Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Statuspage recaptcha usage vs GDPR

Pierre-Nicolas Theisen
Pierre-Nicolas Theisen February 2, 2023

Hello!

The statuspage is using recaptcha to mitigate bot abuse: https://community.atlassian.com/t5/Statuspage-articles/Abuse-mitigation-for-Statuspage-email-SMS-and-webhook/ba-p/1234356

We are seeing the recaptcha cookie on the statuspage but natively I don't see any "choice and consent" being requested to the end user when going to the statuspage.

It seems to me that recaptcha is not GDPR compliant "out of the box", from multiple articles, see this top google search example:

Out of the box, no. Google’s Recaptcha tool deployed solely on a website without adequate notices and consent mechanisms would breach GDPR.

(https://measuredcollective.com/gdpr-recaptcha-how-to-stay-compliant-with-gdpr/)

Has anybody already looked in this "issue/topic"?

Thanks!

Answer
Watch
Like Simon Moore likes this
488 views

1 answer

1 accepted

1 vote
Answer accepted
Abraham Musalem
Abraham Musalem
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 3, 2023

Hey there,

Thanks for reaching out to Statuspage support. From my understanding, our RECAPTCHA is a required cookie so there does not need to be a consent/opt-in notification. This was reviewed by our product and legal teams. 

If you do however have any more specific questions, feel free to submit a ticket via support.atlassian.com! 

Cheers,
- Abraham, Statuspage Support  

View More Comments
Pierre-Nicolas Theisen
Pierre-Nicolas Theisen February 10, 2023

Hi Abraham, thanks for your reply!

Yeah I guess the fact that it's a "required" cookie doesn't give me "proof" that it does not track my data, thus making it eventually fall under the GDPR/CCPA legislation (back to the quote I've added in my initial post).

I'll submit a specific request then, thanks!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Statuspage
Statuspage
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events