As the leading UK child protection charity, marketing and fundraising are significant parts of the NSPCC’s activities. The organisation relies heavily on donations to fund its work.
The NSPCC works with a variety of supporters, runs marketing campaigns both online and offline and organises a wide range of fundraising activities. The organisation must ensure the personal information of all past, current and potential donors is processed securely and lawfully, and that individuals can exercise their rights under data protection law.
Ensuring a culture and ethos of data protection is core to the NSPCC’s strategy of building a robust compliance framework. It’s essential that both staff and volunteers understand all their responsibilities when handling or processing personal data.
To achieve this the NSPCC gave key internal staff CIPP/E training and made them data protection ‘champions’ within their own teams. The charity has then outsourced the data protection role to the DPO Centre so that an experienced and knowledgeable DPO can assist them. The DPO works both on and offsite, providing regular specialist guidance and advice to the champions, whilst fulfilling the mandatory requirements of the DPO role.
Emma Fuller, Data Protection and Compliance Manager at the NSPCC said: “As a charity, marketing and fundraising is key to enabling us to continue our work protecting children. All donors must be truly confident that we will treat their personal and payment information appropriately and securely.
We’ve built a strong ethos of data protection throughout the entire organisation and having a highly knowledgeable outsourced DPO from the DPO Centre has been integral to enabling us to achieve this. Our DPO has been able to advise on a wide range of legislative changes and how we should manage our fundraising activities whilst still protecting our donors’ privacy and their new rights under data protection law.”
Fill in your details below and we’ll get back to you as soon as possible