logo
Log In Sign Up
logo
Log In Sign Up

Easy legal compliance

Private Captcha is a GDPR/CCPA-compliant CAPTCHA solution without any user tracking, cookies or PII collection.

Start free trial

GDPR/CCPA ready

No personal data processing. DPA ready.

EU-only suppliers

All infrastructure and suppliers are based in the EU.

Transparency

Our code is publicly available for an audit. Or self-hosting.

No end-user tracking

We do not collect behavioral or personal data.

No cookies

No cookies - no need for intrusive pop-ups.

We work with EU suppliers you can count on

Bunny
Hetzner
Scaleway

Built for GDPR compliance by design

Make your website compliant by using a CAPTCHA protection that will not complicate your privacy policy.

No tracking

User privacy is the foundational principle for us: no cookies, no tracking, no PII processing on our servers. This is easily verifiable because our code is publicly available.

Learn more

EU Isolation

Special mode where it's enforced that all requests are routed only to servers located in the EU, instead of the closest location around the world.

Learn more

Self-hosting

In addition to other privacy guarantees, you have an option to host Private Captcha solution on your premises, thus having full data ownership and routing control.

Learn more

Frequently Asked Questions

How does Private Captcha technology work?
Instead of asking users to solve complex puzzles or track their behavior, Private Captcha solves an invisible cryptographic task in the background. The system automatically adjusts the task difficulty, ensuring smooth access for real users while making it too costly for bots to attempt. Cryptographic task provides equal security regardless of bot's intelligence level, making it effective even as AI technology improves. Which is hard to say about image/sound recognition tasks of other captchas.
How does Private Captcha tell bots and users apart?
On scale, bots exhibit different usage patterns and fingerprints statistics than real users. Detection of those patterns is part of the Private Captcha solution.
How does Private Captcha comply with data protection regulations like GDPR?
Private Captcha does not use any client-side tracking technologies like cookies and does not retain Personally Identifiable Information (PII) on its backend systems. As part of service operation, user data is anonymized and aggregated, making it impossible to track to any individual user.
Can we use Private Captcha if our compliance requires strict EU-only data sovereignty?
Private Captcha is powered by exclusively European suppliers. If you want to ensure that no data is transferred to other countries due to geographic routing, you can also use our EU-only API endpoints.
Does Private Captcha share your data?
The data we collect belongs to you. We do not collect PII and aggregated data we do collect is not shared with any third-parties. Outside of the hosting companies that own servers on which data is stored, no other vendor can access it.
Do you offer a signed DPA?
Our DPA is part of our Terms and is binding upon acceptance of those terms - when you create your account you have to accept it. If you require a formally signed separate copy for your records, please contact support and we will provide you a digital version for your countersignature.
How does Private Captcha improve user experience upon Google reCAPTCHA?
The Private Captcha widget offers better accessibility for website visitors, regardless of their cognitive abilities. Also, it is a more lightweight (17 vs 220 kB) solution that does not require cookie banners and therefore reduces friction of using the website.
More questions

Compare with others

Google reCAPTCHA

  • Grey area (at best)

Private Captcha

CloudFlare Turnstile

  • Quite likely

  • Enterprise tier only

Protect your forms and APIs from abuse

Independent, privacy-first, self-hostable CAPTCHA service made in EU

Log in Start free trial