Donor Privacy Policy

Why a Donor Privacy Policy Matters

The Association of Fundraising Professionals (AFP) recommends that nonprofits adopt a donor privacy policy when handling personal information such as donor names, addresses, and credit card details from donors and event attendees.

A donor privacy policy is a formal written statement explaining how your organization collects, uses, protects, and shares donor data. It reassures supporters that their personal information is handled responsibly and ethically.

Types of Donor Privacy Policies

Donor privacy policies generally fall into two categories:

• Explicit (Opt-In) Policy
  This policy assures donors that their personal information will not be shared or sold without their consent. Donors must actively choose whether their data may be used.

• Opt-Out Policy
  This policy allows the organization to use donor information unless the donor specifically requests otherwise.

Both approaches should clearly communicate donor rights and data usage expectations.

Why Donor Privacy Builds Trust

Donor privacy policies are designed to build trust and transparency. They assure supporters that their information will never be shared or sold without permission.

In addition:

• Charity watchdogs and rating organizations review whether nonprofits have data privacy policies

• Strong privacy practices improve accountability scores

• Transparency increases donor confidence and long-term commitment

A clear privacy policy signals that your organization takes donor relationships seriously.

What to Include in a Donor Privacy Policy

There is no required length for a donor privacy policy—it can be brief or detailed depending on your organization’s needs. What matters most is clarity.

Sample Privacy Policy Statement

“Our organization values the privacy of our donors. We do not share, sell, or trade donor information with any other organization, nor do we send mailings on behalf of other organizations. This policy applies to all information provided by donors, both online and offline. Donor information is used solely for processing contributions.”

Your policy should be:

• Available on your website

• Provided in print upon request

• Written in clear, accessible language

Templates and guidance are available through charity watchdog organizations such as Charity Navigator.

Key Elements Your Donor Privacy Policy Should Address

A strong donor privacy policy should clearly explain:

• How donor information is used

• What types of data are collected, including personally identifiable information

• Whether information is shared, and under what circumstances

  • Donors should always have an opt-out option

  • Clearly explain any data shared with third parties and why

• How donors can access or update their information

• Any third-party links or cookies used on your website

• Security measures in place to protect donor data

Most nonprofit organizations offer multiple ways for supporters to get involved, including online donations, social media fundraising, and personal outreach. In doing so, organizations inevitably collect sensitive personal and financial data.

A donor privacy policy ensures that this information is never shared or sold and demonstrates your organization’s commitment to accountability and transparency. By protecting donor data and clearly communicating your practices, you help build trust—leading to stronger, longer-lasting donor relationships.