Skip to content
  • +44 20 3588 3500
Contact Us
Menu
  • Home
  • Expertise
    • Personal Clients
      • Civil Litigation
        • Dispute Resolution
        • Inheritance, Wills & Probate
        • Insolvency
        • Media & Intellectual Property
        • Negligence
        • Property
      • Divorce & Family Law
        • Pre-Nuptial Agreement
        • Legal Separation
        • Annulment
        • Divorce
        • Child Custody
        • Domestic Violence
      • Employment
        • Employment Contract
        • Compromise Agreement
        • Constructive Dismissal
        • Redundancy
        • Discrimination
        • Wrongful Termination
      • Estate Planning, Wills & Probate
        • Asset Protection
        • Power of Attorney
        • Probate & Estate Administration
        • Wills
      • Immigration
        • Entry into the UK
        • Immigration Appeal
        • Remaining/Settling in the UK
      • Personal Injury
        • Holiday Accidents
        • Carbon Monoxide Poisoning Claim
        • Civil Action Against the Police
        • Industrial Disease Claims
        • Product Injury Claims
        • Road Traffic Accidents
        • Workplace Accidents
      • Mortgage/Conveyancing
        • Auction Property
        • Buying Property
        • Selling Property
        • Leasing Property
        • Remortgage
        • Shared Ownership
        • Tenancy Agreements
    • Business Clients
      • Banking & Finance
        • Loan Agreement & Debt Finance
        • Project & Asset Based Finance
        • Restructuring
        • Shari’ah Compliant Finance
      • Commercial Law
        • Business Law
        • Charities
        • Company Law
        • Corporate Recovery & Insolvency
        • Healthcare Sector
      • Commercial Property
        • Sale/Purchase of Commercial Premise
        • Commercial Leases / Business Tenancy
        • Planning / Section 106
      • Commercial Litigation
        • Dispute Resolution & Mediation
        • Debt Recovery
        • Commercial Insolvency
        • Commercial Property
        • Media & Intellectual Property
      • Corporate Crime & Risks
        • Commercial Fraud
        • Money Laundering
        • VAT, Tax & Duty Fraud
      • Employment
        • Employment Contracts
        • Employment Litigation
    • Luxury Assets
      • Aircrafts
      • Fine Arts, Antiques & Collectibles
      • Cars
      • Helicopters
      • Racehorses
      • Jewellery and Watches
      • Couture Clothing
      • Yachts
  • About Us
  • Testimonials
  • Our Team
  • Work With Us
    • Recruitment Procedure
    • Trainee Recruitment
    • Vacancies
    • Consultants Programme
  • Insights
    • Personal Clients
      • Civil Litigation
      • Divorce & Family Law
      • Employment
      • Estate Planning, Wills & Probate
      • Immigration
      • Personal Injury
      • Mortgage/Conveyancing
    • Business Clients
      • Banking & Finance
      • Commercial Law
      • Commercial Property
      • Commercial Litigation
      • Corporate Crime & Risks
      • Employment
    • Luxury Assets
      • Aircraft
      • Fine Art
      • Antiques & Collectibles
      • Cars
      • Helicopters
      • Racehorses
      • Jewellery & Watches
      • Yachts
  • Home
  • Expertise
    • Personal Clients
      • Civil Litigation
        • Dispute Resolution
        • Inheritance, Wills & Probate
        • Insolvency
        • Media & Intellectual Property
        • Negligence
        • Property
      • Divorce & Family Law
        • Pre-Nuptial Agreement
        • Legal Separation
        • Annulment
        • Divorce
        • Child Custody
        • Domestic Violence
      • Employment
        • Employment Contract
        • Compromise Agreement
        • Constructive Dismissal
        • Redundancy
        • Discrimination
        • Wrongful Termination
      • Estate Planning, Wills & Probate
        • Asset Protection
        • Power of Attorney
        • Probate & Estate Administration
        • Wills
      • Immigration
        • Entry into the UK
        • Immigration Appeal
        • Remaining/Settling in the UK
      • Personal Injury
        • Holiday Accidents
        • Carbon Monoxide Poisoning Claim
        • Civil Action Against the Police
        • Industrial Disease Claims
        • Product Injury Claims
        • Road Traffic Accidents
        • Workplace Accidents
      • Mortgage/Conveyancing
        • Auction Property
        • Buying Property
        • Selling Property
        • Leasing Property
        • Remortgage
        • Shared Ownership
        • Tenancy Agreements
    • Business Clients
      • Banking & Finance
        • Loan Agreement & Debt Finance
        • Project & Asset Based Finance
        • Restructuring
        • Shari’ah Compliant Finance
      • Commercial Law
        • Business Law
        • Charities
        • Company Law
        • Corporate Recovery & Insolvency
        • Healthcare Sector
      • Commercial Property
        • Sale/Purchase of Commercial Premise
        • Commercial Leases / Business Tenancy
        • Planning / Section 106
      • Commercial Litigation
        • Dispute Resolution & Mediation
        • Debt Recovery
        • Commercial Insolvency
        • Commercial Property
        • Media & Intellectual Property
      • Corporate Crime & Risks
        • Commercial Fraud
        • Money Laundering
        • VAT, Tax & Duty Fraud
      • Employment
        • Employment Contracts
        • Employment Litigation
    • Luxury Assets
      • Aircrafts
      • Fine Arts, Antiques & Collectibles
      • Cars
      • Helicopters
      • Racehorses
      • Jewellery and Watches
      • Couture Clothing
      • Yachts
  • About Us
  • Testimonials
  • Our Team
  • Work With Us
    • Recruitment Procedure
    • Trainee Recruitment
    • Vacancies
    • Consultants Programme
  • Insights
    • Personal Clients
      • Civil Litigation
      • Divorce & Family Law
      • Employment
      • Estate Planning, Wills & Probate
      • Immigration
      • Personal Injury
      • Mortgage/Conveyancing
    • Business Clients
      • Banking & Finance
      • Commercial Law
      • Commercial Property
      • Commercial Litigation
      • Corporate Crime & Risks
      • Employment
    • Luxury Assets
      • Aircraft
      • Fine Art
      • Antiques & Collectibles
      • Cars
      • Helicopters
      • Racehorses
      • Jewellery & Watches
      • Yachts
Menu
  • Home
  • Expertise
    • Personal Clients
      • Civil Litigation
        • Dispute Resolution
        • Inheritance, Wills & Probate
        • Insolvency
        • Media & Intellectual Property
        • Negligence
        • Property
      • Divorce & Family Law
        • Pre-Nuptial Agreement
        • Legal Separation
        • Annulment
        • Divorce
        • Child Custody
        • Domestic Violence
      • Employment
        • Employment Contract
        • Compromise Agreement
        • Constructive Dismissal
        • Redundancy
        • Discrimination
        • Wrongful Termination
      • Estate Planning, Wills & Probate
        • Asset Protection
        • Power of Attorney
        • Probate & Estate Administration
        • Wills
      • Immigration
        • Entry into the UK
        • Immigration Appeal
        • Remaining/Settling in the UK
      • Personal Injury
        • Holiday Accidents
        • Carbon Monoxide Poisoning Claim
        • Civil Action Against the Police
        • Industrial Disease Claims
        • Product Injury Claims
        • Road Traffic Accidents
        • Workplace Accidents
      • Mortgage/Conveyancing
        • Auction Property
        • Buying Property
        • Selling Property
        • Leasing Property
        • Remortgage
        • Shared Ownership
        • Tenancy Agreements
    • Business Clients
      • Banking & Finance
        • Loan Agreement & Debt Finance
        • Project & Asset Based Finance
        • Restructuring
        • Shari’ah Compliant Finance
      • Commercial Law
        • Business Law
        • Charities
        • Company Law
        • Corporate Recovery & Insolvency
        • Healthcare Sector
      • Commercial Property
        • Sale/Purchase of Commercial Premise
        • Commercial Leases / Business Tenancy
        • Planning / Section 106
      • Commercial Litigation
        • Dispute Resolution & Mediation
        • Debt Recovery
        • Commercial Insolvency
        • Commercial Property
        • Media & Intellectual Property
      • Corporate Crime & Risks
        • Commercial Fraud
        • Money Laundering
        • VAT, Tax & Duty Fraud
      • Employment
        • Employment Contracts
        • Employment Litigation
    • Luxury Assets
      • Aircrafts
      • Fine Arts, Antiques & Collectibles
      • Cars
      • Helicopters
      • Racehorses
      • Jewellery and Watches
      • Couture Clothing
      • Yachts
  • About Us
  • Testimonials
  • Our Team
  • Work With Us
    • Recruitment Procedure
    • Trainee Recruitment
    • Vacancies
    • Consultants Programme
  • Insights
    • Personal Clients
      • Civil Litigation
      • Divorce & Family Law
      • Employment
      • Estate Planning, Wills & Probate
      • Immigration
      • Personal Injury
      • Mortgage/Conveyancing
    • Business Clients
      • Banking & Finance
      • Commercial Law
      • Commercial Property
      • Commercial Litigation
      • Corporate Crime & Risks
      • Employment
    • Luxury Assets
      • Aircraft
      • Fine Art
      • Antiques & Collectibles
      • Cars
      • Helicopters
      • Racehorses
      • Jewellery & Watches
      • Yachts
+44 20 3588 3500

Charities – Are You Ready To Comply With the GDPR?

  • Commercial Law
April 13 , 2018
Home > Business Clients Insights >
  • Commercial Law
  • >
  • Charities – Are You Ready To Comply With the GDPR?
April 13 , 2018
April 13 , 2018

Charities – Are You Ready To Comply With the GDPR?

  • Commercial Law
April 13 , 2018
  • Commercial Law
April 13 , 2018

Protecting donors’ privacy and complying with the principles set out in the Data Protection Act 1998 are an imperative part of charity management and administration. The General Data Protection Regulations (GDPR) come into force on 25th May 2018 and present charities with a new set of complex legal requirements to factor in, with stringent penalties for non-compliance.

Does your charitable entity understand the GDPR and the key changes to be aware of?

Should you ‘opt in’, or can you rely on the ‘opt out’ mechanisms?

What can charities do now to prepare for the biggest change in data regulation in two decades?

If you are a fundraiser, CEO, or trustee of a charity or fundraising entity, then this article will help you answer these questions and develop a basic understanding of the GDPR.

What is the GDPR?

The GDPR is an EU-wide regulation that will replace the Data Protection Act 1998 this year. The Information Commissioner’s Office has made clear that Brexit will not affect the application of the GDPR in the UK and all entities are required to comply with the regulations when processing peoples’ personal identifiable information (PII). PII means any information relating to an identified or identifiable natural person (i.e. the data subject).

One of the main differences between the Data Protection Act 1998 and the GDPR, is that the GDPR has a wider definition of PII and it now includes technology.

All entities, including charities, are expected to be meet the GDPR requirements as of 25th May 2018. Therefore, action is needed now.

What does the GDPR say?

The GDPR contains the following data protection principles:

• Principle 1: PII must be processed in a lawful, fair, and transparent manner. The principle is broadly similar to Data Protection Act 1998, however, the GDPR now expressly states that PII should be processed in a transparent manner. This includes giving data subjects adequate information about how their PII is or will be processed;

• Principle 2: PII must be collected for a specific and legitimate purpose, and there should be no further processing in a manner that is incompatible with these purposes;

• Principle 3: Data minimisation. PII collected must be adequate, relevant, and limited to that which is necessary for the purpose for which it is being processed;

• Principle 4: Accuracy. PII should be accurate and up-to-date; any out-of-date or incorrect PII should be deleted or rectified. Every reasonable step must be taken in respect of the same;

• Principle 5: Storage limitation. PII must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the PII was collected. PII may be stored for longer periods insofar as the it will be processed solely for archiving purposes, in the public interest, for scientific and historical research purposes or statistical purposes;

• Principle 6: Integrity and confidentiality. PII must be processed in a safe manner to ensure it is protected against unauthorised and unlawful processing, theft, loss, damage or destruction;

• Principle 7: Accountability. The controller (i.e. the charity) shall be responsible for and be able to demonstrate compliance with these principles.

What is the difference between a ‘controller’ and a ‘processor’ under the GDPR?

Article 4 of the GDPR outlines the differences between a controller and a processor of data:

• Controller: is a natural or legal person, public authority, agency or other body which, determines the purposes and means of the processing of PII; and

• Processor: is a natural or legal person, public authority, agency or other body which processes PII on behalf of the controller.

Do charities and fundraisers have to change how they ask for consent under the GDPR?

Consent must be freely given, informed, specific, unambiguous and given by a clear affirmation (i.e. a positive opt-in). The data subject will therefore have to ‘positively opt-in’ by ticking a box (yes, that means no pre-ticking boxes).

Under the GDPR, all entities need to explain clearly their reasons for collecting PII, how it is intended to be used and importantly, explicit and free consent must be given to share PII with third parties.

What is ‘opt-in’ and ‘opt out’?

As simple as it might sound, ‘opt in’ and ‘opt out’, as it applies to direct marketing is one of the most confusing and debated aspects of the GDPR.

‘Opt in’ – Charities and fundraisers can directly market to a person if they have given their consent that they are happy to receive direct marketing (as above). For example, this could take the form of an individual ticking a box on a donation form or putting their business card in a bowl at an event. In the latter example, you must make it explicitly clear that by doing so, the person parting with their business card is agreeing to receive direct marketing material from your organisation.

Under the GDPR, charities can, in certain circumstances, send direct marketing materials or make unsolicited telephone calls to someone without their express consent under the condition of ‘legitimate interest’. That said, when doing so, they must allow the person to ‘opt out’ of receiving such communications in the future. This is usually done by including an ‘opt out’ tick box.

To establish whether there is a ‘legitimate interest’ when direct marketing, charities need to consider what the data subject would reasonably have expected their PII to be used for when they provided it.

Charities and fundraising organisations must make it clear to data subjects how their information will be used at the time at which it is collected. This will require ongoing staff training to remind employees to do this with every data subject. If they are not informed that their PII might be used for direct marketing, charities will be unable to rely on the legitimate expectation condition.

You also need to consider whether the data subject’s rights and interests override your charity’s legitimate interests in sending direct marketing material. For example, if you know the data subject concerned is elderly or a child, it may not be in their best interests to receive direct marketing from your organisation.

The entire principle is very much a balancing exercise.

What other changes does the GDPR introduce that charities and fundraising organisations need to be aware of?

Under the GDPR, anyone can make a request to access and check the PII you hold in relation to them. They can also request that you remove any PII from your records. Therefore, it is imperative that you know exactly what PII is held and where it is stored. This is why, the ICO recommend conducting ‘war drills’ to test your staff’s ability and efficiency when dealing with request to access or a request for erasure.

How can charities prepare for the GDPR?

Most charities and fundraising organisations have robust data protection policies and procedures which comply with the principles of the Data Protection Act 1998. It is crucial that these are reviewed and updated to ensure compliance with the incoming GDPR and a communication and training programme rolled out to employees.

Our solicitors are well-versed in the GDPR and can provide practical advice and guidance regarding your organisation’s compliance.

 

Saracens Solicitors is a multi-service law firm based in London’s West End. We have dedicated and highly experienced charity law solicitors who can advise on all legal matters relating to the charity sector. For more information, please call our office on 020 3588 3500.

[1] https://saracenssolicitors.co.uk/company-law/gdpr-preparation-ultimate-guide

[2] https://www.youtube.com/watch?v=zYKYPgyJz6g

RECENT POSTS

Banking & Finance

Company Restructuring and Asset Protection – Coronavirus (COVID-19)

Overnight, many businesses have gone from doing financially ok or financially well, to survival mode. And we get it. But when things get tough, trying …

READ MORE
Commercial Property

Commercial Lease Agreement Review – Coronavirus (COVID-19)

COVID-19 has brought disruption to businesses across the globe at an unprecedented level. We are fielding calls and emails from landlords and tenants, scrambling with …

READ MORE
Commercial Litigation

Raising the Roof – Forfeiture of a Commercial Lease | Litigation

Raising the Roof – Forfeiture of a Commercial Lease | Litigation Imagine you are a tenant of a commercial property. Business may be slow and …

READ MORE
Commercial Law

Becoming a drug dealer, the legal way | Healthcare | Commercial Law

Opening a pharmacy is often what most pharmacists seek to achieve; a life ambition. But all too frequently it is a bad case of pre-pharmacy …

READ MORE

CATEGORIES

  • Banking & Finance
  • Commercial Law
  • Commercial Litigation
  • Commercial Property
  • Corporate Crime & Risks
  • Employment

Contact Us

  • This field is for validation purposes and should be left unchanged.

Saracens Solicitors
Strand Bridge House,
140 Strand,
London WC2R 1HH

T: +44(0)20 3588 3500
F: +44(0)20 3588 3505

Legal Notice

Privacy Policy

Accessibility

Saracens Solicitors
Strand Bridge House,
140 Strand,
London WC2R 1HH

T: +44(0)20 3588 3500
F: +44(0)20 3588 3505

Copyright  Saracens Solicitors | All Rights Reserved