mnl365 Privacy Policy

This Privacy Policy is issued by mnl365 ("we," "our," "the Platform"), the operator of the online gaming website accessible at mnl365.org, and applies to all personal data collected from individuals who register, visit, or interact with the mnl365 Platform in any capacity. This includes registered account holders, visitors who browse the Platform without registering, and individuals who contact mnl365 for customer support.

mnl365 processes personal data in compliance with the Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and issuances of the National Privacy Commission (NPC) of the Philippines. We are committed to handling your personal information with transparency, proportionality, and respect for your privacy rights as a data subject.

This Policy applies to data collected through the mnl365 website, live chat support, email correspondence, and any other channel through which you provide information to us. It does not apply to third-party websites, payment processors, or game providers whose own privacy policies govern the handling of your data on their respective platforms.

mnl365 collects personal data across several categories, depending on the nature of your interaction with the Platform. Below is a description of the categories of data we may hold about you:

mnl365 does not collect sensitive personal information — such as health data, political opinions, religious beliefs, or biometric data — except where strictly required for responsible gaming self-assessment tools at a Player's own initiative.

mnl365 collects personal data through the following channels and methods:

• Direct collection: Information you provide when creating your account, completing KYC, making deposits or withdrawals, contacting customer support, or participating in promotions;
• Automated collection: Technical and usage data collected automatically through browser cookies, session logs, server logs, and similar technologies each time you access the Platform;
• Third-party sources: Identity verification information returned by KYC verification services; fraud detection signals from payment processors; and device reputation data from security services used to protect the Platform;
• Payment processors: Transaction confirmation data from GCash, Maya, BPI, BDO, Metrobank, Coins.ph, and other payment channels when you make deposits or receive withdrawals.

All data collection by mnl365 is proportionate to the purposes for which it is collected and is limited to what is necessary for those purposes.

Under the Data Privacy Act of 2012, mnl365 processes personal data on the following legal grounds:

• Consent: Where you have freely given specific, informed, and unambiguous consent to the processing of your data for a particular purpose, such as receiving promotional communications;
• Contractual necessity: Where processing is necessary to perform the contract between you and mnl365 — including account management, processing deposits and withdrawals, and providing access to gaming services;
• Legal obligation: Where processing is required to comply with applicable Philippine law, including but not limited to the Anti-Money Laundering Act (RA 9160), Data Privacy Act (RA 10173), and Electronic Commerce Act (RA 8792);
• Legitimate interests: Where processing is necessary for the legitimate interests of mnl365, including fraud prevention, platform security, responsible gaming monitoring, and service improvement, provided such interests are not overridden by your privacy rights;
• Vital interests: In limited circumstances where processing is necessary to protect the vital interests of a data subject, such as where a Player has disclosed a welfare concern through the responsible gaming tools.

mnl365 uses the personal data it collects for the following purposes:

• Account creation and management: To register your account, verify your identity, maintain your wallet, and provide you with access to all Platform features;
• Transaction processing: To process deposits via GCash, Maya, BPI, BDO, Metrobank, Coins.ph, and USDT TRC20, and to execute withdrawal requests to your registered payment method;
• KYC and identity verification: To comply with legal obligations requiring us to verify that Players are who they claim to be, and that deposits originate from legitimate sources;
• Anti-money laundering compliance: To monitor transaction patterns and flag activity that may indicate money laundering, fraud, or other financial crime in accordance with RA 9160;
• Responsible gaming: To monitor gaming behaviour and identify indicators of problem gambling, to enforce Player-requested limits or exclusions, and to comply with responsible gaming obligations;
• Customer support: To respond to your enquiries, resolve complaints, and maintain records of support interactions;
• Platform security: To detect and prevent fraud, account takeovers, collusion, bonus abuse, and other unauthorized activity on the Platform;
• Service improvement: To analyse usage patterns and improve the Platform's features, performance, and user experience;
• Marketing and promotions: Where you have provided consent, to communicate promotional offers, bonuses, and updates relevant to your account. You may withdraw this consent at any time.

mnl365 does not sell your personal data to any third party. We share personal data only in the following circumstances and only with parties that have appropriate data protection measures in place:

• Payment processors: GCash, Maya, BPI, BDO, Metrobank, Coins.ph, and other payment service providers receive necessary financial data to process your transactions. Each processor is subject to its own privacy policy and Philippine financial regulations;
• Game content providers: Third-party studio providers (including Evolution Gaming, Pragmatic Play, PG Soft, and JDB) may receive your account identifier and session token to authenticate you in their game environments. They do not receive your full identity or financial data;
• Identity verification services: KYC and identity verification providers receive the documents and personal data you submit during the KYC process for the purpose of verifying your identity against their databases;
• Regulatory and law enforcement authorities: mnl365 will disclose personal data to the Anti-Money Laundering Council (AMLC), the National Privacy Commission (NPC), law enforcement agencies, or other Philippine government bodies where required by law or pursuant to a valid legal process;
• Fraud prevention services: Device fingerprinting, IP reputation, and fraud risk scoring services may receive technical data to assist in protecting the Platform from unauthorized access and fraudulent activity;
• Professional advisers: Legal counsel, accountants, or auditors engaged by mnl365 who are subject to confidentiality obligations.

mnl365 retains personal data for no longer than is necessary for the purposes for which it was collected, subject to legal retention obligations. The following general retention schedule applies:

Upon expiry of the applicable retention period, personal data is securely deleted or anonymised so that it can no longer be attributed to an identifiable individual. Anonymised data may be retained for analytical and statistical purposes indefinitely.

mnl365 implements technical and organizational security measures designed to protect your personal data against unauthorized access, accidental loss, destruction, alteration, or disclosure. These measures include:

• TLS 1.3 encryption for all data transmitted between your device and the mnl365 servers, including login credentials, session data, and financial transaction details;
• Password hashing using bcrypt — your login password is never stored in plain text on mnl365 servers and cannot be read by any member of the mnl365 team;
• Access controls limiting internal access to personal data to personnel who require it for their specific operational role, subject to confidentiality obligations;
• Session security including device fingerprinting, IP monitoring, and secondary verification for logins from unrecognized devices;
• Regular security assessments to identify and remediate vulnerabilities in the Platform's infrastructure.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, mnl365 will notify the National Privacy Commission (NPC) within the timeframe required by RA 10173 and will inform affected individuals as required by law.

mnl365 uses cookies and similar tracking technologies to operate the Platform effectively, maintain your session, and improve the Platform's functionality and performance. The following types of cookies are used:

• Strictly necessary cookies: These cookies are required for the Platform to function. They maintain your login session, preserve your account preferences, and enable the wallet and game systems to operate. These cannot be disabled without rendering the Platform non-functional;
• Functional cookies: These remember choices you have made — such as your preferred language setting or which games you have recently accessed — to provide a more personalized experience;
• Analytics cookies: These collect information about how visitors use the Platform, including which pages are visited most frequently and whether error messages are encountered. All data collected is aggregated and anonymised. This helps mnl365 improve the Platform;
• Security cookies: These assist in fraud detection and prevention by identifying device characteristics and flagging unusual login patterns.

You may control cookie settings through your browser. Note that disabling strictly necessary cookies will prevent the Platform from functioning correctly. mnl365 does not use third-party advertising or behavioural targeting cookies.

mnl365 engages third-party service providers to support certain Platform functions. Where these providers process personal data on our behalf, they do so as data processors under data processing agreements that require them to maintain appropriate security standards and use the data only for the specific purpose for which it was shared.

• Payment service providers (GCash / Maya / BPI / BDO / Metrobank / Coins.ph): Process financial transactions and return confirmation data to mnl365;
• KYC and identity verification providers: Verify government-issued Philippine identification documents against authorized databases;
• Game content studios (Evolution Gaming, Pragmatic Play, PG Soft, JDB, and others): Receive session authentication tokens to deliver game content. They process usage data under their own privacy policies;
• IT infrastructure and cloud hosting providers: Host mnl365 Platform data in secure environments;
• Anti-fraud and security services: Analyse technical and behavioural signals to detect unauthorized access and fraudulent activity.

Links to the mnl365 Platform from third-party sources, or navigation from the mnl365 Platform to a third-party game provider interface, will take you outside mnl365's direct data control. mnl365 is not responsible for the privacy practices of third-party websites or platforms.

If mnl365 becomes aware that personal data has been collected from a person under 21 years of age — whether through registration, gameplay, or any other interaction — the relevant account will be suspended immediately and the data will be deleted from our systems as quickly as practicable, except where retention is required to document the breach for regulatory purposes.

If you are a parent or guardian and believe that a minor under your care has created an account or provided personal data to mnl365, please contact our support team immediately via live chat or at [email protected]. We will take prompt action to investigate and resolve the situation.

Some third-party service providers engaged by mnl365 — including certain game content studios, cloud infrastructure providers, and fraud prevention services — may process personal data outside the Philippines.

Where personal data is transferred outside the Philippines, mnl365 takes steps to ensure that appropriate safeguards are in place, including:

• Data processing agreements that incorporate privacy and security obligations equivalent to those required under RA 10173;
• Transfer only to jurisdictions or organizations that provide an adequate level of personal data protection as assessed under applicable Philippine data privacy standards;
• Limiting the scope of data transferred to the minimum necessary for the specific service being provided.

By using the mnl365 Platform, you consent to these cross-border transfers to the extent they are necessary for the provision of services described in this Policy.

To exercise any of the data rights described in this Policy and summarized in the section above, please contact the mnl365 Data Protection Officer using one of the following channels:

When submitting a data rights request, please include your registered Philippine mobile number, a brief description of your request, and a copy of a valid government-issued Philippine ID so that we can verify your identity before processing the request. This verification step is required to prevent unauthorized access to your data by third parties.

• mnl365 will acknowledge your request within 5 business days;
• Requests will be resolved within 30 calendar days of receipt, or within an extended period of up to 45 days for complex requests, with prior notification;
• Certain requests — particularly for erasure — may be subject to legal retention requirements under the Anti-Money Laundering Act or other applicable law that take precedence over the request.

mnl365 reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, legal obligations, or Platform operations. When material changes are made:

• The "Last updated" date at the top of this document will be revised;
• Registered Players will be notified via an on-screen notification upon their next login to the Platform;
• The updated Policy will be accessible at mnl365.org/privacy-policy.

Your continued use of the mnl365 Platform following the effective date of any amendment constitutes your acceptance of the updated Privacy Policy. If you do not agree with the revised terms, you must cease using the Platform and may request account closure.

mnl365 has designated a Data Protection Officer (DPO) responsible for overseeing compliance with RA 10173 and this Privacy Policy. The DPO can be contacted for any data privacy enquiry, complaint, or rights request:

If you are dissatisfied with how mnl365 has handled your personal data or a data rights request, you have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines. For further information about the NPC and your rights under RA 10173, please refer to the NPC's official resources.

For terms governing your use of the Platform, please review the Terms & Conditions. For responsible gaming tools and resources, visit the Responsible Gaming page. For common account questions, see the FAQ.