The dilemma of hosting a mailing list inside WordPress

For this site’s automatic e-mail service I use Mailpoet. I love this plug-in. It’s a plug-in that focuses on it’s core service: sending a well designed e-mail in bulk. Before switching to Mailpoet I used Mailchimp. Mailchimp has increased its possibilities up to a point where you would now need to follow a course to understand how to use it. I still have other mailing lists running in Mailchimp and would love to move those lists into Mailpoet as well. There is one big thing that bothers me about using Mailpoet, though. The data is stored in the WordPress database.

As someone whose WP sites have been hacked in the past, I feel uncomfortable that personal data of readers being stored in a place that is known to be hackable. Especially when that data is collected for business purposes. Of course I take precautions to keep plug-ins and WP up to date and I use a solid password for login. My hosting company has proper firewalls in place as well, but is that enough protection when storing personal data inside the WP database? I can rely on a service like Mailchimp to protect their servers, since it’s key to their existence. A breach into their servers means they lose business. On my own website I would never be able to replicate such a level of data security.

On the other hand I feel uncomfortable that Mailchimp, or any other mail service, hosts a list containing personal data of my readers. They, a third party, store my data. With Mailpoet I at least fully own the data that I collect, but that comes with more responsibilities.

Mailchimp proved to store data about my readers that I didn’t ask for. Therefore I will move all my mailing lists out of their service. The dilemma is where to move the data to. I’m thinking along two lines.

Option 1

Use Mailpoet for all my mailing lists. This requires extra security safe guards to be implemented on my WP sites, but I’m not sure what should be good enough. What plug-ins and adjustments are really necessary to increase security on a WP website?

Option 2

Choose a different service, similar to Mailchimp, where I store subscribers and that handles the sign-up and sending part. I’m looking at NewsletterGlue for WP integration.

I would really like option 1, but have this nagging feeling that option 2 is the safer and simpler option.

What would you choose? Am I worrying too much about my website getting hacked? Can you point me to solutions I’m overlooking? Would love to hear your thoughts on this.

Door |2021-03-29T16:10:11+02:0029 maart 2021|datadieet, flow|0 Reacties

Mailchimp gives me more than I want

I discovered a disturbing thing yesterday when exporting my Mailchimp e-mail contacts for IFF. Mailchimp has more personal data than I asked for. When signing up for my weekly digest, all I want to know is an e-mail address. It’s the only thing I need to know for sending an e-mail to a person. I deliberately do not ask for names or other details. The less I know, the better considering the chances of data breaches and GDPR legislation. After exporting my contact list from Mailchimp I found out the service has more data on record than I asked for. For instance for one person who registered for my e-mail subscription list I have a first name, a last name and birthday on record. I’ve never had input fields for that information in my subscription form, so how do those personal details end up in my contact list on Mailchimp?

The only explanation I can think of is that Mailchimp keeps unique ID’s based on an e-mail address. The data that person discloses to a Mailchimp mailing list then ends up in all other mailing lists that person subscribes to using the same mail address. A hint for that explanation are the ID numbers that I also received in my data export from Mailchimp. All users are assigned two ID numbers, a LEID and an EUID. This is Mailchimp’s explanation about these ID’s:

LEID is the unique identifier for a contact, specific to an audience. EUID is the unique identifier for a contact on the account level, across all audiences.

Whatever the reason and mechanics behind Mailchimp’s user ID’s, I’m really shocked to find out I own personal data I never asked for. Even worse, the person subscribing to my mailing list never agreed for me to have that data. A serious breach of trust (and the law).

There is more data in the export file. IP address is logged at opt in and again when confirming ones subscription. Latitude and longitude. And based on that information country and province are logged. I was under the assumption I only asked for an e-mail address and that would be the only thing on record. I was wrong.

My conclusion is that I should never have used Mailchimp in the first place for sending my automated blog digest. I exposed my readers to a data collector. I deeply apologize for that.

I am now switching to a WordPress plugin called Mailpoet. The sign-up data is stored in the database belonging to this blog. The only data I transferred from Mailchimp to my blog are e-mail addresses, as subscribers agreed to when signing up. The only extra information that is logged are IP addresses when signing up and confirming. With that data I can prove consent for signing up to anyone asking (or a subscriber to prove an e-mail address was misused for signing up). I will delete my account for IFF with Mailchimp and remove the export files on my computer.

This case clearly shows how easy it is to collect excess data. Lesson learned.

Door |2020-08-04T15:24:41+02:004 augustus 2020|datadieet, flow|2 Reacties
Ga naar de bovenkant