If you haven’t revisited your data protection policies since GDPR came in (don’t worry, you’re definitely not alone), you might wonder how a privacy-by-design approach can positively impact your major gift fundraising. Privacy by design simply means incorporating data protection principles into all your fundraising tools and processes. From building stronger donor relationships to better fundraising outcomes, embedding data protection into your organisation’s culture has its benefits. Let’s break them down.
Stronger donor trust and retention
It takes a lot to bring a major donor on board, and once they’ve aligned themselves with your cause, you want to keep them! As well as repeat donors tending to give more as the relationship develops, it costs significantly more to bring a new donor on board than to retain one.
Donor relationships are built on trust, and nothing destroys trust faster than a data breach. Your donors need to know that their personal data is safe with your organisation, and taking a privacy by design approach cements that trust.
Ready for regulators
Making sure your organisation’s fundraising processes meet GDPR requirements means you’re ready for visits from the regulator or auditors.
We recommend undertaking a data protection impact assessment (DIPA) for your major gifts programme. This helps you:
- Understand the impact of data processing on your supporters.
- Develop and implement research processes which are compliant with data protection requirements.
- Identify any areas that are high risk so you can mitigate these and amend your practices.
As legitimate interest is often used as a ground for lawfully processing data, we recommend you also undertake a legitimate interest assessment (LIA) where you are using legitimate interest as the lawful basis for your data processing. This ensures:
- Your research does not override the fundamental interests, rights and freedoms of the individuals.
- Your organisation’s interest is balanced with the impact on the individual whose data you’re processing.
- You have taken into account the reasonable expectations of the person whose data you are processing, based on their relationship with your organisation.
- You are not causing your data subjects unwarranted harm or disproportionate impact.
Operational efficiency
The last thing you want is for your whole major gift fundraising programme to grind to a halt when someone goes on leave. Unfortunately, this is often the case in smaller organisations where one person is responsible for the whole major gift department and has been too busy to write anything down.
By only collecting the data you actually need and having privacy-led processes in place, everyone in the organisation is aligned when it comes to taking a privacy-by-design approach. Things don’t fall apart when someone leaves or changes roles, meaning there’s much less risk when it comes to your donors’ data.
Better fundraising outcomes
When privacy by design is part of your organisation’s culture, it shows. By telling your supporters how you treat their personal data, you build confidence and trust, leading to better donor relationships. In the seven years since GDPR came into force, we have not seen any negative impact on donor relationships because of increased transparency. In fact, the openness has really improved the fundraising and research landscape.
Ready to learn more about getting data protection right for major gift fundraising? Join our free webinar on Thursday, 25th of September, covering:
- Major gifts, prospect research and regulation
- The legal basis for your activities – how you can do prospect research and still comply with GDPR
- Legitimate Interest – what does it mean and how to demonstrate it
- Data Protection Impact Assessments – why, how and when
- Fair processing information – getting it right
- Using publicly accessible data sources
- Applying this to wealth screening, desk research, and due diligence
- Data retention and minimisation