Support » Plugin: Contact Form 7 » reCAPTCHA and GDPR

  • Is the reCAPTCHA function within Contact Form 7 ready for GDPR? Are you using the remoteip parameter that is optional?

    In GDPR it is not allowed to capture personal data (such as the IP address) without consent. Also it is not allowed to give it to third parties (like google) without consent.

    Please see: Verifying the user’s response

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Takayuki Miyoshi


    Thanks for the heads-up. Now it uses the remoteip parameter. Maybe I’ll remove it from the next release.

    Thank you very much.

    You could give us an option in “integration” settings. Maybe there are people who would like to keep using remoteip. Or even opt in to remoteip in combination with a cookie consent plugin. Providing hooks so that other plugins can opt in for that function after visitor gives his consent.

    Hi there,
    just to be sure, as I don’t know enough about remoteip:
    when using this parameter is the user information safe? can google no longer collect the IP address and other information that it collects normally with the recaptcha?
    would appreciate the clarifation!
    thanks a lot!

    Hello. Just to confirm, is this plugin now GDPR compliant/?

    @ensof: It seems that remoteip is only used to syndicate if Ip address that requests the image is different to the IP address that requests the page.

    Please have a look at Google recaptcha remoteip explanation

    So if you use remoteip or don’t it still can be (and is most likely) that Google checks the IP address of the visitor.

    You will need to further investigate this. Nevertheless you will at least need a paragraph in your privacy policy stating reCAPTCHA and refer to Art. 6 Sect. 1 lit. f GDPR.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘reCAPTCHA and GDPR’ is closed to new replies.