[eatbots]

Actually, no. hCaptcha has always been very privacy-focused, so in this case there are technical safeguards available: enterprise customers can pre-blind all data on their end, meaning hCaptcha gets no PII at all.

(disclosure: work there)

[floatingatoll]

If y’all write a blog post about how your preblinding option makes you GDPR-compliant for silent embedding even though you’re a US entity, that would be front page material right now.