Skip to main content

Code breach: Fundraising Preference Service

Some charities have failed to access requests to stop communication, made by the public on the Fundraising Preference Service (FPS). 

Why is this important?

The Data Protection Act 2018 gives a person the right to object at any time to use of their personal data for marketing purposes.

This right is also reflected in the Code of Fundraising Practice. If charities don’t action a request from the service within 28 days, they are in breach of section 3.2.5 of the code. This states:

You must either stop sending direct marketing to a person within a reasonable period (as soon as possible, but in any case within 28 days) or not begin to process a person’s personal data for the purpose of sending them direct marketing if you receive notice from, or on behalf of, that person telling you that they don’t want to receive direct marketing. For example: a notice from (or sent on behalf of) a person through the Fundraising Preference Service telling you that a request to stop contact has been made.

The charity must access this information to comply with the code. The Information Commissioner has confirmed that it may consider failure to act on an FPS request as a potential breach of the Data Protection Act 2018.

What are we doing about it?

We’ve tried working with the charities that haven’t accessed their requests, but haven’t had a good response. So we’ve decided to publish the names of the charities who haven’t logged on to the service to action their requests, and have therefore breached the code. We’ve also referred them to the Information Commissioner and the Charity Commission.   

All organisations in the list below have breached the code. This list will be updated every month.

What is a service request?

A member of the public can use the Fundraising Preference Service to stop communication from charities they no longer want to hear from. They can use the service to stop phone calls, texts, direct mail and emails.

How many charities have accessed requests?

Since the service was launched, over 2,098 charities have set themselves up on the FPS charity portal to collect their requests.

How many charities haven’t accessed their requests?

As of 1 April 2020, 68 requests haven’t been accessed by 21 charities.

How are charities informed that a service request has been made?

When a request is made to stop communication from a charity, the service automatically emails the charity's contact person listed on the Charity Commission’s Register of Charities. The email says that someone from the charity must log in to a charity portal to collect the request. FPS terms and conditions state that charities have 21 days to action the request and stop contacting the individual.

If a charity repeatedly ignores reminders to action the request, a final letter is sent to the Chief Executive of the charity (copied to the Chair of Trustees) from our Chief Executive. The final letter clearly warns that we’ll inform the Charity Commission and the Information Commission of a potential breach of the Data Protection Act 2018 and that a breach of the code has occurred.

List of charities that have breached the code