Sam0101 Posted October 1, 2023 Share Posted October 1, 2023 I am curious about how other people using WHMCS manage the UK law for maintaining invoices. If a customer cancels, the data retention process seems to delete all associated invoices, which means that the invoice data is lost. With GDPR and the law for maintaining invoices, how do you set up WHMCS to comply with both, without manually taking backups of all customer invoices? 0 Quote Link to comment Share on other sites More sharing options...
indieben Posted October 5, 2023 Share Posted October 5, 2023 (edited) Hey Sam, Very interesting question - I'm in the UK to. I'm finding significant issues with WHMCS and over 100 TLDs appearing to be incompatible with WHMCS. I also asked them if there was any way of adding unique TLD terms and conditions to the sales dialogue and I was pointed to a page where you have to semi-code it (making copies of WHMCS system files) and DIY. Add to that the data entry involved in WHMCS having no ability to add bank fees or currency transfer fees and you end up with a mammoth amount of manual data entry and very complex Excel spreadsheets. WHMCS also recently had a price increase for their ENOM reseller account (the prices that they make available to us) and WHMCS didn't even notify us let alone provide a summary of changes. This leads to a situation where you have to appear to be quite a shady operator, putting in your terms and conditions that the price shown for TLDs is not the final price guaranteed, and can be subject to change at any time, including after order (probably not even technically legal in terms of UK Consumer Rights). Not intending to hijack your thread - the main point I am making is, if they can't even get TLD sales right (and every web host needs them), despite professing to be a complete solution to such an extent as excluding over 100 TLDs from being able to be sold, God help us with complying with GDPR. WHMCS just don't seem to care. The answer to everything is "shove it in a feature request" and if it gains traction they **might** do something. I have seen examples of feature requests that have gained traction that still haven't been actioned though, sometimes over quite a few years. I'm a year in, deeply disatisfied with WHMCS and seriously considering getting rid of it. Last year, I begrudgingly kept it and surcumbed to mass data entry. Unless anyone here can come up with a better answer, presuming you're a newbie to WHMCS, hopefully I can shortcut the experience for you: they'll tell you to code it yourself - that then becomes a nightmare when it comes to WHMCS issuing updates. If you're going to start coding for yourself, you might as well code the whole thing just the way you like it and avoid version compatability issues and over-writes. Edited October 5, 2023 by indieben 1 Quote Link to comment Share on other sites More sharing options...
DennisHermannsen Posted October 5, 2023 Share Posted October 5, 2023 On 10/1/2023 at 8:12 PM, Sam0101 said: how do you set up WHMCS to comply with both, without manually taking backups of all customer invoices? You take automatic backups of the invoices. However, WHMCS doesn't provide an easy way of exporting an invoice so you basically need to create a script that physically logs in as admin and downloads the invoice. We're transferring the invoice to a remote server once it's created. We still need to find a solution to WHMCS removing line items from invoices, though. That part seems to be hardcoded into the software without any hookable events, so I suspect there's nothing we can do about that. 0 Quote Link to comment Share on other sites More sharing options...
WisTex Posted October 11, 2023 Share Posted October 11, 2023 Are you sure that the GDPR requires you to delete their account? The billing information in WHMCS is directly related to the invoices and VAT records, which you are supposed to retain. It does not make sense that the right to be forgotten includes financial and tax records. If that was the case, people could just call up their credit card company and tell them to delete their account so there is no record of what they owe or where to send the bill. https://www.gdpreu.org/right-to-be-forgotten/ One of the exceptions of the right to be forgotten is "If the data is used to comply with a legal obligation or ruling." It sounds to me that, if you are required by law to keep the invoices and the contact information related to that invoice, you are not required to delete their account under the GDPR, even if they ask you to do so. Their contact information is directly related to the financial transactions on their account. They should not be able to delete that. But, I am not an attorney or solicitor, so you may want to check on that yourself. But if you could delete your contact information at your bank or vendor, that would just be silly. 0 Quote Link to comment Share on other sites More sharing options...
DennisHermannsen Posted October 11, 2023 Share Posted October 11, 2023 1 hour ago, WisTex said: Are you sure that the GDPR requires you to delete their account? The billing information in WHMCS is directly related to the invoices and VAT records, which you are supposed to retain. Absolutely. A lot of other stuff is saved on their WHMCS account; IP address, support ticket history, their email address etc. You need to save the invoices, that's it. If the customer asks to have their account deleted, you must delete their account. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.