Sovy recognised by KuppingerCole Independent Analysts More Info
  • Home
  • |
  • Log In
  • |
  • Contact
  • |
  • 0
Sovy
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us

Data Privacy News

January 18, 2019

GDPR For Charities 

GDPR Checklist for Charities

As a result of GDPR, charities have had to pay close attention to their data privacy efforts across all facets of their business. With limited resources allocated for compliance, how can small charities ensure that they adhere to the GDPR without funneling precious time and money away from their core activities? Here are the top considerations for small charities when it comes to the GDPR. 

Employees and Volunteers

Most charities carry personal data on their employees and volunteers – even if it is just contact details. The good news is that you will likely have a lawful basis for keeping this data, without the need for explicit consent. That lawful basis will likely be “legitimate interests” or “performance of a contract”, although be sure to get legal advice about your own particular situation.  

Generally, make sure your organization: 

  • Stores all data securely 
  • Can respond to and take action on data subject requests within 28 days 
  • Provides a privacy policy written in clear language (and that includes your lawful bases) 
  • Documents what types of data you process, why you process them, and how long you keep the data 
  • Only collects the data it needs 

You should also ensure that all employees and volunteers who may handle personal data as part of their role are fully trained in the fundamentals of GDPR and information security. 

Fundraising

Your fundraising methods could be affected by the GDPR, depending on the methods you use. For most charities, there are two key occasions where you will collect personal data when fundraising: 

  • When collecting details for the donation 
  • When reaching out to people who have donated in the past or are ongoing donors 

In addition to adhering to local fundraising regulations, you will need to make sure that you protect the data you hold on donors. Make sure that your organization: 

  • Stores all data securely 
  • Can respond to and take action on data subject requests within 28 days 
  • Provides a privacy policy written in clear language (and that includes your lawful bases) 
  • Documents what types of data you process, why you process them, and how long you keep the data 
  • Requires opt-in consent for any third-party direct marketing 
  • Allows data subjects to unsubscribe from any and all marketing communications 
  • Only collects the data it needs 

For Websites

If your charity maintains a website, you may collect personal data such as an IP address, form entries or donation details. Make sure that your organization: 

  • Notifies users if cookies are being collected and enables consent management. 
  • Provides a privacy policy written in clear language 
  • Provides information notices when personal data is collected (for example, via a donation and contact form) 
  • Enables opt-in consent for third-party marketing

With good data management and an ethical approach to fundraising, charities can demonstrate compliance with the GDPR. With Sovy, we make it easy and affordable to adhere to the fundamentals of the regulation so that you can get back to fundraising for your cause. Find out more about how the Sovy GDPR Privacy Essentials could help your charity get compliant and stay compliant.

Charities GDPR
Previous StoryWorkplace Conduct for 2019 – Your Action Plan
Next StoryThe Global Impact of the GDPR

SEARCH

CATEGORIES

  • 2020 (11)
  • CCPA (5)
  • Charities (1)
  • Coronavirus (3)
  • COVID-19 (3)
  • Events (1)
  • GDPR (49)
  • Google (1)
  • New Bytes (32)
  • News & Blog (46)
  • Opinions (23)
  • Workplace Conduct (1)

TAG CLOUD

2020 Brexit Business CCPA Charities China CJEU CNIL cookies coronavirus COVID-19 cybersecurity data breach data privacy data protection DfE DPC EDPB EU Facebook fine fines GDPR Google H&M IAPP ICO LGDP LGPD LIBE mark zuckerberg Marriot marriott Microsoft online education oracle PIPEDA privacy shield salesforce Schrems II Uber UK US vodafone italy

ARCHIVES

  • January 2021 (2)
  • December 2020 (4)
  • November 2020 (4)
  • October 2020 (4)
  • September 2020 (1)
  • August 2020 (1)
  • July 2020 (2)
  • June 2020 (3)
  • May 2020 (2)
  • April 2020 (2)
  • March 2020 (1)
  • February 2020 (1)
  • January 2020 (3)
  • December 2019 (3)
  • November 2019 (1)
  • July 2019 (3)
  • May 2019 (3)
  • March 2019 (2)
  • January 2019 (3)
  • December 2018 (3)
  • November 2018 (2)
  • September 2018 (1)
  • July 2018 (1)
  • June 2018 (2)

LATEST POSTS

  • GDPR at the End of 2020
  • The European Data Protection Board launches a series of recommendations following the CJEU’s decision C-311/18 (Schrems II)
  • CNIL fines Google LLC and Google Ireland with a total of €100 million for Using Cookies illegally
  • GDPR Fines and Penalties
  • Is The GDPR Good For Business?

QUICK LINKS

  • About Us
  • Resources
  • Privacy Policy
  • Terms
  • Manage Consent
  • Contact Us

Sovy GDPR Privacy Essentials

  • Subscription Benefits
  • Pricing
  • Log in
  • GDPR for Small Businesses
  • GDPR for Enterprises
  • GDPR for Sole Traders
  • GDPR for Charities

SOVY LOCATIONS

Ireland HQ

Registered Office
St Gall's House
St Gall Gardens South
Milltown, Dublin 14
D14 Y882

Trading Office
Meath Enterprise Centre
Trim road, Navan
Co. Meath, C15 TKX6
Ph: +353 (0)1 669-4774

Brussels

Rond-Point Schuman 11
1040 Brussels
Belgium

London

Registered Office
Kemp House
152-160 City Road
London EC1V 2N

Trading Office
9-10 Staple Inn
2nd Floor
London WC1V 7QH

New York

NY Metropolitan Area
2037 Lemoine Ave
Suite 452,
Fort Lee, N.J. 07024, USA

ASSOCIATIONS

Copyright © 2020 Sovy Trust Solutions Limited. All Rights Reserved. Registered in Ireland, No. 610835 and No. 605069