Data Protection is one of the most important topics facing the charity sector right now. It’s also a topic that can be quite confusing; with so much conflicting information and terminology flying around, it’s difficult to know what to believe. Because of this, it’s no surprise that many charities are hesitant about how the new GDPR will affect them. What exactly does GDPR stand for? Is it only relevant to businesses? And most importantly — does this mean we can no longer directly market our services to potential donors? As you may have guessed, we here at Ask The Expert are pretty big on details, and fortunately for you, we have lots of details about how the world of Data Protection will impact charities.
What is GDPR?
GDPR stands for General Data Protection Regulation. It is a piece of legislation that was adopted by the EU in April 2016 and will come into effect on the 25th of May 2018. It is designed to give more power back to individuals over the control of their data. The GDPR is intended to be a single, EU-wide regulation for data protection. This means that all organizations that process and handle the personal data of EU citizens will have to comply with the GDPR — even if they don’t have a physical presence in the EU. The GDPR also provides EU citizens with additional rights regarding their data. These include the right to be forgotten and the right to access their data.
Why does Data Protection matter for Charities?
For many organizations, data protection isn’t just a matter of complying with legislation; it’s a matter of survival. In the charity sector, data protection is of vital importance. You see, charities rely on their donors and the public for funding. To be successful, they must be able to communicate with their supporters, potential donors, and the general public. As such, charities must collect and use data when communicating with their stakeholders. When it comes to collecting data, there are two main ways charities do this: direct marketing and transactional activities. Direct marketing: When a charity is communicating with its supporters, it will often send direct mail, email, or make phone calls to ask people to donate or take some sort of action. To do this, the charity will need to collect certain information from these people, such as their names, address, or email address. While this information is necessary for the communication to take place, it can be considered personal data.
What does GDPR mean for charities?
As you’ve just read, direct marketing is a transactional activity that involves collecting data. As such, GDPR will apply to charities in the following ways: – Charities must be transparent about how they’re using data. GDPR requires that all organizations inform individuals how their data is being used. Charities must be transparent about the types of data they’re collecting and why. Additionally, they must submit this information to the ICO as part of their compliance with GDPR. – Charities must provide individuals with the option to opt-out of communication. GDPR requires that charities have a way for individuals to “opt-out” of communication. This means that individuals must have the option to stop receiving communications from a charity at any time. – Charities must appoint a Data Protection Officer (DPO) if their organization is large enough, or if they are dealing with special categories of data.
Conclusion
In summary, GDPR will greatly impact the way charities collect, process, and store data. The direct marketing and communication methods used by charities will have to be revisited, and the way charities store data will have to be adjusted. However, as GDPR is designed to protect the privacy of individuals, these changes will be beneficial to charities. GDPR will give charities more clarity regarding their data management practices, and it will allow them to freely communicate with their stakeholders without worrying about breaking the law.
ALSO READ
