With the Cambridge Analytica scandal and the recent enactment of GDPR in Europe, the topic of privacy is on everyone’s mind. It applies just as much in the nonprofit world as it does in the corporate. How do we get to know our donors, collect their data, and then communicate with them in a personal way, while still being respectful of their data and privacy?

As a recent blog post discussed:

We’re tasked with being more thoughtful about how we use data in our everyday decisions as fundraisers and marketers, particularly at a time when we can say the nonprofit industry has come a tremendous way in its uses of data for personalized and relevant constituent experiences.

But even as these more meaningful value exchanges are occurring thanks to data, we simultaneously find ourselves faced with savvier, more skeptical consumers that have become increasingly critical of where, how and for what purposes their information is being used…

While knowing this information is an integral part of providing a relevant experience, we also know that there will be a much greater emphasis on consent, demonstrated control and clear explanations of how that information is used, managed and protected. Proving the value to constituents is only one piece of the more complex puzzle that these data regulations create. Particularly for the organizations that deal with sensitive data, clearness in the messaging around data privacy policies is critical.  

As a nonprofit organization, it is vital that the organization’s privacy policy is visible and easily accessible on your website and mentioned in your ongoing donor communications. Being truly transparent fosters trust with your donors, helping to encourage long-term advocacy. It is also important that you keep track of changes that occur on different social media platforms and respond accordingly.

Although GDPR does not affect organizations whose donor base is in the U.S., nonprofits will need to stay aware of potential changes on the horizon here. And for organizations who have donors outside the U.S., it is vital to ensure that you are in compliance with the GDPR standards. Now is a good time to have a conversation about how you are protecting your donors’ privacy and any changes that need to be made moving forward.