Sign in Support Partners FAQs About us

GDPR Compliance with Donorfy

Here’s how Donorfy, the cloud-based CRM for charities and non-profits, allows you to comply with elements of GDPR.

When managing a constituent record in Donorfy, you’re able within the preference centre tab to specify the channels on which someone is willing to hear from you.

So this person is allowing email and mail, not SMS, but we don’t what their preferences are at this stage for phone.

GDPR compliance with Donorfy - Managing a Constituent.png

Donorfy allows you to set their preferred channel and also allows you set the purposes for which they would like you to contact them occasionally, such as fundraising and news, but in this case, not membership. Again, we’re not sure about their feelings about being contacted for policy reasons.

GDPR compliance with Donorfy - Purpose of contacting a Constituent.png

This whole area is configurable with the purposes that you wish to run as an organisation yourselves.

When setting the preferences, you can choose the consent statement that they were able to see at the moment, and also the campaign that’s motivated them to make those changes.

GDPR compliance with Donorfy - Consent from a Constituent.png

When changing permissions or even confirming them without change, a history is maintained of all the changes that have occurred.

GDPR compliance with Donorfy - Constituent History.png

That’s not the only way that permissions can be set though. The constituent themselves on the Donorfy professional plan can change their own preferences. That happens like this.

On your website, you can place a widget that Donorfy provides and allows you to configure with the wording of your choice, that will invite the constituents to confirm their email address and then be presented with a page offering them the various permissions and preferences that they can set for themselves.

GDPR compliance with Donorfy - Website Widget.png

In doing so, that will have exactly the same effect and update their permissions within Donorfy and add to their history.

Once the permissions are set, you’re going to need to make use of them, which means when you’re making any selections for mailing purposes or any communications of that kind, you’ll need to respect those permissions and preferences that have been set in the preference centre. Let’s see how Donorfy does that.

Here within the lists feature of Donorfy, you can create a list as usual with a filter, so this is a list of everyone who's given £100 or more in the past 12 months. We’re going to be sending them a fundraising communication, so we’re telling Donorfy here to respect the Purpose permissions - fundraising - and also the channel permissions. We’re going to be sending this out by email to those who prefer email, and by mail to those who prefer mail.

GDPR compliance with Donorfy - Lists Feature.png

Once I update the results, I can then export the result set and produce my communications accordingly.

So that’s how Donorfy complies with GDPR for you. Any information you require on that please contact us at or tweet us at @Donorfy.