CCPA-Compliant CAPTCHA
Friendly Captcha is fully CCPA-compliant.
Friendly Captcha is a CCPA-compliant CAPTCHA that puts privacy first. It ensures full compliance with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).
Because Friendly Captcha doesn’t track users or store personal information in persistent browser storage, it is ideal for enterprises operating in California or serving California residents.
CCPA Compliance With Friendly Captcha
No CAPTCHA Cookies
- No HTTP cookies
- No persistent data storage in browsers
- No user consent required
No sale or sharing of personal information
- No personal information is shared or sold
- No user data is disclosed to third parties
- No opt-out link needed
Data security without compromise
- Non-personal security measures
- No data collection of sensitive personal information
- Proof-of-Work CAPTCHA tests that protect privacy
Full Transparency
- Open source front-end code
- Transparent privacy policy
- Precise data processing agreement
Upgrade to a Fully CCPA-Compliant CAPTCHA
Most traditional CAPTCHA solutions collect personal data, use tracking technologies, and require user consent. This creates friction for users and compliance headaches for your business.
Try Friendly Captcha. Stay CCPA-compliant. Stay in control.
CCPA Compliance Checklist
Friendly Captcha acts as a service provider under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). It is built for privacy-first security and full compliance. Here’s how it helps your enterprise meet legal requirements:
Data minimization only
We process only technically necessary data for bot protection. Under CCPA §1798.100(c), enterprises have to limit data collection to what's necessary for the disclosed purpose.
Limited use for security
Data is used solely to distinguish humans from bots – not for marketing. According to CCPA §1798.100(b), CAPTCHA data may only be used for purposes communicated at the time of collection.
No cookies or persistent storage
Friendly Captcha operates without HTTP cookies or persistent browser storage. Under CCPA §1798.100 and §1798.130, businesses must clearly disclose their data collection practices, purposes, and recipients.
No sale or sharing of personal data
We don't sell or share user data, including IP addresses or biometric identifiers. In accordance with CCPA §1798.135(a), enterprises don't have to place a visible "Do Not Sell or Share My Personal Information" link.
Privacy by design via Proof-of-Work
Friendly Captcha verifies users through computation, not personal data. Extensive profiling and behavioral tracking are not involved.
Full transparency
We don't like decisions from a black box. Our front-end code is open source, data processing is fully documented, so users and regulators can clearly see what data is being processed and why.
See our privacy policy for end users to learn more.
FAQ
Designed to meet the requirements of the California Consumer Privacy Act, Friendly Captcha avoids collecting, selling, or sharing personal data. Friendly Captcha is a CCPA-compliant security solution that does not store any data on the client side. It does not rely on third-party tools that could share personal user data, such as IP addresses, ensuring full compliance without the need for a “Do Not Sell or Share My Personal Information” link.
The California Privacy Rights Act (CPRA) enhances and expands the California Consumer Privacy Act (CCPA) by granting California residents greater control over their personal information. The CPRA establishes new rights, such as the right to correct inaccurate data and limit the use of sensitive personal information. It also creates the California Privacy Protection Agency to enforce these rules. The CPRA took effect on January 1, 2023.
Both reCAPTCHA and hCaptcha use machine learning to track mouse movements and analyze user interactions. They also set tracking cookies. In contrast, Friendly Captcha uses an invisible proof-of-work mechanism that respects user privacy. Therefore, Friendly Captcha is the California Consumer Privacy Act-compliant CAPTCHA service that provides strong bot protection without storing unnecessary data or affecting the user experience.
The CCPA applies to California-based businesses that meet at least one of the following criteria: annual gross revenues exceeding $25 million; buying, selling, or sharing the personal information of at least 100,000 consumers or households; or earning at least 50% of annual revenue from selling personal information. The CCPA covers both direct data collection and indirect sharing through tools like cookies and third-party services. Friendly Captcha helps you stay compliant by avoiding tracking, cookies, and personal data collection altogether.
To become CCPA-compliant, businesses must do the following:
Disclose what personal data is collected and how it is used
Provide consumers with the right to access or delete their data, or opt out of its sale or sharing
Update privacy policies and implement internal processes to handle data requests
Offer a “Do Not Sell or Share My Personal Information” link on their website, if applicable
Using privacy-first security solutions like Friendly Captcha can help reduce your compliance burden by avoiding the collection of personal data entirely.
Choose a CCPA-Compliant CAPTCHA
Protect your website without CAPTCHA cookies and avoid trouble with sharing or selling of personal information. Friendly Captcha is designed to help you stay CCPA-compliant by default.
Improve user experience
Friendly Captcha is completely automated and fully accessible. Experience it yourself!
Start your integration
Adding Friendly Captcha takes only minutes and just a few lines of code.
