Data Protection for Charities

GDPR laws have put pressure on non-profits to strengthen their data protection processes, and the Charity Commission has recommended having a Data Protection Officer as ‘advisable’.

Romero Services has five certified GDPR Practitioners who are able to undertake the role of Data Protection Officer and provide support for your charity. The DPO service includes:

  • A named contact responsible for your charity, with appropriate cover from other practitioners when necessary
  • Annual visits to check compliance
  • A dedicated telephone helpline for advice and guidance over general data processing and implementation of new initiatives
  • Annual training session for relevant staff
  • Annual management report
  • Support with Data Protection Impact Assessments
  • Liaison as necessary between the ICO and the charity

If you think your charity could benefit from appointing a Data Protection Officer, or you have any queries you’d like to discuss first, please do not hesitate to contact us. 

Please be aware that the legislation is very clear that the Data Protection Officer is not personally responsible for non-compliance with data protection requirements. This responsibility stays with the organisation itself as does the responsibility for the data processing activities. Therefore it is essential that a considered choice is made when appointing to this role.

If you wish to see more information regarding the Data Protection Officer role, guidance can be found from the Information Commissioners Office by clicking here.