02/02/2023 11:45:09

Privacy Policy



The Data Controller informs you, in your capacity as an interested party, that it will process your personal data, possibly even belonging to particular categories where requested and provided by the same, in compliance with the regulatory requirements of the sector and, in particular, those referred to in European Regulation n. 679/16, to Legislative Decree 196/03 as amended by Legislative Decree 101/18, to the Guidelines and indications provided over time by the Authority for the Protection of Personal Data, as well as by anyspecial laws that specifically regulate the processing of data belonging to particular categories in order to guarantee a reinforced guarantee to the interested party.


  1. Treatment: any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as the collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction;

  2. Personal Data: any information relating to an identified or identifiable natural person ("data subject"); the natural person who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, is considered identifiable, physiological, genetic, psychic, economic, cultural or social (e.g. unique identifier of the machine where the Burraconline game is installed).

  3. Data belonging to particular categories: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as processing genetic data, biometric data intended to uniquely identify a natural person, data relating to health or sexual life or sexual orientation of the person.

  4. Navigation data: The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified data subjects, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site: except for this possibility, the data on web contacts (navigation data) do not persist for more than seven days.


  1. The Data Controller of your personal data belonging to particular categories is Siesta Soft S.L. (VAT ESB72397904), based in Calle Valle de la Ballestera, 32, 46015, Valencia (Spain), email [email protected]


  1. The owner will process your Personal Data for the achievement of specific purposes and only in the presence of a specific legal basis provided for by the applicable legislation on the protection of individuals with regard to the processing of personal data, as well as the free circulation of data. Specifically, the Data Controller will process your Personal Data only when one or more of the following legal bases apply:

  • You have given your free, specific, informed, unequivocal and express consent to the processing;

  • the processing is necessary for the execution of a contract of which you are a party or for the execution of pre-contractual measures adopted at your request;

  • in the presence of a legitimate interest of the Data Controller;

  • the Data Controller is required to process by virtue of a legal obligation to process Personal Data.

The purposes for which your Personal Data are processed by the Data Controller and the legal basis on which the processing is based are listed below:

Purpose of the processing


Legal basis

Allow the use of all the features of the Site and the Burraconline game


Execution of the contract

Check the correct functioning of the Site and the Burraconline game.


Execution of the contract

To ascertain and implement timely compliance with the contractual and regulatory obligations envisaged


Execution of the contract

Offer technical, commercial and, more generally, customer care services


Execution of the contract

Execution of the contractual services referred to in the terms and conditions and regulations present in the footer of the home page of the website


Execution of the contract

Find a question from the interested party.


Execution of pre-contractual measures adopted at the request of the interested party / Execution of the (gaming) contract

Assessment of responsibility in the event of computer crimes against the Site or the Burraconline game


Legitimate interest

Control of the quality and effectiveness of any assistance services offered, as well as to adequately guide the training actions of persons authorized to process


Legitimate interest

Allow the security checks required by law.


Legitimate interest; Legal obligation

Forwarding to the interested party telephone, electronic and / or paper communications regarding events and / or news relating to Burraconline and / or Siesta Soft S.L. (so-called soft spamming)


Legitimate interest

In the case of extraordinary operations of merger, sale or transfer of a business unit, in order to allow the implementation of the operations necessary for the due diligence and preparatory to the sale. It is understood that exclusively necessary data will be processed for the aforementioned purposes, in an aggregate / anonymous form as much as possible.


Legitimate Interest

Allowing the Company to fulfill legal obligations (including administrative ones), regulations or required by community legislation.


Legal obligation

Detection, prevention, mitigation and assessment of fraudulent or illegal activities in relation to the services provided on the Site or the use of the Burraconline game


Legitimate interest; Legal obligation

Receive free burraconline game


Execution of pre-contractual measures adopted at the request of the interested party / Execution of the (gaming) contract

Formation of lists of names to be sent information and commercial communications (e.g. by telephone or electronic contact - newsletter) on SiestaGames or third party activities, promotions and corporate initiatives (marketing)


Consent of the interested party

Formation of lists of names to be transferred or granted for use to third parties to whom information and commercial communications (e.g. via telephone or electronic contact - newsletter) on activities, promotions and corporate initiatives of their own or of other third parties (marketing)


Consent of the interested party

Customer profiling


Consent of the interested party

  1. There is no automated decision-making process referred to in Article 22, paragraphs 1 and 4 of EU Reg. No. 679/16, except in the case of denial of registration for those subjects who have been the subject of a previous "ban" (prohibition against a subject from communicating or accessing a website, server, chat, forum .. etc) by Burraconline due to previous conduct contrary to the regulation and the terms and conditions of use.


  1. Your personal data may be processed, by virtue of a specific contract and for the aforementioned purposes, also by external data processors appointed for this purpose by the Data Controller who carry out activities connected and instrumental to the provision of the services provided, by way of example but not exhaustively:

  • professionals appointed to perform a specific service (e.g. accountant);

  • supplier of goods and / or services in outsourcing;

  1. Your personal data may also be transferred to third parties in order to comply with legal or contractual obligations and only for the time necessary to pursue this purpose; by way of example but not exhaustively:

  • public security authorities, judicial authorities (upon specific request) and other recipient bodies and / or authorities by law e regulations.

  1. Finally, your data may be processed by the Data Controller's employees authorized for this purpose by the same in order to fulfill the duties and tasks assigned to them according to the purposes previously expressed.

  2. Should your data be required for statistical purposes, they will be transmitted anonymously.


  1. Your personal data will generally be processed within the European Union and stored on servers generally located within the European Union. Any transfer of data to international organizations and / or non-EU countries will take place according to one of the methods permitted by current legislation with the adoption of Standard Clauses approved by the European Commission, the selection of subjects adhering to international programs for free circulation of data (eg EU-USA Privacy Shield) or operating in countries considered adequate by the European Commission. In the absence of an adequacy decision (see art.45, par.3, GDPR) or adequate guarantees (see art.46 GDPR), including binding corporate rules, the transfer or a series of transfers of your personal data may take place to a third country or an international organization only if such transfer is necessary to carry out the execution of the current relationship between the Data Controller and the Data Subject, or - in the absence - on the basis of the consent freely and knowingly expressed by the interested party (after providing information on the possible risks resulting from such transfers) and, in any case, where one of the hypotheses referred to in art. 49 GDPR.


  1. Your personal data will be kept only for the time necessary to achieve the purposes of the processing indicated above, in compliance with the principles of proportionality and necessity. In particular, your Personal Data will be kept as long as the contractual relationship with the Data Controller exists and in any case until 10 years have elapsed from the conclusion of the relationship, without prejudice to the possible conservation of the same for a further period where necessary for the purposes of management of ongoing judicial actions and the fulfillment of specific oneslegal obligations. The personal data of only those banned by the Burraconline.com community and related services (e.g. website and / or application) will, on the other hand, be kept for a period of 100 years in order to avoid new access and / or use and, at the end, definitively canceled.

  2. The conservation takes place both in paper and electronic form. In both the conservation methods, suitable security measures, designed to guarantee the integrity, confidentiality and availability of the information, are put in place and checked periodically.


  1. The interested party has the right to ask the Data Controller for access to your personal data (in the sense of knowing which personal data are being processed concerning him), to correct or delete them; you may also request the limitation of the processing of personal data concerning you or to oppose their processing, in addition to the right to the portability of your data pursuant to and for the purposes of art. 20 of the EU Reg. No. 679/16.


  1. At any time the interested party has the right to revoke his consent given. In this case, the interested party is aware of the fact that the revocation does not affect the lawfulness of the treatment based on the consent given before the revocation, just as he is aware of the fact that any revocation will not allow the provision of the service based on the consent given. .


  1. You will also have the right at any time to lodge a complaint with the Authority for the Protection of Personal Data; by:

  • registered letter with return receipt addressed to the institutional headquarters of the Authority for the Protection of Personal Data (currently in Piazza di Montecitorio, 121, 00186 Rome);

  • e-mail address available on the institutional website (currently: [email protected] , or[email protected])

  • fax to the number of the guarantor available on the institutional website (currently: 06 / 69677.3785)

or to take appropriate judicial offices.


  1. The provision of your data, even those belonging to particular categories, must be freely expressed by you. The provision of your Personal Data is, however, necessary in all cases in which the processing takes place on the basis of a legal obligation or to execute a contract of which you are a party or from the execution of pre-contractual measures adopted at your request. Any refusal of it could make it impossible for the Data Controller to implement the purpose for which the Personal Data are collected.

  2. Finally, you will be asked to express in writing your consent to the processing of your personal data for the specific hypotheses indicated above in which the consent must be given: in this case, the lack of consent for these purposes does not prevent the use of the services from render for cases in which consent is not necessary.