bartelsmedia

So true. Anyway, you will be asked by the court why you have not made use of such "reasonable measure" like free & easy-to-apply AES encryption in a court case. And a friendly smile will not save you here. I am not a lawyer but have witnessed many court cases to see the risk. The topic may be difficult to understand for non German businesses who enjoy less strict privacy rules. On the other hand, it would be really benefit of ProMailer compared to other newsletter systems if it would proactively add data security. -- Regarding subscriber black list: Here is a court case which states, that you must make sure, that you must not send an email to any email of the entire TLD or risk hefty penalties. http://www.gesetze-bayern.de/Content/Document/Y-300-Z-BECKRS-B-2017-N-102179 So, the black list must enable users to optionally block an entire domain belonging to an individual. Example: 1. A malicious person subscribes to your newsletter. Think of a competitor or his buddy. 2. He refuses to ever have subscribed and sends you a cease & desist letter because you "spammed him". 3. You have no sufficient evidence to prove the subscription, you then block the particular email and sign the letter which makes it a binding agreement. 4. The guy uses a different email address under the same domain. He then gets another newsletter from you which violates the agreement. You have to pay $3000-5000 to him. The success of Mailchimp & Co. may partly be, because companies just can't stand all the legal traps anymore. ProMailer could provide a solution to this problem with quite easy measures.

Please consider it a preconfigured option. We know cases where users refuse to ackknowledge that they registered and then sued for spam. It really is insane and a big business for the law industry. It would help, if ProMailer can provide as much evidence as possible (while it is totally clear, that there is no bullet proof evidence). I feel, that there is quite a culture clash between USA and in particular Germany regarding data privacy. You may run this through google translate: https://www.e-recht24.de/news/marketing-seo/7980-newsletter-a-co-double-opt-verfahren-in-muss-dokumentiert-werden.html

The GDPR asks generally to minimize gathering and storing person identifiable information and if required, apply state of the art protection. A database with encrypted email is state of the art and protects user data in case of theft of the database (or its backups).

Here you go: http://www.privacy-regulation.eu/en/article-32-security-of-processing-GDPR.htm

As Processwire seems to be quite successful in Germany, some GDPR considerations: Are the subscriber email addresses stored with encryption in the database? GDPR enforces to use "state of the art" methods to protect user data which includes encryption. Is there a email black list of users who do not want receive a newsletter under any circumstances. Germany is quite lunatically rigid regarding "spam" emails with penalties of around $5000 for each unwanted received email. Example: User receives newsletter, denies to ever have subscribed and asks for a ceise and desist letter. If you then send another letter to such user, it will be expensive. Does the module save the newsletter subscriptions with sufficient evidences of the subscription? Time stamp, IP address and header (of course also saved with encryption in the database)?

You were right. I tried the HTMLPurifier Demo and it removes the button html: http://htmlpurifier.org/demo.php Strange, that it doesn't like buttons.

Yes, HTMLPurifier is enabled. Can it be configured not to strip the valid <button> html?

Just need to chime in. With more than 35 yrs of IT history it rarely happened, that I am so in love in a software like with Processwire. It is such a marvel. Ryan, please never stop making it the best "web tool" on the market. Thank you all!

I try to avoid Hanna code as it is quicker to edit in CKE and I prefer not to bloat the Hanna Code selection drop-down in CKE

Sorry to dig out this posting but I have a similar issue: I tried allowing "button(*)[*]{*}" or "button" or "button(*)" or "button[*]" but Processwire still strips out this html: <button aria-expanded="false" aria-haspopup="true" class="dlbutton dropdown-toggle dropdown-toggle-split" data-toggle="dropdown" type="button"><span class="sr-only">Toggle Dropdown</span></button> The "fun" part: When inserting above in CKEDitor html source code view and pressing OK, it is still there but when I actually save the page, it gets wiped out. Any help would be very much appreciated.

Indeed. Nonetheless, DeepL is of awesome help to translate my website content. I use it as a basis and tweak the result. It saves tons of time. The only missing thing would be more comfort to save me from this copy from Processwire, paste to Deepl, copy from Deepl, paste to Processwire.

Deepl works well with contents with context (entire paragraphs). It's less ideal with single words, definitions or short terms.

"Deepl" is an unbelievably good (paid) text translation service, that mops the floor with Google Translate. They have an API and it would be awesome, if there would be a module, that would integrate it for easy content translation. It could be a right-click context menu on the language tab: It should ask from which of available other language it shall take translate from. What do you think?

Input fields can be checked for correct email syntax. Would be nice if it additionally could check the email against a local database of disposable email address domains, e.g. https://github.com/FGRibreau/mailchecker/blob/master/list.json The disposable email domain database should be selfhosted to avoid any privacy issue (if a legit domain would be transmit to 3rd party). Ideally, Processwire would auto-pull database updates in intervals. Hot or not?

Thanks so much for your help!

I want to output the current local (server) time in 12h format. Would this code interfere with the Processwire core date/time if used in a hanna code? <? $ct = new DateTime("now", new DateTimeZone('Europe/Berlin')); echo $ct->format('h:i a'); ?> Does "new DateTimeZone" only affect this code or would it change the general timezone of the Processwire core, thus risking messing up database date/time stamps?

Thanks. Done that. Thanks again for this very useful module.

Thank you for this useful module. Please allow a minor hint: By glorious GDPR, website owners must provide a privacy policy information. This requirement may include a login page! It's absurd, I know, but even when visiting the login page, personal data (the IP address *sigh*) is stored in the log file. Judges defined this as collecting personal data, web site owners have to inform about. Just to let you know, so a sensitive client is not put at "risk".