The GuideStar Blog retired September 9, 2019. We invite you to visit its replacement, the Candid Blog. You’re also welcome to browse or search the GuideStar Blog archives. Onward!

GuideStar Blog

Time to Recommit to Your Privacy Policy

Privacy policy? Didn’t we all do that already, during the advent of our websites and email programs?

Not the kind of privacy policy your nonprofit needs now—now that supporter data is so vital, and so depended on in our age of data-driven marketing. In fact, your commitment to a comprehensive privacy policy is a prerequisite to increasing your marketing and fundraising results at this point.

Here’s why, and how, to review, refresh and recommit to your privacy policy a.s.a.p.:

1) Your supporters and participants are sharing more personal data than ever before.

Consider Sally Heppen. The data your organization has on Sally has expanded greatly in breadth and depth since she first shared her name and email address with you seven years ago, to subscribe to your twice-monthly tips on healthy eating.

Nancy Schwartz Nancy Schwartz

Today, Sally’s data reflects a diverse set of interactions across programs, campaigns and channels. What was previously noted anecdotally is now tracked systematically, and easily accessed and analyzedseven years of activity from Sally’s first $20 donation to your nonprofit’s anti-pesticide campaign, through running/fundraising in your Clean Machine race two years ago (and donating via her two daughters who ran with her), unsubscribing to that tips email, volunteering to share your curriculum in fifth-grade classrooms district wide, and, most recently, sharing your “ask a friend to volunteer” email with two of her friends.

2) Sally knows you’re reviewing her data.

That’s made clear in the specificity of your year-end thank you email that hit on her volunteering and her running/fundraising for the Clean Machine. She loves that personalized connection—it makes her feel he’s a real and valued part of your organization and impact.

3) She also knows her profile of preferences, habits and actions is valuable to your organization.

She invests her data with your organization in exchange for a relevant, connected and engaging experience (like that thank you email).

4) That’s the kind of useful and unified experience required to drive Sally’s next action.

But you need her data to deliver it.

5) Here’s where your privacy policy comes in—You have access to Sally’s profile only because she trusts you to protect her data.

Fail (with an outdated, incomplete or unsupported privacy policy) and she’ll break up with your organization fast and forever.

6) Keep the trust! Review, revise and recommit to your privacy policy:

  1. Does it cover how your organization captures, stores and uses all supporter and participant data? Most nonprofit privacy policies focus solely on contact information.
  2. Have you conveyed the policy clearly and frequently to those you want to trust in your organization? Test it.
  3. Are roles and responsibilities outlined and assigned to ensure the policy is implemented in full? Have you asked for help and trained the right colleagues to provide it?

Here’s how it works: The trust you build in committing to a thorough, respectful privacy policy will enable your organization to source data needed to sharpen your insights, strengthen your relationships and motivate more of the actions you need. Now’s the time.

The preceding is a guest post by Nancy Schwartz, Speaker-Author-Strategist of Nancy helps nonprofits like yours succeed through effective marketing. For more nonprofit marketing guidance like this, subscribe to her e-update at

Topics: Legal