Log in Register

Privacy Notice – Chicken Road

This Privacy Notice explains what personal data we collect, how we use it, and what rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Last updated: January 2026

1. Who We Are (Data Controller)

Chicken Road, operating at balloon-apuestas.com, is the data controller responsible for your personal data. We are an online casino affiliate and review website. We do not operate a casino ourselves; we publish independent reviews and comparisons of UK Gambling Commission (UKGC) licensed operators.

If you have any questions about this notice or how we handle your data, please contact our Data Protection representative:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

2. What Personal Data We Collect

We collect the following categories of personal data when you use our website:

Data you provide directly

  • Name and email address — when you subscribe to our newsletter, submit an enquiry via our contact form, or create an account on our platform.
  • Message content — any information you include in contact form submissions or correspondence with us.
  • Marketing preferences — your opt-in or opt-out choices for promotional communications.

Data collected automatically

  • IP address and approximate location — collected automatically when your browser connects to our servers, used for security and geographic content adaptation.
  • Device and browser information — operating system, browser type and version, screen resolution, and device type (desktop, mobile, tablet).
  • Pages visited, referral source, and time on site — collected via analytics tools to understand how visitors use our website.
  • Cookies and similar tracking technologies — see Section 5 (Cookies) for full details.

We do not collect sensitive personal data (such as health data, racial or ethnic origin, or financial account credentials) through this website.

3. How We Use Your Personal Data

We use your personal data only for the purposes described below, and only where we have an appropriate legal basis to do so (see Section 4).

  • To operate and improve our website — analysing traffic patterns, fixing errors, and improving the user experience across all pages and devices.
  • To respond to your enquiries — when you contact us via our contact form or by email, we use your contact details to reply to your message.
  • To send marketing communications — if you have subscribed to our newsletter, we will send you casino news, game updates, and promotions. You can unsubscribe at any time via the link in any email.
  • To maintain website security — monitoring for fraud, spam, and abusive access attempts using IP address logs and server data.
  • To comply with legal obligations — retaining records where required by UK law, including tax and accounting obligations.
  • To enforce our Terms of Service — including investigating and acting on suspected violations.

4. Legal Basis for Processing (UK GDPR Article 6)

We rely on the following legal bases when processing your personal data:

  • Consent (Article 6(1)(a)) — for sending marketing emails and newsletters, and for placing non-essential cookies on your device. You may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Contractual necessity (Article 6(1)(b)) — to provide services you have requested, such as responding to enquiries or managing your account where applicable.
  • Legitimate interests (Article 6(1)(f)) — for website analytics, security monitoring, and fraud prevention. We have assessed that these interests are not overridden by your rights and freedoms. You may object to processing on this basis (see Section 7).
  • Legal obligation (Article 6(1)(c)) — where we are required to retain or disclose data by applicable UK law.

5. Cookies

Our website uses cookies and similar technologies. A cookie is a small text file placed on your device when you visit a website. Cookies help us deliver a functional website and understand how it is used.

Essential cookies

These cookies are strictly necessary for the website to function and cannot be disabled. They do not collect data for marketing purposes.

  • Session management cookies (maintaining your browsing session)
  • Security cookies (protecting against cross-site request forgery)
  • Cookie consent preference storage

Analytics cookies

We use analytics tools (such as Google Analytics) to understand how visitors interact with our website. These cookies collect aggregated, anonymised data including pages visited, time on site, and traffic source. We do not use this data to identify individuals.

  • Google Analytics (_ga, _gid, _gat) — retention: up to 26 months

You can opt out of Google Analytics tracking across all websites at tools.google.com/dlpage/gaoptout.

Functional cookies

These cookies enable enhanced features such as remembering your preferences (e.g., language, display settings). They are set by us or by third-party providers whose services are embedded on our pages.

You can manage your cookie preferences at any time via the cookie settings panel available in the footer of our website, or by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality of the site.

6. Sharing Your Data with Third Parties

We do not sell your personal data to any third party. We share data only in the following limited circumstances:

  • Analytics providers — Google LLC (Google Analytics) processes anonymised usage data on our behalf under a Data Processing Agreement. Google Analytics is configured with IP anonymisation enabled.
  • Email service providers — if you have subscribed to our newsletter, your email address is processed by our email delivery provider (acting as a data processor) to send communications on our behalf.
  • Hosting and infrastructure providers — our website hosting provider processes technical data (including server logs containing IP addresses) as part of delivering our web services.
  • Regulatory and law enforcement authorities — we may disclose personal data where required to do so by law, court order, or to cooperate with the UK Gambling Commission (UKGC) in the context of responsible gambling or regulatory compliance obligations.
  • Professional advisers — solicitors, accountants, and auditors, where necessary and subject to confidentiality obligations.

Where we transfer data outside the UK, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreements (IDTAs) or adequacy decisions.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law.

  • Contact form enquiries: 2 years from the date of last contact.
  • Newsletter subscriber data: for the duration of your subscription, plus 6 months after unsubscription (to suppress re-sends and handle complaints).
  • Server and access logs (including IP addresses): up to 90 days, unless an ongoing security investigation requires longer retention.
  • Analytics data: up to 26 months (as configured in Google Analytics).
  • Legal and financial records: 6 years from the end of the relevant financial year, as required by HMRC and UK company law.

When data is no longer required, it is securely deleted or anonymised.

8. Your Rights Under UK GDPR

You have the following rights in relation to your personal data. To exercise any of these rights, please contact us at [email protected]. We will respond within one calendar month.

  • Right of access (Article 15) — you may request a copy of the personal data we hold about you (a Subject Access Request).
  • Right to rectification (Article 16) — you may ask us to correct inaccurate or incomplete personal data.
  • Right to erasure (Article 17) — you may ask us to delete your personal data where it is no longer necessary, you withdraw consent, or processing is unlawful. This right is subject to certain legal exceptions.
  • Right to restriction of processing (Article 18) — you may ask us to pause processing of your data in certain circumstances, for example while a rectification request is being addressed.
  • Right to data portability (Article 20) — where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, machine-readable format.
  • Right to object (Article 21) — you may object to processing based on legitimate interests or for direct marketing purposes at any time. We will stop processing unless we can demonstrate compelling legitimate grounds.
  • Rights related to automated decision-making (Article 22) — we do not make solely automated decisions that produce legal or similarly significant effects about you.

If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO): ico.org.uk/make-a-complaint.

Your Data Rights Under UK GDPR: A Clear Summary

The UK General Data Protection Regulation grants you a specific set of rights over your personal data. These rights apply to data we hold about you in connection with your use of this website. The table below presents each right in plain English, explains how to exercise it, and confirms the response timeframe we are legally obligated to meet. These are enforceable legal rights, not courtesy policies.

Your Right What It Means How to Exercise It Response Time
Right to Access
(Article 15)		 You can request a copy of all personal data we hold about you, including how it is used, where it came from, and with whom it has been shared. Email [email protected] with “Subject Access Request” in the subject line. No fee is charged for a first request. Within one calendar month of receipt
Right to Erasure
(Article 17)		 You can ask us to delete your personal data when it is no longer necessary, when you withdraw consent, or when processing is unlawful. Subject to legal retention obligations. Email us specifying the data you want deleted and the reason. We will confirm what can be deleted immediately and what must be retained by law (e.g. tax records). Within one calendar month
Right to Portability
(Article 20)		 Where processing is based on consent or contract and is automated, you can receive your data in a structured, machine-readable format (e.g. CSV or JSON) for transfer to another service. Email us requesting a data export. Specify which data categories you require. We will deliver the export in CSV format within the response window. Within one calendar month
Right to Rectification
(Article 16)		 You can ask us to correct inaccurate or incomplete personal data we hold about you. We will act on verified corrections without delay. Email us identifying the specific data that is incorrect and providing the correct version. Include any supporting documentation where relevant. Without undue delay; within one month
Right to Object
(Article 21)		 You can object to processing based on legitimate interests (including analytics and security monitoring) or to direct marketing at any time. We will stop processing unless we can demonstrate compelling legitimate grounds. For marketing: use the unsubscribe link in any email. For legitimate interests processing: email us with your specific objection. We will assess and respond. Immediate for marketing; within one month for other objections

Understanding how we use cookies on this site requires distinguishing between three categories of cookie, each with different purposes and different opt-out options.

Cookie Category What They Collect Can You Opt Out?
Essential Session identifiers, security tokens (CSRF protection), and your cookie consent preference. No personal profiling data. These cookies are strictly necessary for the site to function correctly. No — essential cookies cannot be disabled without breaking core site functionality such as navigation, form submission, and security protection.
Analytics Pages visited, time on site, traffic source, approximate geographic region (country/region level only), device type, and browser type. All data is aggregated and anonymised. No individual users are identified. Yes — opt out via the cookie settings panel in the site footer, via your browser settings, or via the Google Analytics opt-out tool at tools.google.com/dlpage/gaoptout. Your choice is stored in an essential cookie.
Marketing We do not currently set marketing or advertising cookies on this website. If this changes, this notice and the cookie settings panel will be updated before any marketing cookies are placed, and your explicit consent will be sought. N/A — no marketing cookies are currently in use on this site.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Access controls limiting who within our organisation can access personal data
  • Regular software updates and security patching
  • Monitoring of access logs for suspicious activity

No internet transmission is completely secure. While we take all reasonable precautions, we cannot guarantee the absolute security of data transmitted to our website.

10. Changes to This Notice

We may update this Privacy Notice from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this notice periodically. Continued use of our website after changes are posted constitutes acceptance of the updated notice.

11. Contact Us

For any questions, concerns, or requests relating to this Privacy Notice or your personal data, please contact us:

We aim to acknowledge all data-related requests within 5 working days and resolve them within one calendar month, as required by UK GDPR.

UK GDPR Compliance Full
Data Retention Up to 7 years
Request Response Within 30 days
Third-Party Processors GDPR-compliant only
Cookie Consent Required
Supervisory Authority ICO (UK)

How We Handle Your Data: Full Transparency

This section provides a plain-English summary of our data practices specifically as they apply to visitors of this website. It supplements the formal Privacy Notice above. We believe that transparency about data handling should not require a legal background to understand — the table below presents each data category we process, alongside a direct explanation of how and why we use it, and what we do not collect or share. Your rights under UK GDPR are not affected by this summary; they are described in full in Section 8 of the Privacy Notice above.

Data Type How We Use It
Analytics cookies (Google Analytics) We use anonymised, aggregated data from Google Analytics to understand which pages attract the most visitors, how long visitors spend reading our content, and which device types are most common among our audience. This data informs our editorial decisions — for example, it tells us whether our mobile performance content is being read primarily on mobile, which helps us assess whether it is genuinely useful. No individual user is identified. IP addresses are anonymised before processing. You can opt out at any time via the cookie settings panel in the site footer or via the Google Analytics opt-out browser tool.
Essential session cookies A small number of cookies are strictly necessary for the website to function: a session identifier that maintains your browsing state across pages, a security token that prevents cross-site request forgery attacks on any forms you submit, and a cookie that stores your cookie consent preference so you are not prompted on every visit. These cookies contain no personal profiling data and cannot be disabled without breaking core site functionality. They expire at the end of your browser session or within a short fixed period.
Contact form submissions If you use our contact form, we receive your name, email address, and the content of your message. We use this data only to respond to your specific enquiry. We do not add contact form submissions to our newsletter list without your explicit opt-in, and we do not share the content of your messages with third parties except where legally required. Contact form data is retained for two years from the date of last contact and then securely deleted.
Newsletter email address If you subscribe to our newsletter, your email address is stored by our email delivery provider and used exclusively to send the communications you opted into. You can unsubscribe from any email via the link at the bottom of every message. Unsubscription takes effect within 48 hours. After unsubscription, your email address is retained for six months in a suppression list to prevent accidental re-sends, then deleted permanently.
Server access logs (including IP address) Our web server automatically logs the IP address, browser type, and page requested for every visit to this site. These logs are used exclusively for security monitoring — identifying unusual traffic patterns, potential denial-of-service attempts, and abusive access. Logs are retained for up to 90 days and are not used for any marketing or profiling purpose. Individual IP addresses are not shared with third parties except where required by law enforcement or a court order.
What we do NOT collect We do not collect payment information, casino account credentials, or any data from the UKGC-licensed casino platforms we review. We are an affiliate and review website, not a casino operator. We do not set marketing or advertising cookies. We do not build individual user profiles for advertising purposes. We do not sell or rent your data to any third party, and we do not use your data for any purpose not described in this Privacy Notice.
Your UK GDPR rights You have the right to access, correct, delete, or object to the processing of your personal data. You have the right to data portability for data processed by automated means on the basis of consent or contract. You have the right to lodge a complaint with the ICO at ico.org.uk. To exercise any of these rights, email [email protected] — we will respond within one calendar month as required by UK GDPR.

Your Rights Under UK GDPR: A Complete Checklist

The UK General Data Protection Regulation provides every individual whose data is processed by a UK organisation with a specific set of enforceable legal rights. These rights apply to the personal data this website holds about you and are not conditional on you being a paying customer, a newsletter subscriber, or a registered user — they apply to any personal data we process in connection with your visit to this site. The eight rights below are presented in the plain-English format we use when responding to data rights requests. Each right is referenced to its specific UK GDPR Article so that readers who wish to verify the legal basis can do so directly. Our response obligations under UK GDPR are not a courtesy — they are enforceable by the Information Commissioner's Office (ICO), which can issue fines and enforcement notices for non-compliance.

  1. Right to Access (Article 15 UK GDPR). You have the right to request a copy of all personal data we hold about you, together with information about how it is processed, on what legal basis, with whom it has been shared, and how long it will be retained. This is called a Subject Access Request (SAR). We do not charge a fee for a first SAR and must respond within one calendar month of receipt.
  2. Right to Rectification (Article 16 UK GDPR). You have the right to ask us to correct any inaccurate personal data we hold about you, or to complete any incomplete data. If you believe a name, email address, or any other personal data we hold is incorrect, contact us and we will correct it without undue delay and within one calendar month at most.
  3. Right to Erasure (Article 17 UK GDPR). You have the right to request that we delete your personal data where it is no longer necessary for the purpose for which it was collected, where you withdraw consent, where you object to processing and we have no overriding legitimate grounds, or where processing is unlawful. This right is subject to legal exceptions — for example, data we are required to retain under UK tax law cannot be deleted before the end of the legally required retention period.
  4. Right to Restriction of Processing (Article 18 UK GDPR). You have the right to ask us to pause the processing of your personal data in certain circumstances: while a rectification request is being resolved, while you contest the legal basis for processing, or where you need us to retain data for a legal claim even though we would otherwise delete it. During a restriction, we may store your data but not actively process it.
  5. Right to Data Portability (Article 20 UK GDPR). Where processing is based on your consent or on a contract with you, and is carried out by automated means, you have the right to receive your data in a structured, commonly used, machine-readable format (such as CSV or JSON) and to transfer it to another organisation. This right applies to data you have actively provided to us — such as newsletter subscription details — not to data we generate about you through analytics.
  6. Right to Object (Article 21 UK GDPR). You have the right to object at any time to processing of your personal data that is based on our legitimate interests (such as analytics and security monitoring). You also have an unconditional right to object to direct marketing at any time. For marketing, use the unsubscribe link in any email. For legitimate interests processing, contact us with your specific objection and we will assess it and respond within one calendar month.
  7. Rights Related to Automated Decision-Making (Article 22 UK GDPR). You have the right not to be subject to a decision based solely on automated processing — including profiling — that produces legal or similarly significant effects on you. We do not currently make any solely automated decisions that produce legal or significant effects about any individual who uses this website. If this changes, we will update this notice and obtain any required consent before implementing such processing.
  8. Right to Lodge a Complaint (UK GDPR Article 77 / Data Protection Act 2018 Section 165). You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have handled your personal data in breach of UK GDPR. The ICO can be contacted at ico.org.uk or by calling 0303 123 1113. We encourage you to contact us first at [email protected] as we aim to resolve all data rights requests directly within the statutory timeframe.
Right How to Exercise It Our Response Time
Right to Access Email [email protected] with “Subject Access Request” in the subject line; include enough information to identify your data (e.g. email address used to subscribe) Within one calendar month; extendable by two months for complex requests with notice to you
Right to Rectification Email us identifying the specific inaccurate data and providing the correct version; include any supporting documentation where relevant Without undue delay; within one calendar month at the latest
Right to Erasure Email us specifying the data you want deleted and the grounds for your request; we will confirm what can be deleted immediately and what must be retained by law Within one calendar month; we will notify you if any data must be retained under a legal exception
Right to Restriction Email us explaining the specific processing you want restricted and the grounds; we will confirm the restriction in writing and notify you before lifting it Within one calendar month; restriction applied as soon as technically practicable once confirmed
Right to Portability Email us requesting a data export; specify which data categories you require; we deliver exports in CSV format via secure email attachment Within one calendar month
Right to Object For marketing: use the unsubscribe link in any email (takes effect within 48 hours). For legitimate interests: email us with your specific objection Immediate for marketing unsubscription; within one calendar month for other objections
Automated Decision Rights Not currently applicable; contact us if you believe you have been subject to an automated decision with significant effects Within one calendar month of receiving your query
Right to Complain Contact the ICO at ico.org.uk or 0303 123 1113; no need to contact us first, though we encourage direct resolution attempts ICO response times vary; we engage with ICO investigations within the timeframes they specify

Transparent & Trusted

Play Chicken Road on a Fully Regulated UK Platform

Our recommended casino operator processes all data in accordance with UK GDPR and ICO guidelines. Play on a platform that takes your privacy as seriously as your gameplay experience.

Claim Bonus & Play Now

18+ | New UK players only | Min deposit £10 | T&Cs apply | BeGambleAware.org

Portrait photograph of James Calder

Lead Casino Analyst

James Calder

James has spent 11 years verifying casino licences, testing RNG fairness and analysing Chicken Road game mechanics for UK players. Every fact on this site is checked against the UKGC register before it goes live.

Full author profile