Privacy Policy

Last updated: March 2, 2026

1. Introduction

The Tournamently Player Portal (the "Portal") is committed to protecting your personal data in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173) and its implementing rules and regulations.

This Portal is operated for Tournamently through a secure online platform to facilitate player registration and eligibility verification for tournaments.

By creating an account or using the Portal, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described below.

2. Information We Collect

We collect the following categories of information:

A. Account Information

• Full name
• Email address
• Encrypted password
• Account role (player, coach/manager, parent/guardian)

B. Player Profile Information

• First name, middle initial, last name, suffix
• Sex
• Date of birth
• Nationality
• Province and municipality/city
• Team/club affiliation
• Coach name
• Member ID (if applicable)

C. Identity Verification Documents (Sensitive Personal Information)

• PSA-issued Birth Certificate
• Passport
• 2x2 ID photo

These documents contain sensitive personal information and are collected solely for identity and age eligibility verification purposes, with the explicit consent of the data subject or lawful guardian.

D. Event Registration Data

• Event and category registrations
• Doubles partner information (if applicable)
• Payment transaction reference number and status

The Portal does not store credit card numbers, bank account numbers, or other full payment credentials.

E. Automatically Collected Data

• Login timestamps
• Device and browser information
• System activity logs

3. How We Use Your Information

Your information is used strictly for the following purposes:

• Creating and managing player accounts
• Verifying identity, age, and eligibility for tournaments
• Processing tournament registrations
• Recording payment reference details
• Allowing coaches or guardians to manage player profiles (where applicable)
• Maintaining official registration records
• Ensuring system security and preventing fraud

4. Legal Basis for Processing

We process personal and sensitive personal information based on:

• Explicit consent of the data subject, particularly for sensitive personal information such as birth certificates and passports; and
• Legitimate interests of Tournamently and authorized organizers in verifying player eligibility and managing tournament registrations, provided these interests do not override the fundamental rights and freedoms of the data subject.

5. Optical Character Recognition (OCR)

Uploaded identity documents may be processed using Optical Character Recognition (OCR) technology to extract date-of-birth information for eligibility verification.

The OCR process:

• Is used solely to assist verification
• Does not produce automated decisions with legal or similarly significant effects
• May be supplemented by manual review by authorized administrators

6. Data Sharing

We may share limited personal information with:

• Event organizers — for registered events
• Authorized Tournamently administrators — for verification and record management
• Payment processors (e.g., Xendit) — for payment processing
• Cloud service providers — for secure data storage and system hosting
• Government or regulatory authorities — when legally required

We do not sell personal data to third parties.

7. Data Transfers

Personal data may be processed or stored in secure cloud servers that may be located outside the Philippines. Appropriate contractual safeguards and security measures are implemented to ensure compliance with the Data Privacy Act of 2012.

8. Data Retention

• Account and profile information are retained while the account remains active and for up to two (2) years after the last tournament participation for record-keeping and dispute resolution purposes.
• Uploaded government-issued identification documents (e.g., birth certificate or passport) are retained only for verification purposes and are permanently deleted within ninety (90) days after verification or after the conclusion of the relevant tournament, whichever comes first.
• Backup copies are overwritten in accordance with our cloud service provider's data lifecycle policies.

9. Data Security

We implement appropriate organizational, physical, and technical safeguards including:

• Secure HTTPS encryption for all data transmission
• Encrypted password storage
• Private cloud storage for sensitive documents
• Role-based access control (RBAC)
• Restricted access to sensitive documents on a strict need-to-know basis
• Regular system updates and security monitoring

While we implement reasonable safeguards, no system can guarantee absolute security.

10. Minors

Players under eighteen (18) years of age must have their accounts created or authorized by a parent, legal guardian, or authorized coach.

By registering a minor, the parent, guardian, or coach confirms that they have the authority to provide consent for the collection and processing of the minor's personal data.

11. Your Rights

Under the Data Privacy Act of 2012, you have the right to:

• Access — access your personal data
• Correction — request correction of inaccurate data
• Erasure or Blocking — request erasure or blocking of data (subject to legal obligations)
• Object — object to processing
• Portability — request data portability
• Complaint — file a complaint with the National Privacy Commission

To exercise these rights, please contact us using the details below.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Portal or via registered email. Continued use of the Portal constitutes acceptance of the updated policy.

13. Contact Information

For data privacy concerns or requests:

Tournamently
Email: support@tournamently.app

You may also contact the designated Compliance Officer for Privacy through the above email address.