Data Protection & Privacy

Information Collection

In the course of providing services through the platform operated at aubet-77.com, Anakatech Interactive Limited, duly licensed and regulated under the authority of the Philippine Amusement and Gaming Corporation (PAGCOR), engages in the collection and processing of the following categories of personal data pertaining to registered users and website visitors:

• Identity Data: Full legal name, date of birth, nationality, and government-issued identification numbers, as required for the purposes of identity verification and regulatory compliance.
• Contact Data: Electronic mail address, telephone number, and residential or correspondence address submitted during the account registration process or subsequent profile updates.
• Financial Data: Banking institution details, payment card particulars, e-wallet account identifiers, transaction histories, deposit and withdrawal records, and associated financial documentation required for the processing of monetary transactions.
• Technical Data: Internet Protocol (IP) addresses, browser type and version, device identifiers, operating system information, session duration data, clickstream data, and cookie identifiers generated automatically upon interaction with the platform.
• Usage Data: Records of gaming activity, wagering history, session logs, platform navigation patterns, and service utilization metrics collected in the course of user engagement with the platform.
• Verification and Compliance Data: Documentation submitted in fulfilment of Know Your Customer (KYC) obligations, anti-money laundering (AML) screening results, source of funds declarations, and responsible gambling assessment records.
• Communication Data: Records of correspondence initiated by the data subject via electronic mail, live support channels, or other communication interfaces made available by the operator.

The collection of personal data is conducted exclusively through lawful means, including direct submission by the data subject, automated technical collection mechanisms, and, where applicable, third-party verification service providers engaged for regulatory compliance purposes. The provision of certain categories of personal data constitutes a mandatory prerequisite for the establishment and maintenance of an active user account and for the lawful provision of services.

Use of Information

Personal data collected by Anakatech Interactive Limited is processed exclusively for specified, explicit, and legitimate purposes as set forth herein. Processing activities are carried out in accordance with applicable data protection legislation and the regulatory requirements imposed by PAGCOR. The purposes for which personal data is subject to processing are as follows:

• Account Establishment and Administration: Personal data is processed for the purpose of creating, maintaining, verifying, and administering user accounts, including the authentication of user identity and the management of account settings and preferences.
• Service Provision and Contractual Performance: Data is processed as necessary for the performance of contractual obligations between the operator and the data subject, including the facilitation of gaming services, processing of financial transactions, crediting of winnings, and resolution of disputes arising from service use.
• Regulatory Compliance and Legal Obligations: Processing is conducted in fulfilment of legal and regulatory obligations imposed upon the operator, including KYC verification procedures, AML and counter-terrorism financing (CTF) screening, age verification, self-exclusion management, and reporting obligations to PAGCOR and other competent authorities.
• Fraud Prevention and Platform Integrity: Personal data is analysed and processed for the purposes of detecting, investigating, and preventing fraudulent activity, unauthorised account access, collusion, money laundering, and other activities constituting a violation of the operator's terms and conditions or applicable law.
• Financial Processing: Data pertaining to payment instruments and transaction records is processed for the execution of deposits, withdrawals, refunds, and reconciliation procedures in accordance with applicable financial regulations.
• Customer Support: Communication data and account information are processed for the purpose of responding to enquiries, resolving technical issues, and delivering support services to data subjects through available communication channels.
• Responsible Gambling Measures: Data is processed to monitor gaming behaviour, enforce responsible gambling limits set by the data subject, identify potential indicators of problem gambling, and administer self-exclusion or cooling-off periods as appropriate.
• Legal Claims and Dispute Resolution: Personal data may be retained and processed as necessary for the establishment, exercise, or defence of legal claims in judicial, regulatory, or arbitral proceedings.

Personal data shall not be processed for purposes incompatible with those specified above without the prior consent of the data subject or unless otherwise authorised or required by applicable law. Data is not sold, rented, or otherwise commercially transferred to third parties for their independent marketing or commercial purposes.

Security Measures

Anakatech Interactive Limited has implemented and maintains a comprehensive framework of technical and organisational measures designed to ensure a level of security appropriate to the risk associated with the processing of personal data. These measures are periodically reviewed and updated in accordance with evolving technological standards and applicable regulatory requirements.

• Encryption Protocols: All personal data transmitted between user devices and the operator's servers is protected by means of industry-standard Transport Layer Security (TLS) encryption. Sensitive data stored within the operator's systems, including financial and identification data, is subject to encryption at rest utilising established cryptographic standards.
• Access Control Mechanisms: Access to personal data is restricted on a strict need-to-know basis. Role-based access controls are enforced across all internal systems, and personnel authorised to access personal data are subject to confidentiality obligations as a condition of their engagement.
• Authentication Procedures: Multi-factor authentication protocols are applied to administrative access points and, where applicable, to user account access in order to mitigate the risk of unauthorised account entry.
• Firewall and Intrusion Detection Systems: The operator's infrastructure is protected by enterprise-grade firewall configurations and continuous intrusion detection and prevention systems. Network traffic is monitored for anomalous patterns indicative of security threats.
• Vulnerability Management: Regular security assessments, penetration testing, and vulnerability scanning are conducted across the operator's systems and infrastructure. Identified vulnerabilities are remediated in accordance with established priority frameworks.
• Data Minimisation and Retention Controls: Personal data is retained only for the duration necessary to fulfil the purposes for which it was collected or as required by applicable regulatory retention obligations. Data no longer required for these purposes is subject to secure deletion or anonymisation procedures.
• Incident Response Procedures: The operator maintains documented data breach response procedures, providing for timely identification, containment, assessment, and notification in the event of a personal data security incident, in accordance with applicable regulatory requirements.
• Third-Party Processor Oversight: Third-party service providers engaged in the processing of personal data on behalf of the operator are subject to contractual obligations ensuring the application of equivalent data protection and security standards.
• Staff Training and Awareness: Personnel engaged in activities involving the processing of personal data are required to undertake data protection training commensurate with their respective roles and responsibilities.

Notwithstanding the foregoing measures, data subjects are advised that no transmission of data over public networks can be guaranteed to be entirely secure. The operator is not in a position to warrant the absolute security of data transmitted to the platform and encourages data subjects to exercise due caution in the management of their account credentials.

Your Rights

Data subjects whose personal data is processed by Anakatech Interactive Limited are entitled to exercise a range of rights in relation to such processing, as recognised under applicable data protection legislation. The exercise of these rights is subject to applicable legal conditions and limitations, including obligations imposed upon the operator by PAGCOR licensing requirements and other applicable regulatory frameworks.

• Right of Access: Data subjects are entitled to request confirmation as to whether personal data concerning them is being processed and, where such processing is confirmed, to obtain access to a copy of the personal data concerned together with information regarding the purposes of processing, the categories of data processed, and the envisaged retention period.
• Right to Rectification: Data subjects are entitled to request the rectification of inaccurate personal data concerning them without undue delay. Where personal data is incomplete, data subjects are entitled to request that it be completed, including by means of the provision of a supplementary statement.
• Right to Erasure: Data subjects are entitled, in certain circumstances, to request the deletion or removal of personal data concerning them where there is no compelling reason for its continued processing. This right is subject to applicable retention obligations and may be limited where processing is required for the performance of a legal obligation or the establishment, exercise, or defence of legal claims.
• Right to Restriction of Processing: Data subjects are entitled to request the restriction of processing of their personal data in circumstances