01Introduction
Menace Casino values your privacy and is committed to safeguarding the personal information you entrust to us. This Privacy Policy explains what data we collect, why we collect it, how we protect it, and the rights you hold over it.
This policy is aligned with Republic Act No. 10173 — the Data Privacy Act of 2012 of the Philippines, regulated by the National Privacy Commission (NPC), and with applicable international standards including the EU General Data Protection Regulation (GDPR) for residents of the European Union. Menace Casino is operated by UNOCOMPAÑIA S.R.L. (Costa Rica registration No. 3-102-927059), the data controller.
02Interpretation and Definitions
The following terms have a defined meaning throughout this policy:
03What Information We Collect
- Account information — full name, date of birth, contact details, username and password.
- Verification details — government-issued ID, address proof and regulatory compliance documents, requested only if KYC is triggered.
- Financial data — payment details for deposits and withdrawals, including crypto wallet addresses and, for India, UPI/IMPS details.
- Technical data — device ID, browser information, IP address and usage logs.
- Cookies and tracking data — collected via cookies, as described in our Cookies Policy.
- Third-party social media data — basic profile data if you register through Google or Telegram social sign-up.
04Why We Collect Your Data
- To create, administer and secure your account.
- To process deposits, bets and withdrawals, and to facilitate gameplay.
- To comply with legal and regulatory requirements, including AML, KYC and tax obligations.
- To detect and prevent fraud and money laundering.
- To send marketing communications — only where you have given opt-in consent.
- To improve and personalise your experience on the platform.
- To monitor responsible gaming triggers and support player wellbeing.
05Legal Basis for Processing
We process your personal data only where we have a lawful basis to do so:
- Under Philippine DPA 2012 (Sections 12–13) — consent, performance of a contract, legal obligation, vital interests or legitimate interests.
- Under GDPR Article 6 for residents of the European Union.
- To meet AML and KYC obligations arising from our Anjouan Gaming Authority licence.
06Data Sharing & Third Parties
We share personal data only where necessary, and only with parties bound by appropriate confidentiality and data-protection obligations:
- Regulatory authorities and payment processors, where required by law.
- Selected service partners — software providers and analytics companies — strictly as necessary.
- KYC providers such as SumSub or Jumio, only when verification is triggered.
- Game providers, including Pragmatic Play, Evolution Gaming, NetEnt and Ebaka Games.
- Cloud and infrastructure providers, such as Cloudflare and our hosting partners.
- Marketing partners — only where you have given opt-in consent.
We do not sell your personal information. Your data is shared only for the operational, legal and consented purposes described above.
07Data Security
- Strong encryption — 256-bit SSL certified through Google Trust Services.
- Two-factor authentication available and recommended on every account.
- Employee access to personal data is restricted, logged and monitored.
- Regular security audits and reviews of our systems and processes.
No method of transmission or storage is ever completely secure, but we apply industry-standard safeguards to protect your information.
08International Transfers
Your data may be processed outside the Philippines — for example by our Costa Rica office, within the Anjouan licensing jurisdiction, or by service providers located elsewhere. Where this happens, we ensure an adequate level of protection as required by Section 21 of the Philippine DPA 2012, and we rely on Standard Contractual Clauses or equivalent safeguards where applicable.
09Your Rights
Subject to legal limits, you hold the following rights over your personal data:
- Access — to your personal data and details of how it is processed.
- Correction — to have inaccurate or incomplete data rectified.
- Restriction or erasure — to limit processing or request deletion, subject to AML retention rules.
- Withdraw consent — for marketing communications, at any time.
- Data portability — to receive your data in a portable format (DPA 2012, Section 18).
- Objection — to object to certain processing of your data.
- Complaint — to lodge a complaint with the NPC in the Philippines or your relevant data protection authority.
10Retention Policy
We retain your personal data for the lifetime of your active account and for a minimum of 5 years after account closure, as required by Philippine AMLC rules and Anjouan AML obligations. Please note that this anti-money-laundering retention period overrides erasure requests for financial data. Marketing data is retained only until you withdraw consent.
11Children's Privacy
Menace Casino does not knowingly collect personal data from individuals under 18 years of age, the minimum for the Anjouan-licensed offshore platform (PAGCOR-domestic Philippine casinos require 21+). If we discover that an account belongs to a minor, we will close it and delete the associated data, subject to mandatory AML retention.
12Policy Changes
We may revise this Privacy Policy from time to time. Changes take effect once published on this page, and we will give 30 days' notice of any material changes. Your continued use of the service after a change indicates your acceptance of the updated policy.
13Data Protection Officer & Complaints
If you have any question about this policy or wish to exercise your rights, contact our Data Protection Officer:
- DPO email — [email protected]
- Philippines — National Privacy Commission: [email protected], privacy.gov.ph
- European Union — your local Data Protection Authority (an EDPB member).
- United Kingdom — the Information Commissioner's Office (ICO).
For broader account questions, see our Terms & Conditions and contact page.