In an effort to deliver Kajabi as a completely GDPR compliant platform, we have searched our application for areas where we could improve communication and provide a more consensual data sharing experience.
When a potential customer clicks an Affiliate User's link, a cookie is placed on their browser for 30 days. As long as the customer completes the purchase using the same browser within those 30 days the sale (or a percentage of the sale) will be attributed to the Affiliate User.
Previously, an Affiliate User could export the names and email addresses of the customers who purchased through their Affiliate Link.
For example, if John purchased an Offer through Jane's Affiliate Link, Jane would be able to export John's contact information for use on Jane's site or emailing list.
This was an issue with the GDPR going into effect because John did not give Jane consent to collect Jane's information in this example.
In this article:
The solution we chose to implement is to provide null data when an Affiliate User exports customer information from their Affiliate Dashboard.
When an Affiliate User exports customer purchase data the CSV will be filled with an anonymized version of the customer contact information.
For instance, if John Smith, firstname.lastname@example.org purchased through the Affiliate's link, the CSV purchase report would only populate:
rather than populating all of the customer's contact information:
John Smith, email@example.com"
Exported Purchase Summary from the Affiliate's Portal:
This will effectively keep Kajabi GDPR compliant.
Can the Site Owner still access the customer information?
Site admins still have permission to use and collect customer information so long as they are given consent via a checkbox on the checkout page or another permission medium.
The Site admin could potentially add a clause to their terms and conditions stating that the information given at checkout may be shared with Affiliate Users of the site.
Another solution would be to add another checkbox on the checkout page clearly asking your customers to agree to share their information with Affiliate Users on the site.
Read GDPR: Your path to compliance for more details.