Data protection

If you are fundraising If you are donating

If you are fundraising

Processing data means doing something with it, including collecting, storing and using it for fundraising purposes.

Personal data is any information relating to a living individual who can be directly or indirectly identified from it. This could include keeping records, or using their data for direct marketing.

Fundraisers must ensure that they have an appropriate legal basis to use personal data, including when they contact supporters. There are six legal bases for processing personal data For more information on these, please see guidance from the Information Commissioners Office.

Information about fundraising communications can be found in section 8 of the Code of Fundraising Practice. You can find out more in our guides to GDPR and from the Information Commission's Office.

If you are donating

Under GDPR, you have legal rights over the way your personal data is used. You can find out more about these rights and how they relate to you on the Information Commissioner's Office.

You can ask an organisation to stop processing your data for certain purposes if you wish. Find out more from the ICO on the right to object to the use of your data.

Charity communications should provide you with information on how to stop receiving them. If you wish to stop hearing from certain charities, you can tell them directly or use the Fundraising Preference Service that will tell them on your behalf.

View any updates made to this page, with the most recent listed first.

4 November 2025: this guidance has been updated to align with the 2025 Code of Fundraising Practice.