Photo: Matthew Henry, on Burst
This webpage is for trust fundraisers with three or more years’ experience. Beginners should USE THIS PAGE INSTEAD.
GDPR for trust fundraisers
- GDPR is something to take seriously as it’s the law. However, it’s not that clear how it applies to our work. I’m no expert, I’m highlighting some issues
- At minimum, it covers things like email addresses and direct line numbers
- You need to do advance work in terms of policies and procedures. You can’t just come up with a retrospective justification and hope that’s enough.
- There are very different approaches using consent, legitimate interests and maybe that the alternative is so onerous/silly it makes things impossible (using Article 14.5(b) of the GDPR regulation). You could look into each.
Since I did this video, I discovered a good list of top tips from a round table of prospect researchers. This is on the Chartered Institute of Fundraising website and entitled: GDPR and prospect research: Our top ten tips for compliant fundraising research.
The most significant element is using an exception provided by Article 14.5(b) of the GDPR regulation. It’s involved and you are recommended to read the article. It’s beyond my expertise in trusts to be sure I’d summarised properly.
The Best Practice Guide and Handbook for Prospect Research, published by the Chartered Institute of Fundraising, has a big focus on ethics and data protection.