The Fundraising Regulator has updated the Code of Fundraising Practice to ready it for the General Data Protection Regulation, which comes into force in May.
The updated code includes new sections on data protection and direct marketing and provides definitions for key data protection terms, as well as signposting to further guidance from the Information Commissioner’s Office.
The regulator has also published a summary of responses to its consultation, which says some respondents felt the code should provide only minimal detail on data protection because it was not the regulator’s role to interpret the GDPR.
The regulator said it needed to strike a balance between those who wanted more specific guidance and those who were happy to work with the ICO’s general guidance, so it had focused on the aspect of data protection law most relevant to fundraising.
Stephen Service, policy manager at the Fundraising Regulator, said in a statement: "The code’s message is clear: data protection is not an afterthought, but a starting point for good fundraising practice. It is more important than ever that fundraisers know the provenance of any personal data they hold and have a clear basis for processing it."