CaptchaLaCaptchaLa

Privacy Policy

Effective Date: 2026-04-22

This Privacy Policy describes how CaptchaLa ("we", "our", "us") collects, uses, and protects your information when you use our CAPTCHA and content moderation services. By using CaptchaLa, you agree to the practices described below.

1. Data We Collect

We collect the following categories of data:

  • Account information: email address, username, and hashed password.
  • Usage data: IP address, user agent, request timestamps, and API call metadata, collected to operate and secure the service.
  • Payment information: billing details are processed by Stripe. CaptchaLa does not store full card numbers on its own servers.
  • Cookies and local storage: session tokens, locale preferences, and basic analytics identifiers.

2. How We Use Your Data

  • Provide, maintain, and improve the CaptchaLa service, including API authentication and dashboards.
  • Detect and prevent fraud, abuse, and automated attacks — a core requirement of any CAPTCHA product.
  • Meet legal, tax, and compliance obligations, and respond to lawful requests.
  • Send transactional notices such as security alerts, billing receipts, and service announcements.

3. Third-Party Services

We share limited data with trusted processors strictly as needed to operate the service:

  • Stripe — payment processing and subscription billing.
  • Google OAuth — optional sign-in with a Google account.
  • Analytics providers (e.g., Google Analytics) — aggregate traffic measurement, if enabled.
  • Email delivery providers — transactional email such as verification and receipts.

4. Data Retention

We retain account data for as long as your account is active. After account deletion, personal data is removed within 30 days, except where longer retention is required for legal, tax, or fraud-prevention purposes.

5. Your Rights

Subject to applicable law (including GDPR and CCPA), you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your account and associated data.
  • Request a portable copy of your data.
  • Object to or restrict certain processing activities.

To exercise these rights, contact us at [email protected].

6. Security

All data is transmitted over TLS. Passwords are hashed with bcrypt. We perform regular security reviews and restrict internal access to personal data on a need-to-know basis. No system is perfectly secure, and we cannot guarantee absolute security.

7. Children

CaptchaLa is not directed to individuals under 13 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us and we will delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced by email or in-product notice at least 14 days before they take effect.

9. Contact

For privacy questions or requests, contact [email protected].