It’s been a difficult year for many in the third sector. However, without wanting to be the bearer of bad news, I have to say that things aren’t necessarily going to get easier soon with the changes that Brexit and the new General Data Protection Regulations (GDPR) will have.
These will fundamentally change the UK and the relationship our sector has with personal data, challenging fundraisers and marketers to continue to evolve the way they conduct the great work they do.
So as you plan for 2017, ask yourself one simple question that could have huge ramifications for your organisation: “Am I ready for the new world of data protection?”
The digital world we all now live and work in has potential supporter touchpoints everywhere, whether online, on your mobile or in-person. Each one of these touchpoints can create a piece of data that fundraisers can use to better understand their supporters and offer a personalised service.
However, each piece of insight is also a piece of personal data that will have to be treated responsibly.
Earlier this year, we conducted some research with Adestra into the use of personalisation and the data habits of digital marketers from across the industry – not just the third sector – titled ‘The State of Digital Personalisation in 2016’. This highlighted the need for better understanding of the existing and new rules governing the data that is the lifeblood of many organisations, whether commercial or not-for- profit.
According to the report, three quarters (76.5%) of marketers are personalising emails using personal data that is collected via an opt-in method. However, nearly a quarter of marketers (23.5%) are using data collected by automatic methods, such as IP address tracking, where clear consent can be hard to obtain. Unless fundraisers and marketers are clear on the customer consent they have for that data – for example: location, browsing history or family make-up – they will be in breach of the new GDPR when they come into force in May 2018.
Therefore, unless charities fully understand how to use this insight and the rules that govern it, they could not only upset the consumer but also be breaking the law. Three specific areas that charities can focus on initially to start this learning process:
How the law affects marketing and the importance of consent?
Marketing departments will need to understand what the changes are in the GDPR as compared with the Data Protection Act 1998, as well as the European Commission’s new consultation on revising the Privacy and Electronic Communications Directive, which was implemented into UK law back in 2003. These laws all have an effect on how and when marketers need to ask for consent, not to mention whether it has to be opt-out, soft opt-in, opt-in or double opt-in. Ensuring charities have the systems to manage all these different consents and deal with any changes which the donor may request in a timely fashion is another challenge.
Why data protection matters to fundraising and the effect of legislation?
Breaking the rules on data protection could lead to enforcement action from the Information Commissioner’s Office, who will have the power to issue significantly higher fines under the GDPR as well as action by the new fundraising regulator. But more importantly charities risk damaging their reputation and the relationships they have in place with their supporters in the first place if their personal data is not used correctly.
How do we actually analyse and use the data?
Even once the new laws are understood and charities are managing all this personal data correctly, they still need to make sure they’re able to use the insight from this data to improve the efficiency and effectiveness of their marketing campaigns. Understanding how to evaluate the metrics from marketing campaigns will enable charities to fully appreciate the value of their supporters, not to mention the success of their fundraising programmes.
2017’s success stories in the third sector will be those that are able to put supporters and their personal data at the heart of everything they do. By being diligent with data, respecting privacy, being honest and fair, and taking responsibility for this data charities can ensure they’re not abiding by the new rules, but actually building relationships based on transparency and trust.
If you’re not sure how to do deliver this to your supporters, make sure you know how, where and when you’re going to learn about it in the coming year. Whether it’s a one day course on Data Protection or taking a professional qualification, such as an Award in GDPR, the opportunities to learn are out there and they will benefit you far beyond the year of data protection.
The insight and opportunities for personalisation that supporter data offers to charities is invaluable to many in the sector. It’s the beating heart of the fundraising and marketing campaigns that drive the fantastic work charities do every day. The only way to avoid losing this invaluable data is ensuring you’re ready for the new world of data protection. Education and training in the coming year is the only way to ensure you’re able to successfully navigate this new data landscape through 2017 and beyond.
Jane Cave is Managing Director at the IDM.