Category Archives: Purple Vision

Get ready, get set, GDPR

Getting ready for GDPR

Ready, set, GRPR

I recently wrote a piece for the Just Giving blog called 4 lessons for charities as we prepare for GDPR  in which I presented four lessons we can learn from the recent (March 2017) fines imposed on two businesses for data breaches as they made their own preparations for GDPR.

My four lessons were based on Honda and Flybe, who were caught out trying to prepare themselves for GDPR (the irony!), but who ignored the rules of PECR (Privacy and Electronic Communication Regulations) in the process.  Essentially, they emailed to ask if they could stay in touch or if the details were correct.

My four lessons were:

Lesson 1: if you don’t have permission for a channel, you can’t ask for permission via that channel (so if you don’t have permission to email, you can’t email to ask for permission to email; if you don’t have permission to call, don’t call). 

 Lesson 2:  don’t ask for ask for permission from people who have actively opted out of receiving communication via the channel you are using.  While writing to people to ask if you can email them might sound a bit bonkers, if that is the communication approach you have consent for, that is how you must do it.

Lesson 3: be clear about what you have permission to do and what is covered by your permission. As you craft new permission statements, consider what you may want permission to do in the future, as well as what you may want to do now. 

Lesson 4:  Don’t be caught out in a GDPR compliance bubble and forget about other rules and regulations that apply – or about people. Making people-based decisions rather than data-based decisions shows due respect to our supporters and will give them confidence in our integrity as an organisation.

In a short blog for Just Giving you can’t go into the detail that you’d like though, and never short of something to say … I carry on below.

Getting GDPR ready using these lessons.

I think we can look at the case of Honda and Flybe and see how easily this could have been a charity making these errors.  Heck, we can probably even see the thought process in our own organisations looking to make these decisions.

However, we also need to consider that these rules are not just about how we fundraise, they are organisation wide.  They are about how we communicate with our donors, staff, volunteers – everyone who is connected to our organisation.

I think the rules come down to a bigger series of considerations and discussions that you need to have within your organisation about permissions and ‘permissioning’ – which is not an *actual* word but soon will become a big part of the charity management lexicon.

Where & when you ask

If you don’t have permission to email a donor, how can you get permission to email a donor?

There are many legitimate ways you can try and obtain email permission – for example via social media campaigns, sign up links on your website and even via direct mail.  If you have telephone permissions and active calling programme, you could even ask via this means too.  You just can’t ask for permission for that channel (email) via the channel you want to use (email).

If obtaining permission is s a priority for your organisation, ensure that sign-up forms are embedded on every page of your website, on every blog and that you have a regular ‘drive’ to legitimately obtain additional data.

How you ask

Why would your donor give you any details?

How you ask for something that the donor values – their personal data – is critical.  A wrong move could put them off as much as make them want to sign up. On a practical note, there are a range of methods to asking (but take note, massive popups on website screens are off-putting and will earn you penalties in Google and annoy readers by blocking content). [links to Google Webmaster blog]

On a human level, the tone of the ask also needs to be sensitive the channel you are using.  But more importantly, sensitive to your audience. You know all this of course, from your crafting of fundraising messages.  Permission asks aren’t that much different, except the beneficiary is the organisation.

There’s a balance between the timid ‘would you like to sign up’ and the demanding ‘sign up instantly’ that will be right for your charity’s tone of voice.  It is worth split testing some approaches out and changing the messaging to keep things fresh.

The issue of transparency also comes into play for how you ask for permissions – if this were your data, would you be happy that a company is relying on a clause hidden away in a set of terms and conditions to cover what you want to do with your data?

Which leads us onto what we are asking for permission to do.

What are you asking permission for?

This is the nub of the issue as far as our GDPR and PECR regulations are concerned – what are we asking permission for?

‘Sign up for our newsletter’ is a very broad statement. It may as well just read ‘give us your email, we’ll figure out what to do with it later’.

One of the ICO ‘tests’ is to ask the question – what would a person reasonably expect you to do with the data from what you have asked.  Is it clear?  It’s time to get granular – another central theme of the GDPR preparation process.

If you have a great email newsletter list –and that’s what you asked people to sign up to, that is all you can do with their data. You can’t send them a customer service announcement about your charity (here’s looking at you, Honda).

Of course, much can be contained within a newsletter (like your annual review and details of your latest campaign), but you also need to avoid your newsletters becoming cluttered, unfocused and impersonal (back to batch and blast) – and therefore irrelevant and easy to want to unsubscribe from.

One approach could be to consider all the kinds of activities your charity offers and ask for permission for each of them.  A helpful way to start with this can be to look at your departments. Typically, they’ll relate to what your organisation delivers.  Eg HR, fundraising, communications, governance, policy /campaigning.

  • what do they do (or want to do) that you may need permission for?

Another option to consider is what you also want to do with the data that you have.  Several charities recently fell afoul of ICO for using donor data for wealth screening.  

What we have learned from this is like our Honda/ FlyBe lessons.  It is not what they were doing per se that was the issue, it was their permission to do it – would a donor who gave them details have ‘reasonably expected’ to be profiled and screened like this based on what they were told when they signed up?

  • Ask once for now and the future – consider your 5-year plan and what current technology can offer in terms of insight as you craft new plans – even if you are not using technologies to help profile your web visitors now, or wanting to screen donors, or using predictive tools to help prospect for new donors, you may want to do that in 2 years’ time.  And when you want to do it, you will need to have permission to do it.  Machine learning is the way forward – plan for it now even if the reality of it still isn’t clear to you.
  • Third parties – this also brings to bear the point that is raised in GDPR guidelines about how you use data with third parties too, and your need to declare how they will use the data too.  Explore that alongside your permission work here and be as clear as you can.  Third parties are everyone from your mailing house to potential agencies you may send data samples too for segmentation, research, data cleaning and so on.

Where are you storing and recording these permissions?

Should the ICO come a-knocking in the future, after you’ve made them a cup of tea and talked about the weather, the questions will come.  One of the questions they may ask is where you can prove that you had permission to send x y or z person a b or c email/direct mail/text.

The paper trail [ surely a redundant term in our digital age] in an ideal world, would lead to your CRM or database, where you can look this up with ease, and respond confidently.

In your current situation:

  • could you look up where you asked for permission to contact someone and identify the permission that a person gave?
  • could you look up the form they used to sign up and double check the language?

How you are storing your data is one of the fundamental questions that GDPR brings us back to.

It covers the requirement for data to be held securely – which is a separate area of conversation about access to devices, security protocols et al  (and usually ends with a conversation where someone reminisces about leaving a laptop of client data on a train).

For this article, consider these areas.

  • how are you managing your data?
  • do you run on Excel and end up with multiple departmental spreadsheets because that’s the only data you ‘trust’?

Heck, I am sure some people still use a card index or have a special address book.

That’s all data and that’s all covered by this.

How are you going to manage permissions?

A few preference centres are popping up on the market claiming to be the answer to all your GDPR woes.

While they may be part of a solution that works for you, I strongly urge you to think more widely than this before buying a panacea that you may not need.

There are key questions to ask and answer first about how your organisation is going to work together before you get to the technical bits.   Fundamentally, GDPR means it is finally, genuinely, time to say bye bye data silos and say hello to collaborative working with consistent data and access across the organisation.

No preference centre or legacy system is going to make that work for you.  That’s about organisational culture.  So, we need to do the people and process thinking ahead of the technology.

Some questions to help you explore this area and decide how to manage it in your organisation include:

  • Could any user log on and know that they cannot email a donor or beneficiary or that they cannot write to a resident?
  • Where and how will you record when a client, donor or beneficiary decides they don’t want to receive further communications?
  • What if they change their mind about a channel they already gave permission for?
  • If someone unsubscribed from direct mail today, how long would it take for their permission to catch up with data selections you have already made for future campaigns?

There are several creative ways to stick a temporary sticky plaster on any systems you are currently using this while you consider the bigger picture.

Don’t rush straight into more permanent fixes to your systems integrations that will give you the sought-after 360-degree view or more integrated and comprehensive data source – think them through with and beyond GDPR.

Evidence of Permission

If you can’t find evidence that you’ve asked for permission to do something, the safest approach may be to consider that you don’t have permission at all.

This may mean you cannot contact that person.

This is something of a bitter pill for many looking at their database.  It is going to reduce the number of active contacts and the number of people who may support you as a result.

The long and the short of it is that compliance with GDPR is the start of a new road and approach to how we look at our data – and our strategy for managing acquisition will need to adapt accordingly.

A human appeal: people = data

Alongside all this work we must do about data, I’d like to add the human appeal. When we talk about data, we’re talking about people.  We talk about donor journeys and build experiences around them based on things they’ve told us they want to do, what we want them to do (and ideally the two mirror each other).  These journeys are individual’s personal interactions with us.

Some of the GDPR rules you are now considering may worry you because they could (or will) have an impact on the valuable work that you do (for example, if you have a major donor and no contact permission to call, how are you going to move forward?).

Remember too that other charities and businesses up and down the country are having to do the same.  The charity you donate to, the online shop you buy those superb shoes from. They are looking at your data. How do you want them to treat you?

This ‘conscience and integrity’ test is one I find helpful all the time as a reminder that behind that spreadsheet (which is password protected and kept on a secure system, obviously) are real people and real lives, not just unique identifiers and permission sets.

It is easy to forget this.

Authors note:  this article is not intended as legal advice.  Note that this covers the legal basis for consent-based marketing and fundraising. Other legal basis for data processing may apply in your organisation.

Where to get Guidance and Information.      

Need help? 

If you need a data audit, an internal seminar to get your team up to speed with the basics of GDPR and ready to move forward, or need help to adapt your systems to meet your new preference management approach, Purple Vision can help.

Whatever your question, we’re happy to help.   You can

IOF Technology Special Interest Group – 2017 Conference

A stalwart of the annual fundraising calendar for those with a technological bias, the Institute of Fundraising Special Interest Group (SIG) Technology Conference is back.  Friday 12 May will see hundreds gather at 1 America Place to talk through a varied agenda which includes keynotes from Just Giving and the Direct Marketing Association.   Three streams sit alongside three keynotes – Nuts and Bolts of Compliance, New Fundraising New Tech and Technology Management – speaking each other’s language.

Register today via their Eventbrite link:

New Fundraising New Technology Stream – 14.15 Digital Thinking – Human Decisions

In this session Mags (Purple Vision) will speak with Matthew Warnock-Parkes (Disasters Emergency Committee) will talk about the fast-paced changing tech landscape that impacts the DEC and their appeal cycle.

DEC  are the highly respected charity that engages its effective fundraising operation only in times of disaster, generating millions of pounds seemingly overnight.  DEC have been looking at the challenge of fundraising with multiple fragmented data sources and the changing trends in fundraising channels, considering how tech can help with their unique challenges.

 

 

Salesforce events in May

This May brings a Salesforce bounty for event attendees.   If you are immediately thinking these events don’t apply to you as you are not a Salesforce user (or not yet a Salesforce user), think again.

Salesforce World Tour – 18 May (Excel)

Registration link via: https://www.salesforce.com/uk/campaign/london/

The Salesforce World Tour brings the full power of what is usually a 5 day tech conference (Dreamforce for Salesforce, F8 for this year’s Facebook) to a town near you.  It’s a lot of marketing – but you’d expect that really.  But it’s also a chance to see for yourself some of the tech that is on the market now and hear about (and see) some of the innovations on the horizon.

If you’re already a Salesforce user, it is a great chance to see what’s happening with your tool and see for yourself what’s coming next.

If you are not a Salesforce user, it’s a chance to see what other tools are up to, get some new ideas about the future, new ideas about how you can handle or solve data problems and gain some fresh insights on problems and opportunities.

Added bonus for 2017

Steve Thomas (our CEO) will be speaking in the Non-Profit Theatre with our client, RAFCTE – the Royal Air Force Charitable Trust Enterprises – who will share how the Royal International Air Tattoo manages thousands of people, planes and plans using Salesforce to deliver their world-famous air show.

NPSP Day – 19 May

Registration link: http://www.npspday.org/events/london?utm_campaign=power-of-us-post-ryan

It is important to note that NPSP Day is not organised by Salesforce.org, it’s the brainchild of the team that work hard behind the scenes to keep NPSP – the non-profit success pack – on track.  For those that don’t know, NPSP is essentially an open source development or collection of features on the Salesforce platform. It’s free for non-profts to access (for the first ten users).  To keep it up to date, users, developers, partners and Salesforce.org all chip into a development process and regularly release new features and updates.

NPSP day is about a range of things – it’s about how people use NPSP, why people use NPSP, what needs looking at – how to do certain things, how not to do other things (best practice), and really a chance to get together and share in what it is all about.

It’s a no fixed agenda ‘unconference’ format – so the attendees lead the way the day progresses.

There’s a charge to attend of $40, which basically covers lunch and refreshments.  And it’s in dollars because the team who organise these all across the US are heading to London to host this day and bring the style and format to life in the UK.

The astute among us will notice it’s the day after World Tour London so don’t get too frazzled at the drinks reception!

Our notes: 

We’ve never been to one of these – they’re  new to the UK – but they sound interesting.  Our view is that existing NPSP users would probably get the most out of these, rather than those of you still at the stage of considering NPSP.

 

 

 

 

 

Fundraising Convention 2017

We’ll be at Fundraising Convention in the Barbican, London from 3-5 July 2017.

As well as exhibiting (stand 25 right next to the coffee ….), Steve Thomas will be speaking on Wednesday 5th on the topic of  Aquisition, with Permission.

 

 

IoF Tech SIG

We’re speaking at IoF Tech SIG Conference in London on 12 May.

Our topic is in the new technology/new fundraising stream, and we’ll be speaking with Matthew Warnock-Parkes from the Disasters Emergency Committee.

6 things to do while everyone is on seasonal break.

Our Marketing Director, Mags, is a bit of a one for getting organised.  In this post, she shares here tips for stealing a march on 2017 and using the time between Christmas and New Year for maximum benefit and impact. 

It’s Christmas break! Yay.  The days between Christmas and New Year are a strange time, leaving some of us delighted to be spending time with our families, eating copious leftovers and some of us delighted to be anywhere but!  In one way or another, work continues, arguably often at a slower pace (as everyone else is off) but with a keen understanding that, come January, things will take off again very quickly.

Extensive research* reveals that there is a correlation between your boss being away and the degree to which your inbox is swamped.  This, in turn, can correlate between how on top of your to-do list you feel, how many new tasks are coming in and how calm you feel about impending deadlines.  Worse, you know it’s going to be super-busy between January and Easter (because it always is) when everyone is focused on the new year, change and getting things done.

Over the years, I’ve learned this time between Christmas and New Year is really important to stealing a march on the months ahead.

Here are my 6 to do’s for the seasonal gap. 

1          Niggly to-do list leftovers

There are always things on your to-do list that get knocked down because while you give them credence and importance, they’re either nice to haves, non-essentials or not a major priority.  Start knocking these off your list.  Go back through them, collect them into one place and figure out if they really are still to do, or because you’ve left them so long they’ve become a bit obsolete (count this as a victory and tick them off!). Can you scratch some off the list, and focus on the ones that really do matter and just get them done and dusted?   The other important lesson for me in all this is that I often end up with lists in more than one place (notebook, post-its, some in the CRM, some in my inbox). How can I keep on top of a list when I have lists of lists?

2          Get ahead with the planning

Come the new year onslaught how are you going to cope?  Get busy with your diary to get ahead of that game.

  • Block out space for regular tasks in your schedule so they don’t get forgotten
  • Schedule in recurring and important meetings if they’re not already in place.
  • Go through project plans – are they up to date? If not, get on top of them, and anticipate where blocks of your time may be most in demand to complete tasks – get these in the diary (in pencil or its digital equivalent ‘tentative’– you can’t be inflexible but you can try and take control of your own workload)

3          Research

Your planning grid will probably reveal the need for some solutions or a bit of background reading – get ahead with this now.  Set up folders and bookmarks in your web browser so you can bookmark pages and easily refer back to them when you need them but start to think about where your knowledge gaps are now and find key resources that everyone will find useful in completing a project.   This is a good task to do with a cuppa (or even a cheeky middle of the day snifter) and some Christmas cake.

4          Turn off your email

This is the perfect time to get as much stuff done as you can without interruption.  It’s a great time of year to turn off your email and avoid being distracted by other things and just crack through some of the things you need to get done.

5          Keep an eye on the clock

If you’re the kind of person that’s early into the office and often gets involved in working until later to ‘just get this finished’, make a special point of not starting work until you are supposed to and finishing on time.  I promise this will feel a bit like a holiday in itself and no-one will even notice. It’s only a few days and you should only be working those hours anyway.  And if you’ve turned your email off too you’ll be amazed at what you get done in the ‘proper’ amount of time. It is interesting how much we think other people notice if we are at work late each day – some do but in the main, no-one cares about your hours – they care about your output and outcomes instead.

6            Clear down your inbox

Once you’ve done some solid graft, take some time to clear down your inbox.  This is one of my favourite things to do before I switch off for New Year if I have been working the time in between.   I love to delete or clear out as many emails as I can.  It is virtually impossible to have a completely clear inbox, but the feeling of being on top of things that you get from having a very lean inbox is very satisfying and I remain determined to keep it as clear as I can for as long as I can.  (end of the week, usually). It’s an important psychological switch for me. I bet there are things you’re hanging onto as they’re a reminder to do something – get them on your list instead- where they belong.

* It doesn’t matter where I’ve worked or at what level this is a truth universally acknowledged.

pledge-1-3

We’ve taken the pledge – pledge 1%

Fear not, this is no pronouncement of our support for the temperance movement (though ask us after our Christmas Party and we may say differently).   This is about why we’ve chosen to Pledge 1% and what it means to us.

Read about Pledge 1%

About the Pledge

Pledgeonepercent is – in a neat and tidy nutshell – all about corporate social responsibility.  Giving back.  Being active members of the communities we live in.  It is a philanthropic movement to encourage businesses of all sizes to be good citizens as well as good employers.

Essentially, you can pledge four things

  • Equity – this is the polite way of saying cash.
  • Product – if an organisation has a software product, offering 1% of that product for non-profits to use is included in this
  • Time – the simplest metric of all – staff days or time.
  • 1/1/1 – all three of the above elements.

Why we’ve taken the Pledge

Purely and simply, we’ve taken the pledge as we believe it fits with our values and ethos as an organisation – where we are now and where we started from.  Doing the right thing and being on our customer’s side are critical to who we are and what we do, and what makes us ‘purple’ as a team.  Making sure we stay focused on our part in the world matters to us.

Of course, we could just have got on with doing our bit without signing a pledge.  Many organisations do.  We’ve chosen to sign up so that we can be counted as part of the movement, and help others to look at and consider the pledge too.  Collective impact of a movement is easier to measure – and with measurement comes the evidence of what the programme is achieving.  And thus encourages more organisations to take part in something meaningful.

How we set about doing it.

Applying to participate is the easy bit.  Understanding how our team – a group of strong individuals – want to use that time a little more complicated.

Mike, our Chief Operating Officer and organisational development specialist, opted for a staff survey to gather opinion and ideas about the kind of benefits the team would expect to gain, and also look at the initiatives we could consider as a team.

Collating the feedback was enlightening.  Not least because it revealed the extent to which staff are already freely involved in giving of one kind or another.  Most importantly, it revealed more of the spirit that sits in the Purple Vision team and the passions that drive individuals in their daily lives.

The majority in the team asked the organisation to steer away from collective activities that involved politics or religion, but these are of course a strong personal preference for many and our relationships at work are already respectful of any boundaries that these two areas can create – so it felt like a natural ask from the team and one we are happy to accept.

Our collective endeavours will focus on areas where we have identified a shared concern or passion.

What it means for us

We’re keen that Pledge 1% is real and meaningful for the Purple Vision team, so this may be all you ever learn of our Pledge.  It’s really important for us that this isn’t about PR, but this is about doing the right thing to be members of our society and community.

Mainly, we’ll give our time as individuals, but probably for one day a year, we’ll work on a project as a team together.  Quietly, without pomp, but with a lot of purpose.

For some of us it will be a continuation of the kind of things we’ve already been doing.  For others a chance to explore opportunities that we may not have had before, to participate, understand and learn.

1% is a small step in the right direction.

Of course, in an ideal world, companies would be able to offer more than what sounds like a humble 1% to achieve meaningful and impactful social change.  1% sounds small.  1% time is 3 staff days a year – that also doesn’t sound a lot on paper.

But look two things here.

  • We’re a small company and 3 days a year is a lot of potential work time. So it is a sacrifice for us to make at an organisational level.
  • For our team of 20, 3 days each is 60 days a year. 2 calendar months a year of time, or 480 hours in working time

We know we can make a difference in that time.

More info:

  • If you’d like to know more about Purple Vision’s approach to Pledge 1%, give us a ring and ask to speak to Mike, or send your enquiry via our web form.
  • To sign the Pledge for your organisation, visit the website: – http://pledge1percent.org/

Pledge 1%

Connected Non Profit Conference – what you missed.

Last week, Salesforce.org organised an event called the Connected Non Profit Conference.  It was a small, sell-out event.  In the spirit of it all being about connected non-profits, we find some C words to describe what we found at the event

Concept

Every year, Salesforce organises Dreamforce, a beastie of a conference in San Francisco where basically a whole city-load of people all turn up and hear what’s happening with the Salesforce platform.  It sounds like a lot of fun but it is a long way away and pretty expensive to get to, especially for those on a non-profit budget.

A Mini-Dreamforce, 1-day World Tour event happens every year in London (May 18th 2017 – mark your diaries) that takes some of the content and positions it for just a day.  Other stuff happens that is brand specific.

These are all lovely.  They’re useful.  They’re exciting.  They’re a great place to meet really interesting and inspiring people. But they’re not focused on non-profit, they are focused on the entirety of the Salesforce world.  True, all the learning and new products and innovations are relevant as they are available to non-profits.  But the language is just, well, not us.

So kudos to the team at Salesforce.org in London for recognising this and putting something on just for us.  I think the size was just right for a first one – small, about 300 or so.  We can only grow from here!

Content

The stories at the event focused on – as you would entirely expect – how Salesforce has driven non-profit success.  From hearing about the new Non Profit Success Pack (Salesforce, distilled down for non-profits) and its roadmap (the new features that Salesforce will add, alongside the other features that may be unlocked via the Salesforce releases 3 x per year or the fortnightly (yes fortnightly) pushes to the NPSP), through to compelling stories and case studies.

We talked data (of course) and saw how Wave Analytics brings data to life and helps charities like RED to tell their story.  How with the help of partners, charities have created new functionality to deliver things like Gift Aid or bespoke programme management, how UNHCR use Salesforce to manage their fundraising programmes and more about email marketing and the connectivity.

This is the story of RED – their goals and how Salesforce is supporting them to deliver their goal.

This video makes me cry but fills me with so much hope.

Of course, it’s money that makes a difference but you can’t mobile, measure and deliver – or start to raise those funds – without the right tech.  Message clearly received there!

Connections

The measure of success of any event has to be two things – the quality of the content you hear and learn about, and the quality of the conversation you have with other people who are there.

One of the great things about this being a small and focused event was the ability to get to speak to so many of the people who were at the event.

Some were already Salesforce customers, some people looking at options on the market and there were a few of us partners around – and while the reality is we are ‘competitors’, we’re actually quite nice people and feel that we’re more part of a ‘community’ too if you see what I mean.

So there was lots of buzz and conversation, some free advice being bandied backwards and forwards and a lot of entente-cordiale.

And then there’s Cody

Cody is the name of the bear that features across all of the new visual identity Salesforce are adopting.  It relates to trailhead – the free learning paths offered by Salesforce to get users to adopt the system.  If I am honest, I am not convinced about Cody and campgrounds, but he keeps good company with other mascots so at least it keeps things interesting wondering who might show up next!

If you see another Connected Non Profit event pop up in our social feed, or via Salesforce.org, I urge you to act quickly to register.  This one was well worth attending.

Related Services from Purple Vision

To coincide with CNPC_16, Purple Vision launched two new services

Other Purple Vision blogs about NPSP