|Documentation Showing - Data Collected / Collected for What Purpose / Artifacts Left Behind / Left Behind for What purpose?
||1/8/14 2:53 PM
I believe reCAPTCHA is going to work well for the purposes I am intending, but I need to complete some due diligence first concerning:
- Data captured by reCAPTCHA from the user, for what purpose, and how long it is retained;
- Data captured by reCAPTCHA from the site, for what purpose, and how long it is retained; and
- Artifacts that are left behind on the user's device (cookies, beacons, etc.) for what purpose and with what expiration models.
From a mix of the documentation, forum content and privacy policies of UK sites using reCAPTCHA, I am guessing that:
- reCAPTCHA collects the user's IP Address, correlates that with the site visited and stores it in logs indefinitely to ensure compliance with the terms of service. Although they say that they do not share that data, they have the right to do anything they wish with it.
- reCAPTCHA leaves behind PREF, NID and SNID cookies with a six month life to keep track of preferences - though I do not what those preferences are or why they are necessary.
- Since there is a "invalid-request-cookie" error, I am guessing that there may be session cookie(s) as well -- but I do not know.
Can someone point me to any documentation that may discuss this subject? Those UK sites must have found out about the "preference" cookies somewhere...