1. Hello Guest!

    Thank you for visiting the ClubRunner Community website, you can login using your ClubRunner account information by clicking the login link on the top of every page.
    Dismiss Notice

On Contact Cards and District Directories

Discussion in 'Feedback & Suggestions' started by Mark WILLIAMS on Aug 14, 2021.

  1. Mark WILLIAMS

    By:Mark WILLIAMSAug 14, 2021
    Active Community Member

    Joined:
    Feb 14, 2018
    Messages:
    57
    Likes Received:
    30
    Gender:
    Male
    Occupation:
    Engineer
    Location:
    Network Engineering
    Like many other districts, our district is seriously looking at moving away from printed versions of district directories. Clubrunner can be a huge component of this, and as it is now, it is very very close to being the full replacement, but there are frustrating gaps for us which I will deal with below:

    Principle #1. For a district directory, the directory publisher needs to have control over what is published. We as the district are the publisher, and we are responsible for complying with local privacy laws and should also be able to decide what we do and do not expose in the non-logged-in view and the logged-in view.

    Our district is happy with the non-logged-in view as it is, so the rest of my remarks apply mostly to the logged-in view.

    1. The contact cards need to honour the privacy settings that users put in their profiles. If someone says they want their phone number not exposed on the contact card, then it should be hidden. As of right now we have a workaround of setting the preferred phone number to point to an empty phone number, but that's not ideal. It's not so easy with email addresses, because emptying out the primary email address field makes lots of other things stop working. And by default we want to show phone number and email address to logged-in users so deleting them entirely from the cards is not a solution either.

    2. District admin should be able to choose which fields go on the logged-in contact card. For example, current contact cards contain the home address by default. There may be a world where this makes sense in the 2020s, but our district is not in that world. I can work around this to delete something that is the default view.
    (e.g.
    .memberDirectorClubAddress {
    display:none;
    }
    in the custom CSS upload will hide the home address from all cards.). But what if I want to display a district-defined value on the contact card? This capability is table stakes in printed directories, and that is what we are wanting to replace, right? What if I want to display the business address where it exists? (That would give members the option to have an address displayed).

    3. The eDirectory builder and reports are great, but they should not be available to general logged-in users. These reports are mass contact data and we have made legal comitments to the people and organisation from which we sourced the data about how and why we can disseminate. Anyone can join Rotary these days, so logged-in users are essentially the general public. It's not hard for me as a district admin to generate the reports and place the appropriate ones on a custom page for download. There is no need whatsoever for general users to be able to access these reports and the risks are high.

    Principle #2. Organisation Charts are about positions. The people in them are the input data, not what we are primarily displaying.

    If I want to talk to Joe Bloggs, I send him an email at joe.bloggs@gmail.com. But if I want to talk to the president of the Rotary Club of Yackundagulabi West, then I want to send an email that gets to the President of the Club, and if the President wants all email for the President to be copied to the Executive Secretary, then that should be what happens.

    maybe Joe Bloggs is also the district youth coordinator, and has a different mailbox for all youth-oriented emails which could even be a collaboration/helpdesk mailbox shared with the youth committee (e.g. youth9620@zendesk.com)

    One way to make this happen is to have position-oriented email fields associated with club exec positions, district exec positions and committees. So if I pull up a contact card and send email to the contact then I either get a form that delivers to youth9620@zendesk.com or a link mailto:youth9620@zendesk.com depending on whether I am logged on or not. If the field is empty, then it could default back to the primary email of the incumbent. Similarly for phone numbers. Many office-holders would like their official contact from outside their club to come to their business mobile which they turn off at night but still want their personal cell to be visible at club level.

    I am writing this because I have heard a very disturbing rumour that Clubrunner is considering retreating from its role as the district directory. This would be a disastrous move, because the district directory function, even as it is, is the majority of the value that district clubrunner provides. The rest of the value comes in events and the newsletter, but quite frankly I could do that almost as well and quite a bit cheaper with Wordpress and Constant Contact. I suspect the district product is not the main revenue spinner for Clubrunner, but Clubrunner has got quite a few clubs in our district to subscribe simply because district uses Clubrunner and it integrates.

    upload_2021-8-14_14-53-14.png
     
    Mats Håkanson likes this.
  2. Mickey

    By:MickeyAug 16, 2021
    Moderator
    ClubRunner Team

    Joined:
    Jun 10, 2017
    Messages:
    219
    Likes Received:
    43
    Hello Mark,

    Thank you for posting.

    I’m not certain where you heard a rumour that CR is retreating from its district directory role. But speaking with our team today I can assure you CR is continuing to offer solutions and to support all our valued districts, we only have plans to refine and expand our district features, not to move away from them.

    Saying this, you do bring up some important points about district executive privacy, and our team is currently evaluating your feedback.

    1. At this time a district executive’s privacy settings in their member profile doesn't hide personal info from their “contact card” or what a logged in member sees on a District org chart. We are looking at addressing this privacy inconsistency; in the meantime as a short term solution we may remove the “logged in members” view while we work on this, in other words, the District org chart will display what non-logged-in non-members see (just a yellow email icon link) - this would be displayed to everyone, including logged in members. This way users could still contact any District exec/director but in a more secure way, while we work to address any privacy concerns.

    2. The member profile privacy settings our team is going to be addressing will allow all district members to choose what they do/don’t want to display to other Rotarians.

    All members can view, edit and personalize their own privacy settings:
    https://www.clubrunnersupport.com/kb/articles/how-do-i-edit-my-profile-district
    (look in the “Privacy” tab)

    3. Our team is also looking at increasing the “access level” needed to view district level eDirectory reports. Currently any logged in member can see the eDirectory reports, meaning they can see personal info for club and district executives like email and phone number, etc.

    At this time we are looking to restrict this to club execs, district execs and of course district admins. But we are still in discussion.

    Principle #2 - different emails. This is a good point - members should be allowed to display a different email if they wish to on the club exec or district org chart. Therefore I’ve submitted a user suggestion on your behalf asking to create the option to display a user’s “secondary email” (found in all member profiles) on a club exec webpage, or on the district org chart.

    I cannot guarantee any results but your name is on this suggestion, so you may receive notifications of any progress.

    Also, just to clarify the district website is not just a useful tool for district execs/admins but also a way for “non-ClubRunner” clubs (those without their own club website) to access functions and manage their club online. The district directory, events and newsletters are certainly integral parts of a district website, but there are many other integral features that we positively know our district members use (RI integration for all clubs, email to all members, District version mobile app, advanced reports for district execs, our add-on Grants module, etc.). District websites remain an invaluable resource for all club websites, and we value the immense work district teams (yourself included) put into these websites.

    As mentioned, we only have plans to expand this functionality for our district users in the future. Please let me know if you have more questions.
     
  3. Mark WILLIAMS

    By:Mark WILLIAMSAug 17, 2021
    Active Community Member

    Joined:
    Feb 14, 2018
    Messages:
    57
    Likes Received:
    30
    Gender:
    Male
    Occupation:
    Engineer
    Location:
    Network Engineering
    Thank you for your reply Mickey. Do appreciate your taking the time.

    1. Given that the purpose of a district directory is to allow Rotarians to get access to contact details of officers in the district, removing contact info from the logged-in view is a retreat from the district directory role. To be perfectly clear, our district gets a release from all officors in the district tom place their contact in the district directory. But if that release is not forthcoming, then we are bound to not display that information. We get the release from all but a tiny minority. All I am asking for is the tools to handle that tiny minority. Obviously, simply honouring the privacy settings in their member record is the perfect solution. But we have other workarounds like not having a preferred phone number and removing/changing the primary email address for the really difficult cases now, so we do have a district directory online. Removing the information on the cards would mean that we do not and we have to continue with parallel solutions.

    2. The member profile privacy setting is great, and it works well, except for contact cards. I do hope you can fix that.

    3. The district has no right either under our privacy legislation or under our agreement with Rotary International to be distributing bulk data on memberships of clubs in the district to anybody. We are allowed specifically to use that information for district Rotary purposes only. We have already had one minor storm where a district official used information sourced from the district clubrunner to promote a private but Rotary-related activity. As such, it is absolutely not OK for anyone not specifically given the permission from district and informed about what use may be made of them to access those reports in their raw form. If a club president downloads that data and uses it for a mass mailout, we can be sued. The reports are useful, but they are also dynamite in the wrong hands. It needs to be restricted to district admin and I would suggest the "download member data" district privilege. It is trivially easy to make those reports available as appropriate through "documents" or by other means, so there is no reason why the eDirectory reports interface needs to be available to a wider audience.

    4. Abusing the secondary email field is a dirty hack that would in most cases meet our needs, since that field is not very useful for anything else. But it would not work for someone who has more than one hat and different contacts for the different hats. The contacts in the contact card should really be for the hat and not the person wearing the hat. At least using the secondary email would stop putting hat-related emails that get redirected to someone else at the end of the year in their primary email address field, which sometimes happens now. So it would be progress. Except that I would then need to go and check all the secondary email fields of officers for garbage entries, and that would be a pain.

    Yes. I agree that being part of a district that uses Clubrunner brings a lot of potential extra benefits. I am not seeing our non-clubrunner clubs take advantage of them much if at all, but we've only been going just over 12 months with Clubrunner and that may change. But I have to justify the expenditure for Clubrunner to my district board, and the district directory and e-bulletin capability is what they can see and love. As of right now, non-clubrunner clubs are either just using my.rotary or spending money on a competing product to manage their own clubs and there is no driver for the district to be expending resource to support clubs' own membership management. This will no doubt change over time, but please work with me not to get sued in the meantime.
     
  4. Mickey

    By:MickeyAug 18, 2021
    Moderator
    ClubRunner Team

    Joined:
    Jun 10, 2017
    Messages:
    219
    Likes Received:
    43
    Hello Mark,

    Thanks for this follow up, I'm reviewing these points with our team please allow me more time, I'll be posting again.
     
  5. Mickey

    By:MickeyAug 24, 2021
    Moderator
    ClubRunner Team

    Joined:
    Jun 10, 2017
    Messages:
    219
    Likes Received:
    43
    Hello Mark,

    1 and 2. We are looking at a review and overhaul of our CR member privacy settings, this should address these inconsistencies.

    But since this would be a major task, our team may decide to not display advanced member info (e.g., phone number, address) in “card view” during this time. This might only be a temporary measure - and may not occur at all, as our team is still reviewing.

    3. When a new member, or a even a new non-member “contact,” is added into ClubRunner we ask to receive “consent” from that individual. As such, there is an “I consent” checkbox option when inputting any member or non-member information. That person added is sent an automated email by our system telling them they’ve been added into our system, and to contact CR support if they’d like to be removed.

    Part of this consent is storing relevant information for that person inside ClubRunner and making it accessible to members and to Rotary.org, but still respecting the member’s privacy.

    ClubRunner (and now most online entities) are bound by GDPR (General Data Protection Regulation). ClubRunner consulted legal counsel to make certain the information we store and distribute not only complies with how Rotary.org wishes member data to be accessed, but also complies with worldwide GDPR standards.

    More info about GDPR is here:
    https://site.clubrunner.ca/page/gdpr-and-clubrunner

    We will be evaluating which members should have access to the internal eDirectory reports based on these criteria, as well as your feedback and other member’s feedback.

    4. “Abusing the secondary email field is a dirty hack” - sorry I’m not certain what you mean? We’re looking at making the secondary email field more accessible so members could use a second email address as well as their primary email more easily in ClubRunner.

    There is an alternative for those members wearing 'multiple hats' if they’d like full distinction from their ‘regular’ membership. You could create “Other” users in ClubRunner, assigning any access level you’d like, and associating a different primary email to the Other user profile. More info:
    https://www.clubrunnersupport.com/kb/articles/how-do-i-add-a-non-member-other-user

    Essentially you can create an alternate login and associated email for anyone. Just as an example: you could create a “website administrator” Other user account if you wish, this could be the person in charge of the website. When one person steps down from this role, another steps in - and continues to use that same account (perhaps just change the password).

    Also, I do hope as more clubs become aware that they already have access, they’ll begin to use your district website more. Many times it’s just a matter of getting clubs used to the fact that they already have the district website at their disposal for many of their common club management tasks. We find many clubs are happy to use the district website once they realize they already have access.

    Please let me know if you have more questions.
     
  6. Mark WILLIAMS

    By:Mark WILLIAMSOct 28, 2021
    Active Community Member

    Joined:
    Feb 14, 2018
    Messages:
    57
    Likes Received:
    30
    Gender:
    Male
    Occupation:
    Engineer
    Location:
    Network Engineering
    Hi Mickey,

    3. When a new member, or a even a new non-member “contact,” is added into ClubRunner we ask to receive “consent” from that individual. As such, there is an “I consent” checkbox option when inputting any member or non-member information. That person added is sent an automated email by our system telling them they’ve been added into our system, and to contact CR support if they’d like to be removed.

    Part of this consent is storing relevant information for that person inside ClubRunner and making it accessible to members and to Rotary.org, but still respecting the member’s privacy.

    ClubRunner (and now most online entities) are bound by GDPR (General Data Protection Regulation). ClubRunner consulted legal counsel to make certain the information we store and distribute not only complies with how Rotary.org wishes member data to be accessed, but also complies with worldwide GDPR standards.


    There are a lot of things to unpack here. First of all, here in Australia, we as an australian district organisation are not goverened by GDPR because we do not hold data on individuals in the EU. We are governed by the Australian Privacy act 1988 in terms of what we are allowed to hold and how we are allowed to disclose that data. Incorporated associations are also governed by the Office of fair trading (OFT) in each state in terms of what information we *must* hold records of. Further to that, as a district entity (as opposed to a club entity) we have an agreement with RI which fairly strictly limits the uses to which we may put information about members in clubs. (Clubs "own" the data, not RI, and most certainly not district). Fortunately district has no requirements for holding member information under the OFT, because individuals are not members of the district. But if a club entered member information into their clubrunner and then clubrunner deleted it, there is the potential that you could be putting that club in breach of OFT requirements if they were silly enough not to have other records of membership. "Good" club management software in this country allows clubs to hold residential addresses but not allow it to be accessed by anyone not specifically authorised (by default). If you join a club, your consent is not required for them to store the information, and you have no right to be forgotten. District is different.

    I understand that Clubrunner has to take careful note of GDPR because as an entity it holds information pertaining to individuals in the EU. This does not help us much here in district 9620. For purposes of the law here, D9620 is the owner of its web domain and will be seen as the publisher/discloser of the information and Clubrunner will be seen as our agent. If clubrunner is not compliant then we are bound to not use clubrunner. Also, we need to get the functionality we want in order to justify using Clubrunner. A useful district directory/org chart is a vital part of that. It is more than half the total accesses by our members. I am sure you can see the fine line we are walking here. I am asking for Clubrunner's help in walking that fine line.

    Basically, we need to be in control of what gets disclosed on things like the officer cards. After a great deal of argy-bargy, the district has decided that:
    a) It is OK in the default case for logged-in members to be able to see an email address if such is entered in clubrunner. If someone really objects (and to date nobody has) then we can delete the email address and they miss out on district communications.
    b) By default it is OK to display the preferred phone number. If someone objects, we set the preferred phone number to a blank field. The DG has requested this, for example, and I am sure you can understand why. (Note that if the contact cards obeyed the privacy options in the member record all this would be much easier.)
    c) There is no need for the district to hold or disclose any physical address whatsoever. Clubs can enter them if they want. I have created custom CSS to remove addresses from the contact cards, but I feel I should be able to configure the default cards with checkboxes.
    d) District will not allow bulk download of member data to anyone except a district officer for a district Rotary purpose. (This is a requirement under our agreement with RI). We have a separately published PDF district directory for that purpose and have separately gained consent to publish from everyone who is in it. Personal email addresses are not published in the directory.

    "4. “Abusing the secondary email field is a dirty hack” - sorry I’m not certain what you mean? We’re looking at making the secondary email field more accessible so members could use a second email address as well as their primary email more easily in ClubRunner.

    There is an alternative for those members wearing 'multiple hats' if they’d like full distinction from their ‘regular’ membership. You could create “Other” users in ClubRunner, assigning any access level you’d like, and associating a different primary email to the Other user profile. More info:

    Abusing the secondary address field is a dirty hack because the secondary address field was not designed to be used to send email to a position-based email address which might not be the address the user wants to get email on for another reason, and it is already in use for other purposes in some cases.

    1. Position-based email addresses are often distribution lists and sending a personal email to that address could have unfortunate consequences.

    2. Many Rotarians already have secondary email addresses installed for whatever reason of their own. It cannot be used by default in contact cards - only by exception.

    3. If we take the exception-based approach, then presumably you'd need to configure positions with different emails from the holder's primary address to use the secondary address, and then you would have to go to their profile entry and edit the secondary address. The sensible way to do this would be to check a box on the org chart/committee setup that the address is different, and then enter that address in the org chart/committee setup. When the position is deleted or the holder is changed, then the address is either forgotten or (in our case) transferred, rather than remaining to pollute the profile entry of the previous holder of the position.
     
  7. Mickey

    By:MickeyOct 29, 2021
    Moderator
    ClubRunner Team

    Joined:
    Jun 10, 2017
    Messages:
    219
    Likes Received:
    43
    Hello Mark,

    This is a temporary post, I was not able to review your reply I will do so next week and post here again.
     
  8. Mark WILLIAMS

    By:Mark WILLIAMSOct 29, 2021
    Active Community Member

    Joined:
    Feb 14, 2018
    Messages:
    57
    Likes Received:
    30
    Gender:
    Male
    Occupation:
    Engineer
    Location:
    Network Engineering
    Thanks Mickey. To be clear, except for the issue of e-directory reports being accessible to all logged-in Rotarians, there are no issues that I would describe as "burning" here. I can meet everyone's requirements with a little trouble and workaround.
     
  9. Mickey

    By:MickeyNov 1, 2021
    Moderator
    ClubRunner Team

    Joined:
    Jun 10, 2017
    Messages:
    219
    Likes Received:
    43
    Hello Mark,

    I cannot comment on any legal considerations for GDPR (it's well outside my expertise) except to say that as of the last few years ClubRunner is bound to comply with these regulations as best we can. If there is a small amount of room for adaptability for certain markets, regions, countries, etc., I am not aware of any specifics.

    But if you would like to discuss any specifics about GDPR, or if you find any conflicts with Australian regulations, please create a Support email ticket for us - or click right here - and we'll answer as best as we can, or otherwise direct you to the proper channels. Once more, I am unable to comment on any legal implications.

    I can however let you know we're still working on making the District Org chart respect the individual executive's member profile "privacy" settings. Meaning if the exec doesn't wish to show their cellphone, or address, etc., to logged in members it won't show in the District org chart. We are still working on this update at this time.

    Also, I've reiterated to our team about the suggestion to allow all club or district execs to choose their secondary emails on club exec or district org chart pages - if they wish. Therefore the President of a club could put in an alternate email, or no email at all, into their secondary email address to determine what info would get shown on the pages when a Rotarian is logged in.

    I am unable to make any guarantees about the suggestions, or any timeline of completions, but if you have more questions please post again.
     
Top