The third part of your question seems to be about wealth screening/prospecting/profiling for potential donors, which I have always found to be hugely problematic, but I understand many charities rely (or relied) heavily on identifying and approaching individuals whose ideals and interests align with the organisations.
Some of the data protection issues are that these this processing is invisible to the individuals, uses data for potentially incompatible purposes (i.e. just because it's published online doesn't mean it's open season in terms of processing), and that charities were sharing and selling lists and information.
I'm not completely up to date with this, but I know the ICO conducted an investigation into a number of charities and enforced against 11 of them for similar activities. I'd be very cautious:
https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2017/04/ico-fines-eleven-more-charities/
Dan
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Danny Budzak
Sent: 11 June 2019 09:11
To: [log in to unmask]
Subject: [data-protection] Stakeholders data
Hi all,
(firstly, thanks very much for comments on digital footprint -very helpful).
A.N.other question...
Like many organisations, we have a list of stakeholders. These include local MPs, councillors, universities and colleges, local authority Chief Execs and so on.
1. I am in the process of reviewing a privacy notice for this list. There seems to be a bit of a grey area here where someone exchanges a business card, and ...there is an expectation (by the recipient, a member of staff) that the person wants to be added to the mailing list. I say grey area because some argue that organisations can use legitimate interest for stakeholder's lists. I suspect the risk of someone complaining is very low, but I still want to make sure we have lawful basis and that the stakeholder database is GDPR compliant.
2. We have been asked by one of our stakeholder's if we will share this list. My inclination is no. If we say yes to one stakeholder, then why don't we share the list with other stakeholders?
3. I went to an interesting seminar just before May 2018 (which was largely entertainment sector - theatres and so on). I seem to remember a discussion there that it was not legitimate to trawl the internet for i) possible donors and ii) to identify potential stakeholders and then start emailing them - even though this data is in the public domain.
I feel like I am getting a bit lost inside this, but like many of you, I am the sole data protection person in the organisation so when questions arise this forum is incredibly useful
thanks + rgds
Danny
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
________________________________________________________________________
The information in this email (and any attachment) may be for the
intended recipient only. If you know you are not the intended recipient,
please do not use or disclose the information in any way and please
delete this email (and any attachment) from your system.
The Council does not accept service of legal documents by e-mail.
________________________________________________________________________
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|