For additional protection against email flooding and job view fraud, reCAPTCHA by Google LLC can be activated in your Employee Referrals account.
Please note: if you are using the custom domain feature, please inform your point of contact before activating this feature.
Invisible reCAPTCHA for spam protection
So-called CAPTCHAs were developed to avoid email flooding and to distinguish between real users and artificial bots.
Maybe you’re more familiar with CAPTCHAs where you have to tick the check box to confirm you’re not a bot.
In order to maintain usability, we implemented "invisible reCAPTCHA" by Google. The user has to tick the check box only in exceptional cases and will not be otherwise affected when using Employee Referrals.
You can activate invisible reCAPTCHA for spam protection in your Account Preferences > Settings > General, by ticking the checkbox next to "Extended Security with Google reCAPTCHA".
As soon as the check box is activated, “invisible reCAPTCHA” will be active at the following pages:
- Forgot domain
- Forgot password
- Application form
- Direct referral (2nd window)
If the checkbox is ticked, personal data will be processed by Google. According to Google LLC, the User IP address will be processed (for more information check Google LLC policy).
For data security reasons, you have to make this service known in your data protection statement (see template: article 2.7, page 18).
Job view fraud protection
Since a Talent Scout gets points for generated job views, a Talent Scout might try to generate them in a "fraudulent" manner. In detail, a technically talented Talent Scout could program a "script" and could get too many job views or points.
In order to protect your Employee Referrals account from "fake" job views, you have the possibility to enable Job View Fraud Protection using "Google reCAPTCHA". This setting checks if it is an automated/programmed ("bot") job view or not.
You can activate reCAPTCHA for Job View Fraud Protection in your Account Preferences > Settings > General, by ticking the checkbox next to "Job View Fraud Protection".
Please note that by enabling this setting, personal information (such as the IP address of your users) will be sent to Google servers outside the EU. To be on the "safe side" here, you can activate a consent on your job advertisement (in the form of a "cookie banner").
This checkmark is set by default ("Ask for consent on the job page"). Each user must then first agree that his data may be processed through Google reCAPTCHA before he can view or apply for the job.
If the checkmark on "Ask for consent on the job page" is not set, no "cookie banner" will appear on the job ad. So there won’t be any indication for the user that Google reCAPTCHA is used. As a result, personal data is sent and processed to Google servers outside the EU without the user's active consent.
If a user does not click on "Accept", which means he rejects the use of cookies, the user can view the job ad and apply for the job. However, no job view is generated and no points are given to the Talent Scout.
If the checkbox is ticked, personal data will be processed by Google. According to Google LLC, the User IP address will be processed (for more information check Google LLC policy).
For data security reasons, you have to make this service known in your data protection statement (see template: article 2.7, page 18).