Pup

v2.x

AccountsGDPR

By default, Pup includes a single setting—showcased in User Settings—that's automatically added to all new users for managing whether or not you should send them marketing emails. This value is intended to help you comply with the European Union's (EU) General Data Protection Regulation (GDPR).

To aid in the process of collecting each user's consent, after signing up, users are immediately presented with a "GDPR Consent" modal. This modal is only displayed if the user has not reviewed a setting that's flagged as isGDPR: true and has a lastUpdatedByUser value of null.

GDPR modal displayed when new user's login for the first time.
GDPR modal displayed when new user's login for the first time.

When displayed, the modal presents users with only the settings flagged as isGDPR—all others are excluded. Upon pressing "Save Settings" in the modal, all GDPR-related settings have their lastUpdatedByUser field updated with a timestamp for the current date and time.

Though not in use in anywhere in the application (Pup doesn't send any marketing emails on your behalf), you can access this value using the getUserSettings() module in your own app if you do decide to send marketing email to users. You can find more information on this module under Reading & Using User Settings in the User Settings docs.

Setting Default GDPR Settings
UserSettings.insert({
  userId: user._id,
  settings: [{
    isGDPR: true,
    key: 'canSendMarketingEmails',
    label: 'Can we send you marketing emails?',
    value: false,
    lastUpdatedByUser: null,
    lastUpdatedByAdmin: (new Date()).toISOString(),
  }],
});