General Data Protection Regulation (GDPR) & Nonprofits

In effect since late May, the General Data Protection Regulation (GDPR) has already had a dramatic effect on businesses and organizations all around the globe. From fines to large tech companies, to discussions around how GDPR relates to US-based nonprofits, these regulations are often misunderstood—but they don’t have to be!

Did You Know? Just like GDPR, at Charities Review Council we have a fundamental belief that transparency can inspire donor confidence and trust. In 2017, Charities Review Council partnered with 580 nonprofits to work towards earning the Meets Standards® Seal, a visual marker of nonprofit accountability, transparency, and strength.

GDPR: A 30-second Primer

GDPR attempts to give individuals two things: Transparency and safe practices around data collection. Put in place by the European Union, GDPR strengthens strongholds on personal data of individuals in the European Union and the European Economic Area (EEA). GDPR’s purpose is to allow individuals to “opt-in” to email and online marketing and data collection, helping give residents of the EU power over their data and who uses their personal information. Remember, GDPR language is intentionally vague, allowing the EU and its regulators to apply it in the way they see fit.

GDPR asks five, key things:

  1. What data is being collected?
  2. How is the data being used?
  3. Is contact info for the organization updated and correct?
  4. How long will data be kept?
  5. How can individuals contact the organization about issues or to remove data?

Here are three, key points to remember about GDPR and solutions to help…

Check your privacy policy: Different from a standard donor privacy policy, your website should have a place to host a privacy policy, (often located at the footer of the page) to inform visitors what data is being collected and how it’s being used. EU users must explicitly consent to the use of their data—including cookies.

Opt-In marketing is the new norm: GDPR effects marketing from data collection to email and beyond. Nonprofits must remember a few key points: Email subscription preferences must not be checked, “yes” by default and subscription checkboxes must be accompanied by an explanation of the mailing list and how to unsubscribe. Additionally, members of the EU can email websites and ask how information is being collected, how long information is kept, what it’s being used for and who has access to the data. Upon request, organizations must also delete or erase an individual user’s data.

  • Take a moment to investigate partners and vendors of your organization and ensure they have taken steps to become GDPR compliant.
  • Create GDPR compliant forms by using this resource from DonorBox.

It may apply to your organization: Remember, GDPR applies to nonprofits, companies, and organizations located around the globe who do business or market to individuals in the EU. We believe it’s important to always check with your legal counsel and IT providers to ensure you are taking the steps necessary to meet regulations.

GDPR is a reminder to all nonprofits to stay on top of best practices not only within our own industry but others as well. Together, we can create stronger relationships between donors and nonprofits by offering transparency, thoughtful data protection, and individual-first marketing.

Looking for an older article?

We're in the process of migrating our blog. If you're looking for an older entry, please visit the archive to search for it.

Would you like to be included on our list?

Learn about our Accountability Standards®, and explore how doing an Accountability Wizard® Review can help improve your operations, build public trust, and raise standards at your organization.

Learn More

Don’t see your favorite nonprofit on our list?

Invite them to participate!

Learn More

Search Nonprofits that Meet Standards®

You can search nonprofits that Meet Standards® based on both mission focus and organization name.

Search Now

Do you need to start a new review or renew an expiring review?

What is your fee?

Before filling out this form, please be sure to calculate your enrollment fee.

Calculate Fee Now

What does it take to Meet Standards®?

Meeting the Accountability Standards® is more than checking items off a list. Each nonprofit you see on this website has gone through careful assessment, and then invested in implementing changes to meet our high operational standards.

Learn More

Success Stories

Hear from organizations that are bringing our Standards to life in their nonprofits.

Diversity, Equity & Inclusion Toolkit

Want to use the DEI Toolkit with your organization?

Get Started Today

Already have a DEI Toolkit account?

Log In Here

Do You Have a Donor-Advised Fund?

What Nonprofits Say

Testimonial 2

Veritus mnesarchum mei ea, per debitis qualisque in. Per cu mutat consul. Sea meis interpretaris ne. Sit nonumy consequat theophrastus id. Mei at tota meliore elaboraret, at eam tollit detracto molestiae.

First Last

What Donors Say

Testimonial 3

Te vix numquam corrumpit. Mea audiam argumentum ad. Id aeque nullam vel, qui eu illud nonumes definitionem. No nulla choro sit. In aliquid accusamus pro.

First Last

Board Member Login

Get our latest and greatest monthly!

Subscribe

Charities Review Council

Our mission is building donor and nonprofit relationships for strong, vibrant and just communities. We envision healthy communities for all, benefiting from effective and trustworthy nonprofits that are supported by a well-informed public’s generosity.

Let’s Connect

1915 Highway 36 W Ste 133 • Roseville, Minnesota 55113-2709
Phone: (651) 224–7030 • E-mail: info@smartgivers.org

Privacy Policy (5/9/19) • Terms of Use (5/9/19)

MENU
Log In