Options

From MyMemberSoftware wiki
Jump to: navigation, search

In the backend of My Member Administration, choose "Options" in the upper right corner.

Permissions

In this tab, all rights on the administration are allowed or denied.

Most rights speak for themselves. The following rights need more explanation:

  • "The right to manage members in the same group". This is for the Groupadmin. A groupadmin must have a memberrecord and can administrate members with the same value in the groupfield(s).
  • "The right to manage members in all groups". This is for the secretary, who needs to administrate all members.

Letter templates

The e-mail texts that are sent to applicants. More info at Register

Organization

The logo needs to be in jpg format, not png. This is because of fpdf, which doesnt accept png alpha channel ("Alpha channel not supported: images/logo_lao.png"

Security

Configuring gpg in the backend.
Tab miscellaneous, choose at the field "Export security method" between "No encryption" and "GPG encryption". Only choose "GPG encryption" when you have public and private GPG keys. In all other cases, choose "No encryption".

The export password / passphrase is an extra security measure. Users need besides their account password, also this export password. It is a form of 2 way authentication.

No encryption

If "No encryption but password required" is configured, the data is stored in plaintext in the database. The Exports will be secured by an extra password.

GPG encryption

If "GPG Encryption using passphrase" is selected, the Iban will be encrypted with a GPG public key. The Exports will be secured by the passphrase of the GPG key.

GDPR: Right to be Forgotten

GDPR deleting of member data.
In the GDPR, members get the Right to be Forgotten, in MMS you can find this at the option "Number of days to keep data after expiry". GDPR requirement: delete data that is no longer being relevant to original purposes for processing or when the data subject asks for that. In MMS you can fill in the number of days to keep data after the membership expired, a so called retention period. The Crontab will delete members, application data, and their invoices (if you use MMS Subscription) after this number of days has passed. For member records, the End of subscription date is used for this. For invoices, the invoice date is used.

Upon installation or update, this value is set to 3650, which is 10 years. Depending on the goal that you keep the data this can be too long. To be on the safe side, choose a shorter period, like 365 or 730 days.

When a subject asks for the deletion of his or her data, go to that member, and fill in an end of subscription date > than the deletion date.

Only data from MMS tables will be deleted. Joomla accounts will be "disabled" and thus can be easily selected and deleted, but this is not done by MMS. Also data of members in RS Events, Acymailing will not be touched. We asked to build a similar function to RS Joomla (RS Forms), so if you need that, please make a vote on their website.