Last week, the EU Parliament formally adopted the long awaited General Data Protection Regulation (GDPR), a landmark set of reforms that will significantly alter the way companies manage their data. The regulation will significantly impact the way data is collected, used and shared by organisations, with the objective of harmonising data privacy laws across Europe and protecting people’s privacy rights.
Until now, the focus around ‘right to be forgotten’ and ‘mandatory opt-in’ has been on charities. However, when the reform comes into force in 2018, it will be applicable to any organisation – including membership organisations and professional associations – with data stored in or passed through Europe, including those organisations outside of Europe with European customers. The changes to the existing EU Data Protection law are therefore set to shake up the entire not-for-profit (NFP) sector.
With consent moving to opt-in only, the burden will be on membership organisations to prove that consent has been received. Failure to do so could not only saddle them with a huge fine, but long-term damage such as members choosing to opt out of further communications, adversely affecting data collection and fundraising opportunities. Membership organisations therefore need to ensure that their CRM system has the functionality to capture and retain this information and it needs to be able to record ‘identifiable consent’ which can prove that each member has given consent to use their details and the date that consent was given.
Getting control of your data management procedures now will help avoid problems such as ‘consent fatigue’ where people tire of being asked for consent and so simply opt out of everything, often without realising the consequences.
The impending legislations have also highlighted how having a single, audited view of data is more important than ever for all membership organisations. The new reform is all about being in control of the data you manage, and ensuring that membership organisations are only capturing data that they need to know. Gaining control of data management procedures shows that you respect the personal information that your members have proffered. Engaging with your members more; explaining what you need from them to make your communication work, and keeping them informed about how you intend to use their data, will go a long way to gaining their trust and consent. If you can report back to individuals on their preferences at regular intervals, they will feel reassured that you are on top of your data and value their private information.
Membership organisations who are also charities - using membership as a fundraising product - will also need to pay close attention to the Fundraising Preference Service (FPS) if and when it is implemented. A ‘reset’ on the FPS is intended to trump all other mailing preferences, so while membership renewals and reminders can be viewed as administrative communications outside the scope of FPS, membership teams will not be able to send any other communication to members on the FPS if it might be construed as marketing or fundraising.
With data of paramount importance to membership organisations, ensuring you’re on top of these critical data management issues will reap rewards both now - in terms of audience engagement strategies - and later, by ensuring that you’re as prepared as you can be for the forthcoming EU Data Protection Regulation.
Mark Dewell, Managing Director
Advanced - Specialist Solutions
Follow Mark on Twitter: @MarkDewellADV
For all news and stories see our website or follow us on Twitter: @Advanced_NFP