Privacy policies are important for nonprofits! Here’s what you need to know.
Privacy and people’s data are on the tips of many tongues in the web-design business, and it’s for good reason.
Fines for privacy law non-compliance are quickly growing in number as governments across the globe are looking to better protect their residents’ data. While big businesses are certainly getting hit, small businesses account for a hefty portion of violations.
That’s because these smaller businesses usually don’t have the funds needed to keep a privacy attorney on hand to auto-update their website policies whenever a new privacy law is passed or an existing privacy law changes.
New Privacy Laws for Nonprofits
Please note that the following information is provided for informational purposes only and should not be considered legal advice. We recommend speaking to an attorney for help with your specific legal needs.
Your website is likely collecting data… and that’s not a bad thing
Most modern websites collect website visitor data, whether that simply be through a contact form to receive inquiries, through a third-party captcha tool to block spammers, or with an analytics tool to understand how users interact with your website.
Common features for nonprofits that collect regulated data:
- Donation forms
- Donor management tools
- Email/newsletter subscription forms
- Text-to-Give tools
- Contact forms
- Volunteer application forms
- Event submission forms
It is very important to understand that privacy laws protect people and do not care where your business is located. In other words, privacy laws outside of where you are located could easily apply to you.
Collecting regulated data isn’t bad.
There is nothing wrong or bad about collecting regulated data! In reality, most businesses need to collect even the most basic information just so that they can properly run their business and provide users with a decent website experience.
Your website is likely sharing data (also not a bad thing)
Sharing data is not the same as selling data, and it is far more common than most website owners realize. For example, if someone were to submit a donation on your website, do you receive an email with that person’s contact details? Does that donor receive a ‘Thank You’ email? These are excellent examples of sharing data with an email service provider (like Gmail, Outlook, etc).
Sharing data is quite common, and ensuring that you properly disclose this is a requirement under multiple privacy laws.
Common examples where nonprofit websites are sharing data with third parties:
- Sending a newsletter to donors through a service such as MailChimp or Constant Contact
- Sending donation receipts to donors through Gmail, Outlook or through your payment processor
- Donor management tools that connect to Salesforce, Hubspot, MailChimp, etc.
- Processing donations with a 3rd party payment gateway (Stripe, PayPal, etc.).
If you found yourself collecting and possibly even sharing data from the above examples, then our next webinar is made for you!
Rather than hiding from privacy law requirements, we recommend embracing them! Learn how to help limit your liability, comply with laws, and demonstrate your respect for your website visitor’s privacy rights!
In this webinar you will learn:
- When and why privacy laws may apply to a nonprofit organization;
- How to obtain comprehensive policies for your website;
- How to establish a strategy for keeping your policies up-to-date with newly required disclosures; and
- How web agencies can help educate and protect their clients with website policies as well.
*This article and webinar are not legal advice and are intended for educational purposes only.
ABOUT THE AUTHOR – Hans Skillrud