Update to Code of Fundraising Practice to coincide with GDPR implementation
The Fundraising Regulator has made changes to the Code of Fundraising Practice that take into account the requirements of the General Data Protection Regulation (GDPR).
The revised Code sets out the rules for fundraisers regarding the use of personal data.
The changes are designed to:
- Ensure consistent terminology between the Code and GDPR;
- Emphasise that any activity involving personal data (including wealth screening, data matching, tele-appending and reuse of public information) falls under processing and that data protection rules apply;
- Create new sections on Data Protection and Direct Marketing;
- Add and expand definitions for key terms, including “processing”, “consent” and “legitimate Interest”;
- Increase links to existing guidance from the ICO, the Fundraising Regulator and other relevant bodies.
They are extensive, covering the following sections of the Code:
- 1.0 Key Principles and Behaviours
- 2.0 Working with Volunteers
- 3.0 Working with Children
- 4.0 Working with Third Parties
- 5.0 Personal Information and Fundraising
- 6.0 Content of Fundraising Communications
- 7.0 Mail
- 8.0 Telephone
- 9.0 Digital Media
- 14.0 Fundraising through Payroll Giving
- 15.0 Events
- 16.0 Public Collections
- 20.0 Handling of Donations
The changes include the replacement of section 5 (Fundraising Communications and Techniques) with one on Personal Information and Fundraising.
The Code changes can be reviewed now and come into effect on 25 May 2018 when the GDPR is incorporated into UK law.
Suzanne McCarthy, Chair of the Fundraising Regulator’s Standards Committee said: “New data protection laws will take effect from 25th May 2018 and we know many charities are concerned about what this means for their fundraising. We hope that these updates to the Code will help fundraisers understand their responsibilities to members of the public when they use their personal data.”
Further changes are possible when PECR is reviewed and the new Data Protection Bill is enacted, so the Regulator’s latest revisions to the Code highlight this areas.
Dan Fluskey, Head of Policy at the IoF said: “As the deadline for GDPR gets ever closer, it’s really important that fundraisers can see how the Code of Fundraising Practice will change when it comes into effect. We know there has been uncertainty and confusion over recent months and hope that being able to see what the Code will include will help to give fundraisers reassurance and confidence in how they can communicate with supporters after May 25th.”
Advertisement
Consultation responses
The Code changes have been published together with a summary of consultation responses received from data protection specialists, sector bodies, charities and the public between October and December 2017.
Stephen Service, Policy Manager at the Fundraising Regulator said: “The Code’s message is clear: data protection is not an afterthought, but a starting point for good fundraising practice. It is more important than ever that fundraisers know the provenance of any personal data they hold and have a clear basis for processing it.”
- Changes announced to six areas of the Code of Fundraising Practice (2 August 2017)
- Dogs Trust breached Code of Fundraising Practice by calling TPS-registered individual (7 June 2016)