Stephen Cotterill: GDPR is dead, long live GDPR

08 Jun 2018 Voices

Last editor’s message on GDPR, promise...well until the next one

The General Data Protection Regulation came into force last month and before you groan and click away with an acute sense of weariness, there is light at the end of the tunnel. Yes GDPR is for life and not just for 25 May, but at least we are now clearer on what it means and why we have to do it.

The Information Commissioner’s Office has issued more guidance with a very clear focus on consent, which of course is paramount to fundraisers. Consent under GDPR must be “freely given, specific, informed, and unambiguous”, it says, and organisations must “put in place compliant mechanisms for individuals to withdraw their consent easily, and tell people they have the right to withdraw consent”. In essence that seems fairly simple and reasonable. In practice perhaps a little bit more challenging. But the ICO has also suggested that as long as you are reviewing your processes, it will take that into account if an investigation arises.

The Fundraising Regulator has also updated the Code of Fundraising Practice to include expanded definitions for key data activities, including “processing”, “consent” and “legitimate interest”.

There were some worrying statistics ahead of the deadline about the ill-preparedness of charities for GDPR, but a concerted educational drive appears to be under way.

Leading up to 25 May, our in-boxes were flooded with emails from organisations we hadn’t heard from in years – or worse, had never heard of – saying “please don’t leave us” or they “would love to keep in touch”. However, the opt-in only option was never the intention of GDPR, and although a few charities did go down this route early on (with quite a lot of success in some cases), charities seem to have got the message that is was not the only path.

The deadline came and went and we are still here. But having said that, now is not the time for complacency, and organisations need to sort out how they manage their data, particularly when it comes to recording contact preferences and consent. As Stephen Dunmore says in his exit interview in this issue, if charities “get fundraising right, then you have really committed donors and that is of obvious benefit to the beneficiaries”. And ultimately, that is what we all want.



More on

We use cookies to ensure that we give you the best experience on our website. Read our policy here.