Providing personal information is often a necessity to use or even access websites such as Facebook, Twitter, LinkedIn, and even our Higher Logic platform. Because of this, data privacy is of paramount importance to today's Internet users.
Understanding this, the Higher Logic platform gives Super Admins complete control to:
- set default privacy settings for all of your members,
- restrict access of Higher Logic staff to your site,
- restrict the types of personal information that can be viewed and exported in reports across your site, and
- manage GDPR compliance for your members.
NOTE: Each Higher Logic user can manage their own privacy settings from their Profile > My Account > Privacy Settings page (refer to the Privacy Settings section of Manage Your Inbox & Account Preferences for more information).
Manage privacy settings
As a Super Admin, you can control the visibility of Personally Identifiable Information (PII) that displays in reports and exports run by Community Admins and/or members (there are several areas where your members can export user information, like the Member Directory or Community Admin reports).
NOTE: These settings do NOT impact what's displayed on a user's profile (each user has full control over their own privacy settings).
NOTE: PII data is always included in reports and exports by Super Admins, even PII that is toggled off is included.
To manage your PII settings:
- In the Admin Toolbar, click Admin.
- Navigate to Settings > Security > PII Access.
On this page, you can control what personal information can be included in these reports by checking the appropriate boxes. For example, if you do not check (or uncheck) Email Address and Phone Numbers, this information will be excluded from all Higher Logic reports and exports, even if a user's profile privacy settings are set to show this information.
NOTE: This exclusion rule is not applicable to reports and exports run by Super Admins. Their reports and exports will always include all PII, irrespective of these settings.
Manage Higher Logic access
Higher Logic staff generally only access your site to:
- Prepare your site for go-live during the implementation process
- Address customer support cases
- Reproduce and validate product issues
However, our goal of providing support must be achieved in accordance with your organization's privacy wishes. Because of this, Super Admins can establish the guidelines for Higher Logic access to your site.
NOTE: Any changes made on this page are sent to all Super Admins via the Higher Logic Staff Access Changed Notification email. To manage this template, navigate to Admin > Email > Email Management > Email Templates and select the Data Privacy category.
NOTE: All Higher Logic staff access is logged in the Impersonation Log report. To view this report, navigate to Admin > Reports > Logins.
NOTE: Higher Logic staff are limited to read-only access to this page (i.e., they cannot change your privacy settings, only view them).
To manage Higher Logic staff access:
- In the Admin Toolbar, click Admin.
- Navigate to Settings > Security > Higher Logic Access.
Here, Super Admins can control:
Login Session Length
You can define (in minutes) how long Higher Logic staff can access your site (if you allow them to access it at all).
Here, you can set a specific access level for each Higher Logic department:
- Customer Support - Staff who provide assistance by answering your support tickets.
- Quality Assurance - Staff who review updates to the software to ensure they meet our quality standards.
- Sales and Marketing - Staff who explain our software and what we offer to clients (and prospective clients).
For each department, you can restrict access altogether OR set one of three user roles to control their level of access to your site's content and your member's information:
- Member - Grants Higher Logic staff the same level of access as one of your members.
- Non-Member - Grants Higher Logic Staff non-member access to your site (i.e., they can only view public content).
- Administrator - Grants Higher Logic staff Super Admin access to your site, meaning they can access everything and manage your Community site's settings.
NOTE: To restrict access for a department altogether, uncheck all three user roles.
In some situations, you may want to give a specific Higher Logic staff member access to your site (e.g., they need additional access permissions to address a support ticket). If so, click Add, select the staff member, the time period they'll have access, and their level of access.
Any Higher Logic staff with active sessions are listed here, along with the start and end date of their session, the role(s) they have been given, and any actions they've performed.
Impersonation is often used by Super Admins to perform an action on behalf of a member at his/her request. It's also often used to troubleshoot reported problems that are difficult to recreate in other ways due to unique data/user-specific conditions. See Impersonation to learn more.
NOTE: Higher Logic staff cannot impersonate a specific user on your site: We can only use the generic Member and Non-member impersonation options. This may necessitate screen-sharing and other techniques to resolve issues that we were able to troubleshoot through impersonation in the past.
NOTE: By default, the ability to impersonate is OFF, but Super Admins can turn it on or off at any time, and even turn it off permanently (if turned off permanently, you must submit a support ticket to Higher Logic to turn it back on).
NOTE: If impersonation settings are changed, the Impersonation Settings Changed Notification email is sent to all Super Admins. To manage this template, navigate to Admin > Email > Email Management > Email Templates and select the Data Privacy category.
NOTE: The Member Impersonation Notification email is sent to users when their account is impersonated. To manage this template, navigate to Admin > Email > Email Management > Email Templates and select the Data Privacy category.
NOTE: The first time an authorized admin impersonates a user, they'll be required to agree to the Impersonation Terms and Conditions, which can be configured on the Admin > Settings > Security > Terms and Conditions page. From there, select Module from the dropdown to the right of the page title, select Impersonation TC, and then click Edit.
NOTE: All impersonation instances (including by Higher Logic staff) are logged in the Impersonation Log report. To view this report, navigate to the Admin > Pages > Reports page. On the Logins tab, click the View Report button for the Impersonation Log report.
To manage impersonation:
- In the Admin Toolbar, click Admin.
- Navigate to Settings > Security > Impersonation.
On this page, you can configure whether impersonation is ON or OFF. If ON, you can control whether:
- all or only specific Super Admins can use it and
- how long each impersonation session can last.
Countries have been enacting legislation in order strengthen individuals' data protection by regulating how organizations and individuals obtain, store, use, and dispose of personal data. Visit our Compliance & Security section where there are product-specific data-privacy articles in addition to the following regulations.
- European Union legislation - GDPR Resources
- United States legislation - CAN-SPAM and Anti-Spam Requirements
- Canadian legislation - Canada's Anti-Spam Legislation (CASL)
- State of California legislation - California Consumer Privacy Act