The Institute of Fundraising has laid out in a new guide which direct marketing channels will require opt-in consent under the General Data Protection Regulation.
The guide, GDPR: the Essentials for Fundraising Organisations, published today in partnership with the law firm Bircham Dyson Bell, is designed to help fundraising charities prepare for when the EU legislation comes into force on 25 May 2018. It will replace the Data Protection Act and require higher standards in many areas.
The guide is aimed at fundraisers, charity chief executives and trustees of fundraising charities of all sizes, and contains checklists and frequently asked questions to help charities work out what they need to do to prepare.
It explains that some forms of marketing communication, such as email, text message and automated telephone calls, will always require opt-in consent, but others, such as contact by post, can be done on an opt-out basis if the charity believes it has a legitimate interest in doing so.
It also gives examples of when the legitimate interest rules might apply.
In its introduction, the guide describes itself as a starting point for fundraisers, but warns that it "isn’t a guide to everything under GDPR" and says charities and fundraisers should know that GDPR covers much more than the areas the guide explores, such as data security.
Daniel Fluskey, head of policy and research at the IoF, said: "We have put this short guide together to help fundraisers answer the really key questions they’ve got about how they can contact their supporters.
"We know that all fundraisers and charities want to get this right to be sure they’re meeting their legal requirements as well as giving their donors a great experience of supporting that cause.
"The GDPR is coming and, with just over a year left to get ready, it’s vital that charities are aware of what changes are coming and have policies and processes in place to be ready."
The IoF also plans to run a series of training courses throughout the UK in the summer to help charities get ready for the GDPR, according to an IoF statement.
The guide is available to download from the IoF website.