An Introduction to GDPR: Is your Charity Ready?

The GDPR IS COMING...Soon enough.

May 25th 2018 is the date. Let's get you ready!

So, what on earth is GDPR?

GDPR, known as General Data Protection Regulation is a comprehensive set of regulations which will applied to all EU members countries by May 2018.

The main objective of GDPR is to allow citizens and residents to have control over their personal data. GDPR also imposes stricter rules to companies handling those data. This regulation provides confidence and trust in consumers that their personal data is safely managed.

This regulation will impact on all businesses, organisations, and especially charities. They will have to comply the GDPR legal requirements when processing individuals' personal data. Basically, GDPR is the evolved and improved Data Protection Act. Protecting consumers' personal data and privacy will be the number one priority for any business.

Why is GDPR so important for you to think about it now?

In order to comply under the GDPR requirements, actions need to be taken. GDPR will potentially impact on various progresses of your charity. Failing to comply will bring your charity financial consequences regards to potential fines. Therefore, your charity will need to strategise your site's security and how you can manage your data correctly. The actions involved are definitely time-consuming and there are many key factors your charity needs to consider.

What do you need to do to ensure your site is GDPR Compliant?

First thing first, you need to reflect back on your charity and acknowledge where your charity sits regards of compliance with the new legislation.

Question your charity's current performance. Find out where the flaws that could lead to a violation are and who are involved in data, this includes with any interaction with third parties.

Your charity will need to provide clear explanation on why you are collecting personal data and how you intend to use it. Without their consent, your data is worthless. This also applies to your third parties.

Instead of viewing this as a disadvantage for charities, this should be seen as an opportunity for charity to improve. You should thoroughly examine all existing data and any records that would be considered non-compliant in 2018. They should be either deleted or made compliant by May 2018.

Secondly, do your research. As this is a hot topic at the moment, plenty of help is available online.

What can Studio Republic do to help you with GDPR Website Compliance?

As a creative digital agency, we are able to:

Review website, current strategy (i.e opt in vs opt out) and what changes will need to be implemented.

Update your privacy notice to explain clearly what information you collect and how you use it

Updating of associated policies (e.g. a data retention policy)

Review the data capture functionality, databases, systems, and resources that you have so that you can keep all personal data safe and manage communication preferences.

User Account Functionality – i.e review the users ability to update their own consent / communication preferences on your website.

If you have any questions regards this regulation, feel free to contact us!

GDPR Website Compliance explained

For more information, please visit or follow the below:

Data Protection Self-assessment ToolKit - ICO

Information Commissioner's Office - Twitter @iconews

Institute of Fundraising - Twitter @ioftweets

GDPR Website Compliance by Studio Republic @StudioRepublic





10 Charlecote Mews
Hampshire, SO23 8SR

01962 659123
[email protected]


86-90 Paul Street

0203 507 1842
[email protected]