What Personal Data Does PEAI.org Collect?
DISCLAIMER
We do our best to keep this information updated but there may be inaccuracies or omissions contained. If you spot something, please contact us and let us know.
The following information will be valuable in crafting your Privacy Policies and consents for GDPR and other regulations. However, you are ultimately responsible for ensuring your website forms and policies are in accordance with local and other applicable laws and regulations. If you need assistance, we recommend researching these regulations online and/or consulting a legal expert.
1. What Data Do We Store About Subscribed Users?
User data is stored locally in your own WordPress site’s database, which is provided and maintained by our web-hosting provider. No personal information about our users is ever sent to our associated servers or providers.
2. What Data Do We Store?
In order for our Membership features to work appropriately, some personally identifiable information must be stored about our members in order for us and them to get the most out of the membership experience.
2.1 – Built-in Information Fields
Our Membership area contains the following built-in information fields. Some of these fields (marked with an *) can be disabled.
- First Name*
- Last Name*
- Username* (can be set to email address instead)
- Email Address
- Date of Registration
- Password (securely hashed by WordPress prior to storage in the database)
- Address (Line 1, Line 2, City, State, Zip, Country)*
- IP Address
2.2 – Custom Fields
We collect data on:
- Region
- Qualification
- Institution
- Occupation
2.3 – Events
Our Membership area stores various log entries in the database when certain events occur which may contain the user’s IP Address. These events are listed below.
- Logins – User’s IP address and time of login are stored each time the user logs in.
- Subscription/Transaction Completion – When the user subscribes and successfully pays, their IP address may be stored with the Subscription or Transaction data.
2.4 – Payment Information
Our Membership area does not store or process payment information locally. That information is securely transmitted to, and stored by the Payment Gateway itself. Some limited information about the Credit Cards may be stored. See the Payment Gateways section below for more information about this data.
2.5 – Add-ons & Integrations
Our Membership area stores as little as possible about your users with our integrations and add-ons. Please see the MemberPress Add-Ons & Integrations or 3rd Party Add-Ons & Integrations section’s below for more information about each add-on/integration.
3. Payment Gateways
As mentioned in section 2.4 above, Our Membership area does not store payment information locally. That data is securely passed and processed/stored by Stripe.com or PayPal.com
Below is a breakdown of what data is stored locally in your WordPress database, and what data is transmitted to the Payment Gateway.
3.1 – Offline Payment Gateway
Stored in WordPress Database
- Does not store any personal information in the WordPress Database
Sent to 3rd Party
- Does not send any personal information to 3rd parties
3.2 – PayPal Standard
Stored in WordPress Database
- Subscription Profile ID’s From PayPal (I-xxxxx… or S-xxxxx… numbers)
- Transaction numbers
- Full IPN Response data which may contain the buyer’s PayPal Email address or other personal information provided by PayPal
- User’s IP Address
Sent to PayPal
- If VAT taxes are enabled and the buyer enters a valid VAT number, the VAT number is passed to PayPal as a custom field
3.5 – Stripe
Stored in WordPress Database
- Stripe Customer Numbers (cus_xxxxx…)
- Transaction charge numbers (ch_xxxxx…)
- Full Webhook Response data for Subscriptions and Transactions
- User’s IP Address
- Last 4 digits and expiration date of user’s Credit Card. This is used for Expiring Card Reminder Emails.
Sent to Stripe.com
- The buyer’s first and last name (If enabled in MemberPress Options)
- The buyer’s WordPress email address
- Address (If enabled in MemberPress Options)
- Full Credit Card Info – Number, CVC, Expiration Date
- If VAT taxes are enabled and the buyer enters a valid VAT number, the VAT number is passed to PayPal as a custom field
4 – Emails
Our Membership area emails admin’s for various events that occur on the site.The email text bodies and/or subject lines may contain personally identifiable information about a member on your site. These emails are not kept in our email folders (inbox, archives etc) for any longer than is needed.
Emails sent are for New Member Signup emails, Transaction or Subscription created emails, and Reminder emails.
Our Membership area sends some emails for resetting passwords that cannot currently be edited. This document will be updated if that changes in a future release.
5 – Cookies
Our Membership area uses the following cookies (only if the mentioned features are being utilized), however neither cookie contains any personal information, nor can it be combined with other data to create a profile of an individual.
Note: WordPress itself also uses cookies which you should be aware of and account for in your policies.
- mplk – If you’re using the Custom URI Rules to protect a static file like a PDF, Our Membership area creates a cookie temporarily to allow the authorized user to view the file without being redirected. This cookie contains a random alpha-numeric string of text and is removed after 5 seconds.
6 – Membership area Add-Ons & Integrations
Our Membership area provides and maintains the following add-ons and integrations. The personal data transmitted to the 3rd party service for each are detailed below. If the 3rd party service or provider stores and/or processes personal information you may need to get a DPA from them to be fully GDPR compliant.
Email Newsletter
- Email address
- Name
WordPress User Roles
- Does not store or transmit any personal information
WooCommerce (beta)
- Does not store or transmit any personal information
7 – 3rd Party Add-Ons & Integrations
Our Membership area does not officially support any 3rd party integrations.