Hi All, I have recently opened up a martial arts school, and I want to create an online system to simplify management of my students - however Im a little reluctant to do so because I don't know if I'm really allowed to have students information stored in a database and accessable behind a login page? I was thinking instead, have part names - for example rather than putting John Doe, I would put him on the system as Joe.B, or John D*e. it is my assumption that because I am not using a full name, and because there is no other personally identifiable information being stored online that I do not have anything to worry about - should anything ever happen, but is anyone able to confirm this? I'm pretty knowledgeable with PHP / MYSQL so I am confident I can build a system which is hack-proof from the site end but there's a "what if" shouting in my head. If anyone has experience in handling data and can confirm either what I need in place, or whether a first name with 1 initial is okay then that would be great. Any sort of guidance to point me into the right direction would be cool. Nothing else would be stored as mentioned such as date of birth, address, phone number etc - just either a name or part-name. Thanks for any input.