Just wanted to mention that if you run a site / forum / e-comm with members, and have admins, moderators,etc outside of your company under the EU GDPR, you are not supposed to let them be able to see the personal information about your members, including their e-mail address or IP. This would be considered letting third parts access the personal data, and this is something that the EU GDPR addresses. If you do so, you have to inform and obtain the explicit consent from your members that their data will be visible by third parts. (and this is worse if these third parts are outside the EU, because in that case this is considered transmitting/transferring EU citizens personal data outside of the EU zone (which is not forbidden, but sensible situation)