Skip to main content

Code breach: Fundraising Preference Service

Some charities have failed to access requests to stop communication, made by the public on the Fundraising Preference Service (FPS). 

Why is this important?

The Data Protection Act 2018 gives a person the right to object at any time to use of their personal data for marketing purposes.

This right is also reflected in the Code of Fundraising Practice. If charities don’t action a request from the service within 28 days, they are in breach of section 5.7 of the Code of Fundraising Practice. This states:

‘Organisations MUST either cease within a reasonable period (meaning as soon as is practicable, but in any event not exceeding 28 days) or not begin to process an individual’s personal data for the purpose of direct marketing whether they receive notice from, or on behalf of any individual to do so. This may include a) notice from (or on behalf of) an individual submitted through the Fundraising Preference Service or notice from the Fundraising Preference Service that such a request has been made.’

The charity must access this information to comply with the Code. The Information Commissioner has confirmed that it may consider failure to act on an FPS request as a potential breach of the Data Protection Act 2018.

What are we doing about it?

We’ve tried working with the charities that haven’t accessed their requests, but haven’t had a good response. So we’ve decided to publish the names of the charities who haven’t logged on to the service to action their requests, and have therefore breached the Code. We’ve also referred them to the Information Commissioner and the Charity Commission.   

All organisations in the list below have breached the Code. This list will be updated every month.

What is a service request?

A member of the public can use the Fundraising Preference Service to stop communication from charities they no longer want to hear from. They can use the service to stop phone calls, texts, direct mail and emails.

How many charities have accessed requests?

Since the service was launched, 1,884 charities have set themselves up on the FPS charity portal to collect their requests.

How many charities haven’t accessed their requests?

As of 4 July 2019, 84 requests haven’t been accessed by 36 charities.

How are charities informed that a service request has been made?

When a request is made to stop communication from a charity, the service automatically emails the charity's contact person listed on the Charity Commission’s Register of Charities. The email says that someone from the charity must log in to a charity portal to collect the request. FPS terms and conditions state that charities have 21 days to action the request and stop contacting the individual.

If a charity repeatedly ignores reminders to action the request, a final letter is sent to the Chief Executive of the charity (copied to the Chair of Trustees) from our Chief Executive. The final letter clearly warns that we’ll inform the Charity Commission and the Information Commission of a potential breach of the Data Protection Act 2018 and that a breach of the Code has occurred.

List of charities that have breached the code July 2019