S2Member and GDPR Legislation

rnwhalley · 6 April 2018 14:32

On the 28 May 2018 new Data Protection rules come into effect in Europe and are often referred to as GDPR. They give website users considerable rights in terms of their data, how it’s treated and how they can gain access to it. For example

People will have easy access to their own data and be able to transfer personal data from one service provider to another more easily (right to data portability).

This affects anyone who has a member in Europe. I’m concerned that I may not be able to comply with all the requirements of the act using the existing tools in S2Member.

Has anyone looked into this? Made any arrangements of their own?

Thanks

KTS915 · 6 April 2018 14:51

s2Member already provides the tools you need to stay compliant. It’s just up to you to use them.

Specifically, you should provide a Billing Cancellation form (or button) and set Automatic EOT Behavior to Delete.

rnwhalley · 6 April 2018 14:55

I’m not referring to deletion here as there is much more than that in the act. For example, you have to provide users with the ability to download their own information from the database. There are also many other requirements for GDPR.
I have looked for KB articles on the subject of complying with GDPR but couldn’t find anything.

KTS915 · 6 April 2018 15:01

s2Member doesn’t store personal data, so that issue is moot. (You can see what it stores simply by going to the list of users in the admin pages.)

rnwhalley · 6 April 2018 15:03

I’m sorry but it allows users to store their name. It also stores their IP address which is considered under the act to be personal data. This isn’t a “moot point”.

KTS915 · 6 April 2018 23:01

I had assumed you were already displaying the user’s name, which makes the point moot. I suppose I shouldn’t have. And you’re right about the IP address.

You can retrieve and display everything collected by s2Member by using the methods described here: https://s2member.com/kb-article/s2get-shortcode-documentation/

So you can show the IP address, for example, with this:

[s2Get user_field="s2member_registration_ip" /]

rnwhalley · 6 April 2018 15:23

Thanks, that’s very helpful. I hadn’t thought of using the shortcodes to display the fields.

rcarlucci · 23 April 2018 15:19

Anyway do you plan to make any new release to facilitate the implementation of the new GDPR Legislation?
Regards
Renzo

KTS915 · 23 April 2018 17:02

It’s not my plugin. I am just a user.