Looking for some help for the best way to set up the form for a new email preference center.
My boss wants to lock down the email address field so it displays the person's email, but cannot be edited. This way people cannot change the email address and edit other peoples' subscription preferences and potentially opt someone else in w/o consent (she's thinking GDPR). However, I'm afraid by locking it down we are still susceptible to exactly this problem. Here's a screenshot of this part of our form:
I'm afraid this will present us with multiple problems.
1.) How do I ensure the correct email address for the person is displayed? Will the email address be the one the email was sent to or will it be the one last used to fill out a form on that device? I've tested and for me it seems like it's the email I last used for a form fill.
2.) If someone has an email forwarding rule set up, which email address will be shown: the one it was sent to, the one it was forwarded to, or the one last used to fill out a form?
3.) If person A forwards the email to person B and person B goes to unsubscribe from that email, will person A's email address be shown?
There seems to be quite a few use cases where the wrong email address can be displayed. Is it typically a best practice to have the email address show but have it as an editable field? Looking for some clever solutions you all have come up with!