What Is GDPR
The General Data Protection Regulation (GDPR) is a European Union (EU) law took effect on May 25, 2018. The goal of GDPR is to give EU citizens control over their personal data.
The goal of GDPR is to protect any users personally identifying information (PII) and hold businesses to a higher standard when it comes to how they collect, store, and use this data.
When running a self hosted WordPress site it is the owners responsibility to ensure it is GDPR compliant.
You should take appropriate legal advice to ensure that the site and services are GDPR compliant.
Export Personal Data & Erase Personal Data
WordPress offers site owners the ability to comply with specific GDPR data handling requirements by satisfying any user request for the provision/export of their held personal data in addition to the removal of that personal data.
These data handling features can be found within WordPress, Tools as Export Personal Data and Erase Personal Data.
ActiveMember360 & GDPR
ActiveMember360 actually stores very little data that could be deemed personally identifying information (PII).
What is stored is held within the WordPress database.
ActiveMember360 is fully integrated with the standard WordPress Export Personal Data and Erase Personal Data tools to ensure any PII stored by ActiveMember360 is either provided during the export process or removed in the erase process.
Export Personal Data
When the WordPress Export Personal Data process builds the export file for download the export file will be structured similar to that shown below. Please note all personal data has been removed from or suppressed in the image shown:
There are two sections related to ActiveMember360
ActiveMember360 Cache which is the ActiveCampaign contact data related to the WordPress user stored within the WordPress database (removed in this image).
ActiveMember360 User Meta which is the data stored within the WordPress usermeta table by ActiveMember360 (obfuscated in this image).
Erase Personal Data
When the WordPress Erase Personal Data process executes both the ActiveMember360 Cache data for the ActiveCampaign contact related to the WordPress user and the ActiveMember360 User Meta data records for the WordPress user are erased.
ActiveMember360 & Cookies
The most important cookie, which is created after a successful login, maintains the link between the WordPress user and the ActiveCampaign contact with the same email address. This cookie
mbr must remain in place.
Please ensure that neither your hosting provider, nor cookie consent plugins or services, are removing the ActiveMember360 cookies, most importantly the
mbr cookie. They are essential for the correct operation of your site.
All ActiveMember360 cookies are removed after a logout from the WordPress site.
The full list of possible cookies all used for functional purposes are: