Overview
This Privacy Policy ("Policy") describes how jlli ("jlli," "we," "us," or "our") collects, uses, stores, shares, and protects the personal information of users ("you," "Player," or "User") who access or use the jlli online gaming platform at jlli.app and all associated services, games, and features (collectively, the "Platform").
jlli is committed to protecting your privacy and handling your personal data responsibly, transparently, and in full compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations, as administered by the National Privacy Commission (NPC) of the Philippines.
By registering an account on jlli or otherwise using the Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein. If you do not agree with this Policy, please do not use the Platform.
This Policy should be read alongside our Terms & Conditions and Responsible Gaming Policy, both of which form part of the overall agreement between you and jlli.
Data We Collect
jlli collects personal data that is necessary to provide you with a safe, compliant, and enjoyable gaming experience. The categories of data we collect are described below.
2.1 Registration Data
When you create a jlli account, we collect the information you provide during the registration process, including:
- Full legal name
- Date of birth (to verify you are 21 years of age or older)
- Email address
- Mobile number (Philippine mobile number preferred)
- Residential address (barangay, city/municipality, province)
- Username and encrypted password
2.2 Identity Verification (KYC) Data
In compliance with Philippine anti-money laundering regulations and PAGCOR requirements, we may collect copies of government-issued identification documents, including:
- Philippine passport, SSS ID, UMID, driver's license, or PhilSys national ID
- Proof of address documents (utility bills, bank statements, or barangay certificates)
- Proof of payment method ownership (e.g., GCash or PayMaya account screenshots)
- Selfie or live photo for biometric identity matching where required
2.3 Financial Data
To process deposits and withdrawals, we collect transaction-related information such as:
- GCash or PayMaya account reference numbers
- Bank account details (BPI, BDO, Metrobank, or other Philippine banks) where applicable
- Transaction amounts, timestamps, and reference IDs
- Deposit and withdrawal history on your jlli account
jlli does not store full bank account numbers or card numbers on its own servers. Payment processing is handled by certified third-party payment processors who maintain their own PCI-DSS compliant security environments.
2.4 Gaming Activity Data
We automatically record data related to your gaming activity on the Platform, including:
- Games played, wager amounts, and game outcomes
- Session start and end times, session duration
- Bonus and promotion usage history
- Responsible gaming tool settings (deposit limits, cool-off periods, self-exclusion status)
2.5 Technical & Device Data
When you access the Platform, our servers and analytics tools automatically collect certain technical information, including:
- IP address and approximate geographic location (city/region level)
- Device type, operating system, and browser version
- Referring URL and pages visited within the Platform
- Session identifiers and authentication tokens
2.6 Communications Data
If you contact jlli's support team via live chat or email, we retain records of those communications, including the content of your messages, timestamps, and any attachments you provide, for quality assurance and dispute resolution purposes.
Minimum Necessary Principle: jlli collects only the personal data that is strictly necessary for the purposes described in this Policy. We do not collect sensitive personal information (such as health data, political opinions, or religious beliefs) unless required by law or expressly provided by you in a support context.
How We Use Your Data
jlli uses the personal data we collect for the following specific, legitimate purposes:
| Purpose | Data Used |
|---|---|
| Account creation & management | Registration data, KYC documents |
| Age & identity verification | Date of birth, government ID, selfie |
| Payment processing | Financial data, transaction records |
| Fraud prevention & AML compliance | All categories, transaction patterns |
| Responsible gaming monitoring | Gaming activity, session data, tool settings |
| Customer support | Communications data, account data |
| Platform security & abuse prevention | Technical data, IP address, device data |
| Legal & regulatory compliance | All categories as required by law |
| Service improvement & analytics | Aggregated, anonymized gaming & technical data |
| Promotional communications (with consent) | Email address, gaming preferences |
jlli does not use your personal data for automated decision-making that produces legal or similarly significant effects without human review, except where required by law (e.g., automated fraud screening systems that flag transactions for human investigation).
If you have opted in to receive promotional communications from jlli, you may opt out at any time by clicking the unsubscribe link in any marketing email or by contacting our support team.
Legal Basis for Processing
Under the Philippine Data Privacy Act of 2012, jlli processes your personal data on the following legal bases:
- Contractual necessity: Processing is necessary to perform the contract between you and jlli (i.e., to operate your account, process transactions, and deliver gaming services).
- Legal obligation: Processing is required to comply with applicable Philippine laws, including the Anti-Money Laundering Act (AMLA), PAGCOR regulations, and the Data Privacy Act itself.
- Legitimate interests: Processing is necessary for jlli's legitimate interests in preventing fraud, ensuring platform security, and improving our services — provided these interests are not overridden by your rights and freedoms.
- Consent: For optional processing activities such as marketing communications and certain analytics, we rely on your freely given, specific, and informed consent, which you may withdraw at any time.
Withdrawal of Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Data Sharing & Disclosure
jlli does not sell, rent, or trade your personal data to third parties for their own marketing purposes. We share your data only in the following limited circumstances:
5.1 Service Providers
We engage trusted third-party service providers who process data on our behalf under strict data processing agreements, including:
- Payment processors: GCash, PayMaya, and partner banks for transaction processing
- KYC/identity verification providers: For automated document verification and fraud screening
- Cloud infrastructure providers: For secure hosting and data storage
- Customer support platforms: For live chat and ticketing systems
- Analytics providers: For aggregated, anonymized platform usage analytics
All service providers are contractually required to process your data only for the purposes specified by jlli and to maintain appropriate security measures.
5.2 Regulatory & Legal Authorities
jlli may disclose your personal data to Philippine government agencies and regulatory bodies where required by law, including:
- The Anti-Money Laundering Council (AMLC) — for suspicious transaction reporting
- PAGCOR — for regulatory compliance and licensing obligations
- The National Privacy Commission (NPC) — in response to lawful orders or investigations
- Philippine courts and law enforcement agencies — pursuant to valid legal process
5.3 Business Transfers
In the event of a merger, acquisition, or sale of all or substantially all of jlli's assets, your personal data may be transferred to the acquiring entity. You will be notified of any such transfer and the applicable privacy terms via the email address on your account.
jlli will never share your personal data with third-party advertisers, data brokers, or marketing companies without your explicit prior consent.
Cookies & Tracking Technologies
jlli uses cookies and similar tracking technologies to operate the Platform, remember your preferences, and analyze usage patterns. The types of cookies we use are as follows:
| Cookie Type | Purpose | Can Be Disabled? |
|---|---|---|
| Strictly Necessary | Session management, authentication, security tokens | No — required for Platform to function |
| Functional | Language preferences, game settings, UI customization | Yes — via cookie settings |
| Analytics | Aggregated usage statistics, page performance monitoring | Yes — via cookie settings |
| Responsible Gaming | Session time tracking, reality check timers | No — required for player protection |
jlli does not use third-party advertising cookies or cross-site tracking technologies. You can manage your cookie preferences through your browser settings at any time. Note that disabling strictly necessary cookies may prevent you from logging in or using core Platform features.
Data Retention
jlli retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable Philippine law. The following retention periods apply:
- Account and KYC data: Retained for a minimum of five (5) years from the date of account closure, in compliance with PAGCOR regulations and the Anti-Money Laundering Act.
- Transaction records: Retained for a minimum of five (5) years from the date of each transaction, as required by AMLA and BIR regulations.
- Gaming activity logs: Retained for two (2) years from the date of each session, for responsible gaming monitoring and dispute resolution purposes.
- Customer support communications: Retained for two (2) years from the date of the last interaction, for quality assurance and dispute resolution.
- Marketing consent records: Retained until you withdraw consent, plus an additional one (1) year for compliance documentation purposes.
Upon expiry of the applicable retention period, your personal data will be securely deleted or anonymized so that it can no longer be associated with you as an individual.
Your Rights as a Data Subject
Under the Philippine Data Privacy Act of 2012, you have the following rights with respect to your personal data held by jlli:
- Right to be informed: You have the right to know what personal data jlli collects about you and how it is used — which is the purpose of this Privacy Policy.
- Right of access: You may request a copy of the personal data jlli holds about you at any time.
- Right to rectification: You may request correction of any inaccurate or incomplete personal data we hold about you.
- Right to erasure: You may request deletion of your personal data, subject to our legal retention obligations under Philippine law.
- Right to object: You may object to the processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.
- Right to data portability: You may request a structured, machine-readable copy of the personal data you have provided to jlli.
- Right to lodge a complaint: You have the right to lodge a complaint with the National Privacy Commission (NPC) of the Philippines if you believe your data privacy rights have been violated.
To exercise any of the above rights, please contact our Data Protection Officer (DPO) at privacy@jlli.app. We will respond to all verified requests within fifteen (15) business days in accordance with NPC guidelines.
Data Security
jlli implements industry-standard technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. Our security measures include:
- Encryption in transit: All data transmitted between your device and jlli's servers is encrypted using TLS 1.2 or higher.
- Encryption at rest: Sensitive personal data stored on jlli's servers is encrypted using AES-256 encryption.
- Access controls: Access to personal data is restricted to authorized jlli personnel on a strict need-to-know basis, enforced through role-based access controls.
- Two-factor authentication: jlli staff with access to personal data systems are required to use multi-factor authentication.
- Regular security audits: jlli conducts periodic security assessments and penetration testing of its Platform infrastructure.
- Incident response: jlli maintains a documented data breach response plan and will notify affected users and the NPC within 72 hours of discovering a breach that poses a risk to your rights and freedoms.
Your Role in Security: While jlli takes every reasonable precaution to protect your data, no online platform can guarantee absolute security. You are responsible for keeping your account credentials confidential and for notifying jlli immediately if you suspect unauthorized access to your account.
Children's Privacy
The jlli Platform is strictly intended for adults aged 21 years and above, in accordance with Philippine law and PAGCOR regulations governing online gaming. jlli does not knowingly collect personal data from persons under the age of 21.
If jlli discovers or is notified that personal data has been collected from a person under 21 years of age, we will immediately:
- Suspend the associated account pending investigation
- Delete all personal data associated with the underage user
- Refund any deposits made, in accordance with applicable law
- Report the incident to PAGCOR where required by regulation
If you are a parent or guardian and believe your child has registered on jlli, please contact our support team immediately at support@jlli.app so we can take prompt action.
Updates to This Policy
jlli reserves the right to update or revise this Privacy Policy at any time to reflect changes in our data practices, applicable Philippine law, or NPC guidance. When material changes are made, we will notify registered players via the email address on their account and/or by displaying a prominent notice on the Platform.
The "Effective Date" and "Last Updated" date at the top of this Policy will always reflect the date of the most recent revision. We encourage you to review this Policy periodically to stay informed about how jlli protects your personal data.
Your continued use of the Platform after the effective date of any revised Policy constitutes your acceptance of the updated terms. If you do not agree with the revised Policy, you must stop using the Platform and may request closure of your account.
Contact & Data Protection Officer
jlli has appointed a Data Protection Officer (DPO) in accordance with the requirements of the Philippine Data Privacy Act of 2012. If you have any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data, you may contact our DPO directly.
Our DPO can be reached at the following address (plain text — not a clickable link): privacy@jlli.app
For general support inquiries unrelated to data privacy, please use our 24/7 live chat on the Platform or email us at support@jlli.app.