How Do I Protect Our Donors’ Privacy When Board Members Want Their Data?

Q: Please help! Our small community foundation has great board members willing to help us reach out to donors, past and prospective, but six board members serve on a local college board that is primarily a fundraising board that’s in active campaign mode.

Here’s the glitch: A few of these folks keep asking me for a donor list with all contact data, the stated purpose for which is to help us thank our donors. They’re all solid and honest people, but no way am I providing them with a list of donors who assume privacy when they make a gift to our organization.

Here’s the thing: These board members might forget where they met or learned about a donor and unintentionally drift them over in relationship to the college’s very well-staffed development team. Ugh! I forget stuff, and they probably will too.

Do you have any advice about how to engage these board members in strengthening our donor relationships without giving up our information? Do you have a sample donor privacy policy that I could use to explain that our position is best practice? Help!

—Executive Director (ED), Community Foundation

A: Put a general privacy policy and a donor version in place asap!

ED, as long as you’re in the position of denying board members what they’re asking for, you’re in trouble. Instead, simultaneously depersonalize this situation and formalize policies to best respect donors and other friends by putting two privacy policies in place right now.

1. A donor privacy policy protects your donors and instills calm and confidence in your prospects. Here’s an excerpt from Catholic Charities’ donor privacy policy:

• We will not sell, trade, or share your personal information collected on the website or through any other business activities with anyone else.
• We will not send you mailings on behalf of other organizations.
• We will only share your personal information if you give us specific permission to do so.
• We will collect payment information, billing address, and other information necessary to process a donation or event registration.
• We will use personal information to protect against potential fraud.
• You have the right to review information that we have collected about you.

2. A general privacy policy covers contact and behavior info of prospects and other supporters (for example, volunteers, e-news subscribers, partners).

The more data you have on your community members and prospects, the better you’ll succeed in engaging them. This general policy should also cover your donors, but it makes sense to have a version just for donors, even it’s just a mirror of the general policy with the phrase “donor” inserted.

This precious data—contact information and insights on how they interact with your organization and communications—enables you to shape your outreach to be most relevant. And relevance rules!

The trust you build in committing to a thorough, respectful privacy policy will enable your organization to source the data that sharpens your insights, strengthens your relationships, and motivates more of the actions you need. Go to it!

By the way, ED, I know you might need the board’s approval (if they’re hands-on folks) to put these policies into place. If that’s the case, it’s usually a “can’t say no” proposition. Who wants to stand in the way of proper donor stewardship?