Our GDPR Briefing to looked at what the new legislation means for people's organisation and how they could prepare for the implementation of GDPR on 25 May. Delegates were given the opportunity to anonymously submit sections of their GDPR communications (such as sections of your privacy policy, consent statement and refresh consent emails) to a panel of experts who dissected them and provided constructive feedback to ensure that they and the audiene were on the right track.

The introduction of the General Data Protection Regulation in May 2018 is the biggest change to data protection legislation in more than 20 years.  As a result, organisations will need to overhaul the ways they obtain and use personal data. For charities, this means having to adhere to new guidelines on how they make contact with new and existing donors. 


The Regent Street Cinema
307 Regent St

The agenda for day included:

08:30: Registration and networking
09:00: Chair’s opening remarks

Andy Hillier, Editor, Third Sector

09:05: Legitimately using legitimate interest- overview of new Data Protection Network guidance

John Mitchison, Head of preference services, compliance and legal, DMA

09:25: How does GDPR affect Fundraising Regulation?

Stephen Service, Policy manager, Fundraising Regulator


CRM - is your system GDPR compliant? 
The session provided insights into how your system will now need to manage and record data and the questions you should be asking your CRM database provider.

Andy Campbell,  NFP CRM consultant,  The Access Group


Experts panel discussion - assessing GDPR c ommunications
During this session, data protection experts will discuss and dissect sections of charities GDPR plans. Examples may include: privacy policy, consent statement and refresh consent email.  

Andy Hillier, Editor, Third Sector - Facilitator 
Claire Robson, Head of Data Governance and Compliance, Great Ormond Street Hospital Children’s Charity
J Cromack, Chief executive, Wood for Trees
Peter  Wainman,  Partner and information law specialist,  Mills & Reeve LLP

10:45: Chair’s closing remarks
10:50: Close of event

Confirmed speakers

Claire Robson, Head of data governance and compliance, Great Ormond Street Hospital Children’s Charity

Claire Robson has worked for Great Ormond Street Hospital Children’s Charity for eighteen months as their Head of Data Governance and Compliance. Prior to that she spent eleven years in the Health Sector specialising in Information Governance. Originally starting her career as a Company Secretary, Claire first started specialising in Data Protection around 2000, implementing the Data Protection Act 1998. She completed a specialist masters degree in Information Rights Law and Practice in 2008 and has qualifications in Computer Forensics and Information Security. In December 2010, Claire had a Case Study Article published called “FOI Requests at an NHS Trust” in PDP’s Freedom of Information Journal. In 2017, Claire sat the ICSA Charity Law and Governance Certificate exam and awaits her results. Claire has wide and extensive knowledge within the field of information management and is leading GOSH Charity in their governance programme and GDPR implementation.

John Mitchison,  Head of preference services, compliance and legal,  DMA

John Mitchison is the Head of Preference Services, Legal and Compliance at the DMA. John has an in-depth knowledge of data and marketing as well as TPS and telephony processes. Recently he has worked closely with fundraisers and charities providing advice and compliance support to organisations dealing with the changes affecting their sector. Prior to joining the DMA, he was a Client Services Manager for ACXIOM managing large data solutions. Before working at Acxiom, John worked at the Daily Telegraph where he was responsible for data generation and the production of their direct marketing.

Stephen Service, Policy manager, Fundraising Regulator

Before joining the Fundraising Regulator, Stephen was Stakeholder and Outreach Manager for the Public Fundraising Association (PFRA) and led its national outreach programme, developing regulatory agreements between charities and over one hundred local authorities to control fundraising in local areas. Previously, Stephen worked on Safer Communities and regulatory policy at the Local Government Association and developed several capacity-building initiatives with councils including the national peer challenge programme, the National Graduate Development Programme, and the Leadership Academy. He holds a Masters degree in Public Administration.

Andy Campbell , NFP CRM consultant, The Access Group

Andy Campbell has worked in IT for over 30 years and for the last 20 years operated exclusively within the NFP sector. In that time he has interviewed over a thousand charity and membership organisations about their requirements. He was instrumental in the design and build of the first versions of Access thankQ CRM and most recently, 20 years on, has been part of the team designing the features to address the latest GDPR and Fundraising Regulator changes. .

J Cromack, Chief executive, Wood for Trees

J Cromack, Co-Founder and Executive Director of MyLife Digital Group, and CEO of MyLife Digital practices Wood for Trees and Insight has a wealth of knowledge and experience in business and data.

He has a wealth of commercial and management experience gained from various leadership roles. As a business owner, he has sought to transform the marketing services sector and his entrepreneurial spirit remains at the heart of his approach. His rich understanding of Big Data, Analytics and the marketing industry enables him to provide innovative solutions to clients marketing and business challenges.

Peter Wainman, Partner and information law specialist, Mills Reeve LLP

Peter is a data protection and technology lawyer. He works with a wide range of charities, central government departments, technology suppliers and public bodies on data protection and technology contract issues. Peter has been described as “genuinely enthusiastic” (Legal 500), having “considerable experience in IT and data protection matters” (Chambers) and “recommended for his … innovative ideas” (Chambers). Peter writes for the firm’s blog “Technology Law Update” and has co-authored books including the Law Society’s “Data Protection Handbook” and “Blogging and Other Social Media”.

Become a Third Sector member for access to our GDPR Hub - a carefully curated collection of relevant GDPR related articles ready for you to read once you become a member.

Why should you attend?

  • Make sure you're ahead of the game for the introduction of the GDPR and understand how you become compliant. 
  • Hear from leading experts and gain a unique insight into the implications of GDPR.
  • Ask our panel of experts questions about what GDPR will mean for your organisation.
  • Network with other delegates and discuss the challenges GDPR might create.


This unmissable event will provide thorough and practical analysis of real examples as well as an overview of the changes allowing you to learn about what you need to expect and how to make sure you’re compliant to the new GDPR legislations. 

Event sponsors:

Book your tickets

Ticket Prices
Subscribers  SOLD OUT
Non-Subscribers SOLD OUT
Additional tickets SOLD OUT

*Subscriber discount is limited to 1 per subscriber 

 Date: Tuesday 26th September 2017 
 Time:   08:30 – 10:45am