection obligations and handling privacy-related inquiries and complaints from data subjects.
39 gl collects the minimum personal data necessary to provide a functional, secure, and compliant online gaming service to Filipino players. The categories of personal data we collect are set out below:
39 gl collects personal data through the following channels:
39 gl uses collected personal data for the following purposes:
| Purpose | Description |
|---|---|
| Account Management | Creating, maintaining, and securing your 39 gl account; processing login authentication and session management. |
| Payment Processing | Facilitating GCash, Maya, BPI, BDO, and other PHP deposits and withdrawals; maintaining financial transaction records. |
| Identity Verification | Verifying age (21+ compliance), identity, and Philippine residency as required for KYC and AML compliance. |
| Regulatory Compliance | Meeting obligations under the AMLA, DPA 2012, PAGCOR regulatory context, and other applicable Philippine law. |
| Responsible Gaming | Enforcing deposit limits, session controls, self-exclusion, and other player protection tools. |
| Fraud Prevention | Detecting and preventing multi-accounting, bonus abuse, payment fraud, and unauthorized account access. |
| Customer Support | Responding to support requests, live chat queries, and complaints from Filipino players in Tagalog and English. |
| Platform Improvement | Analysing aggregated gameplay and behavioural data to improve game selection, performance, and user experience. |
| Marketing (Opted-In) | Sending promotional offers, bonus announcements, and platform updates to players who have opted into marketing communications. |
Under the Data Privacy Act of 2012, 39 gl processes your personal data on the following legal bases:
39 gl does not sell, rent, or trade your personal information to third parties for their own marketing purposes. We share personal data only in the following limited circumstances:
We engage carefully selected third-party service providers who process data on our behalf under binding data processing agreements. These include payment processors (GCash, Maya, InstaPay network providers), KYC and identity verification platforms, cloud hosting providers, game content delivery infrastructure operators, and customer support software providers.
39 gl will disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), the Bangko Sentral ng Pilipinas (BSP), law enforcement agencies, or other governmental authorities where required or permitted by Philippine law, court order, or regulatory demand.
In the event of a merger, acquisition, or sale of assets involving 39 gl, personal data held may be transferred to the acquiring entity as part of the transaction, subject to at least equivalent data protection standards.
Where a player has elected self-exclusion through 39 gl, aggregated or anonymised self-exclusion data may be shared with inter-operator responsible gaming registers where applicable under Philippine regulatory context.
Data Sale Prohibition: 39 gl has never sold and will never sell your personally identifiable information to marketing companies, data brokers, or any third party for commercial exploitation. Your data is used exclusively for the operational purposes described in this Policy.
39 gl retains personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes. Our standard retention periods are as follows:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account registration data | Duration of account + 5 years post-closure | AMLA, contractual obligation |
| KYC / identity documents | Duration of account + 5 years post-closure | RA 9160 (AMLA) compliance |
| Financial transaction records | 5 years from transaction date | AMLA, BIR, regulatory audit |
| Gameplay session records | 2 years from session date | Dispute resolution, responsible gaming |
| Customer support transcripts | 3 years from interaction date | Dispute resolution, quality assurance |
| Self-exclusion records | Permanently retained | Responsible gaming obligation |
| Marketing consent records | Until consent withdrawn + 1 year | DPA 2012 consent accountability |
Upon expiry of applicable retention periods, personal data is securely deleted or anonymised in accordance with 39 gl's data disposal procedures.
39 gl implements industry-standard technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. Our security framework includes:
Your Responsibility: The security of your account also depends on your own practices. Use a strong, unique password for your 39 gl account, enable two-factor authentication, and never share your credentials with any other person. 39 gl support agents will never ask for your password.
In the event of a personal data breach that is likely to result in risk to the rights and freedoms of affected individuals, 39 gl will notify the National Privacy Commission (NPC) within 72 hours of becoming aware of the breach and will inform affected players as required by the DPA 2012 and NPC regulations.
39 gl uses cookies and similar tracking technologies to enable core platform functionality, maintain session security, analyse usage patterns, and (where consented) personalise your experience. The types of cookies used are:
Most web browsers are set to accept cookies by default. You can configure your browser (Chrome, Safari, Firefox) to decline non-essential cookies, though doing so may impair certain platform features. On the 39 gl platform, a cookie preference centre is accessible from the footer of the website.
Under the Data Privacy Act of 2012 and its Implementing Rules and Regulations, you have the following rights with respect to your personal data processed by 39 gl:
To be notified that your personal data is being collected and processed, the purpose of processing, and how long it will be retained.
To obtain a copy of your personal data held by 39 gl upon written request. We will respond within 30 days of a verified request.
To correct inaccurate, incomplete, or outdated personal data held by 39 gl via your account settings or a support request.
To request deletion of your personal data where it is no longer necessary for its original purpose, subject to legal retention obligations.
To object to processing based on legitimate interests or direct marketing. Marketing opt-outs are processed immediately.
To receive your personal data in a structured, commonly used, machine-readable format for transfer to another controller where technically feasible.
To exercise any of the above rights, please contact the 39 gl Data Protection Officer at [email protected] with the subject line "Privacy Rights Request." Identity verification will be required before processing your request. We will respond within thirty (30) calendar days.
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines, which is the supervisory authority under the DPA 2012.
🔞 21+ Strictly Enforced. 39 gl does not knowingly collect personal data from individuals under the age of 21. The platform is strictly for adult users aged 21 and above in accordance with Philippine gaming regulations. Any account found to belong to a person under 21 will be immediately closed, all data will be deleted, and any funds will be returned to the registered payment method.
If a parent or guardian becomes aware that a minor has registered at 39 gl or provided personal data to the platform, please contact us immediately at [email protected]. We will investigate and take appropriate remedial action, including account closure and data deletion, as promptly as possible.
39 gl is a Philippines-focused platform and prioritises keeping player data within the Philippine jurisdiction or in countries with equivalent data protection standards. Where operational necessity requires transferring personal data outside the Philippines — for example, to cloud infrastructure providers or game content delivery networks with international data centres — 39 gl ensures such transfers are:
The 39 gl platform integrates content from third-party game providers including Pragmatic Play, PG Soft, JILI, Evolution Gaming, NetEnt, and others. These providers operate their game engines independently and may process limited technical data (device type, session data) necessary to deliver their games. 39 gl requires all game provider partners to comply with data protection standards consistent with the DPA 2012.
Payment service providers — including GCash (operated by G-Xchange, Inc., a subsidiary of Globe Telecom) and Maya (operated by Maya Philippines, Inc.) — process financial transaction data under their own privacy policies in addition to their contractual obligations with 39 gl. We encourage you to review the privacy policies of your payment providers.
No External Links: 39 gl does not include advertising links, affiliate links, or promotional links to third-party websites on this platform. The privacy practices described in this Policy apply exclusively to 39gl.app and its associated services.
39 gl reserves the right to amend this Privacy Policy at any time to reflect changes in our data practices, applicable law, or regulatory requirements. When material changes are made to this Policy, we will provide notice through one or more of the following:
The revised Policy will include an updated "Last Updated" date at the top of this page. Your continued use of the 39 gl platform following the effective date of any amendment constitutes your acceptance of the revised Privacy Policy. If you do not agree with the updated Policy, you should cease using the platform and close your account.
For any questions, concerns, access requests, or complaints regarding this Privacy Policy or 39 gl's data protection practices, please contact our Data Protection Officer:
If you are unsatisfied with 39 gl's response to a privacy complaint, you have the right to escalate your complaint to the National Privacy Commission (NPC) of the Philippines, the independent authority established under the Data Privacy Act of 2012 to oversee compliance and adjudicate complaints.
For responsible gaming concerns, please visit Responsible Gaming. For account-related queries, see our FAQ.
Our Commitments
Six concrete data protection commitments every 39 gl player can count on.
Every byte of data exchanged between your browser and 39 gl servers — from login credentials to GCash transaction confirmations — travels over an encrypted SSL connection. Look for the padlock in your browser address bar on every page.
39 gl has a firm, unconditional policy against selling personal data to marketers, data brokers, or any third parties. Your information is used solely to operate your account, process payments, and keep the platform secure and compliant.
39 gl processes all Philippine player data in accordance with Republic Act No. 10173 (Data Privacy Act of 2012) and the issuances of the National Privacy Commission. A dedicated Data Protection Officer oversees all compliance obligations.
39 gl collects only the personal data genuinely required to provide, secure, and legally operate its gaming services for Filipino players. We do not collect data speculatively or for purposes beyond those described in this Privacy Policy.
The data subject rights described in Section 11 are operationally implemented — not just printed here for appearance. Access, rectification, and erasure requests are processed within 30 days by a dedicated privacy team that actually responds.
In the unlikely event of a personal data breach, 39 gl is committed to notifying the National Privacy Commission within 72 hours and informing affected players promptly — as required by the DPA 2012 and NPC Circular No. 16-03.
Join millions of Filipino players on a platform that takes privacy, security, and fair play seriously. GCash deposits, PHP balance, 2,400+ games. 21+ only.
21+ only. For entertainment only. Financial risk involved. PAGCOR context applies. Data processed under RA 10173.