Does your nonprofit have a donor privacy policy posted on your website? Where does it go and what should it say? What are the requirements? In this article, we’ll explain why your nonprofit needs a donor privacy policy and how to implement one.
What is a privacy policy?
Privacy is a big deal these days. Every week on the news you read or hear about another person having their identity stolen. This can be discouraging to sites that depend upon consumer trust: namely, eCommerce and online donations.
Privacy policies reassure your customers or donors that you will protect any information they give you through your website’s forms and commerce platforms.
“A website privacy policy is the declaration you are making to your website visitors about what you will do with information gathered from them, how you are gathering that information & how the information will be stored (to name a few things it should cover).” Corporate Communications
Is your nonprofit collecting personal data?
Personal data collected over your nonprofit’s website needs to be protected. So the questions are: what is personal data and are you collecting it?
Personal data is anything identifiable to a person: email, name, address, credit card number, date of birth, etc.
If you have a form that collects emails, you are collecting personal data. Most nonprofits who accept online donations do at least that. So, yes, you need a privacy policy.
“The exact contents required will depend on the applicable laws or policies. Also, the definition of what constitutes ‘personal information’ varies, but it often includes names and email addresses, and sometimes IP addresses and browser cookies.” KeriLynn Engel
Why does a nonprofit need a donor privacy policy?
Your donors believe in your cause; you want to thank them. They need to know that you’ll use their data to contact them via email or physical mail. As a nonprofit, you most likely have marketing information you’d like them to see as well.
Like any relationship, good boundaries and managed expectations are the key. With donors, this is done, in part, with your privacy policy.
“This precious data—contact information and insights on how they interact with your organization and communications—enables you to shape your outreach to be most relevant. And relevance rules!” Nancy Schwartz
Lisa Thompson at Nonprofit Hub says “Be honest. If you plan to use personal information for marketing purposes—or even just to send out an occasional update—make that clear in your privacy policy.” Many donors want you to follow up with how their donation is being used for good. But it is your responsibility as a website (and legal obligation depending upon state laws) to provide a privacy policy and live by it.
How can you implement a donor privacy policy?
You have two major options here: write your own or pay a service. If you count the man hours and expertise involved, it’s probably better to pay a service. That’s a decision you’ll have to make.
Lisa Thompson at Nonprofit Hub recommends writing your policy in plain terms, reviewed by a lawyer, of course. Don’t copy and paste from some other website. Understand what it means.
Services like iubenda will generate your privacy policy for you. They have free and paid plans giving flexibility to your nonprofit organization.
Our own privacy policy for Give is on its own page but is accessible throughout our site in the footer navigation.
A Donor Privacy Policy is about Trust
When it comes to donations, especially online, trust is paramount. Being upfront with your donors about the funds you require, how they are used, and what you plan to do with the information they give you all work together to build that trust.
“The trust you build in committing to a thorough, respectful privacy policy will enable your organization to source the data that sharpens your insights, strengthens your relationships, and motivates more of the actions you need.” Nancy Schwartz
About the Author
