We are excited to announce that reCAPTCHA is switching from a “data controller” offering to a “data processor” offering on April 2, 2026 and will begin processing reCAPTCHA data in alignment with other Google Cloud services. With this switch, customers deploying reCAPTCHA on their websites will become data controllers, determining the purpose and means of processing their users’ personal data, while Google will become a data processor, processing the data collected on our customers' websites as instructed by our customers.
What is changing?
To effectuate this switch, we are updating our Google Cloud Platform Service Specific Terms that govern the use of reCAPTCHA. A customer’s users accessing reCAPTCHA-protected websites will no longer be subjected to Google’s Privacy Policy and Terms of Use, and Google will remove those references from the reCAPTCHA badge used in customer deployments. reCAPTCHA will process data gathered at customer websites in accordance with our Cloud Data Processing Addendum.
What do you need to do?
If your website currently displays references to Google’s Privacy Policy and Terms of Use in connection with reCAPTCHA, remove those references from your website.
What are the benefits ?
- Customer control: Your users’ personal data gathered at your web and mobile surfaces will be processed by reCAPTCHA in accordance with your instructions.
- Purpose-driven processing: As a reCAPTCHA customer, your data will be used only as necessary to provide and maintain reCAPTCHA, and ensure that reCAPTCHA’s security, threat detection, protection, and response capabilities remain effective against evolving threats.
Are there any impacts to reCAPTCHA service ?
Apart from the aforementioned changes, reCAPTCHA will continue to function without any other changes or service interruptions. Customers can continue to use their existing site keys, create new site keys using the Cloud Console, and access all advanced features such as Account defense, Password defense, SMS defense, Transaction defense, and Mobile SDK for Android & iOS to prevent fraud and abuse from bots, humans and agents. For a complete list of reCAPTCHA features, please refer to the documentation.
As previously communicated, customers utilizing Classic reCAPTCHA keys have had their keys migrated to the Google Cloud Platform and associated with a dedicated Google Cloud project.
How can I get help ?
You can get help by posting your questions in the Google Cloud reCAPTCHA Community page, reaching out to your Google sales contact, or opening a GCP support ticket.
