The document discusses charities' relationships with donors and handling of personal data. It summarizes a panel discussion on how charities can build strong donor relationships through responsible fundraising regulation and data protection. The panelists provide their vision of donors having meaningful control over how their data is used and shared. They discuss guiding principles like obtaining consent and being transparent. The document also outlines what implementing best practices may require of charities and their trustees, as well as the benefits donors may see, such as fewer unwanted contacts. It emphasizes that consent should not be assumed indefinitely and must be refreshed periodically.
Trustee Conference PM3: Fundraising regulation and data protection: How can charities build strong relationships with their donors?
1. Drinks sponsors:
FUNDRAISING REGULATION AND DATA
PROTECTION: HOW CAN CHARITIES
BUILD STRONG RELATIONSHIPS WITH
THEIR DONORS?
MICHAEL ADAMSON, BRITISH RED CROSS
LYNN TWEEDALE, HARRIS INTERACTIVE
ROB GETHEN-SMITH, BLACKBAUD
7 NOVEMBER 2016
Partner sponsor:
Media partner:
Lead sponsor:
2. CHARITIES’ RELATIONSHIPS
WITH DONORS
A VISION FOR A BETTER
FUTURE
MIKE ADAMSON, CHIEF EXECUTIVE,
BRITISH RED CROSS
Drinks sponsors:
Partner sponsor:
Media partner:
Lead sponsor:
3.
4. VISION
• Donors have meaningful control of their relationships with
charities.
• Donors have informed choice over how their data is used.
• Charities will be fully transparent and accountable to their donors.
• Charities will handle donor information in a safe, secure and
sensitive way.
• Charities will respect individuals’ preferences.
CONSENT AS THE FOUNDATION STONE
5. GUIDING PRINCIPLES
• Recommendations that are ethical, practical and enduring.
• Consent is ‘freely given, specific, informed and unambiguous’.
• Charities should not exchange or share personal data without
consent.
• Consent cannot be presumed to last forever, and should be
appropriately refreshed.
• The period within which consent should be refreshed may vary
(intrusiveness of the channel, type of institution, etc.).
• The simple act of making a donation should not be viewed by the
charity as consent to make unlimited contact for fundraising
purposes.
• An extended period of silence, pre-ticked boxes or inactivity do not
constitute consent.
• Charities should take full responsibility, even when using external
suppliers.
6. WHAT WILL THIS MEAN FOR DONORS?
• Noticeable reduction in contact they haven’t agreed to (direct
mail, calls).
• More clarity about why they are being contacted by a particular
charity they haven’t donated to.
• Better information about how their data is used.
• More opportunities to express whether they want to continue
hearing from a charity they have donated to.
• Respectful use of their data by charities.
• Real choice.
7. WHAT WILL THIS REQUIRE FROM
CHARITIES AND THEIR TRUSTEES?
• Willingness to develop true empathy with donors.
• Willingness to commit to an approach based on developing deeper,
longer-lasting relationships with donors.
• Willingness consider not only the individual impact of their
charity’s approach but also the impact on trust in the charity
sector as a whole.
• Willingness to operate transparently and respond to feedback even
if not in the short-term financial interest of the charity.
• Commitment to play a part in rebuilding trust in the charity sector
based on a principled approach.
9. 9
Introduction
NCVO’s working group wanted to gather an independent view of the general
public’s willingness to share their personal data with charities based on their
experience of donating and the communications they have received from
charities
HARRIS 24
Harris 24 is especially for those moments when you need answers fast
from the general population:
• Covering 30 countries
• 1000-2000 responses achieved in less than 24 hours in the UK, US, France,
Germany, Spain and Italy
…means you can make quicker
decisions, more cost effectively,
and generate more impact within
your business
10. 10
Introduction
1,023 quantitative online interviews
from a nationally representative sample:
• 796 amongst Donors
• (those who have donated in the last 2 years)
• 227 amongst Potential Donors
• (those who have not donated in the last 2 years)
Respondents were asked about
their experience of donating,
communications received from
charities, the sharing of their
personal information and
permissions given for the sharing
of personal data
11. 11
“The sector is needed more than ever before,
yet trust is under pressure like never
before.
“To rise to these challenges, it is essential
that charities conduct their fundraising with
integrity and respect and, critically, in ways
that enable donors to have control.”
12. 12
Base: All respondents – Total (1,023); Donors (796); Potential donors (227)
36% trust
7%
34%
24%
24%
10% 3%
15%
23%
30%
29%
6%
30%
24%
25%
14%
41% trust 18% trust
There is a profound lack of trust in whether charities will only make contact where permission has been
given
Contact with explicit consent, and impact on trust
46% would trust the
charity more
49% would trust the
charity more
33% would trust the
charity more
Trust that most
charities will only
contact them if
they have given
explicit consent
Total Donors Potential Donors
…charities only
contacted you with
your explicit
consent
64% say trust would
increase
70% say trust would
increase
43% say trust would
increase
…charities gave
control of how data
is shared and used
Impact on trust if…
14. Circumstances in which would agree to share data
14MQ10: Under which circumstances would you agree to your data being shared?
Base: All respondents – Total (1,023); Donors (796); Potential donors (227)
59%
8%
10%
12%
13%
18%
19%
Total Donors Potential Donors
54%
9%
12%
13%
15%
20%
20%
75%
4%
3%
8%
7%
10%
13%
The majority of respondents say that they would never agree to share their personal information with
another charity or organisation
Made a donation and the charity gives a list of
charities to select which you’d be happy to hear from
Bought a product and provider gives a list of charities
to select which you’d be happy to hear from
Made a donation and the charity names the charities it
would share your data and explains the reasons why
Bought a product and provider names the charities it
would share your data and explains the reasons why
Made a donation and the charity indicates that it will
share your data with other interested charities
Bought a product and provider indicates that it will
share your data with relevant interested charities
I would never agree to sharing my personal information
with another charity or organisation
15. Emergency appeals - example situations (no prior consent)
15
Base: All respondents – Total (1,023); Donors (796); Potential donors (227)
27% 19% 17% 27% 10%
1 - Not at all acceptable 2 3 4 5 - Totally acceptable
37%Total
Donors
Potential Donors
Acceptable
(Top 2 Box)
Purposes of deduplication:
Acceptability of sharing data between charities to remove duplicates
Previous donation to similar emergency appeal:
Acceptability of being approached again for another similar emergency
40%
23%
20%
19%
19%
17%
16%
31%
6%
11% 42%
21%
32% 22% 17% 23% 6%
1 - Not at all acceptable 2 3 4 5 - Totally acceptable
29%Total
Donors
Potential Donors
Acceptable
(Top 2 Box)
45%
28%
22%
22%
16%
17%
15%
25%
3%
7% 32%
17%
Sharing personal data for purposes of deduplication and to fundraise for similar emergency causes without
consent is also seen as unacceptable
16. Donating isn’t
consent
“An individual’s simple act of making a
donation should not be viewed by the
charity as consent to make further
unlimited contact for fundraising
purposes.”
17. Contact after a donation is made
17MQ5: After you have made a donation, which of the following would you like the charity to do?
Base: All respondents – Total (1,023); Donors (796); Potential donors (227)
46%
1%
9%
13%
42%
Keep me updated with news so I
understand how my donation has
been used
Contact me about further
fundraising opportunities
Remind me/ask for further
opportunities to give
Other
No further contact 40%
1%
11%
16%
47%
69%
2%
6%
4%
24%
There is some polarisation with regards to contact after a donation is made. A higher proportion overall do
not want any further contact which is driven mainly by Potential Donors
Total Donors Potential Donors
18. Communication after regular donations have ceased
18
Direct Debit
Donors
Non-Direct Debit
Donors
40%
2%
17%
26%
41%
I would still want to hear from the
charity about its activities and
services
I would still want to hear from the
charity about other ways in which I
can help
I would still want to hear from the
charity about how I can donate / how
I can start donating again
Other
I would want all communication to
stop
52%
2%
11%
24%
27%
MQ13/MQ13a: Should you decide to cancel your regular direct debit donations, for example because your circumstances have changed, but
you might still feel positively towards the charity, which of the following would you still wish to receive contact from the charity about?
Base: All respondents – Direct Debit Donors (250); Non Direct Debit Donors (789)
Half of Non-Direct Debit Donors would still be receptive to communication of some form after they terminate
their donations, increasing to 60% amongst Direct Debit Donors
“If an existing donor
cancels their
regular gift,
charities should
consider that
consent to receive
further fundraising
communications
cannot be assumed
to continue
indefinitely.”
19. Refresh of
consent
“Consent cannot be presumed to last
forever…the period within which
consent should be refreshed may vary
according to the…channel...”
20. Preferred contact method amongst those agreeing to contact
20MQ6: You mentioned you were happy to be contacted by the charity following your donation, how would you prefer this to be done?
Base: All respondents wanting to be contacted – see brackets
70%
29%
7% 8%
51%
22%
8% 8%
Email Post Telephone Text Message
45%
9%20% 5%
Should a charity wish to make contact after receiving a donation (with consent), email is by far the most
popular method
Email Post Telephone Text/ SMS
Less than yearly 17% 18% 22% 21%
Yearly 16% 18% 14% 15%
2 years 16% 17% 17% 17%
3 or more years 25% 25% 21% 21%
Forever 16% 13% 12% 13%
Not sure 10% 9% 14% 13%
49% 53% 53% 53%
Preferred frequency of updating preferences
Keep me updated with
news so I understand how
my donation has been used
Contact me about further
fundraising opportunities
Remind me/ask for further
opportunities to give
22. Increasing the willingness to give personal data to charities
22MQ7: Which of the following options would increase your willingness to give your data to a charity?
Base: All respondents – Total (1,023); Donors (796); Potential donors (227)
31%
1%
37%
43%
48%The option to opt-out any time
The option of choosing how to be
contacted
The option of choosing how often to
be contacted
Other
None of the above
Total Donors Potential Donors
24%
1%
41%
48%
52%
56%
0%
21%
25%
32%
Giving the option to opt-out at any time and choosing how to be contacted increases donors willingness to
share their data
64% overall say that giving control over how personal data is shared and used will increase trust
23. Transitional arrangements – establishing consent where none is
held
23
MQ14a: If the charities involved would ensure that this is the only type of situation where they would share your personal data without your
permission, how acceptable do you feel this would be to you?
Base: All respondents – Total (1,023)
41%
48%
24%
24%
14%
14%
10%
7%
20%
19%
21%
21%
12%
9%
20%
23%
12%
11%
24%
26%
1 - Not at all acceptable 2 3 4 5 - Totally acceptable
49%
44%
20%
24%
Email and post are the most preferred contact channel for one-off administrative contact to establish future
communication preferences
Acceptable
(Top 2 Box)
Acceptability of channel for one-off administrative contact to establish communication preferences
Email
Post
Telephone
Text message
“…individuals whose
consent has not
been formally
secured…it is
suggested that only
one letter, email or
text should be
sent…”
25. Rob Gethen Smith
Director for Customer Engagement
Blackbaud – International Markets Group
Managing Communications
Consent Data
26. Payment Card Data (PCIDDS)
Data Protection
Information Security
Digital Asset Management
EU GDPR
Gift Aid
Information Assurance
Information Asset Owner
Senior Information Risk Officer
Data Cleaning
Data cleaning
Data Enhancement
Open Data
BIG Data
Metadata
Ontology
Records Management
Taxonomy
Controlled Vocabularies
Inter-operability
Data Integration
APIs
Data Quality
Privacy Impact Assessments
Predicative Analytics
Data Modelling
Communications Consent Data
28. 20 years a CIO…
Who is your chief information officer?
…helping these organisations maximise
their use of data and information systems
29. Your Mission. Your People. One Blackbaud.
You’re small but growing.
You’re under-resourced and wear
many hats within your non-profit
institution. You need simple CRM
technology that will share the workload
but not break the bank.
You’re established. You’re successful.
You’re increasingly sophisticated but
under pressure to deliver a personal
donor experience. You need a CRM
system that supports you today and
prepares you for the future.
You’re innovative. You’re complex.
You’re a leader and advancing
towards your next stage of expansion,
with ambitious goals around revenue,
engagement and impact driven
by best and next practices.
30. A customer database can help you be compliant and adopt
best practice:
Basic requirements:
Record consent data by channel/activity/purpose with start date and source
Record consent end dates, manually and automatically updated; provide full audit trail
Allow you to capture consent data through each contact channel and method
Surface consent data to staff and customers/supporters so it can be updated at point of contact
Allow you to use consent data to accurately communicate
Allow you to suppress communications using external data sets: e.g. MPS/TPS/FPS
HOWEVER: Being compliant is UP TO YOU!
31. Customer Data Governance Framework
• How does data help your organisation
achieve its mission?Data Strategy
• Do your staff know what they need to
do when capturing and handling data
and why it is important?
Data Policies
• Do your staff know how to actually
comply with data management policies
and achieve best practice?
Data
Procedures
• Do you use data to communicate with
the right customers/supporters with the
right message?
Data Insight
33. Principles, standards, governance, roles/responsibilities
Privacy Policy:
− How you collect and use personal data and why. Published.
Data Protection, and Information Security Policy:
− Access, retention, disposal, data sensitivity, accountability, incident management
Customer/Supporter Engagement Policy:
− Who are you customers
− How often do you communicate
− What happens when a customer engages in multiple ways
− Are some forms of support more valuable than others, eg financial vs non-financial,
− Customer data ownership?
− Complaint management
• Do your staff know what they need to do when
capturing and handling data and why it is important?Data Policies
34. How to obtain and manage communications consent data
How to select data for mass communications
How to maintain data accuracy
How to manage access to sensitive data
How to train new starters
How to securely dispose of sensitive data
How to transfer sensitive data outside the organisation
…
• Do your staff know how to actually comply with data
management policies and achieve best practice?Data Procedures
35. • Do you use data to communicate with the right
customers/supporters with the right message?Data Insight
www.datadrivennonprofits.com
36. Director for Customer Engagement
Blackbaud – International Markets Group
Rob Gethen Smith
Thank you
+44 (0) 7971 322739
@robgethers
rob.gethensmith@blackbaud.co.uk
www.fundraising.blackbaud.co.uk
Editor's Notes
As we have heard from Mark/Mike
Getting consent is a huge challenge and opportunity
So... If your charity follows all the recommendations of the NCVO working group you will be fine... right?
Well how you actually capture, manage, store and use CONSENT DATA is obviously a big part of getting this right.
But the Data Landscape is crowded and potentially confusing.
So there a lot to think about and a risk that any changes in business practice you make will not last.
In other words how do you assure that a sustainable change has taken place...?
Do you have a Data Governance Framework?
But first a quick word about me. For almost 20 years I have helped these organisations get the most out of data and information systems...
Do your data and systems support the organisation achieve its mission - and if not, how to invest to make sure they do?
Who is your chief information officer? Lowercase on purpose…
I now work for Blackbaud. CRM solutions, 35 years, 35k organisations globally. 3 main CRM products.
This is not a shameless plug - honest!
Your organisation of course needs a customer database to store and help you communicate correctly with your supporters (eg using consent data).
There are of course some basic requirements:Store consent data: channel, activity/purpose, start date and source, end date dynamically updated, full audit trail and Allow you to capture consent data through each channel and contact method Surface consent data to staff and customers so it can be updated at point of contactAllow you to use consent data to accurately communicateAllow you to suppress communications using external data sets: MPS/TPS/FPSHowever - Key Point - a customer database can only HELP you be compliant and adopt best practice - it is ultimately up to YOU to be compliant... (can reference PCIDSS for comparison) - this is where the Data Governance Framework come in...