Is this plugin GDPR compliant?

  • Resolved Artan

    (@artankrasniqi1988)


    8 months, 1 week ago

    Hi,

    first thanks for your super plugins! As in Europe data protection gets tougher, time is running out for using solutions like Googles reCAPTCHA or other data eating solutions.

    As I understood, this plugin only stores all data internally and no data is shared or gets out of the site? Can u confirm this? This would be a super solution to be GDPR compliant.

    Thanks for your answer! ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Takayuki Miyoshi

    (@takayukister)

    Since I’m the developer of the plugin I can swear that the Really Simple CAPTCHA plugin itself doesn’t have any ability to store its data in any databases.

    Since I’m not a lawyer I don’t know if it is compliant with GDPR.

    Kind advice: If a plugin or theme author told you their products were compliant with some legislation such as GDPR, that could be a guideline violation.

    Thread Starter Artan

    (@artankrasniqi1988)

    Hi @takayukister,

    thx for your clarification. Then it′s good to go. It′s important that no data is flowing out of our websites from the users that use the form. Like tracking behavior or other data that needs a consent in EU through cookie banners, etc.

    That′s why your plugin “Really Simple CAPTCHA” is a very good alternative to Google or Akismet solutions. They track and store data of visitors as I know. Perhaps they are better for fighting bots / spam mails, but still.

    I really recommend you to put your plugin in the admin bar of WordPress under “integrations” where the other addons for CF7 sit. Because I didn′t know this existed and it′s missing there. People would find it faster!?

    It would give specially people from EU a better workaround to avoid legal conflicts with Google or Akismet. You wouldn′t have to “advertise” it as “GDPR friendly” but say that it′s not storing data etc. People would understand and I think u can boost the usage of your plugin a bit. ??

    Would be cool for easy integration!

    Thanks for your work and passion! Will donate u something this year as I really like your plugins!

    Regards

    Plugin Author Takayuki Miyoshi

    (@takayukister)

    I no longer recommend this plugin. Not only because it is weak against today’s intelligent bots, it is also harmful to accessibility.

    European people often tell me that reCAPTCHA is non-compliant with GDPR, but none of them has shown evidence of that.

    Thread Starter Artan

    (@artankrasniqi1988)

    But perhaps Really Simple CAPTCHA ist still better then nothing. Googles reCAPTCHA seems to store a lot of data that is not allowed in EU without consent. And if you would have to block it until the user “allows” it through cookie consent tool, then bots would still have free way, which is pretty stupid regulation here. Then it doesn′t really make sense to use it.

    What I found is that reCAPTCHA could store data like:

    • Page that integrates reCAPTCHA
    • Referrer URL (page from which the user comes)
    • IP address of the user
    • Device settings (language, browser, location)
    • Length of stay
    • Mouse movements and keyboard strokes
    • Screen and window resolution
    • Time zone and Installation of browser plugins

    There are some articles here in Germany which say it is a “grey zone” of using it and if someone wants to piss you off, that person could start legal action if no cookie consent option is given, so this makes the solution either useless as it gets blocked till consent is given or you have it all the time activated and someone could start legal action because no consent was given.

    So I prefer your less “safe” option. Perhaps you will keep this updated with your own CAPTCHA. I would be thankful.

    Thank you and keep up your good work! ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Is this plugin GDPR compliant?’ is closed to new replies.