GDPR for Charities
Maintain your ongoing GDPR for charities compliance programme with Sovy. Don’t let the GDPR get in the way of your fundraising efforts.
The GDPR doesn't need to be complex, costly or confusing. With Sovy's GDPR Data Privacy Essentials, we make compliance simple and affordable.
GDPR compliance for charities is an essential part of your overall compliance program. Your donors, volunteers, employees and beneficiaries all trust you to process their personal data responsibly, in line with the GDPR and other data protection regulations.
With the Sovy GDPR Privacy Essentials, you can ensure you adhere to the fundamentals of the GDPR. Create compliant privacy policies and documents, track your personal data handling, train your staff and volunteers, and much more.
What are the advantages of using Sovy Data Privacy Essentials
Frequently Asked Questions
The GDPR applies to all organisations, including charities, non-profits, clubs, and governmental organisations.
If you are based in the EU and you handle personal data (whether it be of your employees, volunteers, donors, fundraisers or beneficiaries) then the GDPR does apply to you, and you need to ensure you create and maintain an ongoing GDPR compliance programme.
If you are a charity who carries out large-scale processing, or who processes sensitive data (such as criminal records, children’s data, medical records or more) may also need to appoint a DPO.
Your DPO must be qualified and experienced – it is not enough to delegate this responsibility to member of your team with no experience in data privacy. Luckily, Sovy offers DPO as a service at a reasonable price (dependant on your requirements.) Find out more about our DPO services, or get in touch for more information.
Even if you aren’t required to have a DPO, you can appoint one voluntarily, and they will be subject to the same standard set out in the GDPR. For this reason, we usually recommend you appoint a data protection professional as opposed to a DPO if you have the option.
There are many occasions that your charity could be collecting personal data – typically these could include:
- Employee data
- Volunteer data
- Donor data
- Fundraiser data
- Marketing data (including email addresses, IP addresses and more)
- Beneficiary data
- CCTV data
- Photography and video of people
You need to make sure you list all the types of personal data that you process, and your reasons for doing so.
Using our Personal Data Assessment with the Sovy GDPR Privacy Essentials, this is made easy as you are guided through the process.