Blog

GDPR and Blesta

May 25, 2018 | Posted by Paul


General Data Protection Regulation, or more commonly known as GDPR, is a new set of rules designed with the intent of giving EU citizens more control over their personal data. If you aren’t familiar with GDPR, Wikipedia is a good resource.

It’s up to each company to determine how they are impacted by GDPR, and what compliance looks like for them. Our goal is to make compliance as easy as possible as it relates to Blesta. We have made some changes to Blesta to ease some of the burden with compliance. These changes will be included in version 4.3, to be released very soon.

Here’s a list of individual rights as specified by GDPR, and how they are impacted by Blesta. See Individual Rights for a complete list.

The right to be informed

Order forms in Blesta can, if enabled, define the URL to your Terms of Service. This can be set by modifying your order form under Packages > Order Forms, and checking the box labeled “Require Agreement to Terms of Service”, and entering the URL to your Terms of Service. You should include information about how you use the data you collect.

The right of access and rectification

When a client places an order, they are given a user account to Blesta. The client may login to their account at any time and access, view, and correct their personal information, so long as their account status is “Active”.

The right to erasure

Also know as the “Right to be forgotten”. The client delete feature has been changed in Blesta 4.3 to remove many of the restrictions that prevented an account from being deleted, and to increase the amount of data that is deleted so as to satisfy this requirement. Should you receive and accept a request for erasure, using the delete client feature will allow you to fully delete the client and any associated data.

Conditions

The client should have no open or recurring invoices, and no active services. If they have any of these things, you would probably deny such a request. However, voiding open or recurring invoices, and cancelling active services will then allow you to delete the client.

Items deleted

  • All invoices belonging to this client
  • All services, including service meta data for this client
  • All transactions for this client
  • All contacts (The primary client contact, and all other types) belonging to this client
  • All database logs associated to the client
  • The client’s “Set Packages” for restricted packages
  • The client’s client settings
  • The client’s custom contact fields
  • The client’s notes (staff notes for the client)
  • The client’s payment accounts (CC & ACH)
  • The client’s user account
  • The client’s tickets
  • The client’s orders

Additionally, third-party plugins can make use of the Clients.delete event to delete associated client data when a delete client action is performed. We use it to delete data within the Support Manager and Order plugins.

The right to data portability

Blesta 4.3 adds a new Data Portability Export under Billing > Reports. Should you receive and accept a request for data portability, running this report for a client will generate a JSON file with the client’s data.

Export includes

  • All services
  • All transactions
  • All invoices
  • All tickets
  • All logins including IP address and time of login
  • All contacts (including primary contact/client)
  • All payment accounts (but not cc/ach encrypted data)

Consent

GDPR requires clear and affirmative consent for email marketing. Blesta 4.3 adds new settings for consent in marketing, and allows you to control its behavior. You can enable the ability for clients to opt-in under Settings > Company > General > Marketing, and then set the behavior within the order sytem under Packages > Order Forms > Settings. For GDPR compliance, you should select “The option to receive email marketing must be selected by the client”, so that the opt-in box is not pre-checked.

We are wrapping up the final details on this release and look forward to getting version 4.3 to you very soon. If you receive any requests under GDPR, you will have sufficient time to respond to those requests. If you have any suggestions on how we might make GDPR compliance even easier, please submit a feature request, or start a discussion on our forums.

Tags:

Blesta 4.2.2 Patch Released

February 22, 2018 | Posted by Paul


We are pleased to announce the released of Blesta 4.2.2, which addresses bugs discovered in the 4.2.0 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums, we appreciate your help!

The release notes are available at https://docs.blesta.com/display/support/4.2.2.

Always run /admin/upgrade in your browser after patching or upgrading your installation.

Download 4.2.2 Patch Download 4.2.2 Full

SHA256 Sum

% blesta-4.2.2.zip
3423a80a8dbbfa1e76f2cd93c528af484a75efd5a05915137fa7f3767ede7099

% blesta-4.2.0-4.2.2.zip
5df5eefbbe24251d95f32eba97d7356b8f9861d9eb7d4606138e81f5b5e2b509

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Blesta 4.2.1 Patch Released

January 4, 2018 | Posted by Paul


We are pleased to announce the released of Blesta 4.2.1, which addresses bugs discovered in the 4.2.0 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums, we appreciate your help!

The release notes are available at https://docs.blesta.com/display/support/4.2.1.

Always run /admin/upgrade in your browser after patching or upgrading your installation.

Download 4.2.1 Patch Download 4.2.1 Full

SHA256 Sum

% blesta-4.2.1.zip
7ffabc888d80086f180e1240d882cc567bd4e99a709168961aa1f1d02c91951e

% blesta-4.2.0-4.2.1.zip
dabbdf8f0ef1872bf5c7d0fbd9d05644f2d679cde45d790195d7c2562bc6e7d7 

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Blesta 4.2 Released

December 21, 2017 | Posted by Paul


Blesta 4.2 is available right now. PHP 7.1 support, cPanel API tokens, coupon billing cycles, five new extensions, and more make 4.2 a great end of year release.

Download 4.2

SHA256 Sum

78dc64859da3e762bf293beef6fa61150f4575958ebf3d4a8b0c825d9b84062f

See the documentation for details on how to install or upgrade.

What’s new in 4.2?

  • Coupon billing cycles. Make coupons apply to specific terms only.
  • Invoice auto-debit override. Disable auto-debit on specific invoices.
  • Staff can now set their own, independent language.
  • Four new exchange rate processors added.
  • Added support for PHP 7.1 (May work unofficially with PHP 7.2 also).
  • New Modules: CentosWP, and ISPConfig.
  • New Gateways: Square, PerfectMoney, and Hubtel.
  • SolusVM management actions now provide feedback on the user action.
  • Support for query parameters for plugin actions.
  • Module system can now render messages set by a module to the view.

And more! See the release notes for more details.

A big shout out to KnownHost for sponsoring development again for several new items in 4.2! Sponsored development is a good way to support Blesta and get a shout out for your company! Interested? Reach out and say hello.

Stay Connected!

Like our Facebook page, join our Facebook group, and follow us on Twitter.

Blesta 4.2 Beta Released

December 5, 2017 | Posted by Paul


We are pleased to announce that Blesta 4.2.0 BETA 1 has been released!

Can I participate in the beta?

If you have an owned or monthly license with us directly, you may download blesta-4.2.0-b1.zip in the client area now (Login Required). If you obtained your license from a reseller or distributor, you may be able to participate. Contact your reseller to find out. As with any beta, this release is for non-production use only and is unsupported. During installation, choose to start a free trial, open a ticket to request a trial key, or use your dev license if you have one.

Once you are up and running, head to the forums to report any issues and let us know what you think!

Visit the Beta Forums!

Coupon Term Limits

So what is new in 4.2?

4.2 adds support for PHP 7.1, new features like coupon billing cycles, as well as many minor improvements and new extensions.

New or Updated Extensions

  • CentosWP module (Download from Github).
  • ISPConfig module (Download from the forums).
  • Square gateway (Download from the forums).
  • PerfectMoney gateway (Download from the forums).
  • Hubtel gateway (Download from the forums).
  • cPanel: Added support for API tokens.
  • SolusVM: Management actions now provide feedback.

Changes to the Core

  • Added coupon billing cycles. Restrict coupons to specific terms. (i.e. 1 month, but not 12 months).
  • Auto-debit can be disabled on an invoice by invoice basis. Useful for manual invoices that should not be charged automatically.
  • Staff can set their own language. Previously all Staff used the default language.
  • Yahoo finance replaced with 4 new exchange rate processors: Open Exchange Rates, Fixer.io, X-Rates, and Currency Layer.
  • Added support for PHP 7.1.

Changes for Developers

  • Support for query parameters for plugin actions.
  • Module system can now render messages set by a module to the view.

And more! See the release notes for more details.

Is there something you want to see in Blesta? Create a new feature request or upvote an existing one!

When is the final release?

Version 4.2 will be officially released after the beta phase has completed, which we expect to take several weeks. Once we deem 4.2 stable for production, a final release will be issued. You can help by participating in the beta!