Available in MM 2.2.8+
As part of the EU General Data Protection Regulation (GDPR), users have the right to erasure, also known as 'the right to be forgotten'. This means that, if requested, any personally identifiable information that is not required to be kept by law should be able to be removed. To help you implement this, MemberMouse has created a 'Forget Member' feature which will randomize or remove personally identifiable user data while keeping the data structure intact, so that reporting, order and subscription data aren't affected as would happen if the member were deleted. Keep in mind that this process is irreversible by design, and all data types are included by default, so make sure that you have disabled any data types that you may be required by law to keep in your records.
The 'Forget Member' feature operates solely on personally identifiable information that is stored in the MemberMouse database tables on your host server. To erase any information that has been shared with our integration partners, such as payment, email or affiliate providers, or any other 3rd party platform including WordPress, you will have to work directly with those providers.
Read on to learn how to configure what data is included and how to use the 'Forget Member' feature for individual members.
Configuring the 'Forget Member' Feature
The 'Forget Member' process will either randomize or remove the following personally identifiable information:
- IP address used to create the account
- Last login IP address
- First and last name (optional)
- Email address (optional)
- Custom fields (optional)
- Activity log (optional)
- Billing and shipping address (except country) (optional)
- Billing and shipping country (optional)
- Billing and shipping address(es) stored with previous orders (optional)
- Billing and shipping country(ies) stored with previous orders (optional)
There may be some information that you are required by law to retain and this will vary based on your specific business activities, so MemberMouse has left certain data types optional. All of the optional data types are enabled by default. You will have to deselect which of these should remain intact during the 'Forget Member' process.
Go to MemberMouse > General Settings > Other Settings and scroll down to the bottom of the settings list. Then uncheck the box(es) next to the types of information you want to keep.
How to Use the 'Forget Member' Feature
If the member is currently active, any existing subscriptions will be cancelled and all site access revoked.
- Click Manage Members in the MemberMouse menu
- Search for the member you want to forget and click on the email address or edit link (pencil icon) to enter the member details
- On the General tab under Tools, you will see a 'Forget this Member' link. Click this link
- Then click 'OK' on the resulting popup
The Username, Password and Email address (optional) are randomized after the Forget Member feature has been run. New values are generated and appear in the corresponding fields. The email address is changed to be “<user login>@forgotten.invalid”. The remaining data types - IP addresses, Activity Log (optional), Custom Fields (optional), First and Last Name (optional), Billing & Shipping addresses (optional) - are removed from MemberMouse, and blank fields will appear where the information was once populated.
Here's a sample account, before and after clicking 'Forget this member' with no changes to the default settings: