The California Consumer Protection Act requires businesses and charities to make disclosures in their public-facing privacy policies and to update annually such disclosures, starting January 1, 2020. To comply with the CCPA, the privacy policy must include the eight points listed in this useful guide. https://www.pillsburylaw.com/en/news-and-insights/ccpa-privacy-policy.html
California Consumer Privacy Act (CCPA): What you need to know to be compliant
The California Consumer Privacy Act could have more repercussions on U.S. companies than the European Union’s General Data Protection Regulation (GDPR) that went into effect in 2018. The California law doesn't have some of GDPR's most onerous requirements, such as the narrow 72-hour window in which a company must report a breach. In other respects, … Continue reading California Consumer Privacy Act (CCPA): What you need to know to be compliant
Here Comes America’s First Privacy Law: What the CCPA Means for Business and Consumers
On January 1 2020, a landmark new data law comes into effect, subjecting U.S. businesses to a sea change of privacy regulations. After that date, Americans will be able to demand that charities disclose what personal data they have collected about them, and also ask them to delete that data. The California Consumer Protection Act … Continue reading Here Comes America’s First Privacy Law: What the CCPA Means for Business and Consumers
Data compliance officer: the next big role in fundraising?
Fundraising charities rely on information about their supporters to survive; such as names and addresses, financial information and other private data. Information such as this will always be integral to the fundraising process, and the storage and safety of this information will be too. GDPR’s rules around proving consent necessitate new processes at the back … Continue reading Data compliance officer: the next big role in fundraising?
Long Read: The philosophical dispute between fundraising and data protection
At the end of 2016, when the ICO fined several charities for breaching the Data Protection Act 1998, Ian MacQuillin, wrote a fascinating philosophical piece on how charities are perceived by different types of people. Even though this feels like a long time ago, it's still as relevant today as it was back then. Whenever … Continue reading Long Read: The philosophical dispute between fundraising and data protection
Long Read: DPN Legitimate Interests Guidance – GDPR
The Guidance prepared by the Data Protection Network is a practical tool aimed at helping commercial and not-for-profit organisations to assess whether or not they can rely on Legitimate Interests as a lawful basis for processing personal data under the GDPR. The Guidance covers: Understanding what Legitimate Interests are Identifying areas of processing where Legitimate … Continue reading Long Read: DPN Legitimate Interests Guidance – GDPR
At last, clarity and sense about wealth screening, prospect research and updating addresses
Adrian Beney is back with an update on CASE's work on providing guidance for charities for adopting GDPR best practise. This document lays out in detail and with great clarity the circumstances under which these activities, regarded in recent years by some at the Information Commissioner’s Office as very controversial, can be carried out lawfully. … Continue reading At last, clarity and sense about wealth screening, prospect research and updating addresses
Prospect Research and GDPR-compliant wealth screening
Prospect research and wealth screening do not sit easily with GDPR: Can individuals reasonably expect to be researched for wealth? Would they expect to charities to find public information about them and use it? How about if the charity uses a third-party supplier? Nicola Williams, MA in Philanthropic Studies, has written several helpful guides at … Continue reading Prospect Research and GDPR-compliant wealth screening
GDPR: Marketers don’t forget PECR!
Although there is still no confirmed date when the new e-privacy regulation will be released, here is some excellent guidance on how the Privacy and Electronic Communications Regulations (PECR) combines with GDPR to give more power to consumers. https://www.dpnetwork.org.uk/opinion/gdpr-marketers-dont-forget-pecr/
Consent, Opt-In, Legitimate Interest and GDPR and how it relates to fundraising
Adrian Beney has a wonderful grasp of GDPR, particularly around the pros and cons on using consent and legitimate interests by charities. This guide of his provides the perfect introduction to GDPR and how it impacts communication, prospect research and fundraising. A reassuring read to those old and new to the profession. https://www.linkedin.com/pulse/consent-opt-in-legitimate-interest-gdpr-adrian-beney
Propper Fundraising 