Federation of Scottish Theatrelogo-fst-text

General Data Protection Regulation (GDPR)

Data protection legislation is changing. The General Data Protection Regulation (GDPR), which sets out to strengthen and unify data protection legislation for all individuals within the European Union, came into force on 25 May 2018. GDPR replaced the previous Data Protection Act and introduced new and different requirements for all sectors and organisations who collect, process and store personal data.

This page contains links to useful GDPR-related resources:

The Information Commissioner’s Office has a lot of information available on their website, including a Guide to the General Data Protection Regulation.  The guide is for data protection officers and others who have day-to-day responsibility for data protection. It is aimed at small and medium-sized organisations, but it may be useful for larger organisations, too. 

During Coronavirus pandemic, a lot of organisations may have additional questions about GDPR – those are answered in an additional resource: Data protection and coronavirus.

The Audience Agency has produced a free sample data management policy structure document that sets out a staged approach to working through the key areas that you need to consider and documenting them.

Thrive have useful toolkits and templates available on their website, including an Email Marketing Flowchart and a Build Your Own Privacy Notice kit.

Thrive logo

The Fundraising Regulator has worked with the Institute of Fundraising to produce 6 briefings on GDPR. These “bitesize” guides are designed to be as accessible and as relevant as possible for fundraisers.