Skip to main content

GDPR

What Is GDPR

The General Data Protection Regulation (GDPR) is a European Union (EU) law took effect on May 25, 2018. The goal of GDPR is to give EU citizens control over their personal data.

The goal of GDPR is to protect any users personally identifying information (PII) and hold businesses to a higher standard when it comes to how they collect, store, and use this data.

When running a self hosted WordPress site it is the owners responsibility to ensure it is GDPR compliant.

You should take appropriate legal advice to ensure that the site and services are GDPR compliant.

Export Personal Data & Erase Personal Data

WordPress offers site owners the ability to comply with specific GDPR data handling requirements by satisfying any user request for the provision/export of their held personal data in addition to the removal of that personal data.

These data handling features can be found within WordPress, Tools as Export Personal Data and Erase Personal Data.

WordPress documents these processes within Export Personal Data and Erase Personal Data.

ActiveMember360 & GDPR

ActiveMember360 actually stores very little data that could be deemed personally identifying information (PII).

What is stored is held within the WordPress database.

ActiveMember360 is fully integrated with the standard WordPress Export Personal Data and Erase Personal Data tools to ensure any PII stored by ActiveMember360 is either provided during the export process or removed in the erase process.

Export Personal Data

When the WordPress Export Personal Data process builds the export file for download the export file will be structured similar to that shown below. Please note all personal data has been removed from or suppressed in the image shown:

Personal data export listing
Personal data export listing

There are two sections related to ActiveMember360

  1. ActiveMember360 Cache which is the ActiveCampaign contact data related to the WordPress user stored within the WordPress database (removed in this image).

  2. ActiveMember360 User Meta which is the data stored within the WordPress usermeta table by ActiveMember360 (obfuscated in this image).

Erase Personal Data

When the WordPress Erase Personal Data process executes both the ActiveMember360 Cache data for the ActiveCampaign contact related to the WordPress user and the ActiveMember360 User Meta data records for the WordPress user are erased.

ActiveMember360 & Cookies

ActiveMember360 uses cookies.

The most important cookie, which is created after a successful login, maintains the link between the WordPress user and the ActiveCampaign contact with the same email address. This cookie mbr must remain in place.

Please ensure that neither your hosting provider, nor cookie consent plugins or services, are removing the ActiveMember360 cookies, most importantly the mbr cookie. They are essential for the correct operation of your site.

All ActiveMember360 cookies are removed after a logout from the WordPress site.

The full list of possible cookies all used for functional purposes are:

mbr
mbr_login
mbr_auto_logout
mbr_login_attempt
mbr_first_login_session
mbr_404_login_redirect