9.0 Digital Media 9.0 Digital Media
<<back to Code of Fundraising Practice sections
Note: MUST* and MUST NOT* (with asterisk) denotes legal requirement
MUST and MUST NOT (without asterisk) denotes requirement of the Code of Fundraising Practice
9.0 Legal references in this section:
- Equality Act 2010
- Privacy and Electronic Communications (EC Directive) Regulations 2003
- Gambling Act 2005
- Betting, Gaming, Lotteries and Amusements (NI) Order 1985
- The Law on Lotteries in Northern Ireland
- Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013
The following Legal Appendices MUST be read in conjunction with this section of the Code of Fundraising Practice
- L8 Professional Fundraisers and Agreements
- L9 Commercial Particpators and Agreements
- L10 Solicitation Statements
- L12 References in Documents
- L13 Raffles and Lotteries
- L14 Data Protection
9.1 Accessibility and Usability
Being accessible means using the latest web technologies to accommodate the needs of as many users as possible.
a) All digital platforms MUST* comply with the Equality Act 2010 and organisations MUST* make “reasonable adjustments” to accommodate the needs of all users.
Information about accessibility can be found from the Royal National Institute of Blind People’s (RNIB) web access centre or the World Wide Web Consortium, the W3C.
9.2 Organisations’ Own Websites
9.2.1 Information to be Provided
As well as their main websites, fundraising organisations may have other related websites or micro sites created for specific campaigns or events. This section covers all websites created by organisations.
a) Organisations MUST* have specified information on their website about their status. For further detail please see L12 References in Documents L12.2 and L12.3.
b) Organisations MUST ensure that a contact number and/or an email address are easy to locate.
c) Requests to unsubscribe MUST be addressed in a timely fashion. The Information Commissioner’s Office has suggested time limits which can be found on their website.
e) All information about data capture and use MUST be easily accessible from the website homepage and any page which collects personal data.
a) Organisations MUST* have the necessary intellectual property permissions to use or share digital content, such as images, audio, video etc.
9.3 Donations and e-commerce
9.3.1 Electronic Payments
There are a number of standards that apply to electronic payments, such as the Payment Card Industry-Data Security Standard (PCI- DSS) for processing card transactions, and the Direct Debit Guarantee for processing Direct Debits.
9.3.2 Online Raffles and Lotteries
a) Organisations MUST* comply with the Gambling Act 2005 or, in Northern Ireland, the Betting, Gaming, Lotteries and Amusements (NI) Order 1985.
For more information on the different types of lotteries and the rules that apply to each type, please see L13 Raffles and Lotteries and/or speak to the Gambling Commission, who regulate this area.
For Northern Ireland, please consult the Department for Communities and its Policy Unit’s Information Leaflet – The Law on Lotteries in Northern Ireland.
9.3.3 Online Trading, Trading Subsidiaries and e-commerce
a) Organisations MUST* only trade if their governing documents allow it.
b) Organisations MUST* comply with all relevant consumer law and digital commerce legislation including the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013.
c) If merchandise sales or fundraising events (such as challenge events) are carried out through a trading subsidiary, fundraising organisations MUST* make this clear on relevant communications or web pages.
d) Organisations MUST* ensure that descriptions and images of goods are sufficiently accurate that donors are not misled about what they are buying.
e) Organisations MUST* have the necessary intellectual property permissions to use or share digital content, such as images, audio, video etc.
f) Organisations MUST* comply with legal requirements as to delivery, cancellation, refunds and returns and MUST have policies that set out processes and timings for potential customers.
For more information, please see the guidance on this.
9.4 Working with Third Parties
a) Professional fundraisers and commercial participators working on digital media projects MUST* have written agreements in place with the charity and MUST* make the appropriate statements.
b) When not legally required to have written agreements, organisations MUST still have contracts or agreements in place.
c) Organisations MUST undertake due diligence on both the financial and reputational dealings of potential partners before agreements are put in place. This is especially important when working with non-UK based third parties who are not bound by UK law.
d) If placing fundraising content on a third party’s platform, fundraising organisations MUST apply the same due diligence as if it was on their own website.For more information on selecting and using online giving platforms, the Institute of Fundraising’s ‘Making the Most of Digital Donations’ guidance.
9.5 Social Media
a) Organisations MUST ensure that usernames and passwords for their social media accounts are only available to trusted individuals.
9.6 Mobile Devices and Platforms 9.6.1 Definitions
Mobile may consist of separate platforms/channels or simply using a mobile device to access a version of an organisation’s website. Mobile devices may include but are not limited to smartphones, tablets, Personal Digital Assistant (PDA), and gaming consoles.
9.6.2 SMS and MMS
a) Organisations using Premium SMS MUST* register with the Phone-Paid Services Authority (PSA) and comply with its Code of Practice unless providing exempt services (as defined in the PSA Code).
b) Organisations MUST* only send marketing messages to individuals’ mobile phones where those individuals have previously notified the organisations that they consent to receiving such communications.
c) Organisations MUST* make the registration process for messaging clear on all forms of relevant documentation including websites and MUST* include procedures for unsubscribing on all marketing messages.
d) Organisations MUST* make the cost of premium rate messages clear to donors and MUST explain to donors how and when they will be billed.
e) Organisations MUST* follow data protection rules and rules set out in the Privacy and Electronic Communications Regulations 2003 when parental/bill payers’ consent is required.
f) Reply by SMS MUST be an option for opting-out and be clear in all communications.
g) Organisations MUST use a simple opt-out message.
h) Users MUST* be able to exercise their opt-out choice from any message, free of charge (except for the costs of the transmission of the refusal).
i) For competitions and prize draws, organisations MUST provide a clear and simple method of accessing any terms and conditions and MUST publish the identity of the promoter.
9.6.3 Charity Short Codes
a) When receiving donations by SMS, organisations MUST use Charity Short Codes (approved 5 number codes that can be rented by fundraising organisations to identify donations and pass on the VAT content to the organisation).
9.7.1 Data Protection
a) Fundraising organisations MUST* comply with the requirements of the Data Protection Act and MUST NOT* disclose information obtained in situations where a legal duty to keep information confidential arises.
b) Organisations MUST* provide a valid address for opt-out requests.
a) Emails MUST carry a statement confirming the status of an organisation, and MUST* do so in certain circumstances.
b) Organisations MUST NOT send bulk emails from named individual’s email accounts.
c) Organisations MUST use a simple opt-out message.