Our supporter promise lays out what you can expect from us as a charity
We will seek the best patient outcomes and best value with the money we raise;
- Our focus is on doing the best for our patients and their families
- We will use all donations with care and seek best value
- We publish patient stories with permission
- We are leading the way in the UK in developing objective measures of our patient outcomes
- Our fundraisers and third parties will follow the EAAA approach to fundraising and we will fundraise ethically
We will look after your data; please see our policy on data protection
We will thank you appropriately; as we believe everyone who supports us deserves our thanks and the thanks of our patients – we get no ongoing funding from government
We will plan for a secure long-term future; by having cash reserves (invested prudently) equivalent to a year’s operating costs. The interest we receive from these investments goes towards our operating costs
We will follow the Code of Fundraising Practice; laid down by the Fundraising Regulator
Our complaints policy can be found here.
The EAAA approach to fundraising – in detail
The work of all EAAA fundraising staff and third party organisations will be; Legal, Open, Honest and Respectful. Please note all italic text in this document is taken directly from the Fundraising Code of Practice.
We will ensure that staff, volunteers and all third parties we work with comply with the Codes of Fundraising Practice under the Fundraising Regulator. We will comply with the law in regard to data protection, health and safety and the environment Where we work with third party agencies or volunteers we will provide training and monitor their work; acting quickly if any of our staff or partners do not meet the standards we set.
Sources of donation
EAAA accepts and welcomes money from a wide range of public and private sector partners and from the general public, including individual supporters, churches and religious groups, trusts and foundations, corporations and statutory bodies.
Declining donations EAAA may decline support from sources (including individuals) that we deem to be disreputable or involved in activities that are at odds with our organisation’s mission and values.
- We will be open and honest
- We are committed to keeping you informed about how your donations and support are helping us to save lives and will respond to questions openly and honestly
- We tell the truth and are transparent in our fundraising practices and communications
- We respect supporters privacy
- We will never sell or share your data commercially
- We will always comply with UK legislation to protect your privacy
- We will always store personal details securely
- We respect the rights, preferences and privacy of all our supporters and volunteers
- We are sensitive to the needs of diverse groups of supporters and volunteers and will act accordingly
Supporters can let us know if they wish to change supporter’s preferences or opt out from any communications or data processing via email firstname.lastname@example.org or call us on 03450 669999.
Further information: details of how we use and process supporters data are available in our Data Protection and Privacy statement.
We will be accountable
- We will administer donations efficiently putting them to work quickly
- We aim to send a Thank you within five working days
- If you are unhappy with anything we have done please make us aware and we will do everything we can to put things right
- Further information: supporters can view our complaints policy and process online
- Please contact us on w/ eaaa.org.uk/ t/ 03450 669 999 e/ email@example.com p/ Feedback, EAAA, Helimed House, Hangar 14, Gambling Close, Norwich Airport, Norwich, Norfolk, NR6 6EG
The following is taken directly from the regulations that we follow.
a) A legal principle underpinning fundraising is that all funds raised for a particular cause MUST* be used for that particular cause.
b) Fundraisers MUST NOT denigrate other individuals or organisations.
c) Organisations MUST NOT exaggerate facts relating to the potential beneficiary.
d) Organisations MUST NOT take advantage of mistakes made by the donor.
e) i) Fundraisers MUST take all reasonable steps to treat a donor fairly, enabling them to make an informed decision about any donation. This MUST include taking into account the needs of any potential donor who may be in a vulnerable circumstance or require additional care and support to make an informed decision.
ii) Fundraisers MUST NOT exploit the credulity, lack of knowledge, apparent need for care and support or vulnerable circumstance of any donor at any point in time. There is more information available about responding to the needs of people in vulnerable circumstances and helping donors to make informed decisions in the Institute of Fundraising’s ‘Treating Donors Fairly’ Guidance.
iii) If a fundraiser knows or has reasonable grounds for believing that an individual lacks capacity to make a decision to donate, a donation MUST NOT be taken.
iv) A donation given by someone who lacked capacity at the time of donating MUST* be returned.
f) Organisations MUST NOT engage in fundraising which:
Is an unreasonable intrusion on a person’s privacy
Is unreasonably persistent;
Places undue pressure on a person to donate.
g) Fundraisers MUST NOT continue to ask an individual for support if:
that person clearly indicates – by word or gesture – that they do not wish to continue to engage; or
they have reasonable grounds for believing, in the course of their engagement with the individual, that they are in vulnerable circumstances which mean they are unable to make an informed decision to donate.
h) Charities that are legally required to have their accounts audited under section 144 of the Charities Act 2011 MUST* state in their trustee Annual Report (as specified within section 13 of the Charities (Protection and Social Investment) Act 2016):
The charity’s approach to fundraising activity, and whether a professional fundraiser or commercial participator was used.
Details of any voluntary regulatory fundraising schemes or standards which the charity or anyone fundraising on its behalf has agreed to.
Any failure to comply with a scheme or standard cited.
Whether and how the charity monitored fundraising activities carried out on its behalf.
How many complaints the charity or anyone acting on its behalf has received about fundraising for the charity.
What the charity has done to protect vulnerable people and others from unreasonable intrusion on a person’s privacy, unreasonably persistent approaches or undue pressure to give, in the course of or in connection with fundraising for the charity.
i) Trustees of Charities (or for Charities without a Trustee Board, those who serve on its governing body) MUST have regard to national guidance in overseeing the fundraising activities of their Charity and any third parties fundraising on the charity’s behalf.
For Charities registered in England and Wales, guidance is found in the Charity Governance Code and in the Charity Commission’s CC20 guidance for trustees, the essential trustee guide (CC3) and the welcome pack for new trustees
For Charities registered in Scotland, the following OSCR guidance provides information on the legal requirements of Scottish Charity law in relation to fundraising and Charity Trustee duties:
Interim Fundraising Guidance
Guidance and good practice for Charity Trustees
For Charities registered in Northern Ireland, the Code of Good Governance and the Charity Commission for Northern Ireland’s “Running your Charity” Guidance set out the principles and key elements of good governance for the boards of voluntary and community organisations.
1.3.1 Requesting Donations
a) When using donor information in a case study or any other type of publicity, organisations MUST*comply with any duties of confidentiality that they have and comply with data protection law(L14) if publishing a case study that includes information that could identify a donor. (Section 5: Personal information and Fundraising includes further information on requirements relating to data protection.)
b) Fundraisers MUST NOT encourage existing donors in any way to change an existing charitable donation to another fundraising organisation.
c) The Charities Act 1992, and Charities and Trustee Investment (Scotland) Act 2005allow charities to obtain a court order preventing unauthorised fundraising where any individual is using fundraising methods to which the charity objects or where the charity believes that an individual is not a fit and proper person to raise funds on its behalf.
1.3.2 Acceptance and Refusal of Donations
a) The trustees (and their delegates) MUST* act in the best interests of the charity when deciding to accept or refusea particular donation.
1.3.3 Rewards/ Incentives and Benefit Packages
It is common for organisations to engage a donor by offering them benefits related to the size and frequency of the gift.
a) Fundraising organisations MUST ensure that benefits are appropriate for the organisation to be giving, and proportionate to the size of the gift.
b) Fundraisers MUST be aware of when benefits nullify potential tax relief such as Gift Aid or top-up payments available under the small donation rules. If benefits do prevent the donation qualifying under Gift Aid or the small donation rules, organisations MUST NOT* attempt to reclaim tax on the sum.
The law in relation to changing the terms of a gift is complex and organisations should obtain advice from legal advisers or the Charity Commission / Office of the Scottish Charity Regulator (OSCR) before seeking to change the terms, even if there is donor consent. In Scotland, in cases where donor consent cannot be obtained, OSCR can permit the restricted fund under which a gift is held to be ‘reorganised’ if certain conditions are met, but only where it is not possible to ascertain the donor’s wishes in relation to the proposed change.
a) If an appeal is being run for a particular purpose, fundraisers MUST include a statement indicating what will happen to funds received if the total funds raised are insufficient or exceed the target.
a) Organisations MUST have a clear and publicly available complaints procedure which MUST also apply to any Third Parties fundraising on their behalf.
b) When dealing with complaints organisations MUST ensure that:
i) complaints are investigated thoroughly and objectively to establish the facts of the case, avoiding undue delay; and
ii) complaints are responded to fairly, proportionately and appropriately.
c) Organisations MUST regularly review any lessons to be learnt from complaints and use that learning to inform future fundraising activity.
d) Fundraising organisations MUST have a clear and published internal procedure for members of staff and volunteers to report any concerns they may have regarding their organisation’s fundraising practice.
i) the type of issues that can be raised and the process for doing so;
ii) how the person raising a concern will be protected from victimisation and harassment;
iii) how and what the organisation will do in response to receiving such information; and
iv) how an individual can escalate their concerns on fundraising practice to the Fundraising Regulator or the Independent Fundraising Standards and Adjudication Panel for Scotland in the event that internal consideration is not possible.
See the Fundraising Regulator’s Complaint Handling guidance.
a) Fundraising organisations which are charities MUST* not return donations unless certain criteria are fulfilled. For all other fundraising organisations, donations MUST only be refunded in line with any policies or in exceptional circumstances. It may not be lawful to return a donation and fundraisers MUST take advice from legal advisers or the Charity Commission / OSCR before doing so.
5.1.1 Data protection is an important issue for all fundraisers. Fundraising organisations MUST* comply with all legal requirements relating to data protection. These include:
a) the current Data Protection Act 2018 (and the Data Protection Act 2018 that will replace this when it becomes enacted in law – this section of the Code will be updated when this happens);
b) the Privacy and Electronic Communications (EC Directive) Regulations (PECR) 2003, including the requirements of the Telephone Preference Service(and any revisions to e-privacy legislation that result from the European Commission’s review of PECR in 2017 – this section of the Code will be updated when this happens).
Further guidance on the circumstances under which PECR will apply, including for telephone calls is available from the ICO.
c) the General Data Protection Regulation (GDPR)
5.1.2 In addition, organisations MUST keep up to date with guidance from the Information Commissioner’s Office. This includes the ICO’s Direct Marketing Guidance and its GDPR consent guidance, which are designed to promote good practice and help organisations understand their obligations.
For further information on this topic, please read the Fundraising Regulator’s guide on Personal information, data and consent.
The following sections outline data protection considerations of particular relevance to Fundraising.
Personal information/Personal data means information/data which relate to a living individual who can be identified directly or indirectly by reference to:
a) an identifier such as a name, an identification number, location data or an online identifier, or
b) one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the individual.
ICO guidance states that: “The definition of processing is very wide and it is difficult to think of anything an organisation might do with data that will not be processing.” “Processing”, in relation to personal data, means an operation or set of operations which is performed on personal data, or on sets of personal data, such as -
a) collection, recording, organisation, structuring or storage (this includes buying data from a third party, storing or checking personal information on a database)
b) adaptation or alteration (this includes activities such as updating personal details)
c) retrieval, consultation or use (this includes activities such as wealth screening or using personal data to contact individuals for any reason†)
d) disclosure by transmission, dissemination or otherwise making available (this includes activities such as sharing or publishing data†)
e) alignment or combination (this includes activities such as data matching and tele-appending†)
f) restriction, erasure or destruction (this includes activities such as suppressing or deleting a donor’s details on a database†)
†Please note that the examples in italics are provided by the Fundraising Regulator for illustrative purposes.
5.2.1 Organisations that process personal information MUST* adhere to any notification or registration as required by the Information Commissioner’s Office.
Further information on notification and registration can be found at the ICO’s website.
5.2.2 When processing personal data (including publicly available personal data) for any purpose, organisations MUST*:
a) have legitimate grounds for collecting, using and retaining the personal data.
Further information on the grounds (or ‘conditions’) for processing can be found in Schedule 9 of the Data Protection Act 2018
b) give individuals concise, transparent, intelligible and easily accessible information about how they will process their personal data, including who the organisation is; what they are going to do with the individual’s personal information; and (where relevant) who it will be shared with.
Further information on communicating privacy information to individuals can be found in the ICO’s Privacy Notice Code of Practice.
c) only handle personal data in ways that the data subject would reasonably expect; and
d) not do anything unlawful with personal data.
5.2.3 Organisations MUST* comply with any duties of confidentiality they have.
5.2.4 Organisations MUST* maintain good data hygiene practices (removing incorrect/incomplete information from your data) to ensure donor information is accurate, reflects donors’ communication preferences and is retained only for as long as necessary.
5.2.5 Organisations MUST be able to show that all reasonable steps have been taken to ensure that:
a) databases are accurate and where necessary, up-to-date.
b) direct marketing to individuals is suppressed where the individual has asked not to receive it.
c) the organisation ceases to contact deceased individuals where the organisation has been notified or where this information has been identified through use of a deceased suppression service
5.2.6 Personal data MUST* only be kept as long as necessary to fulfil the purpose for which it was processed (see rule 5.2.2 for further information on what information MUST be provided to the individual regarding processing).
5.2.7 Organisations MUST have appropriate systems or procedures in place (such as a suppression list) to ensure that they do not send direct marketing to individuals who have asked not to receive it, whether through individual communication channels or across all channels (see also Section 5.7 – “Requests to Cease Direct Marketing”).
5.3.1 Organisations MUST NOT* share personal data with any other organisation unless they can evidence that they meet the processing requirements in Rule 5.2.2 above and can justify their data sharing through these requirements.
5.3.2 Where personal data is shared between organisations:
within a federated structure (i.e where one controls the other or where both are under common control), or
under a data processing arrangement (i.e where one organisation acts on behalf of another organisation under written contract, such as professional fundraisers, data cleansers, or printing houses)
a) the organisational structure/arrangement and the processing purpose MUST* be clear enough in the privacy information provided to the individual that the organisation can evidence that processing would fall within the individual’s reasonable expectation.
b) Alternatively, where the organisation receiving the data is relying on the individual’s consent as the basis to hold and use that data, the organisation receiving the data MUST* be named in the consent request, and the specific consent of the individual for their information to be shared MUST* be gained by the sender.
Further information on data sharing can be found in the ICO’s Data Sharing Code of Practice.
5.3.3 Beyond the specific exceptions set out in rule 5.3.2, Organisations MUST NOT* share the personal data of an individual with any other organisation for that organisation’s marketing purposes without the freely given, specific, informed and unambiguous consent of that individual to the sharing of the personal data with that other organisation further information on what constitutes “freely given”, “specific”, “informed” and “unambiguous” consent, please see the Fundraising Regulator’s Guide “Personal Information and Fundraising”.
5.3.4 Even if the individual has consented to their personal data being shared, Organisations MUST NOT sell that data to any other organisation unless it can evidence it has the freely given, specific, informed and unambiguous consent of that individual for their personal data to be sold.
For further information on what constitutes “freely given”, “specific”, “informed” and “unambiguous” consent, please see the Fundraising Regulator’s Guide “Personal Information and Fundraising”.
See section 5.1-5.2 above (Processing Personal Data) for other considerations regarding sharing data.
5.4 Case Studies
5.4.1 If an organisation intends to use a real life example of an individual in a case study, the organisation MUST* only process that individual’s personal data in accordance with the law (see sections 5.1-5.2 above regarding processing personal data lawfully) and MUST NOT* disclose information received in circumstances where a legal duty to keep the information confidential arises, unless there is an overriding legal imperative to do so (for example, a police investigation).