Hello Guys,
does anybody know if S2Member and GDPR compliance?
Especially there isnt any possibility to confirm the Policy for example via checkbox…
So you sign in or pay via Paypal and then you are logged in, without any confirmation of the condition of use, privicy policy, etc…
Also what about the IPs, which are saved?
Does anybody know more about it, how to do solve these issues and set the proper settings?
Btw. iam living in Germany and of cause have to consider the GPDR.
It would make no sense for s2Member to provide a policy for GDPR compliance. It is your site that needs to be in compliance, not one specific piece of code.
What you can do is add a custom registration field (under General Options -> Registration/Profile Fields & Options) that sets out your site’s policy. You can also add a checkbox that users have to fill to show that they have read the policy. Many of us have been doing this for years to display our sites’ terms and conditions.
You can see what personal information s2Member stores (and how to display it) by looking in the Knowledgebase: https://s2member.com/kb-article/s2get-shortcode-documentation/
Finally, the latest version of WP (4.9.6) contains tools that allow members to ask for the personal details that the site stores about them. But the details provided cover only the details collected by core WP; they don’t include the details collected by s2Member. It would be great if someone found a way to add the s2Member information to the WP email that sends out the list of personal information to someone who requests it. Maybe someone will make a plugin to do this.
Look like that “someone” is me! Try this as an mu-plugin:
<?php if ( !defined( 'ABSPATH' ) ) { die(); }
/* ADD DATA COLLECTED BY s2MEMBER TO THAT EXPORTED BY CORE WORDPRESS PRIVACY TOOLS */
function kts_register_s2member_personal_data_exporter( $exporters ) {
$exporters['s2member-data'] = array(
'exporter_friendly_name' => __( 'Membership' ),
'callback' => 'kts_s2member_personal_data_exporter',
);
return $exporters;
}
add_filter( 'wp_privacy_personal_data_exporters', 'kts_register_s2member_personal_data_exporter' );
/**
* Finds and exports personal data associated by s2Member with an email address from the user and user_meta table.
*/
function kts_s2member_personal_data_exporter( $email_address ) {
$email_address = trim( $email_address );
$data_to_export = array();
$user = get_user_by( 'email', $email_address );
$user_prop_to_export = array(
's2member_custom' => __( 'Custom s2Member String' ),
's2member_subscr_id' => __( 'Subscription ID' ),
's2member_subscr_cid' => __( 'Stripe (Payment Processor) ID' ),
's2member_registration_ip' => __( 'IP Address at Registration' ),
's2member_last_payment_time' => __( 'Time of Last Payment' ),
's2member_login_counter' => __( 'Number of Logins' ),
's2member_auto_eot_time' => __( 'Subscription Expiry Date' ),
);
$user_data_to_export = array();
foreach ( $user_prop_to_export as $key => $name ) {
$value = '';
switch ( $key ) {
case 's2member_custom':
case 's2member_subscr_id':
case 's2member_subscr_cid':
case 's2member_registration_ip':
case 's2member_login_counter':
$value = get_user_field( $key, $user->ID );
break;
case 's2member_last_payment_time':
case 's2member_auto_eot_time':
date_default_timezone_set( 'EST' ); // change to appropriate timezone
$value = date( 'M jS, Y, g:i a T', get_user_field( $key, $user->ID ) );
break;
}
if ( ! empty( $value ) ) {
$user_data_to_export[] = array(
'name' => $name,
'value' => $value,
);
}
}
$data_to_export[] = array(
'group_id' => 's2member-data',
'group_label' => __( 'Membership' ),
'item_id' => "user-{$user->ID}",
'data' => $user_data_to_export,
);
return array(
'data' => $data_to_export,
'done' => true,
);
}