1. Overview
We operate a short human verification step before redirecting the browser. We minimise data collection and avoid advertising or behavioural profiling on this service.
2. Data we may process
To operate challenges, prevent abuse, and comply with security obligations, we may process:
- Transient technical data related to the verification flow (for example timing of interactions, tokens or cryptographically signed session values tied to the check, and hashed or derived network signals);
- IP addresses and similar connection metadata for rate limiting, fraud prevention, and diagnostics;
- HTTP request metadata that servers typically receive (for example user-agent, referrer, and language hints) where needed for operation or logging;
- Abuse report contents you voluntarily submit via the Report abuse form.
3. Data we do not use this service to build
We do not use this verification gateway to:
- Run behavioural advertising or sell personal data to data brokers;
- Place third-party advertising cookies for cross-site tracking;
- Build individual marketing profiles across unrelated sites.
4. Retention
Challenge-related technical data is kept only as long as operationally necessary, typically on the order of minutes to a few days, after which it is deleted or aggregated beyond individual identification where feasible. Security logs may be retained for a longer period in line with legal obligations or incident response needs.
5. Legal basis (EEA / UK reference)
Where the General Data Protection Regulation (GDPR) or UK GDPR applies, we rely on legitimate interests in securing the service, preventing bot abuse, and protecting users and infrastructure. These interests are balanced against individual rights; you may have rights of access, erasure, objection, and complaint to a supervisory authority under applicable law.
6. Processors and transfers
Infrastructure providers (for example hosting, DNS, TLS, or DDoS protection) may process data on our behalf under contractual safeguards. If data crosses borders, we aim to use appropriate transfer mechanisms where required.
7. Children
The service is not directed at children. If you believe we have processed a child’s data improperly, contact us via the abuse reporting channel.
8. Contact
For privacy-related requests tied to this host, use Report abuse and specify “privacy” in the subject line of your message.
9. Changes
We may update this policy from time to time. Material changes will be reflected by updating the date above.