It's not really clear to me, under what circumstances the described behaviour can occur.

When users hit the submit button of the form (which is restricted to once per 30 minutes), an incomplete payment is added to the database. Users are then redirected to the payment provider's servers and complete the payment.

If people are still able to submit the form several times within the 30 minute time frame, they will end up on a payment page for only one of the incomplete payments.

but can´t they complete the transaction on the payment providers website multiple times? we would then receive a completed payment data set in addition to the initial call.

regardless of this specific case, people are still submitting multiple donations on a day. What would be the best way to set another prevention routine?

That would be an issue on PayPal's side. Nevertheless, we'll discuss a solution.

This specific case (2729115, 2729152, 2729190) might be avoided quite easily by rejecting the creation of child donations for a non-recurring parent data set.

ok, whenever you are planning to discuss this, please let us know so we can think of all specific use cases that we are aware of.

It sounds likely that this is caused by the bug described here, introduced during T183114 and deployed to prod at 2017-12-20 12:34:23 (Berlin time) - still waiting for review on the fix. Is the reported behavior limited to PPL donations? This would further support this hypothesis.

Deployed suspected fix https://github.com/wmde/FundraisingFrontend/pull/1166 to production.

T239644 might be related. Closing this one for now.