GDPR for Charities

UtopiaR – ensuring your charity’s compliance with GDPR.

The General Data Protection Regulation (GDPR) has come into effect and will heavily impact fundraising, campaigning and volunteer management. The way in which you process personal data has now  changed due to the introduction of the new data protection law. But not to worry, UtopiaR is here to ensure you comply. GDPR for charities is made easy with InfoSaaS!

Charity data protection has always been of great importance, and GDPR for charities will focus on a number of aspects; ranging from how you ask for data consent from your donors and legacy makers to how you provide all users access to their stored personal data.

All voluntary organisations in the charity sector will be affected, but they can effortlessly comply with our guide to GDPR. There will be no need for donors, volunteers or legacy makers to worry about how their data is being used and how they may be targeted as a result.

UtopiaR will allow charities to:

  • Gain confidence and trust from their volunteers, donors and legacy makers.
  • Use a simple and clear dashboard to see how you’re managing your compliance at a glance.
  • Create and manage comprehensive Data Protection Impact Assessments (Art.35) with accuracy.
  • Ensure their organisation meets GDPR’s requirements for Privacy by Design and Default (Art.25).
  • Identify other potential non-compliant areas.
  • Implement a hassle-free, cost effective and cloud-based solution.
GDPR Compliance Deadline Date

Subjects Rights Requests – How will you manage them?

The EU General Data Protection Regulation (GDPR) took effect on the 25th of May, 2018. It was the biggest overhaul of the Data Protection Act for over 25 years, and now all EU citizens have new rights to their data.

For fundraisers, they need to ensure that they comply. Charities will need to ensure they’re meeting legal requirements and giving the best experience to their donors, legacy makers and volunteers.

All EU citizens now have more rights than ever with their personal information. They must be informed, have access, be able to rectify, erase, restrict processing and object to their data being stored or taken. These new rights means that charitable organisations must be able to present that you have responded to a citizen within 1 month of receiving their enquiry and are working to fulfil their request.

UtopiaR is a turnkey solution which allows you to log requests and manage through a clear process to ensure no requests are lost and fulfilled on time.

GDPR no longer requires data controllers to register with their local Data Protection Authority. Charities and other businesses are instead tasked to maintain comprehensive records of data processing activities (Art.30). These documents must demonstrate how an organisation provides effective protection for personal data.


UtopiaR is the GDPR solution for charities and fundraisers. UtopiaR will provide a record of:

  • Data processing activities. It will assess how personal data is being processed.
  • Which categories of personal data are being processed.
  • Which personnel and/or IT systems have access to it.
  • Where the personal data is to be and is processed or stored, along with details of third parties who may be involved in its processing.
  • Whether appropriate data protection training and awareness has been conducted.
  • Ensure everyone involved in the activity is aware of their roles and responsibilities.
  • Detailed data flows of how personal data moves through the stages.
  • The assessment against data protection legislation.
utopiar snip

Article 25 of GDPR requires “data protection by design and default”.

This approach is not new and is evident by the completion of a Data Protection Impact Assessment. Under Article 35 of GDPR, it’s required for all data processing activities which are “likely to result in a high risk to the rights and freedoms of natural persons”.

The conducting of effective Data Protection Impact Assessments are at the heart of “Privacy by Design and Default”. UtopiaR has addressed the distinct roles required for the process.

UtopiaR will:

  • Highlight and implement privacy controls in all your data processing.
  • Identify and escalate data protection and privacy issues.
  • Reduce exposure, associated costs and legislative penalties which could arise from data privacy risks.
  • Produce comprehensive Data Protection Impact Assessments regularly. Perfect for Supervisory Authority demands.
  • Offer optional transparency to your volunteers on how all personal data in your charity organisation is being processed with data subjects.
  • Support existing information security best practice for those who undertake risk management activities. This coincides with ISO27001 information security certification.


Select the number of requests you require:


Subject Rights Requests  
Privacy Impact Assessments  
GDPReady Assessments  
Supplier Due Diligence Tests  
GDPR Doc Pack  
Monthly Platform Price:  
Annual Platform Price:  

Add-ons (Per Year)

Want to show your valued volunteers that you take data privacy seriously? Talk to us about UtopiaR for your charity today!

Find out more