This release (9th April, 2018) introduces a new feature to ClubHouse Online to assist EU and UK clubs in complying with the General Data Protection Regulation (GDPR) regarding Personal Information being displayed on their websites. As of May 25, 2018, in order for a Member’s information to be displayed on a club’s website, a Member will have had to consent to its display.

Upon logging into their ClubHouse Online site or encountering any new page (if they remain logged in) Members will be forced to respond to a prompt regarding consent to the display of their information by way of a modal popup. Once they’ve responded to the consent question, they will be allowed to go about their business as usual.

 

If a Member consents, they will receive a confirmation and their information will continue to be displayed. If a Member does not consent, then they will receive a confirmation and their information will be displayed until May 25, 2018 when the GDPR becomes effective. If a Member does not provide consent, they will be treated as if they DO NOT consent and their information will be hidden, accordingly.

There will be two avenues by which a Member’s consent status can be updated.

1. Members can update their own consent status by way of Settings section of the Roster> Edit My Profile screen.
 

2. Administrators and Roster Administrators will be able to update Member’s consent individually or en masse by way of a new screen titled Member Consent (this will only appear if the ‘Enable GDPR Consent’ flag is checked) within Administration> Roster. Please Note – If consent is updated on a Member’s behalf, it is the club’s responsibility to collect and document that consent for GDPR purposes.
 

Any changes to the consent status will be logged in terms of both when the change was made and by whom (user) the change was made.

Consent is not permanent, so after 12 months any consent provided will be deemed to have lapsed and Members will once again be treated as if they have not provided consent. The system will automatically begin prompting Members to provide consent after 10 months so as to avoid any interruptions.

Jonas is committing to our customers that we will help them meet the requirements of this legislation ahead of May 2018.

As part of this work, we are building and releasing new versions of our products that are being built according to the ‘Privacy by Design’ principle enabling our customers to fulfil their duties in adhering to EU GDPR. These proposed changes will be reviewed with a specialist GDPR lawyer, to ensure correct and complete interpretation of the law.

To help data controllers we are adding enhancements to our 12.9 Advanced Release version. The following have been added.

• The Jonas data files with bank account information in both Accounts Payable and Club Preapproved Payments are now encrypted. 
• In User Administration and Group Security we are offering the ability to mask, on screen, bank account information. This will be active by default.

If the club is not on the 12.9 Advanced Release and would like to consider moving to it please fill out the form below to receive an FAQ about the Advanced Release.

 

In addition to the changes being made to the Jonas Club Management System, there are many additional areas that your club may need to consider in order to adhere to EU GDPR. These additional considerations may include, but are not limited to the following:

General Considerations for GDPR readiness

Customers should review all existing processes in place within their organisations that relate to the storage and use of member and guest data. In particular, consider areas relating to:

• Consent – it should be possible to trace and identify what an individual has consented to, as well as the time and method of consent. This consent could cover joining information and marketing preferences. It should also be possible for a member to change preferences or withdraw consent easily.
• Security of data – Jonas customers should consider moving to secure passwords.
  • For more information on establishing secure passwords, within Jonas Club Management click on Help Docs, click on Jonas Club Help and search for Password Controls. The first article in the list outlines how to setup secure passwords.
• Capture of childrens’ data - the GDPR states that parental/guardian consent for access to online services is required for children – in the UK <13 years old. This means that as an operator, you need to consider how you are currently targeting memberships or activities for children – are the children being targeted to sign up or the parents?
• Archiving and deletion of end customer data – it is worth re-examining both the length of time you need to retain member and guest data and the way that you store this.
• Analytics, anonymization, and profiling - cookies should be treated as personal data and require consent – cookies set for different purposes may need separate consent. For websites that are not using Jonas ClubHouse Online e3, consider whether you have cookie consent exemption, automatic anonymization of visitor id, respect for DoNotTrack preferences, and opt-in/out on any privacy policy pages.

The EU General Data Protection Regulations (GDPR) comes into effect 25th May, 2018.

GDPR maintains the same data protection principles as the Data Protection Act, but brings in higher standards for fairness, lawfulness and transparency, purpose limitation, data minimisation, data quality, security and integrity. Accountability is key; requiring companies to demonstrate that they comply with the principles across their business.

The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.

Due to the growth of the internet and changes in behavioural advertising and social media, personal data is now being used in ways that were not envisaged at the time the current EU Directive was drafted making it not fit for purpose. There is a public led, political impetus for stronger data protection resulting in the need for GDPR.

Overview

In order to comply with the General Data Protection Regulation (GDPR), your club must obtain consent from your members or anyone they wish to continue communicate with.

To obtain consent from your Email Marketing contacts we have outlined the following process that can be implemented within your account. This outline will cover the following series of actions:

• Creating Opt-in Custom fields
• Creating a Consent Form
• Creating/Updating Segments for Consent
• Drafting a Consent Campaign

Creating Opt-in Custom Fields

In order to keep track of the contacts who have chosen to continue receiving communications from your club, we will need to create two custom fields to store their submissions. The two fields you will be creating are an Opt-in field and an Opt-in Received field which will retain the date of a contact submission. The value of the Opt-in field will be represented by a True or False. In order to create these fields you will need to follow these steps:

1. Within the Email Marketing module, navigate to Contacts ->Manage Contact Fields

2. From the Contact Fields section click on the New Custom Field button

3. This will bring up a window to configure the new custom field. From this window you will enter in the following information:

Name: Opt-in
Type: Checkbox
Default Value: [Leave Blank]



Once you have configured the details of the new field click on the Save & Close button which will redirect you back to the Custom Fields section.



Once you have created the 'Opt-in' custom field, you can now move on to creating the Opt-in Received field. Repeat aforementioned steps until you reach the Create New Custom Field window. For this custom field you will enter in the following information:

Name: Opti-in Received
Type: Calendar
Default Value: [Leave Blank]



Once you have entered in the information click on Save & Close.

Creating a Consent Form

The consent form is how you will be obtaining consent from your Email Marketing contacts. This form will be linked to the e-mail campaign that will be sent out. In order to create this form you will need to follow these steps:

1. Within the Email Marketing module, navigate to the Forms -> Subscription Forms menu item.

​

2. Click on the New Subscription Form button

3. Enter in a Name for this Form Group:
   • Suggested Form Name: Continued Correspondence Consent
4. Once you have entered in the name of the Form Group, click on the Update Preferences Form.

​

4. In order to edit the form, select each of the following content areas:

Header Area

To update the Header section, please follow these steps:

1. Click on the header section within the form labeled 'Update your preferences'
2. From the menu on the right, click on insert image button to select a banner from your Media Libraries or to upload a banner
3. Click in the editbale text area next to Title and enter in a title for the form
   • Suggested Title : Continued Correspondence Consent
4. Click in the editable text area for the Text section and enter in brief instructions.
   • Suggested Text: Please confirm your details and check the Opt-in option below.

Mailing Lists

The Mailing Lists section is not necessary for this form and can be completely removed. To remove the section:

1. Click on the Mailing List area within the form
2. From the options appearing on the right, select  'Do not show any lits'

Contact Fields

The Contact Fields are the information you will be confirming with your contacts as well as having the Opt-in and Opt-in Received recorded. To update this section:

1. Select the Contact Fields section from the form
2. Uncheck the Email Format field
3. Click on the Custom Fields button and add the following Custom Fields:
   • Opt-In
     • Update the label to state: Please check this box to confirm you wish to receive future correspondence from [Insert Club Name]
   • Opt-In Received

Once you have selected the fields click on Next and Done to confirm the selections. This will bring you back to the main form edit screen and will dsiplay your form similar to this

Creating/Updating Segments for Consent

In order to obtain and utilze the opt-in feedback received from your contacts, you will need to create a new segment as well as update your existing segments.

Creating a 'Continued Consent' Segment

To obtain consent from your contacts to continue communicating with them via your email, you will need to create a segment that encompasses all active contacts. To create that segment you will need to follow these steps.

1. Within the Email Marketing module, click on the List and Segments menu and then Segments.

2. Click on the New Segments button.
3. From the Filter type dropdown select Contact Field.
4. From the 'Using the field' dropdown, select Status.
5. To complete the 'contacts whose value' statement, select is and Subscribed

The first portion of your segment should appear like this:
^Ex.


The additional Filter type you will need to add to this segment will ensure we cover all active contacts. To add this additional Filter type you will need to follow these steps:

7. Update the connecting statement that says 'AND' to 'OR'.
8. From the second 'Filter type' select Contact Field from the dropdown list
9. From the 'Using the field' dropdown, select Status.
10. To complete the 'contacts whose value' statement, select is and Soft bounced.

The complete Segment argument should appear as such once completed:
^Ex.

10. Once you have completed the aforementioned steps, click on the Next button.
11. From the final step, enter in the following information pertaining to the segment:
    • Segment Name: Continued Consent
    • Segment type: Dynamic
    • Description: Segment used to obtain consent per GDPR Guidelines
12. Once you are satisfied click on the Finish button.

Updating Existing Segments with Consent

Now that you have created the Opt-In field you will need to update your existing Segments to include the consent provided by your contacts. In order to update your existing segments you will need to follow these steps:

1. From the Segements menu located under Lists and Segments, click on the Segment you wish to update.
2. From the Define Segement screen, click on the 'Add filter' link on the last Filter Type

3. Configure the additional Filter as follows:
   • Filter Type: Contact Field
   • Using the field: Opt-in
   • Contacts whose value: 
     • is
     • True

Once you have configred the filter your Segment should appear similar to this example
^Ex.

4. Once you are satisfied with the update, click on the Next button and then the Finish button.

This update will need to be completed for all existing segments and any segments created going forward.

Drafting a Consent Campaign

Once you have complete the creation of the Contact Fields and the Consent Form, you can move on to creating the Email Campaign that will be sent to your Contacts. In order to create the campaign utilizing the Contact Fields and Form you created you will need to follow these steps:

1.  Within the Email Marketing module, select the Email Campaigns menu.

2. Click on the 'New Email Campaign' button.

3. Click on the 'Smart Email Builder' button under Start an email campaign.

3. Select the '1 Column (Mobile)' template and click on the Choose Template button.

4. Update the following editable Campaign areas:

Header Image

Click on the Header Image area and insert a banner image that is a maximum of 600px wide

Placeholder Image

Click the Placeholder image if you wish to add a secondary image to the campaign. If not required click on the Recycle Bin icon in the top right corner of the image.

Headline Style Place Holder

Insert a Headline for the Campaign. Suggested Headline Text: Continued Correspondence Consent.

Subheading Style Placeholder

Insert a Subheading if necessary or remove using the the Recycle Bin icon in the top right corner of the content area.

Campagin Body

Create your own email body explaining the reason for the campaign or use the following text after adjusting accordingly:

In light of the legislation changes being imposed on May 25th of this year, we require your consent to continue sending correspondence to you on behalf of [Club Name].

Upon providing your consent you acknowledge the acceptance of all promotions, events and news pertaining to [Club Name] that is sent to this email address [Contact.Email] at any given time.

Should you at any time wish to terminate the receipt of these emails please click on the unsubscribe button at the bottom of any these emails to have yourself removed from our mailing lists.

If you have any questions or concerns, please don't hesitate to contact us at [Contact Number] or by e-mail at [Email Contact]

^Note: [Contact.Email] is a field token that will be auto replaced by a contacts actual e-mail address.
 

5. Right-click on the following image and save to your computer.

6. From the body of the campaign, click on the insert image button and upload the image to your Media Library 

7. Insert the image at the bottom of the body of your campaign.

8. Once you have inserted the image, highlight it and click on the Insert/Edit Link button.

9. Within the Insert/Edit Link window enter in the following details and click update when completed:
   • URL: http://cp20.com/SMFPref
   • Target: Open Link in a New Window

10. Click on the Update Content button save the changes to the body of the campaign.
11. Once you are satisfied with the setup of the Campaign, click on Next to proceed to the next step.

This will bring you to the text version of the campaign which does not require edting as your contacts will receive only the the HTML version of the campaign. Click Next again to be brought to the Campaign Delivery screen.

12. Update the Subject of the Camapaign
    • Suggested Email Campaign Subject: Continued Correspondence Consent

13. Under the 'More Options' update the Subscription Form to the 'Continued Correspondence Consent'

14. Once you are satisfied with the settings click on Save Draft.

Once you have completed these steps, you will be ready to send the Campaign. To schedule this Campaign to be sent follow these steps:

15. Navigate to the Email Campaigns section of your Email Marketing Account.
16. Click on the Campaign you created to obtain consent. Ex. Continued Communication Consent
17. From the Delivery Scheduling window, click on the Select Recipients button.

18. Select the Segment you created to obtain consent and click on the Select button. Ex. Continued Consent

This will return you to the Schedule Delivery screen. One you are satisfied with all the configured parameters, click on Schedule & Send to send out the e-mail.



If you are having any issues with the steps outlined here, please don't hesitate to contact the Web Support team at [email protected]