What is reCAPTCHA?
reCAPTCHA is a free Captcha service from Google that protects websites from spam software and misuse by non-human visitors. This service is most commonly used when you fill out forms on the Internet. A Captcha service is a kind of automatic Turing test designed to ensure that an action is done on the Internet by a human, not a bot. In the classic Turing test (named after the computer scientist Alan Turing), a person determines the distinction between bot and human. With Captchas, this is also done by the computer or a software program. Classic captchas work with small tasks that are easy for humans to solve, but have considerable difficulties for machines. With reCAPTCHA, you don’t have to actively solve any puzzles. The tool uses modern risk techniques to distinguish people from bots. Here you only have to tick the text box “I am not a robot” or with Invisible reCAPTCHA even this is no longer necessary. With reCAPTCHA, a JavaScript element is integrated into the source code and then the tool runs in the background and analyzes your user behavior. From these user actions, the software calculates a so-called captcha score. Google uses this score to calculate how likely you are to be human even before entering the captcha. reCAPTCHA or Captchas in general are used whenever bots could manipulate or abuse certain actions (such as registrations, surveys, etc.).
Why do we use reCAPTCHA on our website?
We just want to welcome people of flesh and blood to our side. Bots or spam software of all kinds are allowed to stay at home. That’s why we put all the levers in motion to protect ourselves and offer the best possible user experience for you. For this reason, we use Google reCAPTCHA from Google. So we can be pretty sure that we will remain a “bot-free” website. By using reCAPTCHA, data is transmitted to Google to determine whether you are actually a human being. reCAPTCHA therefore serves the security of our website and subsequently also your security. For example, without reCAPTCHA, it could happen that when registering, a bot registers as many email addresses as possible in order to “spam” forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.
What data is stored by reCAPTCHA?
reCAPTCHA collects personal data from users to determine whether the actions on our website actually originate from people. This means that the IP address and other data that Google needs for the reCAPTCHA service can be sent to Google. IP addresses are almost always truncated within the Member States of the EU or other contracting states of the Agreement on the European Economic Area before the data lands on a server in the USA. The IP address will not be combined with other data from Google unless you are logged in to your Google Account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether your browser already has Google cookies from other Google services (YouTube. Gmail, etc.) are placed. reCAPTCHA then sets an additional cookie in your browser and captures a snapshot of your browser window.
The following list of collected browser and user data does not claim to be complete. Rather, they are examples of data that we believe are processed by Google.
- Referrer URL (the address of the page from which the visitor comes)
- IP address (e.g. 256.123.123.1)
- Information about the operating system (the software that allows your computer to operate. Known operating systems are Windows, Mac OS X or Linux)
- Cookies (small text files that store data in your browser)
- Mouse and keyboard behavior (any action you perform with the mouse or keyboard is saved)
- Date and language settings (which language or date you have preset on your PC is saved)
- All Javascript objects (JavaScript is a programming language that allows web pages to adapt to the user. JavaScript objects can collect all sorts of data under one name)
- Screen resolution (shows how many pixels the image representation consists of)
It is undisputed that Google uses this data and analyzes it before you click on the “I am not a robot” check mark. With the Invisible reCAPTCHA version, even the ticking is omitted and the whole recognition process runs in the background. Google does not know in detail how much and what data Google stores exactly.
The following cookies are used by reCAPTCHA: We refer to the reCAPTCHA demo version of Google under https://www.google.com/recaptcha/api2/demo. All these cookies require a unique identifier for tracking purposes. Here is a list of cookies that Google reCAPTCHA has set on the demo version:
Name: Ide
Value: WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-331599626750-8
Purpose of use: This cookie is set by the company DoubleClick (also owned by Google) to register and report the actions of a user on the website in the handling of advertisements. In this way, the advertising effectiveness can be measured and appropriate optimization measures can be taken. IDE is stored in browsers under the domain doubleclick.net.
Expiration date: after one year
Name: 1P_JAR
Value: 2019-5-14-12
Purpose of use: This cookie collects statistics on website usage and measures conversions. A conversion occurs, for example, when a user becomes a buyer. The cookie is also used to show users relevant advertisements. Furthermore, you can use the cookie to prevent a user from viewing the same ad more than once.
Expiration date: after one month
Name: Anid
Value: U7j1v3dZa3315996267500xgZFmiqWppRWKOr
Purpose of use: We couldn’t find out a lot of information about this cookie. Google’s privacy policy mentions the cookie associated with “advertising cookies” such as “DSID,” “FLC,” “AID,” “TAID.” ANID is stored under Domain google.com.
Expiration date: after 9 months
Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose of use: The cookie stores the status of a user’s consent to use different services from Google. CONSENT is also used for security to verify users, prevent credential fraud, and protect user data from unauthorized attacks.
Expiration date: after 19 years
Name: Nid
Value: 0WmuWqy331599626750zILzqV_nmt3sDXwPeM5Q
Purpose of use: NID is used by Google to customize ads to suit your Google search. With the help of the cookie, Google “remembers” your most frequently entered searches or your previous interaction with ads. This way you always get tailored advertisements. The cookie contains a unique ID to collect the user’s personal settings for advertising purposes.
Expiration date: after 6 months
Name: Dv
Value: gEAABBCjJMXcI0dSAAAANbqc331599626750-4
Purpose of use: Once you have ticked the “I am not a robot” check mark, this cookie will be set. The cookie is used by Google Analytics for personalized advertising. DV collects information in anonymized form and is also used to make user distinctions.
Expiration date: after 10 minutes
Note: This list cannot claim to be exhaustive, as experience shows that Google also changes the choice of its cookies over and over again.
How long and where is the data stored?
By inserting reCAPTCHA, data is transferred from you to the Google server. Exactly where this data is stored is not clear, even after repeated requests. Without receiving confirmation from Google, it can be assumed that data such as mouse interaction, length of stay on the website or language settings are stored on the European or American Google servers. The IP address that your browser transmits to Google will not be merged with other Google data from other Google services. However, if you are logged in to your Google Account while using the reCAPTCHA plug-in, the data will be merged. The different data protection regulations of Google apply to this.
How can I delete my data or prevent data storage?
If you do not want any data to be transmitted to Google about you and your behaviour, you must log out of Google and delete all Google cookies before you visit our website or use the reCAPTCHA software. As a rule, the data will be automatically transmitted to Google as soon as you visit our site. To delete this data again, you must contact Google Support on https://support.google.com/?hl=de&tid=331599626750.
Therefore, by using our website, you agree that Google LLC and its agents will automatically collect, edit and use data.
You can learn more about reCAPTCHA on Google’s web developer page on https://developers.google.com/recaptcha/. Google is going into more detail about the technical development of reCAPTCHA, but precise information about data storage and data protection-related topics is also searched in vain there. A good overview of the basic use of data at Google can be found in the in-house privacy policy on https://www.google.com/intl/de/policies/privacy/.
Source: Created with AdSimple’s Privacy Generator in cooperation with fashiongott.de