The General Data Protection Regulations (GDPR) are a set of new European privacy laws. It strengthens the individual’s right to control their own personal data. Organizations that obtain, use, store, and process data must receive explicit permission from the individual and be transparent about how they use the data.
The Data Protection Principles of the GDPR include requirements such as:
- An individual’s personal data must be processed in a transparent way and can only be used with reasonable expectation.
- Personal data should only be collected to meet its purpose and it should only be used for that purpose. Organizations must specify why they need the personal data when it is being collected.
- Personal data should be held no longer than necessary to fulfill its purpose.
What is personal data?
For our users, common personal data that is collected from donors and fundraisers are:
- Email address
- Postal address
Other personal data that you may collect inside and outside of CauseVox could include an individual’s occupation, donation history, and demographic information.
Will it affect me?
GDPR will affect any organization that collects personal data from a citizen of the European Union (EU) for any purpose.
This means that if you have an overt focus on the EU, such as if you target EU donors/fundraisers, take EU donations, or operate in the EU, then you are most likely subject to GDPR. Specifically, on CauseVox, your EU donor data and fundraiser data will need to adhere to the rules of GDPR.
How We Suggest You Stay GDPR Compliant on CauseVox
As stated in our Terms and Conditions, except for the purposes outlined herein, we will not trade, share, or sell a donor’s personal information with anyone else.. We simply store your donor and fundraiser data for you so that you may manage it as you’d like.
To remain compliant, we recommend that you:
1) Ensure Your Organization's Terms and Conditions Are GDPR Compliant And Provide An Opt-In
We recommend consulting your lawyer to ensure that your terms and conditions properly allow your donors and fundraisers to manage their own personal data. Once your terms and conditions are updated, we recommend using our custom fields feature to add an opt-in on your donation pages and fundraiser signup process.
You can create the opt-in by following the steps below:
Step 1: Navigate to your donation and fundraiser custom fields and selecting “Add New Field.”
Step 2: Select a checkbox as your field type. Be sure to leave both the Required and Checked By Default options unchecked.
Step 3: In the field label, write your preferred language for your donors to opt into your TOS. For example, you may want to write: I have read, understand, and agree to (insert organization name)’s terms and conditions.
Step 4: You’re able to link your terms and conditions in the help text of your checkbox by copying the format below and inserting the URL to your terms and conditions.
Check the box to acknowledge and opt in to our <a href="https://www.causevox.com/tos/" target="_blank" data-bypass="true">terms and conditions</a>
2) Ensure That The Subscription Checkbox Is Defaulted To Unchecked
On our donation form, your donors are asked if they would like to receive updates from your organization. To remain compliant, we recommend ensuring that your subscription checkbox is set to be unchecked by default in your Donation Form Settings.
Want to see how CauseVox is complying with GDPR? You can read our full article here.