News

General Data Protection Regulation (GDPR)

March 23, 2018

 

In just over a month new laws will be enacted which have a far-reaching consequence for online businesses.

Although designed to protect the interests and data of European citizens, they will affect all business wherever they are based, which does business with Europeans.

If you have prospects, members, subscribers or purchasers residing in Europe, you will have to comply

If you do business with a business in Europe - you will have to comply

MemberGate has EU clients and we have already reviewed and updated our practices and policies accordingly - you can review this on our Privacy Policy page

You will notice our new Cookie Consent pop up - powered by MemberGate Cookie Notice which will be included in the next update

You will also notice that we are publishing the cookies we use - this is produced by the Cookie List feature we will be including to help sites

We have used the Accordion Generator to help split up the content and make it more accessible

Along the way we have encountered some new phraseology:

MemberGate is not a Data Processor - we provide software that processes data
For example, we provide the software that runs forums - allowing members to communicate
We provide the integration of card processing software - so that members can pay for their subscriptions
But we don't run those subscriptions - the software does that. Using secure protocols and proprietary systems

MemberGate is not a Data Vendor - we do not sell data 
We do not sell personal data nor exchange lists or barter otherwise use data for commercial or any other gain
Our software aggregates data to allow sites more insight on the operation of their membership business, things like Top Search Phrases, Page Stats, Income Analysis

As a supplier, we provide support to our clients on a Software As A Service basis which requires a functional and contractual permission to access the MemberGate powered site to offer support either by guidance or code a fix as required

We already operate to high standards of data security as would be expected given the nature of our business, but wherever possible we raise the bar for the memberGate platform so that subscribers on any site can expect the highest standards of data protection - for example, updating all sites to use Password Reset instead of the outmoded SendPass routine, forcing strong passwords on all users and deploying HTTPS on all pages

MemberGate has a long history of securing our clients and their member data, not only with the software we provide but also how the team respects and treats data
And we will continue to use best practice: "GDPR is an opportunity to reduce the risk of being the victim of a data scandal caused by poor privacy practices"

In the next month, ALL sites should consider if they will be accountable to the new GDPR standards, complete a Data Audit, update their Privacy Policy and inform their members accordingly

Next Steps:

  1. MemberGate Cookie Notice
  2. Cookie List 

We will be updating sites with the new features next week
Here's a Forum Post to continue the discussion