Privacy Policy

Last updated: April 2026

1. Information We Collect

AZcaptcha is a CAPTCHA solving API for legitimate automation and testing workflows. We collect information you provide directly and information generated by your use of the Service:

  • Account data: email address, username, password (hashed).
  • Payment data: transaction amounts and gateway identifiers (we do not store card numbers).
  • Usage data: API requests, task types, solve rates, timestamps, and IP addresses.
  • Technical data: browser type, operating system, referring URLs, and log data.

2. How We Use Your Information

  • To provide and maintain the Service for your automation and testing workflows.
  • To process payments and manage your account balance.
  • To send transactional emails (receipts, password resets, security alerts).
  • To detect and prevent fraud, abuse, and violations of our Acceptable Use Policy.
  • To improve our service quality and solver accuracy.
  • To enforce our Terms of Service, including monitoring for prohibited uses.

3. Cookies

We use session cookies for authentication and optional analytics cookies to understand usage patterns. You may disable cookies in your browser, however, some features may not function correctly.

4. Third-Party Services

We use the following third-party processors:

  • Payment gateways — for processing payments.
  • Email providers — for transactional email delivery.

These processors have their own privacy policies and we are not responsible for their practices.

5. Data Retention

We retain account data for as long as your account is active. CAPTCHA task data (task metadata, not captcha images) is retained for 90 days. You may request deletion of your account data by contacting support.

6. Your Rights

  • Access, correct, or delete your personal data.
  • Object to or restrict processing of your data.
  • Data portability where technically feasible.
  • Request information about how your data is used.

7. Security

We implement industry-standard security measures including encrypted connections (TLS), hashed passwords (bcrypt), HMAC-verified webhooks, and role-based access controls. No method of transmission over the internet is 100% secure.

8. Data Processing for Abuse Prevention

To enforce our Acceptable Use Policy and protect the integrity of the Service, we may analyze usage patterns to detect and prevent prohibited activities such as unauthorized access, credential stuffing, and spam. This processing is necessary for our legitimate interest in preventing misuse of the Service.

9. Contact

For privacy inquiries, contact us at [email protected]