You’ve probably heard of the General Data Protection Regulation (or GDPR). After all, it’s been all over the news for months. And while it may seem like a complicated process, we’re here to break it down to help you understand what it means for your organization. We’ll guide you through how to create GDPR compliant donation forms. The changes you need to make are much simpler than you’d expect!
The GDPR is a new set of laws that provides guidelines for the collection and processing of the personal information of citizens of the European Union (EU).
If your organization is based in the EU, or if you process the personal data of individuals in the EU, the GDPR affects you. There are some key points to know regarding the GDPR:
Donorbox has added new GDPR-friendly forms to help you be compliant, which includes check-boxes for opt-in consent. These include the option for an editable section to add your privacy policy and your terms and conditions, as well as the option to gather consent from your donor’s to subscribe to your mailing list.
In the updated Donorbox forms, you’ll notice that there is the option to ask your donors for consent to agree to the GDPR terms. This is where you can enter custom links to your privacy policy and terms and conditions. If you already have a privacy policy, you will probably have to make a few changes to it so that it can meet the GDPR’s standards. Your new or updated policy should be written in layman’s terms and you should make clear in it that your donor’s have the right to:
In order to be GDPR-compliant, you must ask your donors to agree to your privacy policy and terms and conditions. You can do this in the email tab of your campaign editor by enabling the toggle that asks them to agree to GDPR terms.
Highlight the words hyperlinked words Privacy Policy and/or Terms of Service to edit links to your own policies and terms.
The GDPR has a direct impact on marketing practices, including email marketing. There is now a higher standard set in place regarding consent for EU-based subscribers. If you are going to process the data of EU citizens, these new regulations state that personal data must be “freely given, specific, informed, and unambiguous.”
Therefore, along with requiring consent from your donor’s to agree to your privacy policy, you must also ask for consent from your donor’s to subscribe to your mailing list.
There is a toggle in the email tab for the new donation form that allows you to ask your donor’s to subscribe to your mailing list. Be specific in what sorts of emails you will be sending them. For example, if you are sending your donor’s updates on your nonprofit, you can write something like “subscribe to our mailing list to receive updates from us. You can unsubscribe at any time.”
In order to be compliant with the GDPR, your donors must be able to opt out of receiving your emails just as easily as they opted in. Additionally, to remain compliant, this option cannot be checked by default.
After enabling subscription consent and asking your donors to agree to your privacy policy and/or terms and conditions, save your form to make it GDPR-compliant.
And that’s it! Your new donation forms are now GDPR-compliant.