Personal Data Settings

Removal Method:

• Automatically remove account and all associated Personal Data Account will be removed from system completely, all related Personal Data will be deleted(incl. access and invoice logs), all recurring subscriptions will be cancelled. This action can't be reversed and not recommended if you need to keep invoices for tax/vat purposes.

• Send removal request to Site Admin This action does not remove any data from system. Removal request will be sent by email to Site Admin. All further actions should be done by admin manually.

• Automatically anonymize Personal Data User Personal Data will be anonymized, access/invoice log will be deleted. Using this method, invoices and payments won;t be deleted. All necessary information that is required for tax/vat purposes(incl. user country and IP address) will not be affected.

Notify 3rd parties for erasure

You have to inform all third parties that you have deleted user's Personal Data. If you use integration plugins like WordPress, or add user to newsletter lists in mailchimp, user's Personal Data have to be removed from third-parties too.

aMember will try to do this automatically but that process may require your manual attention. If automatic process has failed for some reason, new "Personal Data Delete" request will be added, admin will also get email notification about failure.

Signup Forms

According to GDPR regulations:

Individuals have the right to be informed about the collection and use of their personal data.

You must provide individuals with information including:

• your purposes for processing their personal data,
• your retention periods for that personal data, and who it will be shared with.

You must provide privacy information to individuals at the time you collect their personal data from them.

Make sure that you have added agreement brick with "Terms of Use" and "Privacy Policy" to each Signup Form.

Make sure that agreement checkbox is not pre-selected as this does not count as "consent"

You also may need to re-work your "Terms of Use" and "Privacy Policy" information that you provide on signup page. We have implemented special plugin for this case. Plugin allow to re-request agreement consent from user. You can find it at aMember CP -> Configuration -> Add-ons.
Plugin name: force-i-agree

Newsletter Lists

GDPR states clearly that:

Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her, such as by a written statement, including by electronic means, or an oral statement

So if you add user to any newsletter list you should clearly mention that on signup page. You should not add user to list without user attention so make sure that you do not enable Auto-Subscribe users to list in newsletter list configuration.

Personal Information that is being collected by default

1. None of Personal Information is being sent to CGI Central or amember.com
2. aMember PRO uses jQuery CDN to load jQuery js library, so user's IP address could be visible for jQuery.com
3. By default aMember PRO asks to provide customer Email, Name and Username unless you have changed this in forms editor at aMember CP -> Configuration -> Forms Editor.
4. Customer's IP address is being collected by system.
5. Above information could be passed to payment processor that you have enabled at aMember CP -> Configuration -> Add-ons (Paysystems).
6. aMember PRO do not store any cookies to track customers (unless you have conversion track or google analytics plugins enabled). Only sessions cookies are being set. These cookies are required by system in order to provide services for customer. Some other plugins like facebook, google connect, twitch connect may add own cookies and tracking info.

You may need to update your site's Privacy Policy according to above information.