GDPR will require non-profit organisations who rely on consent as a basis for processing personal information to make certain that data subjects affirmatively opt-in to the processing of their data by you. Further, GDPR will require that organisations be able to demonstrate they have collected such consent. Whilst GDPR doesn’t come into law until May 2018, savvy non-profits are beginning to collect opt-in consent right now.
To help you do this, we have consulted closely with a wide range of customers as well as our Blackbaud legal counsel, and have produced a single User Guide that covers managing consent across the total suite of Blackbaud solutions. This means no matter which ones you use, you have clear, step-by-step instructions that will help you to collect consent, record consent, and then effectively use that consent to determine what processing activities may be taken with respect to each of your supporters.
N.B. This is a living document and represents our recommendations in our solutions as they stand, based on the ICO’s draft interpretation of GDPR published March ’17. We will continue to update the guide on a regular basis as we release updates in our solutions to make compliance easier, or should any changes or additions need to be made following further guidance from the ICO. You can find more information on our solution roadmaps here. We always recommend you review any policy changes with your own legal advisors.
It goes without saying that Blackbaud Europe is fully committed to making sure our solutions are compliant with all regulations as they are currently, whilst also helping you prepare for the future. We keenly await the ICO’s final recommendations and are preparing to build any necessary changes in our solutions to maintain this. Further, we will continue to work on ways to improve the user experience in the products, specifically as regards the capture, recording and use of your supporters’ consent. Look out for upcoming follow-up communications describing these product developments in more detail – this is a big project as we are coordinating our approach across our full solution set.
Do note that there are other aspects of GDPR – aside from collecting consent – on which we will soon be offering guidance. We are deeply committed to working with our customers and industry experts across the whole issue of data protection reform, and we’d love you to get in touch with any comments or questions.