BLOG

Non-profits and charities — whether staffed by paid employees or run by volunteers — have a moral and, in some cases, a legal obligation to keep their donors’ personal information private.

When a member of the public chooses to get behind your cause by generously supporting your charity through a one-time donation or a standing payment, they do it because they believe in your mission. It's important not to disappoint them by leaving their data open to corruption.

Generally speaking, Canadian not-for-profits and charitable organizations aren’t subject to Canadian privacy laws like the Personal Information Protection and Electronic Documents Act. That’s because they don’t tend to participate in regular commercial activities. However, there are some provincial laws which may be applicable to a charity or not-for-profit based on its location.

That said, charities and not-for-profits shouldn’t just be compelled to keep donors’ data safe to stay on the right side of the law. There are many other reasons to keep donors’ personal data secure.

Why Should You Maintain Donor Privacy?

There are several reasons to take time and measures to protect your donors’ privacy. Here are just a few:

• A data breach that sees donors’ information in jeopardy and at risk of being used for criminal purposes — like through identity theft — is a disaster for a charity’s public relations. This will cost money and time to remedy.
• A donor’s personal data erroneously being leaked will also possibly lead to an end to their generosity. Donors may cancel their standing donation and halt their support for several reasons: they might withdraw contributions due to concerns about the potential for another leak in the future, they might question the charity’s credibility, and they could be discouraged because they wanted to keep their philanthropic efforts under wraps for personal reasons — religious or otherwise.
• In the wrong hands, donors’ data could be held ransom by thieves, who will keep it captive until the charity pays a fee — one that the charity could undoubtedly use for better purposes elsewhere.
• Jeopardized donor data will cost volunteers and team members an incalculable amount of time to recoup and bounce back. And that’s time which, much like money, could be better spent growing and strengthening the charity’s mission and fundraising efforts.

With the above in mind, there are several ways to maintain your donors' privacy.

Create a Privacy Policy

While a privacy policy won’t automatically maintain donors’ privacy, it’s a way to avoid future confusion. Being as transparent as possible will let donors and supporters know precisely how their data will be used and give them the option to veto certain types of usage.

For example, donors can make a one-time donation and opt out of future communications — like newsletters or invites to fundraisers. A robust privacy policy should consider facets like future communications (and if you’ll share information with others).

Store Papers Securely

If your charity logs donor data — like names, addresses, dates of birth, email addresses, phone numbers, and donation histories — on physical paper, it's essential to keep these files in a secure location. Information like this, which may seem benign, can still be used for identity theft.

It’s equally as important to keep pertinent and current papers only and to avoid stockpiling any paperwork that’s now obsolete. Shredding expired documents greatly reduces outlets for exploitation, which are many: disclosures can be both intentional — an individual gains entry to the office to steal paperwork, for example — or a complete accident, as when a team member inadvertently leaves files in a public place or an unsecured spot at the office.

For this reason, regularly scheduled document destruction through a professional service — like the one we offer at Absolute Destruction — is a great way to not only keep tabs and make sure that you’re only keeping valid and required papers, but also to guarantee you're securely and effectively destroying paperwork once it’s surplus to requirement. Further, we provide a Certificate of Destruction for every job, offering reassurance for the charitable organization and its donors.

Train Team Members

Discouragingly, a 2018 study reported that 60% of non-profits don’t effectively train their team members — paid or volunteer — on proper data protection or storage.

By incorporating a training strategy that covers the security of donor data, presenting this strategy during the onboarding process for new team members, and hosting ongoing, regular training sessions, you’re taking a proactive approach to donor privacy.

Securely Destroy Defunct Data

You'll likely use laptops and other tech to access donor databases, email lists, sales systems, CRMs, and other hives of donor information. For this reason alone, once old technology is broken, dated and surplus to requirement, it should be securely destroyed and not simply disposed of at an electronics recycling facility.

Savvy cybercriminals can often mine old technology like the forms mentioned above for information, even when you believe you've wiped them of essential data.

We’re not just a document destruction company; we can also help you destroy old hardware and devices that have been used to store and access sensitive information, rendering them inaccessible for thieves on the lookout for their next score.

The Takeaway on Shredding for Non-Profits and Charities

You’d be remiss to assume that cybercriminals and petty thieves would morally avoid theft from charitable organizations. In a report by the Identity Theft Resource Center in the United States in 2021, two million individuals had their data corrupted due to their association with a not-for-profit or a non-governmental organization. The costs were millions of dollars more.

Protect your donors’ personal information from corruption by storing it securely, training team members, and shredding papers and data that are defunct.

We Can Help

Our commercial document destruction services can come to you for a one-time collection, or we can schedule regular services — on a basis that works for you — to destroy the old paperwork and expired data from your charity or not-for-profit.

Connect with our team today to schedule on-site document destruction and to learn more about how we can help you keep your donors’ personal information secure and private.