Skip to main content

Please see the following sections for information specific to:

Data Protection

You can read our Data Protection Policy here (updated Sep 2018)

Some other documents you might find useful:

Privacy Notice (2018)

Volunteer confidentiality agreement

Photo consent form

Other Policies

Information relating to the following policies is currently under construction:

  • Equality
  • Grievance
  • Health and Safety
  • Confidentiality
  • Recruitment

In the meantime, the Resource Centre and NCVO have lots of template policies and guidance. We also recommend that you contact your local CVS or Volunteer Centre for advice about policies and procedures for your group. 

Disclaimer: The information provided in this section and any policies provided here are intended for guidance only. They are not a substitute for professional advice and we cannot accept any responsibility for loss occasioned as a result of any person acting or refraining from acting upon it.

From May 2018, the Data Protection Act will be replaced by the EU General Data Protection Regulation.

Under the new regulations, companies must keep a thorough record of how and when an individual gives consent to store and use their personal data and this must be through ‘active consent’ ie. not just a pre-ticked box. Individuals must also be able to withdraw their consent at any time and for all their personal data to be removed as a result.

GDPR Factsheet for CoS Groups

We recommend that you also consult your local CVS or Volunteer Centre about the implications of the GDPR for your group.


The ICO (Information Commissioner’s Office) have a guide to GDPR and have created two checklists to help you think through if you are ready for the GDPR

The Institute of Fundraising has a series of ‘spotlights’ on different aspects of fundraising and how the GDPR applies. 

Information from Give As You Live about the GDPR, including an infopack

An article from the Guardian on how charities should prepare for data protection changes

‘The General Data Protection Regulation: What it is, what we’re doing and what you can do’ from MailChimp (this is a dense document but useful if your group uses MailChimp for your mailing list)