Keep Email Address in Subscription Area for Deleted Members

    • 75 posts
    November 23, 2017 10:27 AM EST

    When a test member's deleted. their email address used to sign up and/or Paypal email address goes away.

    There's a hyperlink to the member details but if they delete their account it is unclickable.

    It would be nice to have a column with:

    1) Email address signed up with

    2) Paypal email address used to create and/or pay the subscription

    This would be great for research purposes, refund requests, etc.

    SCREENSHOT:

    • 75 posts
    November 23, 2017 10:32 AM EST

    I can get the transaction number from the Member Transaction History. If I do a little research I can find the transaction and refund them. It would still be nice to know their email address & Paypal email address use for the subscription payments though.

     

    SCREENSHOT 2:

    SCREENSHOT 3:

    • Moderator
    • 6923 posts
    November 24, 2017 8:42 AM EST

    For this, keeping the email address would be good. Not the Paypal email though as that's a security topic and you really, really don't want that sort of liability. The less sensitive info you store, the better off you are. IMO, leave the security to Paypal and just store the user email and transaction ID. With those, you can find any info you need. 

    • 75 posts
    November 24, 2017 10:55 AM EST

    Just helps you have to do less digging--especially if you don't know the customer id.

    Plus, if you have lots of users(100+) and suddenly you have to find one you could potentially look through hundreds of deleted users and then have to click on the details, and then click each Gateway Transaction ID to find that customer. You could be there for eons.

  • gs
    • 857 posts
    November 24, 2017 2:52 PM EST

    @Jasongeek

    I'm with you on this one - I'd like to keep the PayPal email available.  IMHO I don't see it as a security risk.  Goodness - people use their PayPal email all the time much more freely than their Credit Card info, since for receiving money it's quick/easy, and for sending money it requires additional security.  Now if it was CC info, then I'd agree that we shouldn't store it (but we're not storing this to begin with).  That's very very risky.  But if the PayPal email was so readily available while a member, I don't see why it shouldn't still be readily available after they leave. 

     

    And if SE feels it could be a legal/liability issue and come back to them, then they could simply make it an option to us ADMINs (to keep the PayPal email after deletion).  For that matter, there could be a list of content that could remain accessible which is ADMIN configurable.  I prefer flexibility anyway - so those ADMINs what want to keep certain info may, and those that don't may choose not to.  Software devs shouldn't decide for us ADMINs what we want/need, or how to run our business anyway. 


    This post was edited by gs at November 24, 2017 2:55 PM EST
    • 75 posts
    November 24, 2017 2:59 PM EST
    Maybe have a setting for who can see it admins, super admins, etc.
    • 75 posts
    November 24, 2017 3:01 PM EST
    It's super tedious searching through the transaction ids for a deleted members transactions. Forces you to search through Paypal's dashboard.
    • Moderator
    • 6923 posts
    November 24, 2017 3:04 PM EST

    If we did this, it would not be encrypted as emails are not encrypted at this time. You would need to let your users know that you are storing their Paypal emails in unencrypted fashion in your privacy policy.

    It's something to consider. It is two feature requests in this one which we don't allow but I will allow it this time and we can consider it for after 4.10. The subscription area needs improving anyway. 

    • 75 posts
    November 24, 2017 3:09 PM EST
    That wouldn't be good. Can just PayPal email addresses be encrypted?

    Sorry about the two feature requests. Thought the requests were related.
  • gs
    • 857 posts
    November 24, 2017 3:10 PM EST

    @Jasongeek: SEAO's Subscription Plugin provides a Transaction Details page that may contain the PayPal email (I don't know for sure since although I have that Plugin, I haven't thoroughly tested it yet; also SEAO doesn't provide a screenshot of the 'detials' page, only the Transaction page with a link to details).  I vaguely recall that you were considering purchasing this Plugin, but forgive me if my memory is off.

    • Moderator
    • 6923 posts
    November 24, 2017 3:10 PM EST

    @Jason, That's out of my area of expertise. Can you remember to PM me on Monday to remind me to ask about this?


    This post was edited by socialenginestaff at November 24, 2017 3:11 PM EST
    • Moderator
    • 6923 posts
    November 24, 2017 3:12 PM EST
    gs said:

    @Jasongeek: SEAO's Subscription Plugin provides a Transaction Details page that may contain the PayPal email (I don't know for sure since although I have that Plugin, I haven't thoroughly tested it yet; also SEAO doesn't provide a screenshot of the 'detials' page, only the Transaction page with a link to details).  I vaguely recall that you were considering purchasing this Plugin, but forgive me if my memory is off.

    Do you know if it remains after a user is deleted? The details I mean.

    • 75 posts
    November 24, 2017 3:12 PM EST
    Sure! Be happy to.
    • 75 posts
    November 24, 2017 3:15 PM EST
    I wonder if their plugin encrypts it in the database. It's best practice and probably a PCI requisite.
    • 75 posts
    November 24, 2017 3:16 PM EST
    Don't have the subscription plugin.
    • Moderator
    • 6923 posts
    November 24, 2017 3:17 PM EST
    jasongeek said:
    I wonder if their plugin encrypts it in the database. It's best practice and probably a PCI requisite.

    Perhaps pm them here and send them a link to this thread to answer as it would be good for them to have an answer here. Might help clients looking for something similar.

    • Moderator
    • 6923 posts
    November 27, 2017 9:15 AM EST
    jasongeek said:
    That wouldn't be good. Can just PayPal email addresses be encrypted? Sorry about the two feature requests. Thought the requests were related.

    I've left a note for our core developers about this. Noting that they are swamped with 4.10 stuffs so it may be a delay for a response.

    • 1 posts
    September 18, 2019 12:54 AM EDT

    I'm new to SE and still finding my way around. Under Settings, Spam and Banning Tools, there is a tab for Login History. You can search by various fields, including member name and it will list the email address used for that login. You can reverse order the date column to get the most recent login. I haven't tested to see if it works for deleted accounts although I would hope that information would still be in the log. I know this post is almost 2 years old, but thought it might be useful to offer this info. Hope it helps you or someone. I know I sure could use all the help available!

    • Moderator
    • 6923 posts
    September 19, 2019 7:03 AM EDT

    Thanks for posting your tips! I'm sure they'll be helpful.