Your privacy matters to us. This Policy explains exactly what personal data tayaplus collects, how we use it, who we share it with, and how we keep it safe — all in compliance with Philippine law.
Under Republic Act No. 10173, every tayaplus account holder has the following rights over their personal data. These are not optional features — they are your legal entitlements.
You have the right to know what personal data tayaplus collects about you, the purpose for collection, how long it is retained, and whether it is shared with any third parties — before or at the time of collection.
You may request a copy of all personal data tayaplus holds about you at any time. We will respond to verified access requests within fifteen (15) business days and provide data in a readable, portable format.
If any personal data tayaplus holds about you is inaccurate, incomplete, or outdated, you have the right to request its correction. Corrections to KYC-verified data may require re-submission of supporting documents.
You may request deletion of your personal data where it is no longer necessary for the purpose it was collected, where you withdraw consent, or where processing was unlawful — subject to our legal retention obligations.
You have the right to object to the processing of your personal data for direct marketing, profiling, or any processing not strictly necessary for service delivery. Objections are honoured from the date of receipt.
If you believe tayaplus has violated your data privacy rights, you may file a complaint with the National Privacy Commission (NPC) of the Philippines — the government body responsible for enforcing RA 10173.
Notice: This Privacy Policy forms part of the tayaplus Terms & Conditions. By creating a tayaplus account or by continuing to use the tayaplus Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein. If you do not agree to this Policy, you must not use the tayaplus Platform.
tayaplus ("we", "us", "our") is committed to protecting the privacy and personal data of every player who uses the tayaplus Platform. This Privacy Policy describes the personal data we collect from you when you use the tayaplus website, mobile platform, and related services; how we use that data; the circumstances under which we share it; and the rights you hold over it under Philippine law.
This Policy applies to all personal data collected through your use of tayaplus, including data provided during account registration, KYC verification, deposits and withdrawals, game activity, customer support interactions, and your use of any promotional features offered by tayaplus.
This Privacy Policy is written in compliance with Republic Act No. 10173, known as the Data Privacy Act of 2012, and its Implementing Rules and Regulations as promulgated by the National Privacy Commission of the Philippines. tayaplus also complies with PAGCOR's data handling requirements for licensed online gaming operators.
For the purposes of the Philippine Data Privacy Act of 2012 and its Implementing Rules, tayaplus is the Personal Information Controller of the personal data you provide to us. This means tayaplus determines the purposes and means by which your personal data is processed.
Where tayaplus engages third-party service providers to process personal data on its behalf — such as payment processors, identity verification services, and certified game providers — such parties act as Personal Information Processors and are contractually bound to process your data only in accordance with tayaplus's instructions and in compliance with the Data Privacy Act.
tayaplus has designated a Data Protection Officer ("DPO") responsible for overseeing compliance with this Policy and the Data Privacy Act. The DPO's contact details are provided in Section 15 of this Policy.
tayaplus collects the following categories of personal data about you, depending on how you interact with the Platform:
Sensitive Personal Information: Copies of government-issued IDs and biometric selfie photographs submitted for KYC verification are classified as sensitive personal information under the Data Privacy Act. tayaplus applies heightened security measures to the storage and handling of these documents, including restricted access controls and encrypted storage.
tayaplus collects personal data through the following means:
tayaplus processes your personal data for the following purposes and on the following legal bases under the Data Privacy Act of 2012:
| Purpose | Legal Basis |
|---|---|
| Account creation and management | Performance of contract (provision of gaming services) |
| Identity verification (KYC) | Legal obligation (PAGCOR licensing requirements; Anti-Money Laundering Act) |
| Processing deposits and withdrawals | Performance of contract; legal obligation |
| Fraud prevention and security monitoring | Legitimate interests; legal obligation |
| Responsible gaming compliance | Legal obligation (PAGCOR regulations); legitimate interests |
| Customer support | Performance of contract; legitimate interests |
| Regulatory reporting to PAGCOR | Legal obligation |
| Marketing and promotional communications | Consent (you may withdraw at any time — see Section 13) |
| Platform improvement and analytics | Legitimate interests (where data is aggregated or anonymised) |
Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal. Withdrawal of consent for processing that is necessary for the performance of your account services may require account closure.
tayaplus does not sell your personal data to third parties. We share your data only in the following circumstances and only to the extent necessary for the specified purpose:
tayaplus engages carefully selected third-party service providers to deliver aspects of the Platform. These include identity verification providers, payment processors (GCash, Maya, InstaPay, BancNet, and connected financial institutions), certified game content providers, cloud hosting and infrastructure providers, and customer support tools. All processors are contractually required to handle your data in accordance with the Data Privacy Act and tayaplus's data protection standards.
tayaplus is required by law to share certain player data with PAGCOR as part of its licensing obligations. tayaplus may also be required to disclose personal data to the Anti-Money Laundering Council (AMLC), law enforcement authorities, courts, and other government agencies where required by applicable Philippine law or by a valid legal order or subpoena.
In the event that tayaplus undergoes a merger, acquisition, restructuring, or sale of all or a material part of its business, personal data held by tayaplus may be transferred to the successor entity as part of that transaction. Affected users will be notified via email or in-platform notification before such a transfer occurs.
Our Commitment: tayaplus will never share, rent, or sell your personal data to advertisers, data brokers, or unrelated third parties for commercial purposes without your explicit prior consent. Your data is used to provide and improve the tayaplus service — nothing else.
Cookies are small text files placed on your device by the tayaplus Platform when you visit. They allow the Platform to recognise your device on subsequent visits, maintain your session, remember your preferences, and collect analytical data about how the Platform is used.
You can manage or disable non-essential cookies through your browser settings. Please note that disabling strictly necessary cookies will impair the functionality of the tayaplus Platform, including your ability to log in and play. Most mobile browsers on Android and iOS provide cookie management settings under the browser's privacy or settings menu.
tayaplus retains your personal data for as long as your account remains active and for the additional retention periods specified below, which are driven by legal and regulatory obligations applicable to licensed Philippine online gaming operators:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account registration data | Duration of account + 5 years after closure | PAGCOR licensing requirement |
| KYC documents | Duration of account + 5 years after closure | AMLA compliance obligation |
| Financial transaction records | Duration of account + 5 years after closure | AMLA; tax compliance |
| Betting / gaming history | Duration of account + 3 years after closure | PAGCOR audit requirements |
| Customer support records | 3 years from last interaction | Legitimate interests; dispute resolution |
| Marketing consent records | Until consent is withdrawn + 3 years | Evidence of lawful processing |
| Technical / device logs | 12 months on a rolling basis | Security and fraud detection |
Upon expiry of the applicable retention period, personal data will be securely deleted or anonymised so that it can no longer be linked to an identifiable individual. If you request deletion of your data before the retention period has expired, we will assess the request against our legal obligations and inform you of the outcome within fifteen (15) business days.
tayaplus implements appropriate technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. Our security framework includes but is not limited to:
In the event of a personal data breach that is likely to result in risk to the rights and freedoms of affected players, tayaplus will notify the National Privacy Commission within seventy-two (72) hours of becoming aware of the breach, and will notify affected individuals without undue delay via their registered email address or mobile number.
Your Role in Security: The security of your personal data also depends on you. Please ensure your tayaplus password is unique, strong, and not shared with anyone. Never disclose your OTP codes to third parties. tayaplus staff will never ask for your password or full OTP via chat, SMS, or email.
To exercise any of the data rights described in this Policy — including the right to access, correct, delete, or object to processing of your personal data — you may submit a request through any of the following channels:
All data rights requests must be submitted by the verified account holder. You will be required to confirm your identity before any request is processed. tayaplus will acknowledge your request within five (5) business days and will respond to the substantive request within fifteen (15) business days. Where a request is particularly complex or there are a large number of concurrent requests, the response period may be extended by a further fifteen (15) business days, and you will be notified of the extension.
Where a data rights request conflicts with tayaplus's legal obligation to retain certain data — for example, the requirement to retain KYC documents for five years under the Anti-Money Laundering Act — tayaplus will inform you of the conflict and the applicable legal basis, and will delete or anonymise the data at the earliest legally permissible date.
The tayaplus Platform is strictly intended for individuals who are at least twenty-one (21) years of age. tayaplus does not knowingly collect personal data from individuals under the age of 21.
If tayaplus discovers or is notified that it has collected personal data from an individual who is under 21 years of age, the account will be immediately closed, all personal data relating to that individual will be deleted within a reasonable timeframe consistent with our legal obligations, and any funds held in the account will be handled in accordance with PAGCOR's requirements for underage account closures.
If you believe that tayaplus may have collected personal data from an individual under the age of 21, please contact us immediately via the channels listed in Section 15.
tayaplus primarily stores and processes personal data within the Philippines. However, certain third-party service providers engaged by tayaplus — including cloud infrastructure providers and certified game content providers — may process data in servers located outside the Philippines.
Where personal data is transferred outside the Philippines, tayaplus ensures that appropriate safeguards are in place to protect the data at a standard equivalent to the protections provided by the Philippine Data Privacy Act of 2012. These safeguards include contractual data processing agreements that bind the recipient to data protection standards consistent with Philippine law, and tayaplus's assessment that the destination jurisdiction provides adequate data protection.
You may request information about the specific countries to which your data may be transferred and the safeguards in place by contacting the tayaplus Data Protection Officer as described in Section 15.
tayaplus may send you promotional communications about bonuses, new games, sports betting promotions, and platform updates via SMS, email, or in-platform notifications. We will only send marketing communications to you if you have provided your consent to receive them during registration or through your Account Settings.
You may withdraw your consent to receive marketing communications at any time by:
Withdrawal of marketing consent will take effect within five (5) business days. Please note that withdrawal of marketing consent does not affect transactional communications that are necessary for the operation of your account, such as deposit confirmations, withdrawal notifications, OTP messages, and account security alerts. These communications are not optional and are required for the secure operation of your account.
tayaplus reserves the right to update, amend, or replace this Privacy Policy at any time to reflect changes in applicable law, PAGCOR regulatory requirements, our data processing practices, or the services we offer. The "Effective Date" at the top of this Policy will be updated to reflect the date of the most recent revision.
Material changes to this Privacy Policy — particularly changes that affect how your data is used or shared — will be communicated to you via email to your registered address or via in-platform notification, at least seven (7) days before the change takes effect. Your continued use of the tayaplus Platform after the effective date of any amendment constitutes your acknowledgment of the revised Policy.
If the revised Policy is materially unacceptable to you, you may request account closure before the changes take effect. Your account data will then be handled in accordance with the retention requirements described in Section 8.
If you have any questions, concerns, or complaints about this Privacy Policy or about how tayaplus handles your personal data, you may contact the tayaplus Data Protection Officer through the following channels:
If you are not satisfied with tayaplus's response to your privacy concern, you have the right to file a complaint with the National Privacy Commission (NPC) of the Philippines, the government body responsible for administering and enforcing the Data Privacy Act of 2012. Information on how to file a complaint with the NPC is available through official Philippine government channels.
For responsible gaming-related inquiries and self-exclusion requests, please refer to our Responsible Gaming page, which includes additional data handling information specific to player protection measures.
This Privacy Policy was last updated and takes effect as of January 1, 2026. It supersedes all prior versions.
Now you know exactly how tayaplus handles your personal information. Create your account with confidence — you must be 21 or older to play. GCash deposits accepted.