GDPR risks for charities

A number of UK charities have been fined by the ICO in recent years for misusing personal data and engaging in activities which are not compliant with the GDPR. Charities issued with fines include the RSPCA, British Heart Foundation and Cancer Research UK to name just a few.

Key risk areas that charities are commonly found to be non-compliant with GDPR include:

Sending direct marketing communications without consent

GDPR risks for charities

Sending direct marketing communications without consent

Failing to notify individuals of wealth screening and data matching

Processing special category data without due care and protection

Failing to secure personal data and being susceptible to data breaches

Accidental disclosure of data due to lack of staff training

Failing to ensure that volunteer access to data is limited and secure

Tidman Legal Limited is a limited company registered in Scotland (SC549335), authorised and regulated by The Law Society of Scotland. Registered office: 6 St Colme Street, Edinburgh, EH3 6AD

GDPR risks for charities

Sending direct marketing communications without consent

Failing to notify individuals of wealth screening and data matching

Processing special category data without due care and protection

Failing to secure personal data and being susceptible to data breaches

Accidental disclosure of data due to lack of staff training

Failing to ensure that volunteer access to data is limited and secure

Share This Story, Choose Your Platform!

Related Posts

Tidman Legal Limited is a limited company registered in Scotland (SC549335), authorised and regulated by The Law Society of Scotland. Registered office: 6 St Colme Street, Edinburgh, EH3 6AD