Hello,
I am creating a simple pop up to allow users to check a checkbox and agree to our terms & conditions. That said, I’m envisioning a scenario in the future where our T&C’s are violated by a user, and the user simply says “I didn’t check that box, you must have just edited the database on the backend to make it look like I did”.
How do I avoid this happening? Can I make the field in the database “uneditable” (for lack of a better term) by the admin/backend (AKA me)?
Any creative ideas would be helpful here, thank you!
Uneditable fields is definitely not the solution (and irrelevant), and T&Cs have no place in a DB unless there are different variations.
There are plenty of scrape/screenshot apps out there that scrape a site’s T&C to provide proper context and timestamps.
hi @code-escapee, thank you for the help here! Yeah I wouldn’t store the actual T&C’s in the database, I was thinking I would just store their action of “agreeing” to them in the database as a yes/no Boolean.
Do you think this is a good way to go about it? Open to any/all suggestions.
In regards to “proving” that they actually checked the checkbox & agreed to it, the web scraper concept makes sense… so basically if a lawsuit ever took place, I could use the web scraper to confirm that they checked the checkbox and that I didn’t simply edit the database on the backend, correct?
As soon as they click, send them an email registering the operation with the T&C they agreed.
Thank you for agreeing to our T&C. Respecting your decision and for future reference, our T&C is below:
The scraper proves that was the standard practice. You wouldn’t need to prove in a specific instance that it was clicked (that can be done via screenshot when they click the next button during onboarding). @rpetribu idea is good although if you want to beat it to death, you’d have to save all T&C outbound email logs to prove anything was sent…
I use PostMark to send those emails, so I can check if the users received and read it thru their log system.
How long does PM retain such logs?
Forever I think.
I will check my logs…
Untill 365 days.
But you can also program PostMark to send a POST to your App if any message bounces (meaning that the emails was not delivered). And you can work with this information as you want.
