Priority 2014: Recommit to Your Privacy Policy

Privacy Policy is vitalAs I combed the infinite number of 2014 marketing recommendations shared in recent weeks, I was surprised to see this one—review, revise and recommit to your privacy policy.

Didn’t we all do that already, during the advent of our websites and email programs?

But on further reflection, I realized just how important your organization’s privacy policy is in our age of data-driven marketing. In fact, your commitment to a comprehensive privacy policy is a prerequisite to increasing your 2014 marketing and fundraising results.

Here’s why, and how, to review, refresh and recommit to your privacy policy a.s.a.p.:

1) Your supporters and participants are sharing more personal data than ever before.

Consider Rex B. The data your organization has on Rex B. has expanded greatly in breadth and depth since he first shared his name and email address seven years ago to subscribe to your twice-monthly tips on healthy eating.

Today, Rex’s data reflects a diverse set of interactions across programs, campaigns and channels. What was previously noted anecdotally is now tracked systematically, and easily accessed and analyzedseven years of activity from Rex’s first $20 donation to your nonprofit’s anti-pesticide campaign, through running/fundraising in your Clean Machine race two years ago (and donating via his two daughters’ who ran with him), unsubscribing to that tips email, volunteering to share your curriculum in fifth-grade classrooms district wide, and, most recently, sharing your “ask a friend to volunteer” email with two of his friends.

2) Rex knows you’re harvesting his data. That’s made clear to him in the specificity of your year-end thank you email that hit on his volunteering and his running/fundraising for the Clean Machine. He loves that personalized connection—it makes him feel he’s a real and valued part of your organization and impact.

3) He also knows his profile of preferences, habits and actions is valuable to your organization. He invests his data with your organization in exchange for a relevant, connected and engaging experience (like that thank you email).

4) That’s the kind of useful and unified experience required to drive Rex’s next action. But you need his data to deliver it.

5) Here’s where your privacy policy comes in—You have access to Rex’ profile because he trusts you to protect his data.

Fail (with an outdated, incomplete or unsupported privacy policy) and he’ll break up with your organization fast and forever. 

6) Keep the trust! Review, revise and recommit to your privacy policy:

  1. Does it cover how your organization captures, stores and uses all supporter and participant data? Most nonprofit privacy policies focus solely on contact information.
  2. Have you conveyed the policy clearly and frequently to those you want to trust in your organization? Test it.
  3. Are roles and responsibilities outlined and assigned to ensure the policy is implemented in full? Have you asked for help and trained the right colleagues to provide it?

Here’s how it works: The trust you build in committing to a thorough, respectful privacy policy will enable your organization to source data needed to sharpen your insights, strengthen your relationships and motivate more of the actions you need. Now’s the time.

Review these useful guidelines for updating your privacy policy

P.S. Get more nonprofit marketing guidance delivered to your inbox, plus in-depth case studies, templates and tools via the Getting Attention blog & e-news. Subscribe today.

Nancy Schwartz on January 8, 2014 in Relationship Building | 9 comments
Tags:, , , ,

  • Love this. Few people in the for profit or non profit world’s, however, do much.

    Trust does help. Convenience, however, wins for all involved.

    Shaun Dakin
    Dakin Associates
    Founder @PrivacyCamp

  • Shaun, thanks for adding your (expert) take. Could you say a bit more about convenience–what, in specific, you’re referring to?

    Also, any tips for nonprofits on making this real?

  • On “convenience”. While most consumers say that they want their privacy protected, the reality is that they don’t take action to protect their data. For example, the poor poor state of passwords. Everyone “knows” they need a separate password for every website. Few do that. (recommend LastPass btw for this).


    1) Don’t buy lists
    2) Always make it easy easy easy to opt out of communications
    3) Don’t sell lists (without permission)
    4) Internally: Make sure that your systems have security in place. Make sure that your staff have strong passwords.

  • Thanks much, Shaun.

    Any advice for orgs on protecting constituent data beyond contact info, e.g. website usage habits or most frequent times to open volunteer-management emails?

  • Yes, data must be secure !

  • Just wanted to jump in and thank both Shaun and Nancy for this great conversation and the blog post. The truth is that I hadn’t thought about this element of policy, and I appreciated being reminded of it.

  • So glad you find this useful!

    Any recommendations or thoughts to share, Debra?

  • Sure ! Here is a great piece in Computer World this week around this issue as well:

  • Another great post Nancy. Privacy policies are often one of those things folks post up and forget about. They definitely should be periodically revisited and revised to make sure they’re current (and you’re acting in accordance with them).

    Also thanks so much for linking to our post on writing a privacy policy for your nonprofit. We wrote that in response to many nonprofits asking for guidance on creating one. Totally agree with you we’re only going to see the importance of such policies rise into the future.

<< Back to Main