The GDPR (General Data Protection Regulation) is the most significant step in regulating private data in recent history, affecting every company that does business within the EU, the largest economy in the world. To help online school owners become and stay GDPR-compliant, LearnWorlds provides you with the GDPR-compliance Toolkit, the most comprehensive solution for detailed control over the Data Protection and GDPR-related settings of your school. Your school can either become fully compliant, or you can choose which options you want to enable (depending on your business model and whether you and your users are based in the EU or not).
Privacy - GDPR settings
Go to Settings → School Settings → Privacy/GDPR:
Υou can set up whether the users will have the choice to opt-in to:
b. Marketing material
c. Email notification settings
d. Data access and deletion requests
According to your business’s needs, you will be able to choose among the following:
1. No Data Privacy management: All users will be excluded from all 4 functionalities.
2. GDPR Compliance for all users: All functionalities will be applied to all users.
3. GDPR Compliance only for users browsing from within the EU: All functionalities will be applied only to EU school users.
4. Custom Data Privacy management: Control the GDPR functionalities that you prefer to have activated in your school for all users.
You can also enable the 'Reject all' button, where when you have enabled GDPR-related settings, you can show a 'Reject All' button in the cookies opt-in banner and allow your visitors to reject all non-essential cookies.
Let’s see what your students will see when you activate the above functionalities.
If the users wish to accept specific cookies and not all of them, they can click on “Accept individual cookies” and choose the preferable ones in the pop-up window.
When a user wants to change this cookies selection later, they can achieve that by navigating to their Profile → Edit → Privacy Settings. A pop-up window will appear, and In the Privacy setting tab, they will be able to edit all the relevant cookie choices.
If this feature is activated, your learners can choose whether they want to receive marketing mail. This option will be available on their Sign Up Form:
or on the Email Grabbers:
- This setting can be edited by the users later by navigating to their Profile Page → Edit and opening the Privacy settings tab under I want to receive news, tips, and other promotional material.
- In case you need to manually add a user, you can also select whether this user will receive emails from your school, by checking the "The user has given consent to receive emails from this school" checkbox in the "Add User" form. The new user and any user in your school can always change this option by navigating to their profile page, through the Privacy Settings Tab.
- In case the admin hasn’t added the user or the user hasn’t subscribed with the Marketing opt-in activated, then an alert will pop up upon their first Login and will prompt them to activate the relevant email notifications.
Email Notification Settings
Activate this option to allow the users to decide whether they will receive email notifications regarding their activity in the school.
Note: This setting can be edited by the users later by navigating to their Profile Page → Edit and opening the Privacy settings tab under I want to receive email notifications about my activity in this school.
Data Access and Deletion requests
By activating this functionality, you give your users a choice to navigate to their profile page (users can click on Edit and then Privacy Settings → Advanced Privacy Settings and either request to have their data erased from school or ask for their data report.
- If a user wishes to no longer be a part of your business, then they can click on Delete my account and forget me. That way, they can delete their personally identifiable information permanently and anonymize their history on this site. This is known as the “Right to be Forgotten”. Please remember that this doesn’t include any financial transactions completed on your website or other information legally required to be kept.
- Any user has the right to ask for a copy of the personal data undergoing processing in a readable form, which has to be delivered within a month after the request is applied by clicking on Personal data access request (a respective message will be sent to the email account that is stored in Settings → Notifications → Admin settings)
What happens when a user requests to be deleted and forgotten?
If you receive such a request, you can navigate to the user management page, hover your mouse over the right column of the user’s account name and select:
- Anonymize the account: The user will then be suspended, and his account details will be automatically replaced by an anonymous ID number. If this anonymized user has posted in the community or has sent any messages, their posts or messages will be anonymized too.
- Delete the user: You can delete a user and simultaneously make their posts and messages anonymized. In case a user is anonymized or suspended, you first have to unsuspend the account and then delete it through the user’s page.
Note: If the deleted user has a Stripe account, then automatically, it will be deleted in Stripe too and any active subscriptions or installments will be canceled.
Verifying a user’s GDPR preferences
- Users Page: All the GDPR preferences and activated settings related to each user can be found by navigating to Users → All users and opening their User Card.
In addition, this information can also be exported along with the rest of the user’s info in an xls/csv file
- Leads Page: The related to your leads GDPR information can be verified by navigating to Marketing → Leads from pages, under the columns OPT-IN and EU USER
- Integrations: When in a school the GDPR functionalities are set up, then the respective merge tags/custom fields are also created for the email marketing integrations (Mailchimp, Active Campaign, AWeber, or ConvertKit) and for Ζapier and Webhooks.
- Since the text within the cookie's pop-up window cannot be modified from the Theme Explorer, you can add the following snippet of code on the Custom code editor in the dynamic CSS slot. You can replace the red text with the color you would like in the code snippet.