We will seek the best patient outcomes and best value with the money we raise
- Our focus is on doing the best for our patients and their families
- We will use all donations with care and seek best value
- We publish patient stories with permission
- We are leading the way in the UK in developing objective measures of our patient outcomes
- Our fundraisers and third parties will follow the EAAA approach to fundraising and we will fundraise ethically.
We will look after your data; please see our policy on data protection: https://www.eaaa.org.uk/about-us/privacy-data-protection/
We will thank you appropriately as we believe everyone who supports us deserves our thanks and the thanks of our patients – we get no ongoing funding from government
We will plan for a secure long-term future by having cash reserves (invested prudently) equivalent to a year’s operating costs. The interest we receive from these investments goes towards our operating costs
We will follow the code of Fundraising practice laid down by the Fundraising Regulator. A full copy of the Codes of Fundraising Practice can be found here
Please contact us on email@example.com to send feedback or to see the regulations we abide by in relation to Fundraising Communications
Our complaints policy can be found here: https://www.eaaa.org.uk/contact/feedback/making-a-complaint/
The EAAA approach to fundraising – in detail
- The work of all EAAA fundraising staff and third party organisations will be; Legal, Open, Honest and Respectful.
Please note all italic text in this document is taken directly from the Fundraising Code of Practice.
We will ensure that staff, volunteers and all third parties we work with comply with the Codes of Fundraising Practice under the Fundraising Regulator. We will comply with the law in regard to data protection, health and safety and the environment Where we work with third party agencies or volunteers we will provide training and monitor their work; acting quickly if any of our staff or partners do not meet the standards we set.
Sources of donation
EAAA accepts and welcomes money from a wide range of public and private sector partners and from the general public, including individual supporters, churches and religious groups, trusts and foundations, corporations and statutory bodies.
Declining donations EAAA may decline support from sources (including individuals) that we deem to be disreputable or involved in activities that are at odds with our organisation’s mission and values.
- We will be open and honest
- We are committed to keeping you informed about how your donations and support are helping us to save lives and will respond to questions openly and honestly
- We tell the truth and are transparent in our fundraising practices and communications
- We Respect Supporters Privacy
- We will never sell or share your data commercially.
- We will always comply with UK legislation to protect your privacy.
- We will always store personal details securely.
- We respect the rights, preferences and privacy of all our supporters and volunteers
- We are sensitive to the needs of diverse groups of supporters and volunteers and will act accordingly
- Supporters can let us know if they wish to change supporter’s preferences or opt out from any communications or data processing via email on firstname.lastname@example.org or call us on 03450 669999.
Further information: details of how we use and process supporters data are available in our Data Protection and Privacy statement
We will Be Accountable
- We will administer donations efficiently putting them to work quickly
- We aim to send a Thank you within five working days
- If you are unhappy with anything we have done please make us aware and we will do everything we can to put things right.
Further information: supporters can view our complaints policy and process online at: www.eaaa.org.uk/complaints
Please contact us on w/ eaaa.org.uk/ t/ 03450 669 999 e/ email@example.com p/ Feedback, EAAA, Hangar E, Gambling Close, Norwich NR6 6EG
The following is taken directly from the regulations that we follow.
These General Principles apply to all EAAA fundraising:
- a) A legal principle underpinning fundraising is that all funds raised for a particular cause MUST*be used for that particular cause.
- b) Fundraisers MUST NOTdenigrate other individuals or organisations.
- c) Organisations MUST NOTexaggerate facts relating to the potential beneficiary.
- d) Organisations MUST NOTtake advantage of mistakes made by the donor.
- e) i) Fundraisers MUSTtake all reasonable steps to treat a donor fairly, enabling them to make an informed decision about any donation. This MUSTinclude taking into account the needs of any potential donor who may be in a vulnerable circumstance or require additional care and support to make an informed decision.
- ii) Fundraisers MUST NOTexploit the credulity, lack of knowledge, apparent need for care and support or vulnerable circumstance of any donor at any point in time. There is more information available about responding to the needs of people in vulnerable circumstances and helping donors to make informed decisions in the Institute of Fundraising’s ‘Treating Donors Fairly’ Guidance.
iii) If a fundraiser knows or has reasonable grounds for believing that an individual lacks capacity to make a decision to donate, a donation MUST NOT be taken.
- iv) A donation given by someone who lacked capacity at the time of donating MUST*be returned.
- f) Organisations MUST NOTengage in fundraising which:
- Is an unreasonable intrusion on a person’s privacy
- Is unreasonably persistent;
- Places undue pressure on a person to donate.
- g) Fundraisers MUST NOTcontinue to ask an individual for support if:
- that person clearly indicates – by word or gesture – that they do not wish to continue to engage; or
- they have reasonable grounds for believing, in the course of their engagement with the individual, that they are in vulnerable circumstances which mean they are unable to make an informed decision to donate.
- h) Charities that are legally required to have their accounts audited under section 144 of the Charities Act 2011MUST*state in their trustee Annual Report (as specified within section 13 of the Charities (Protection and Social Investment) Act 2016):
- The charity’s approach to fundraising activity, and whether a professional fundraiser or commercial participator was used.
- Details of any voluntary regulatory fundraising schemes or standards which the charity or anyone fundraising on its behalf has agreed to.
- Any failure to comply with a scheme or standard cited.
- Whether and how the charity monitored fundraising activities carried out on its behalf.
- How many complaints the charity or anyone acting on its behalf has received about fundraising for the charity.
- What the charity has done to protect vulnerable people and others from unreasonable intrusion on a person’s privacy, unreasonably persistent approaches or undue pressure to give, in the course of or in connection with fundraising for the charity.
Further guidance on the Charity Act.
- i) Trustees of Charities (or for Charities without a Trustee Board, those who serve on its governing body) MUST have regard to national guidance in overseeing the fundraising activities of their Charity and any third parties fundraising on the charity’s behalf.
1.3.1 Requesting Donations
- a) When using donor information in a case study or any other type of publicity, organisations MUST*comply with any duties of confidentiality that they have and comply with data protection law(L14) if publishing a case study that includes information that could identify a donor. (Section 5: Personal information and Fundraising includes further information on requirements relating to data protection.)
- b) Fundraisers MUST NOTencourage existing donors in any way to change an existing charitable donation to another fundraising organisation.
- c) The Charities Act 1992, and Charities and Trustee Investment (Scotland) Act 2005allow charities to obtain a court order preventing unauthorised fundraising where any individual is using fundraising methods to which the charity objects or where the charity believes that an individual is not a fit and proper person to raise funds on its behalf.
1.3.2 Acceptance and Refusal of Donations
- a) The trustees (and their delegates) MUST* act in the best interests of the charity when deciding to accept or refusea particular donation.
1.3.3 Rewards/ Incentives and Benefit Packages
It is common for organisations to engage a donor by offering them benefits related to the size and frequency of the gift.
- a) Fundraising organisations MUSTensure that benefits are appropriate for the organisation to be giving, and proportionate to the size of the gift.
- b) Fundraisers MUSTbe aware of when benefits nullify potential tax relief such as Gift Aid or top-up payments available under the small donation rules. If benefits do prevent the donation qualifying under Gift Aid or the small donation rules, organisations MUST NOT*attempt to reclaim tax on the sum.
Use of Funds
The law in relation to changing the terms of a gift is complex and organisations should obtain advice from legal advisers or the Charity Commission / Office of the Scottish Charity Regulator (OSCR) before seeking to change the terms, even if there is donor consent. In Scotland, in cases where donor consent cannot be obtained, OSCR can permit the restricted fund under which a gift is held to be ‘reorganised’ if certain conditions are met, but only where it is not possible to ascertain the donor’s wishes in relation to the proposed change.
- a) If an appeal is being run for a particular purpose, fundraisers MUSTinclude a statement indicating what will happen to funds received if the total funds raised are insufficient or exceed the target.
- a) Organisations MUST have a clear and publicly available complaints procedure which MUSTalso apply to any Third Parties fundraising on their behalf.
- b) When dealing with complaints organisations MUSTensure that:
- i) complaints are investigated thoroughly and objectively to establish the facts of the case, avoiding undue delay; and
- ii) complaints are responded to fairly, proportionately and appropriately.
- c) OrganisationsMUSTregularly review any lessons to be learnt from complaints and use that learning to inform future fundraising activity.
- d) Fundraising organisationsMUSThave a clear and published internal procedure for members of staff and volunteers to report any concerns they may have regarding their organisation’s fundraising practice.
- i) the type of issues that can be raised and the process for doing so;
- ii) how the person raising a concern will be protected from victimisation and harassment;
iii) how and what the organisation will do in response to receiving such information; and
- iv) how an individual can escalate their concerns on fundraising practice to the Fundraising Regulator or the Independent Fundraising Standards and Adjudication Panel for Scotland in the event that internal consideration is not possible.
See the Fundraising Regulator’s Complaint Handling guidance.
- a) Fundraising organisations which are charities MUST*not return donations unless certain criteria are fulfilled. For all other fundraising organisations, donations MUSTonly be refunded in line with any policies or in exceptional circumstances. It may not be lawful to return a donation and fundraisers MUST take advice from legal advisers or the Charity Commission / OSCR before doing so.
Processing Personal Data and Database Practices
Personal information / Personal data means information/data which relate to a living individual who can be identified directly or indirectly by reference to:
- a) an identifier such as a name, an identification number, location data or an online identifier, or
- b) one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the individual.
ICO guidance states that: “The definition of processing is very wide and it is difficult to think of anything an organisation might do with data that will not be processing.” “Processing”, in relation to personal data, means an operation or set of operations which is performed on personal data, or on sets of personal data, such as—
- a) collection, recording, organisation, structuring or storage (this includes buying data from a third party, storing or checking personal information on a database)
- b) adaptation or alteration (this includes activities such as updating personal details)
- c) retrieval, consultation or use (this includes activities such as wealth screening or using personal data to contact individuals for any reason†)
- d) disclosure by transmission, dissemination or otherwise making available (this includes activities such as sharing or publishing data†)
- e) alignment or combination (this includes activities such as data matching and tele-appending†)
- f) restriction, erasure or destruction (this includes activities such as suppressing or deleting a donor’s details on a database†)
†Please note that the examples in italics are provided by the Fundraising Regulator for illustrative purposes.
5.2.1 Organisations that process personal information MUST* adhere to any notification or registration as required by the Information Commissioner’s Office.
Further information on notification and registration can be found at the ICO’s website.
5.2.2 When processing personal data (including publicly available personal data) for any purpose, organisations MUST*:
- a) have legitimate grounds for collecting, using and retaining the personal data.
Further information on the grounds (or ‘conditions’) for processing can be found in Schedule 9 of the Data Protection Act 2018
- b) give individuals concise, transparent, intelligible and easily accessible information about how they will process their personal data, including who the organisation is; what they are going to do with the individual’s personal information; and (where relevant) who it will be shared with.
Further information on communicating privacy information to individuals can be found in the ICO’s Privacy Notice Code of Practice.
- c) only handle personal data in ways that the data subject would reasonably expect; and
- d) not do anything unlawful with personal data.
5.2.3 Organisations MUST* comply with any duties of confidentiality they have.
Storage and maintenance of data
5.2.4 Organisations MUST* maintain good data hygiene practices (removing incorrect/incomplete information from your data) to ensure donor information is accurate, reflects donors’ communication preferences and is retained only for as long as necessary.
5.2.5 Organisations MUST be able to show that all reasonable steps have been taken to ensure that:
- a) databases are accurate and where necessary, up-to-date.
- b) direct marketing to individuals is suppressed where the individual has asked not to receive it.
- c) the organisation ceases to contact deceased individuals where the organisation has been notified or where this information has been identified through use of a deceased suppression service
5.2.6 Personal data MUST* only be kept as long as necessary to fulfil the purpose for which it was processed (see rule 5.2.2 for further information on what information MUST be provided to the individual regarding processing).
5.2.7 Organisations MUST have appropriate systems or procedures in place (such as a suppression list) to ensure that they do not send direct marketing to individuals who have asked not to receive it, whether through individual communication channels or across all channels (see also Section 5.7 – “Requests to Cease Direct Marketing”).
Sharing and selling personal data
5.3.1 Organisations MUST NOT* share personal data with any other organisation unless they can evidence that they meet the processing requirements in Rule 5.2.2 above and can justify their data sharing through these requirements.
5.3.2 Where personal data is shared between organisations:
- within a federated structure (i.e where one controls the other or where both are under common control), or
- under a data processing arrangement (i.e where one organisation acts on behalf of another organisation under written contract, such as professional fundraisers, data cleansers, or printing houses)
- a) the organisational structure / arrangement and the processing purpose MUST*be clear enough in the privacy information provided to the individual that the organisation can evidence that processing would fall within the individual’s reasonable expectation.
- b) Alternatively, where the organisation receiving the data is relying on the individual’s consent as the basis to hold and use that data, the organisation receiving the data MUST*be named in the consent request, and the specific consent of the individual for their information to be shared MUST*be gained by the sender.
Further information on data sharing can be found in the ICO’s Data Sharing Code of Practice.
5.3.3 Beyond the specific exceptions set out in rule 5.3.2, Organisations MUST NOT* share the personal data of an individual with any other organisation for that organisation’s marketing purposes without the freely given, specific, informed and unambiguous consent of that individual to the sharing of the personal data with that other organisation further information on what constitutes “freely given”, “specific”, “informed” and “unambiguous” consent, please see the Fundraising Regulator’s Guide “Personal Information and Fundraising”.
Data buying and selling
5.3.4 Even if the individual has consented to their personal data being shared, Organisations MUST NOT sell that data to any other organisation unless it can evidence it has the freely given, specific, informed and unambiguous consent of that individual for their personal data to be sold.
For further information on what constitutes “freely given”, “specific”, “informed” and “unambiguous” consent, please see the Fundraising Regulator’s Guide “Personal Information and Fundraising”.
See section 5.1-5.2 above (Processing Personal Data) for other considerations regarding sharing data.
5.4 Case Studies
5.4.1 If an organisation intends to use a real life example of an individual in a case study, the organisation MUST* only process that individual’s personal data in accordance with the law (see sections 5.1-5.2 above regarding processing personal data lawfully) and MUST NOT* disclose information received in circumstances where a legal duty to keep the information confidential arises, unless there is an overriding legal imperative to do so (for example, a police investigation).