Institute of Fundraising: Lawrence Simanowitz and Hannah Lyons comment on fundraising research and GDPR

Following the arrival of GDPR, Lawrence and Hannah discuss what it has meant for major donor fundraising from a legal and compliance position.

Writing for the Institute of Fundraising, Lawrence and Hannah examine the steps major fundraising needed to take to get back onto its feet following the arrival of GDPR, in particular what major fundraisers can and can’t do with personal data.

The article points out their top tips for compliant fundraising research which include:

1. Identify a solid legal basis for undertaking research activities. This may be consent, or may be “legitimate interest” based on LIAs (and DPIAs where appropriate)

2. Develop a research/profiling policy that sets out the scope of the research you will undertake and ensure that all staff are clear on what they can and can’t do

3. Ensure that your privacy notices are clear and transparent on the subject of prospect research and profiling.

4. Be clear on which platform you are permitted to use to contact major donor

5. Check the Code of Fundraising Practice

To check out the full article, please click here.

If you have any questions around the topics raised in the article, then please do get in touch with our Fundraising team.


This information is necessarily of a general nature and doesn’t constitute legal advice. This is not a substitute for formal legal advice, given in the context of full information under an engagement with Bates Wells.

All content on this page is correct as of January 7, 2020.