Mediterranean Gardening France

What's New? / Quoi de neuf ?

FAQ
Join / Adhérer
Contact Us / Nous contacter

Managing MGF Roles

From time to time, the MGF management team will change; new members will take on roles from those currently holding them, new roles may be created or deleted. This page describes the actions to be taken in each of these cases to maintain the operation of the site in general and the Member App in particular.

IMPORTANT NOTE: Although other roles may come and go, deleting the role of Membership Secretary involves special actions as, with the exception of broadcast messages, all communications to the membership are sent by the Member App from the Membership Secretary. If the role of Membership Secretary is to be abolished, then another role must be selected to replace it as the sender of communications. See below for the actions to be taken.

Change of incumbent

When a person is replaced as the holder of an MGF role, do the following:

  1. Change the profile of the departing holder to ‘Member’.
  2. Change the profile of the new holder to reflect their new role.
  3. Login to the host site and change the forwarding address for mail to the role in question to that of the new holder.

Adding a new role

If a new MGF role is established, do the following:

  1. Add a new record to the privileges table.
  2. Add a new record to the email addresses table.
  3. Login to the host site and add a mailbox for the new role with mail forwarded to the holder of the new role.
  4. Add the new role as a sender in Brevo.
  5. Change the profile of the holder of the new role to reflect their new position.

Deleting a role

If an MGF role is to be deleted, reverse all the actions taken for adding a role.

Deleting the role of Membership Secretary

If the role of Membership Secretary is deleted, another role must be assigned to perform the function of sender of communications to the membership. Once the role of the new sender has been identified, changes must be made to three Member App scripts as follows:

  • email_texts.php: change the code which gets and stores the personal details of the Membership Secretary to get those of the person who holds the role of new sender;
  • email_texts.php: change all occurrences of ‘Membership Secretary’ and ‘Secrétaire des adhésions’ to the title of the new sender;
  • member_email.php: change all occurrences of ‘Membership Secretary’ and ‘Secrétaire des adhésions’ to the title of the new sender;
  • member_email.php: change all occurrences of ‘membership@mediterraneangardening.fr’ to the official email address of the new sender;
  • admin_email.php: change all occurrences of ‘Membership Secretary’ to the title of the new sender;
  • admin_email.php: change all occurrences of ‘membership@mediterraneangardening.fr’ to the official email address of the new sender;
  • admin_email.php: remove ‘membership@mediterraneangardening.fr’ from all lists of recipients of the emails.

Unless it is absolutely essential to have more than one, it is advisable to have only one sender of communications to members (apart from broadcast messages). Having more than one sender would involve multiple changes to the Member App.

Loading

Protection of Personal Information

Introduction

The EU’s data protection regulation (GDPR) and other privacy legislation grant certain rights to individuals regarding their personal information. As a consequence, they place obligations on organisations which hold personal information in the way that their systems (electronic or manual) store and process it. As a formal organisation under French law, MGF must be compliant with this legislation, not only with regard to the Member App which handles the personal information of its members but also the public website. This page sets out those privacy provisions which impact the construction and operation of the website and how these provisions are met. It does not discuss the impact of privacy regulation on the non-website matters of MGF management.

Privacy requirements

Below are the principal privacy provisions which affect the way the MGF website is constructed and operated. There are two pieces of legislation involved:

  • The General Data Protection Regulation (full text here);
  • EU directive 2002/58/E as amended in 2009, Article 5.3 and translated into French law as the Loi n° 78-17 du 6 janvier 1978, article 82

GDPR Article 5 states that personal data shall be adequate, relevant, limited to what is necessary, kept up to date with mechanisms to ensure that personal data that are inaccurate are erased or rectified without delay. Further, that it is processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss.

GDPR Article 13 is a list of the information that an association must provide to new members including, for example, the purposes for which the personal information will be used and how any inaccuracies may be corrected.

GDPR Articles 15, 16, 19 & 20 give members the right to access their personal information and to request rectification or erasure of it, together with the right to complain to a supervisory authority. An association is also obliged to tell the member about any rectification or erasure of personal data. Members have the right to request a copy of their personal data in a commonly used electronic form.

GDPR Articles 25 & 32 oblige an association to ensure that their systems for processing personal information have appropriate levels of confidentiality, integrity, availability, resilience and recovery.

GDPR Articles 44-46 set out the conditions under which personal information can be transferred out of the EU.

GDPR Article 89 sets out the conditions under which personal information may be retained for statistical purposes.

Article 82 of the Loi n° 78-17 du 6 janvier 1978 relates specifically to cookies and states that users must always give their consent to the use of cookies once they have been given clear information as to their purpose. However, consent is not required for cookies that are essential for the proper provision of services which the user has specifically asked for.

Meeting the requirements

Nature and quantity of personal information collected.

The amount of personal information collected by MGF is only that needed to identify members, where they live and to communicate with them. The only mandatory items are name, post code, town, country, email address and a language preference. This information is stored in the Member App by the membership form on the website or, if supplied manually, by a member of the MGF Member Management team using the ‘Add a new member‘ function in the Member App.

Meeting the Article 13 requirements

The ways in which MGF meets its Article 13 requirements is set out in its Privacy Policy. This is available on the public website and within the Member Area (‘View administrative documents‘). The Member App sends a copy of this to applicants after they have completed the membership form. It also sends a copy of the latest version of the Privacy Policy to existing members along with subscription renewal notices and reminders.

Inspection by members of personal information held and its rectification where necessary

All the personal information collected by MGF is available at all times to members via the ‘View and update your profile’ function of the Member App and can be modified them at will. Personal information can also be modified by a member of the Member Management team (‘View the list of members‘ function). In both cases, a record is added to a table (wp_mgf_member_change_log) which records the state of the member’s profile after the changes have been made, together with the date and time of the change and the name of the person making it. In addition, the Member App sends an email to the member. For changes made by members themselves, the email just states that someone has changed their profile and that they should ensure that, if they did not make the change themself, they should contact the Membership Secretary. For changes made by an MGF manager, the email shows the complete new profile so that the member can check that it is correct.

Members’ right to request a copy of their personal data in a commonly used electronic form.

The personal information that MGF holds is common place and of limited quantity. That information is also available directly to the member online at all times. Given this, it is unlikely that any member will wish to exercise this right. If some member does invoke it, the easiest option is to copy the information into an Excel spreadsheet and send it to them.

Confidentiality, integrity, availability, resilience and recovery

The entire MGF website is protected from unauthorised access by a firewall provided by the Wordfence plugin. The Member App requires a login to see personal information. Ordinary members can only see their own personal information. However, if they are signed up to the Member Directory, they can see a limited amount of personal information about the other members of the directory via the Member App function ‘View the member directory‘. Changes to personal information are made using Member App functions which are logged. Provided that the website is operational, personal information is available at all times. The website is automatically backed up daily by the BlogVault plugin. In the event of data loss, information can be recovered from the backup via the same plugin.

Transfer of personal information outside of the EU

In view of the complications surrounding the acceptability of countries to store EU citizens’ personal information, all MGF personal information is held with the EU. This applies to both the hosting of the site and the backups taken by the BlogVault plugin.

Requirements for archiving

When people cease to be members, MGF archives a limited set of their personal information for archive purposes. This retained information is only available to the members of the Former Members Management team. For more details, see here.

Cookies

The MGF site consists of two sections: a public section open to all and a private section only accessible to members. None of the pages of the public section use cookies. However, there are some cookies associated with the private section. For example, WordPress itself uses a cookie to keep users logged in. All of these cookies are used to ensure the correct operation of the site and the only personal information stored in these cookies is that which the member has freely provided when they joined. As a result, they are exempt for the need for consent.

Strictly speaking, the site should have a consent box explaining the above to visitors of the site. However, it has been decided not to do this. In the event that it does become necessary, then the plugin CookieYes | GDPR Cookie Consent should be activated, after having revised (if necessary) the texts that it displays.

Loading

Members, Users and Roles

Member Roles

All members can access the Member App but they can see and do depends on who they are. This is determined by the roles to which they have been assigned. The Member App uses two separate sets of roles: the standard WordPress roles and MGF-assigned ones. The WordPress roles are used to define member permissions for WordPress functions; the MGF-assigned ones for MGF functions.

WordPress roles

In WordPress, a user is defined as a person who can do things which a casual visitor to the site cannot. They must have a user name and a password. All members of MGF are WordPress users and they select their user name and password when they join. However, if a new member’s details are entered into the system by an MGF manager, it is the manager who selects the user name and password. These are then communicated to the user with instructions to change them to values of their own choice.

WordPress user roles (of which there are six) determine what users are allowed to do in terms of content creation and site management. As content management in MGF is confined to the Website Editor and Manager, these different roles are not relevant in the context of MGF. However, they are useful to control what functions different types of member can use in the Member App. Of the six WordPress roles, MGF uses three:

  • administrator;
  • contributor;
  • subscriber.

Administrators have total access to all administrative and content creation features of the site. If a member is given an official role in MGF – Event Coordinator, Newsletter Editor and so on – they become ‘contributors’ which gives them access to administrative functions in the Member App. All other members are ‘subscribers’, meaning that they can only use functions that relate to their own personal information. In addition, they have access to information available to all members, such as financial reports and minutes of meetings.

WordPress roles are stored automatically by the relevant Member App functions in the WordPress database (wp_mgf_options table under the serialized wp_user_roles option). There is no need for any other action by a member of the MGF management team.

For a complete description of WordPress roles, see here.

MGF roles

MGF has twelve roles for those involved with the administration of the association:

  • Event Coordinator Occitanie
  • Event Coordinator Vaucluse
  • Event Coordinator PACA
  • Secretary
  • Membership Secretary
  • Information Manager
  • Treasurer
  • Newsletter Editor
  • Horticultural Consultant
  • Social Media Manager
  • Website Editor
  • Website Manager

All other members have the role of ‘Member’. This role is assigned automatically to new members when joining MGF. Assignment of the other roles is performed in the Member App by displaying and then modifying the member’s profile. Assigning a role (or removing one) will automatically update that member’s WordPress role as defined in the previous section. MGF roles are stored in the database as entries in the wp_mgf_usermeta table using a meta key of ‘mgf_role’.

With the exception of the Membership Secretary, more than one person can hold a given role but no individual may have more than one role. Only one person can hold the role of Membership Secretary because the Membership Secretary is the signatory of all the automatically generated (transactional) emails that are sent by the Member App (e.g. acknowledgement of a subscription payment). The script that displays a member’s profile checks that someone (and only one person) has this role and issues a warning if this is not the case. The sending of a transactional email will fail if there is no one with the role of Membership Secretary (or more than one).

There are restrictions regarding which administrative functions are available to different members of the management team. Team members are grouped as follows:

  • A: administrators: full privileges across the site;
  • M: the Membership Management team: those able to modify member information (including subscriptions);
  • F: the Former Member Management team: those able to see and manage former member information – to comply with GDPR, membership of this team must be kept to the strict minimum;
  • G: generalists: those only able to see membership information and also to carry out non-critical functions (e.g. sending messages to members).

The relationship between MGF role and allowable functions is defined in the Privileges table (accessed from the wpDataTables dashboard menu item). Each script in the Member App has a statement defining which group may use it and uses the Privileges table to check that the person trying to use it has sufficient privilege to do so, thus:

$privilege_level = ‘G’; // This is a general management function available to all members of the MGF team

For how to add and remove MGF roles, see ‘Managing MGF Roles‘.

Managing the Membership

When people join MGF, the personal information that they provided on the membership form is stored in the WordPress database. In addition, the following items used to manage their membership are also stored:

  • the date they joined MGF (date of completing the membership form);
  • the expiry year of their subscription (all subscriptions expire on 31 December). Normally, the year will be the year in which they joined but if they join after 30 September the expiry year will automatically be set to the one following;
  • the length of their subscription in years (normally one but exceptionally can be more);
  • their subscription status (see next paragraph);
  • their MGF role (see above).

Modifying member information

Although members have the ability to amend all of their own personal information, members of the Membership Management team can also change this information when necessary. Whenever a member’s personal information is changed (by either themselves or by an MGF manager), they are sent an email notifying them of this.

Members of the Membership Management team can also change the management information described in the previous paragraph.

Subscription Status

When joining, new members are assigned a subscription status of ‘Applicant’. Once their subscription has been received, their status becomes ‘Good standing’. At the end of each calendar year, subscription renewal notices are sent by the Member App to those whose subscription has expired. Their subscription status is then set to ‘Subscription renewal notice sent’. If they renew their subscription, their status is returned to ‘Good standing’.

Subscription Renewal Process

At the beginning of January, the Member Secretary will initiate a Member App function that sends an email to those members whose subscriptions have expired, inviting them to renew. At the beginning of February and March, the same function will be used to send a reminder to those who have not yet renewed. At the beginning of April, the function is used to inform those who have still not renewed that they have ceased to be members of MGF and their personal information is removed from the active member file (see next paragraph).

Former Members

GDPR dictates that, when a person ceases to be a member of an association, all processing of their information must cease and, in principle, that information must be deleted. However, where the association has a legitimate interest to retain some personal information it may do so, provided that access to it is kept to the strict minimum. In accordance with GDPR, MGF policy is to remove former member information from the active member database and to retain a small amount of information for management and statistical purposes. This is stored in a separate file that is only accessible by the Former Member Management team (see MGF Roles above). The Member App provides two functions to carry out this process. First, the final stage of the subscription renewal process will remove all those who have not renewed their subscription by the end of March. Second, an option in the View Member Profile allows a member of the management team with sufficient privilege to remove an individual member.

Loading

Site Management and Administration

Hosting Platform

All web sites need a hosting platform of the visible content and the code that supports it.

The MGF site is hosted in France by the service provider PlanetHoster. The access codes to this site are in the MGF Dropbox: Site coordinates.txt.

Within PlanetHoster, the code and content of the site are held in two separate areas: the public_html folder as used by all websites and an SQL database. The first can be accessed via FTP. In normal circumstances, access to the second is not required but if it is, it can be reached by use of the WP-phpMyAdmin plugin from the adminstration dashboard (see next section): open the plugin and click ‘Enter local php MyAdmin’. For more details about hosting, see the Internet Service Provider page.

It is possible to have more than one WordPress system on a single site, see the Multiple Sites page.

NOTE: The PlanetHoster platform contains the entire site; nothing is held anywhere else. However, the site is also backed up daily (automatically) to a remote site located somewhere in the European Union via the BlogVault plug-in.

Dashboard

The dashboard is the control panel for the entire WordPress website. It is used to create and manage content, add functionality, change styling and so on.  To access it, a user must login. What any user sees in the dashboard depends upon their access privileges. Administrators see everything but all other users see only the MGF Member App.

The dashboard has three elements: at the top, a taskbar; on the left-hand side, a sidebar with a menu of different functions; on the right-hand side, the dashboard for the MGF Member App. The layout of each of these elements can be modified but it will not normally be necessary to do so. Some functions available in the dashboard will relate to content creation, others to administrative functions or the MGF member app. For a complete list of all these functions, see here.

Backup & Recovery

Backup and recovery of the site is performed by the BlogVault plugin. The backup data is stored in a different location from the site hosted by PlanetHoster. Although the location of the backup site is unknown to us, it is within the EU and so meets GDPR requirements.

Plug-in / WordPress Core updates

Regularly, there will be upgrades to both the WordPress core and to plugins. Unless there is a good reason not to, these upgrades should be made as soon as possible in order to maintain the integrity and security of the site. If in doubt concerning an upgrade (for example, a major new release of WordPress), then it is advisable to carry out a special backup of the site before executing the upgrade.

Pending upgrades are notified in a number of ways:

  • In the taskbar at the top of the dashboard, next to ‘Mediterranean Gardening France’, is an icon consisting of two circular arrows and a number which indicates how many upgrades are pending. Clicking this icon will open the updates panel in the dashboard.
  • Hovering or clicking ‘Dashboard’ in the dashboard sidebar will show a sub-item ‘Upgrades’ together with the number of pending upgrades. Clicking this sub-item will open the updates panel in the dashboard.
  • In the dashboard sidebar menu, the number of any pending plugin upgrades will be shown next to the ‘Plugins’ menu item.
  • Whenever a new upgrade is available, Wordfence, the security plugin, will send an email to intmedgard@gmail.com.

Site Security

The site is protected by the Wordfence plugin.

Email Addresses & Messaging

As an organisation which communicates with its members solely by electronic means, email addresses are very important to MGF. For details on how MGF manages these, see Email Addresses.

To send messages to the membership, MGF uses the Brevo messaging service.

Costs

Costs for the site consist of the hosting of the site (including registration of the domain name) and the annual fee for a number of premium version plugins. In theory, the site also has to pay to use Google Maps (the Gardens to Visit page). However, the number of free hits that are allowed is greatly above anything that the site is likely to need. Nevertheless, a monthly invoice is sent with an amount due of zero. A perpetual licence was purchased in 2020 for another premium plugin, wpDataTables, so there are no ongoing costs for this. MGF has an account with each of the suppliers of the paying elements. All have been set up to use the MGF credit card. As with all such arrangements, the card details have to be updated from time to time. Payment details and invoices can be accessed by logging in to the appropriate account. Login credentials for all these accounts can be found in the MGF Dropbox. The following table details all cost elements (prices as per date at foot of page.

CompanyProductCur.CostExc. Rate€ CostDue Date
PlanetHosterSite hosting / domain name72.00172.006 Dec
BlogVaultBackup / recovery$89.001.180.9124 Apr
PremioFolders18.75117.0523 Apr
WPFormsForms$99.001.190.008 Nov
WordfenceFirewall$119.001.1108.1830 Apr
TOTAL368.14

Loading

Technical Implementation

A WordPress installation has two components: a MySQL (MariaDB) database and a collection of folders in the site’s public_html folder.

The Database

The database is the heart of the system. Other than images and items like PDF documents, the database includes all of the site’s content. WordPress installations have no permanent HTML files; they are all generated dynamically from the database when called. All changes to a page are stored in the database, meaning that the Gutenberg editor can be used to go back to earlier versions if necessary. In addition to the page content, the database contains all user information. There are also tables which are inserted and used by plugins, both commercial and those developed by MGF. For example, the tables used to generate list pages are a combination of tables generated by the wpdatatables plugin and MGF information imported from the spreadsheet system used on the old site. For more details on the database see the WordPress Database page.

The public_html folder

The public_html folder contains all the code needed for the installation and operation of the site:  This includes:

  • the standard WordPress code (the ‘core’);
  • plugins (additional code provided by external suppliers or developed by MGF);
  • code for themes;
  • other MGF-developed code (principally for the Member App).

WordPress code is written in PHP. The standard code (the ‘core’) can be found in the root public_HTML folder as well as the subfolders wp-admin and wp-includes. Some core code and all site-specific code and content can be found in the wp-content subfolder.

The public_html folder also contains the Media Library where images and other self-standing files such as PDFs are stored.

Loading