Just to add to the privacy & legality discussion, I have a note in my cloneable however I do feel a tiny bit like I’m handing out a loaded gun to people who have no awareness of these issues.
The best practices I run with are as follows;
Use the Geoip service to collect the data you need, such as region, country, continent, city, and use that to drive your app.
Save that info only if needed, it’s not PII, so it’s safe to record
Never save the IP, or collect it in forms, unless that behavior is clearly stated, and it is absolutely necessary, and you’ve covered your bases legally.
There are almost no situations where this is necessary, outside of some digital signing processes, and a few government sites who track IPs on complaint submissions. Where possible, when you need IP tracking, CYA by farming that out to a service that can protect that data properly
Basically, treat IP capture the same way you’d treat credit card capture.
Hi! I tried to replicate your instructions in my site.
However, the IP is only being transmitted if I set the “Visibility and user access” settings of the field to visible. If I set the setting to hidden, it does not transmit the IP.
Am I doing it right when you said to “Set this last field to hidden so that users don’t see it”?
I also have other scripts running on my page, at the tag. The purpose of which is to get the URL of the form and the page name. Looking forward to your response. Thanks!