kitayamachu Privacy Policy

Your privacy matters to kitayamachu. This Policy explains exactly what personal data we collect, why we collect it, how we use it, and the rights you hold under Philippine law as a data subject.

Last Updated: 1 June 2026

Introduction
Data Controller
Data We Collect
How We Collect Data
Legal Basis for Processing
How We Use Your Data
Sharing Your Data
Cookies & Tracking
Data Retention
Security Measures
Your Rights
Children's Privacy
Policy Changes
Contact Us

1. Introduction

kitayamachu ("kitayamachu", "we", "us", "our") is committed to protecting the privacy and personal data of all registered players and website visitors. This Privacy Policy ("Policy") sets out the basis on which personal data collected from or about you will be processed by kitayamachu in connection with the website kitayamachu.vip and all services offered thereon.

This Policy is issued in compliance with Republic Act No. 10173, the Data Privacy Act of 2012 of the Republic of the Philippines ("DPA"), and its Implementing Rules and Regulations issued by the National Privacy Commission ("NPC"). All personal data processing activities described in this Policy are conducted in accordance with the principles of transparency, legitimate purpose, and proportionality mandated by the DPA.

By registering an account with kitayamachu, making use of any kitayamachu service, or continuing to browse kitayamachu.vip, you acknowledge that you have read and understood this Policy and consent to the processing of your personal data as described herein. This Policy should be read alongside kitayamachu's Terms & Conditions and Responsible Gaming Policy.

                
                kitayamachu services are available only to persons who are 21 years of age or older. We do not knowingly collect personal data from individuals under 21. If you believe a minor has submitted data to kitayamachu, please contact us immediately.
              

2. Data Controller

For the purposes of the Data Privacy Act of 2012 and this Policy, the data controller responsible for your personal data is kitayamachu, the operator of the website kitayamachu.vip. As data controller, kitayamachu determines the purposes and means of processing your personal data.

kitayamachu has appointed a Data Protection Officer ("DPO") in accordance with the requirements of the National Privacy Commission. The DPO is responsible for overseeing compliance with this Policy and the DPA. Any data subject requests or privacy-related inquiries may be directed to the DPO via the contact details provided in Section 14 of this Policy.

3. Categories of Personal Data We Collect

kitayamachu collects the following categories of personal data from players and website visitors. The collection of each category is limited to what is necessary for the specified purpose.

Category	Examples	Purpose
Identity Data	Full legal name, date of birth, nationality, government ID number (SSS, UMID, passport, driver's licence)	Account registration, KYC verification, age verification, AML compliance
Contact Data	Email address, mobile number, residential address (city, province)	Account communication, support, regulatory notifications
Financial Data	GCash number, Maya account, bank account details (BPI, BDO, UnionBank), transaction history	Processing deposits and withdrawals, AML monitoring, fraud prevention
Account & Gaming Data	Username, password (hashed), game history, betting records, session duration, bonus activity	Platform operation, responsible gaming monitoring, dispute resolution
Technical Data	IP address, device type, browser type and version, operating system, session logs	Security, fraud detection, platform performance, geolocation compliance
Communication Data	Support chat transcripts, email correspondence with kitayamachu	Support resolution, quality assurance, legal record-keeping

4. How We Collect Your Data

kitayamachu collects personal data through the following means:

Direct submission: Data you provide when creating a kitayamachu account, completing KYC verification, making deposits or withdrawals, contacting customer support, or participating in promotions.
Automated collection: Data collected automatically as you interact with kitayamachu.vip, including through cookies, web beacons, session logs, and device fingerprinting technologies. See Section 8 for full details on cookies.
Third-party sources: Data received from payment processing partners (e.g., GCash, Maya, BPI, BDO) in connection with transaction processing, and from identity verification service providers used for KYC compliance.
Publicly available sources: In exceptional circumstances related to AML or fraud investigation, kitayamachu may access publicly available information about a player, consistent with the limitations of the DPA.

5. Legal Basis for Processing

kitayamachu processes personal data only where a valid legal basis under the Data Privacy Act of 2012 exists. The applicable legal bases for kitayamachu's processing activities are:

Consent: Where you have given explicit consent for specific processing activities, such as receiving marketing communications from kitayamachu.
Contractual necessity: Processing necessary for the performance of the contract between you and kitayamachu — principally, operating your account, processing deposits and withdrawals, and providing gaming services.
Legal obligation: Processing required to comply with applicable legal obligations, including PAGCOR regulatory requirements, AML obligations under Republic Act No. 9160 (Anti-Money Laundering Act), and data subject requests under the DPA.
Legitimate interests: Processing for the legitimate interests of kitayamachu, including fraud prevention, platform security, responsible gaming monitoring, and business analytics, where these interests are not overridden by your fundamental rights and freedoms.

6. How kitayamachu Uses Your Data

Personal data collected by kitayamachu is used for the following purposes:

Creating, verifying, and managing your kitayamachu account, including KYC and age verification (21+ requirement).
Processing financial transactions — deposits, withdrawals, and bonus credits — through your chosen payment method (GCash, Maya, BPI, BDO, UnionBank, etc.).
Providing access to kitayamachu games including live casino, slots, bingo, and sports betting services.
Detecting, investigating, and preventing fraud, money laundering, underage gambling, and other prohibited conduct on the kitayamachu platform.
Monitoring gameplay for responsible gaming purposes, including identifying patterns indicative of problem gambling behaviour and enforcing self-exclusion requests.
Sending account-related communications including transaction confirmations, security alerts, and mandatory regulatory notices.
Sending promotional communications about kitayamachu offers, bonuses, and new game releases — only where you have provided consent, and only by the communication channel(s) you have specified.
Complying with applicable Philippine law, PAGCOR regulations, and lawful orders of regulatory and law enforcement authorities.
Improving kitayamachu platform performance, user experience, and game offerings through aggregated, anonymised analytics.

7. Sharing and Disclosure of Your Data

kitayamachu does not sell, rent, or trade your personal data to third parties for their own marketing purposes. Personal data is shared only in the following circumstances and only to the extent necessary:

7.1 Payment Service Providers

Financial data is shared with payment processing partners (GCash, Maya, BPI, BDO, UnionBank, and other supported payment methods) solely to process your transactions. These providers are contractually bound to process your data only for the specified transaction purpose and in accordance with the DPA.

7.2 Identity Verification and KYC Partners

Identity data submitted for KYC verification may be processed by contracted third-party identity verification service providers. All such providers are required to meet kitayamachu's data protection standards and are bound by data processing agreements.

7.3 Game Software Providers

Certain game providers may receive anonymised session data necessary to deliver their games through the kitayamachu platform. kitayamachu does not share personally identifiable information with game providers beyond what is technically required for platform integration.

7.4 Regulatory and Law Enforcement Authorities

kitayamachu will disclose personal data to PAGCOR, the Anti-Money Laundering Council (AMLC), the National Privacy Commission, or other competent Philippine authorities when required by law, court order, or legitimate regulatory request.

7.5 Corporate Transactions

In the event of a merger, acquisition, or sale of assets involving kitayamachu, personal data may be transferred to the relevant successor entity, subject to equivalent data protection obligations. Players will be notified of any such transfer in advance.

8. Cookies and Tracking Technologies

kitayamachu uses cookies and similar tracking technologies on kitayamachu.vip. Cookies are small text files stored on your device that help us provide and improve the kitayamachu service. The categories of cookies used are:

Strictly necessary cookies: Essential for the operation of the kitayamachu platform — including session authentication, fraud prevention, and load balancing. These cannot be disabled without affecting platform functionality.
Performance cookies: Used to collect aggregated, anonymised data about how players navigate kitayamachu.vip, enabling us to identify performance issues and improve the platform.
Functional cookies: Store your preferences (e.g., language selection, game lobby layout) to personalise your kitayamachu experience.
Analytics cookies: Used to understand user behaviour patterns in aggregate. Data collected is anonymised before analysis and is not used for individual player profiling.

You may manage cookie preferences through your browser settings. Disabling non-essential cookies will not prevent you from using core kitayamachu services, though some personalisation features may be affected.

9. Data Retention

kitayamachu retains personal data only for as long as necessary to fulfil the purposes for which it was collected, subject to the following retention periods:

Account data and transaction records: Retained for a minimum of five (5) years from the date of the last transaction or account closure, in compliance with AML obligations under Philippine law.
KYC documentation: Retained for a minimum of five (5) years following account closure or the last transaction.
Gaming session logs: Retained for two (2) years from the date of the session, unless required for longer retention due to an ongoing investigation or dispute.
Support communications: Retained for two (2) years from the date of the communication.
Marketing consent records: Retained until consent is withdrawn or for three (3) years from the date of last interaction, whichever is earlier.

Upon expiry of the applicable retention period, personal data is securely deleted or anonymised in a manner that prevents reconstruction of the original data subject's identity.

10. Security Measures

kitayamachu implements technical and organisational security measures appropriate to the risk profile of the personal data we process, including:

Transport Layer Security (TLS 1.3) encryption for all data transmitted between your browser or app and kitayamachu servers.
AES-256 encryption for personal data stored at rest, including financial data and identity documentation.
Bcrypt hashing for all stored account passwords. kitayamachu never stores passwords in plain text.
Access controls ensuring that personal data is accessible only to kitayamachu personnel with a legitimate operational need, subject to role-based access permissions and audit logging.
Regular third-party security audits and penetration testing of the kitayamachu platform infrastructure.
24/7 security monitoring for anomalous access patterns, intrusion attempts, and data breach indicators.

In the event of a personal data breach that poses a risk to the rights and freedoms of data subjects, kitayamachu will notify the National Privacy Commission within 72 hours of becoming aware of the breach, and will notify affected data subjects without undue delay, in accordance with the DPA and NPC Circular No. 16-03.

11. Your Rights as a Data Subject

Under the Data Privacy Act of 2012, you have the following rights with respect to your personal data held by kitayamachu. To exercise any of these rights, please contact us using the details in Section 14.

Right to Access

You have the right to request a copy of the personal data kitayamachu holds about you and information about how it is being processed. Requests will be fulfilled within 30 days of receipt, subject to identity verification.

Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data held by kitayamachu. You may update certain account information directly through your kitayamachu account settings; changes to identity documentation require submission of updated KYC materials.

Right to Erasure

You may request deletion of your personal data where it is no longer necessary for the purpose for which it was collected, where you withdraw consent (and no other legal basis applies), or where the data has been unlawfully processed. This right is subject to legal retention obligations, particularly under AML regulations.

Right to Object

You have the right to object to the processing of your personal data where processing is based on legitimate interests, including profiling for marketing purposes. Where you object to direct marketing processing, kitayamachu will cease that specific processing immediately.

Right to Data Portability

Where technically feasible and where processing is based on consent or contract, you may request your personal data in a structured, commonly used, machine-readable format for transfer to another service provider.

Right to Lodge a Complaint

If you believe kitayamachu has processed your personal data in breach of the DPA, you have the right to lodge a complaint with the National Privacy Commission of the Philippines. kitayamachu asks that you contact us first to allow us to resolve your concern directly.

12. Children's Privacy

kitayamachu services are strictly restricted to persons who are 21 years of age or older, in accordance with Philippine gambling regulations enforced by PAGCOR. kitayamachu does not knowingly collect personal data from persons under the age of 21.

If kitayamachu becomes aware that personal data has been collected from a person under 21, the relevant account will be immediately suspended, all associated data will be deleted without delay, and any deposits and winnings associated with the underage account will be handled in accordance with applicable regulations.

Parents and guardians who believe their child has accessed or registered on kitayamachu should contact us immediately using the contact information in Section 14. kitayamachu takes underage access violations extremely seriously and will cooperate fully with any regulatory investigation arising from such an incident.

13. Changes to This Privacy Policy

kitayamachu reserves the right to update or amend this Privacy Policy at any time. The date of the most recent revision is displayed at the top of this page. Material changes — including changes to the categories of data collected, the purposes for which data is used, or the parties with whom data is shared — will be communicated to registered kitayamachu players via email notification to the registered account address at least 14 days before the changes take effect.

Your continued use of the kitayamachu platform following the effective date of any amendments constitutes your acceptance of the revised Policy. If you do not agree to the amended Policy, you must cease using the kitayamachu platform and may request account closure.

14. Contact & Data Subject Requests

For privacy-related inquiries, data subject rights requests, or to contact kitayamachu's Data Protection Officer, please use the following contact details. kitayamachu aims to acknowledge all data subject requests within three (3) business days and to resolve them within thirty (30) days.

Data Protection Officer, kitayamachu
Support email: [email protected]

Please include "Data Privacy Request" in your subject line and provide your registered kitayamachu account email and username to enable us to locate your data and respond efficiently. For security purposes, kitayamachu may require identity verification before fulfilling data subject requests.

How kitayamachu Protects Your Data

Six practical commitments that show what data protection means in the kitayamachu context — for players in Manila, Cebu, Davao, and everywhere else in the Philippines.

No Plain-Text Passwords

kitayamachu never stores your login password in readable form. Passwords are hashed using bcrypt with a high work factor before storage. Even in the unlikely event of a server compromise, your kitayamachu password cannot be recovered from stored data.

TLS 1.3 Encryption in Transit

Every data exchange between your browser and kitayamachu.vip is encrypted using TLS 1.3 — the current gold standard in transport security, applied consistently across all kitayamachu pages and API endpoints, including login, deposits, and KYC upload.

Role-Based Data Access

Within kitayamachu, your personal data is accessible only to staff members with a verified operational need — processed under strict role-based access controls with full audit logging. No blanket access to player data exists for any team or individual.

DPA 2012 Compliance

kitayamachu's data processing practices are built around the Republic Act No. 10173 (Data Privacy Act of 2012). Our appointed Data Protection Officer oversees compliance and is the designated contact for NPC inquiries and data subject rights requests.

Scheduled Data Deletion

kitayamachu applies structured data retention schedules. Data is deleted or securely anonymised as soon as the retention period expires. We do not hold your data indefinitely — only as long as legally required or operationally necessary.

72-Hour Breach Notification

In the event of a data breach that poses a risk to data subjects, kitayamachu is committed to notifying the National Privacy Commission within 72 hours and affected players without undue delay — in accordance with NPC Circular No. 16-03.

Your Data is Safe at kitayamachu

Now that you know exactly how kitayamachu handles your personal data, sign in to your account and enjoy the full platform — live casino, slots, bingo, and sports betting in Philippine Pesos.

21+ only. Gambling involves risk. Please play responsibly. PAGCOR regulations apply.