The General Data Protection Regulation (GDPR) has come into effect and will heavily impact fundraising, campaigning and volunteer management. The way in which you process personal data has now changed due to the introduction of the new data protection law. But not to worry, UtopiaR is here to ensure you comply. GDPR for charities is made easy with InfoSaaS!
Charity data protection has always been of great importance, and GDPR for charities will focus on a number of aspects; ranging from how you ask for data consent from your donors and legacy makers to how you provide all users access to their stored personal data.
All voluntary organisations in the charity sector will be affected, but they can effortlessly comply with our guide to GDPR. There will be no need for donors, volunteers or legacy makers to worry about how their data is being used and how they may be targeted as a result.
The EU General Data Protection Regulation (GDPR) took effect on the 25th of May, 2018. It was the biggest overhaul of the Data Protection Act for over 25 years, and now all EU citizens have new rights to their data.
For fundraisers, they need to ensure that they comply. Charities will need to ensure they’re meeting legal requirements and giving the best experience to their donors, legacy makers and volunteers.
All EU citizens now have more rights than ever with their personal information. They must be informed, have access, be able to rectify, erase, restrict processing and object to their data being stored or taken. These new rights means that charitable organisations must be able to present that you have responded to a citizen within 1 month of receiving their enquiry and are working to fulfil their request.
UtopiaR is a turnkey solution which allows you to log requests and manage through a clear process to ensure no requests are lost and fulfilled on time.
GDPR no longer requires data controllers to register with their local Data Protection Authority. Charities and other businesses are instead tasked to maintain comprehensive records of data processing activities (Art.30). These documents must demonstrate how an organisation provides effective protection for personal data.
This approach is not new and is evident by the completion of a Data Protection Impact Assessment. Under Article 35 of GDPR, it’s required for all data processing activities which are “likely to result in a high risk to the rights and freedoms of natural persons”.
|Subject Rights Requests|
|Privacy Impact Assessments|
|Supplier Due Diligence Tests|
|GDPR Doc Pack|
Want to show your valued volunteers that you take data privacy seriously? Talk to us about UtopiaR for your charity today!Find out more