What is Google reCAPTCHA? And what are the privacy implications if you’re using it on your site? In this post, you’ll learn all about it and what you need to know to comply with the GDPR, keep reading!
reCAPTCHA is a SPAM protection service provided by Google that helps protect websites from spam and abuse. It may analyse traffic, (potentially containing Users’ Personal Data) with the purpose of filtering the parts of traffic recognized as Bots or SPAM and “keeping automated software from engaging in abusive activities on your site”.
_grecaptcha is a functional cookie used by Google recaptcha. It’s used for risk analysis in spam protection and may store browsing device information.
Yes, you do.
If you use reCAPTCHA, you should add the “Google reCAPTCHA” service to your privacy policy. The Personal Data collected are various types of Data specified in their Privacy Policy.
Yes, you do.
reCAPTCHA may install cookies on your visitors’ devices, as stated in their Privacy Policy. Therefore, you’ll need a Cookie Policy as well.
In general, websites that use third-party cookies as well as their own cookies for tracking and analytics must comply with the law and to do so are required to obtain the user’s express consent. Therefore, if you use Google reCAPTCHA and _grecaptcha and have Europe-based users (if you’re based in Europe), you’ll need a cookie banner.
👉 Check out our guide to identify the cookies your site installs in browsers.
Need a cookie policy? 👉 Generate a Cookie Policy in 10 seconds
💡 See it in action here:
With iubenda, you can easily declare which services your website uses to collect data. You can find the “Google_reCAPTCHA” service in the “Registration and authentication” section of our Privacy and Cookie Policy Generator.
Simply click to add the service and save! That’s it.
Quickly generate a fully customizable cookie banner, seamlessly collect consent, and implement prior blocking with asynchronous re-activation.
🚀 Get started with compliance in seconds.
