Tips to Help Nonprofits Stay GDPR-Compliant

1. Tips to Help Nonprofits Stay GDPR-Compliant

2. The legislationGDPR(General Data Protection Regulation) was designed to make a stronger and valid protections or security on the personal data that has collected form EU citizens or from any other individuals to demand that all corporations that collect, handle or process personal data of EU citizens are doing so in a protected and transparent method. GDPR implements not only to non-EU for-profit organizations but also to nonprofits that collect or otherwise process any personal data relating directly or indirectly to identifiable somebody which offer goods and/or any services to EU citizens. As each and every company prepared for compliance in anticipation of the enforced date, non- profit companies should also have to secure themselves that they are complying with GDPR if it applies to them. Every Non- profit organization have to know how exactly to handle the personal information of the clients. In the U.S., the personally identifiable information (PII) referred to as any information that can de-anonymize a person (generally includes social security number, name, mother's maiden name, biometric record or date, and place of birth). Expanding the main scope, the GDPR defines personal data as “any information relating to an identified or identifiable natural person.” Although nonprofit organizations that operate essentially or particularly in the United States may consider themselves not subject to GDPR, if a nonprofit organization collects or stores personal data about an EU 353 1 4 111011 gdprcourse.com

3. resident, such as contributors, constituents, grantors, or grantees, and also if they collect website behavior from EU citizens with or without their knowledge, that means the organization needs to ensure that it is in compliance with GDPR regulations. Below are the main areas for nonprofits mainly to consider: •Consider Financial penalties •Cross-functional limit to the company •International data instructions •Data Protection Officers •Larger and Smaller organizations Tips to non- profit organization to comply with GDPR 1. Create a proper awareness of GDPR regulation among the non-profit staff in the organization. 2. Evaluate or examine privacy policies that may affect non-profit donors 3. Decide how the nonprofit will collect and process data by obeying all conditions for GDPR compliance. 4. Always recheck how the organization manages its systems without any issues. 5. Look at GDPR as an opportunity to secure your clients’ personal information and to maintain the trust in your company, not an obstacle According to the Information Commissioner’s Office (ICO), nonprofits also can be “data controllers” and “data processors” and thus subject to GDPR compliance in different ways, which may involve: 353 1 4 111011 gdprcourse.com

4. •As an employer that processing personal information of enlistees, trustees, and employees •As a provider of services to beneficiaries •As a fundraising or campaigning organization Every non-profit organization must be transparent and accurate when it comes to the collection and processing of personal data. This applies to the data of employees in the company, volunteers, donors, supporter each and anyone from whom the nonprofit collects and process personal information. Organizations must have a printed policy and method for how they manage personal data by obeying the privacy principles. 353 1 4 111011 gdprcourse.com