In the backend of My Member Administration, choose "Options" in the upper right corner.
In this tab, all rights on the administration are allowed or denied.
Most rights speak for themselves. The following rights need more explanation:
- "The right to manage members in the same group". This is for the Groupadmin. A groupadmin must have a memberrecord and can administrate members with the same value in the groupfield(s).
- "The right to manage members in all groups". This is for the secretary, who needs to administrate all members.
The e-mail texts that are sent to applicants. More info at Register
The logo needs to be in jpg format, not png. This is because of fpdf, which doesnt accept png alpha channel ("Alpha channel not supported: images/logo_lao.png"
The optimal dimensions for the logo: 886X886 pixels, 96 dpi JPEG format.
The e-mail address at "E-mail address secretary" is used for sending application mails. The application e-mail message is sent to the applicator and to the E-mail address of the secretary.
Tab miscellaneous, choose at the field "Export security method" between "No encryption" and "GPG encryption". Only choose "GPG encryption" when you have public and private GPG keys. In all other cases, choose "No encryption".
The export password / passphrase is an extra security measure. Users need besides their account password, also this export password. It is a form of 2 way authentication.
If "No encryption but password required" is configured, the data is stored in plaintext in the database. The Exports will be secured by an extra password.
If "GPG Encryption using passphrase" is selected, the Iban will be encrypted with a GPG public key. The Exports will be secured by the passphrase of the GPG key.
GDPR: Right to be Forgotten
In the GDPR, members get the Right to be Forgotten, in MMS you can find this at the option "Number of days to keep data after expiry". GDPR requirement: delete data that is no longer being relevant to original purposes for processing or when the data subject asks for that. In MMS you can fill in the number of days to keep data after the membership expired, a so called retention period. The Crontab will delete members, application data, and their invoices (if you use MMS Subscription) after this number of days has passed. For member records, the End of subscription date is used for this. For invoices, the invoice date is used.
Upon installation or update, this value is set to 3650, which is 10 years. Depending on the goal that you keep the data this can be too long. To be on the safe side, choose a shorter period, like 365 or 730 days.
When a subject asks for the deletion of his or her data, go to that member, and fill in an end of subscription date > than the deletion date.
Only data from MMS tables will be deleted. Joomla accounts will be "disabled" and thus can be easily selected and deleted, but this is not done by MMS. Also data of members in RS Events, Acymailing will not be touched. We asked to build a similar function to RS Joomla (RS Forms), so if you need that, please make a vote on their website.