All Contacts visible to all users

[gjenn07]

I'm looking at using Admidio as our membership management system, and for the most part it meets our requirements, except that any logged in user can see the entire list of users on the system.

For data protection and our privacy policy, it is not permitted for all users to be able to see the names of the entire membership
I cannot find any way of hiding the Contacts option on the menu, and no configuration of the roles hides the list from view from those that should not have access to it.

Is there something I have overlooked, or is there a way to overcome this issue? It seems an odd oversight for GDPR compliance.

[fasse]

You can handle this with the following preferences of each role View role memberships and View profiles of role members . Set those values to your needs.

[gjenn07]

unfortunately the solution you have suggested does not work, so we can't go any further with this product and will look for another solution that allows us to comply with GDPR.

[fasse]

Please have a look at our demo page there the user member only has the right to view members of the youth group role, where he is member. Also the roles of the board and admin are visible for all users. The user member doesn't have the right to view all other profile.

But everything is configurable within the role settings. You can configure this for each role who could view the members and their profiles.