Information and Guidance Notes General Data Protection Regulation (GDPR)

The upcoming General Data Protection Regulation (GDPR) signals a new generation of data protection laws which will impact charities and Not-for-Profits (NfPs), effecting how they collect, store and use personal data. While there is reportedly much fear over the potential negative impact GDPR could have and aside from the extra work it might cause, Charities Institute Ireland welcomes this new regulation and believes it offers charities/NfPs an opportunity to truly engage transparently and fairly with donors, sponsors and beneficiaries who can trust charities to keep their personal data safe and secure and use it only for the purpose(s) intended. As part of good governance charity/NfP Trustees should review compliance with GDPR at intervals.

These documents are designed to be used as informal guidance and more particularly as a starting point for our members and the wider sector as they become familiar with the obligations that will be imposed on them by the GDPR. We hope that this will assist in identifying some of the key areas of the GDPR of which we think may be of importance to our members. The content of these documents were prepared having regard to information that was available at the time of writing and where possible will be updated when further information is issued from the Office of the Data Protection Commission and from the Article 29 Working Party.

CII Guidence Notes GDPR_Edge.jpg

This document contains an overview of the GDPR regulation outlining the lawful basis of processing, information on the provision of consent, legitimate interest, direct marketing and how charities can ensure compliance.


The second document in this series includes information on Article 30 - Data Inventory & Data Mapping.

CII Guidance Notes Legitimate Interest  Balancing Test  Assessment cover pic.jpg

Charities should be aware that regardless of the processing activity undertaken by them, an assessment must be made to ensure the processing meets the threshold required to rely on Legitimate Interest.

To access the GDPR Guide Notes you must be a member of Charities Institute Ireland. Please enter your email and password below:

PLEASE NOTE: The information provided in these ‘Notes’ represents the views of Charities Institute Ireland. It does not constitute or purport to be legal advice, and does not offer a comprehensive review of the GDPR. You should always consult your legal adviser or a solicitor if you need or think you might need legal advice.