This Statement provides information relating to the steps that Charities Trust is taking to ensure GDPR compliance.
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organisations approach data privacy.
The new regulations come into force on 25 May 2018 and introduce an enhanced EU-wide data protection regime.
At Charities Trust we have been reviewing and, where necessary, updating, our data protection practices; we have been developing our own systems, procedures, processes, polices etc. to ensure that internally we meet the enhanced GDPR requirements.
GDPR gives an even greater emphasis on ‘privacy by design’, where data privacy is the default option.
This means that where we collect employee or donor data that we could potentially pass to a charity as part of the donation process, we will be changing our systems from: 'Opt out' | Please tick if you want to remain anonymous, to: 'Opt in' | Please tick which contact method(s) you want your charities to use to update you on their activities.
Our GDPR changes will affect the data we collect on your employees’ behalf.
We will be in contact with companies on a more personal level in the next few weeks, depending on how your employee data is collected. We’ll be explaining to you what we need you to do, or explaining to you when you will see the changes that we’ve made to your current process.
Donors will be able to manage their contact preferences for the charities they support. We will release more information on how to update preferences once the new system has been launched.
Charities will have to act upon the contact preferences they receive for donors.
Under the GDPR, the data protection principles set out the main responsibilities for organisations.
Charities Trust will comply with the GDPR principles, which require that personal data is:
For general GDPR related questions, contact gdpr@charitiestrust.org
Date of statement: February 2018