The Charity Finance Group has released a free guide to help charities with their final preparations for the arrival of the General Data Protection Regulation.
The guide, published today, looks at the fundraising issues raised by the GDPR, but also focuses on other areas where data protection practices might have to change to align with the stringent new EU rules, which are due to come into force on 25 May.
It contains checklists, examples and case studies, and examines data-governance, financial data and fundraising. It also looks at how data about employees, volunteers and beneficiaries should be managed.
There is also information about when and how charities can use "legitimate interest" to justify contacting someone or processing their data.
The CFG produced the guide in partnership with the accountancy firms Buzzacott, Crowe Clark Whitehill and Kingston Smith.
Caron Bradshaw, chief executive of the CFG, said: "A lot of the GDPR has been focused on fundraising, and this remains an incredibly important area. But the GDPR isn’t just about fundraising. This guidance looks at other equally important areas.
"Charities must ensure that they consider all aspects of their data; otherwise they might leave themselves at financial and reputational risk.
"Recent high-profile fines issued to charities by the Information Commissioner’s Office show that the charity sector can expect to be scrutinised.
"We need to combine the high standards expected by the GDPR with the interest of supporting our donors and beneficiaries so charities can do their good work and comply with the GDPR."