GDPR comes into force on 25 May 2018, bringing with it the risk substantial fines of up to €20 million (or 4% of a company’s global annual turnover, whichever is higher) for non-compliance. With the deadline for GDPR compliance fast approaching, it’s more important than ever for charities to understand what is required of them.
What legal considerations need to be made when updating data policies? Do your contracts and policies need to be updated? How long are you allowed to retain the personal data of your employees, volunteers, donors and service users?
We explore these questions and more in our latest briefing, which is available for download below.