GDPR and Your Membership Site

Murray Gray in Students

Jun 01, 2023 - 3 min read. Available on all plans.

Table of Contents

GDPR and Your Membership Site

As you’re building your business, you may run into questions about GDPR and how it applies to you.

While we’re not lawyers and nothing here should be taken as legal advice, we’ve provided a bit of info to help you understand what GDPR is, and to share XP’s strategies to support you.

What is GDPR?

GDPR stands for General Data Protection Regulation. It’s a law in the EU that determines guidelines around collecting and processing of personal information.

This law applies to any businesses that serve or collect data from EU members (regardless of where the business is actually located).

GDPR is about how people opt-in to your world. It sets guidelines for how you collect data about your customers.

What do I need to know about XP and GDPR?

XP is committed to supporting you in your compliance with GDPR, and here are some of the ways we facilitate this….

  • we encourage all of our coaches to use clearly defined opt-in agreements when you bring people into your world and collect their data.
  • When you edit your Order Form you'll find an option to toggle on a switch for the Data Processing Checkbox - we encourage you to switch this ON for GDPR compliance. This will cause the following (customizable) text to appear on your order form: I accept the processing of my data for the purpose of receiving access to {Your Course Name]. When you have this toggled on, students will be required to consent to processing of their data, in order to purchase the course.
  • When you trust us by sharing your students’ information with us, you remain in control of that information. GDPR gives students the right to request a copy of their personal data that’s being stored, and the information you’ve shared with us is clearly available in your student’s profile for you to access at any time and share with your students.
  • You can request to have a student’s data deleted from our database at any time by contacting us through the chat widget, or emailing [email protected].
  • A student can also request to have their data fully deleted by emailing [email protected].
  • When you use our order form for students to purchase your course, we provide a place for your Terms and Conditions. We encourage you to to include your Privacy Policy as part of these Terms and Conditions, and to require students to agree to your Terms and Privacy Policy before purchasing your course.

When you think through how you’re collecting and using your students’ data, in order to be in compliance with GDPR, the most important thing is clear consent when they opt-in to your world. You also want to be able to provide them with information that they’ve given you, and we make it easy for you to do that at any time.

For further questions about how GDPR applies to your business, please consult your legal advisor for advice on your particular situation.