15 Feb Fundraising Regulator changes code to bring it in line with GDPR
The Fundraising Regulator has today published changes to the Code of Fundraising Practice, to bring the fundraising rules into line with new data protection laws.
The updates to the code published today feature three new sections on personal information, fundraising and content of fundraising communications and mail. The publishing of the new codes follow a consultation opened by the Fundraising Regulator in October last year.
The regulator said the new code rules will come into effect on 25 May 2018, to coincide with the implementation of General Data Protection Regulation. It received responses from 104 organisations in the sector, a full list of which can be found here.
The Fundraising Regulator said the changes will:
- Ensure consistent terminology between the code and GDPR;
- Emphasise that any activity involving personal data (including wealth screening, data matching, teleappending and reuse of public information) falls under processing and that data protection rules apply;
- Create new sections on data protection and direct marketing;
- Add and expand definitions for key terms, including “processing”, “consent” and “legitimate Interest”;
- Increase links to existing guidance from the ICO, the Fundraising Regulator and other relevant bodies.
Suzanne McCarthy, chair of the Fundraising Regulator’s standards committee, said: “New data protection laws will take effect from 25th May 2018 and we know many charities are concerned about what this means for their fundraising.
“We hope that these updates to the code will help fundraisers understand their responsibilities to members of the public when they use their personal data.”
Stephen Service, policy manager at the Fundraising Regulator, said: “The code’s message is clear: data protection is not an afterthought, but a starting point for good fundraising practice. It is more important than ever that fundraisers know the provenance of any personal data they hold and have a clear basis for processing it.”
Daniel Fluskey, head of policy at the Institute of Fundraising, said: “As the deadline for GDPR gets ever-closer, it’s really important that fundraisers can see how the Code of Fundraising Practice will change when it comes into effect.
“We know there has been uncertainty and confusion over recent months and hope that being able to see what the code will include will help to give fundraisers reassurance and confidence in how they can communicate with supporters after May 25th.”
New sections of the Code
The new changes replace the old sections 5.0, 6.0 and 7.0 of the Code of Fundraising Practice. Section 5.0 is now called “Personal information and fundraising”, replacing the old “Fundraising communications and techniques”. Section 6.0 is now on “Content of Fundraising Communications” replacing “Direct marketing” while section 7.0 is now called “Mail”, replacing “Reciprocal mailing”.
Section 5.1.1 now states that “Data protection is an important issue for all fundraisers” and says that all fundraising organisations “must comply with all legal requirements relating to data protection” including Privacy and Electronic Communications Regulations, the Data Protection Bill 2017 and GDPR, as well as the requirements of the Telephone Preference Service.
Amongst the changes in section 6.0, fundraising organisations “must be able to show that all reasonable steps have been taken to ensure that communications are suitable for those targeted”. Section 6.7 also now stipulates that fundraising organisations must comply with the Committee of Advertising Practice Code and Broadcasting Committee of Advertising Practice.
Section 7.0 now features sub-sections on preparation, mail enclosures and reciprocal mailing. It makes clear that fundraising charities must not send direct marketing materials to individuals registered on the Mailing Preference Service.
A full list of changes and updates to the Code can be read here.