๐Ÿ‡ฌ๐Ÿ‡ง UK GDPRNonprofitCookie Policy

Free Cookie Policy Generator for Nonprofit โ€” UK GDPR Compliant

Nonprofits collect donor information โ€” names, addresses, giving history, and payment details โ€” which donors expect to be handled with particular care and discretion. Many donors specifically check that their data won't be sold to other charities or used for political purposes. Transparent data practices build the donor trust that nonprofits depend on. Following Brexit, the UK retained its own version of GDPR (UK GDPR), supplemented by the Data Protection Act 2018. The UK GDPR is closely aligned with EU GDPR but enforced by the ICO (Information Commissioner's Office).

No signup required Download as HTML Ready in 2 minutes

What This Cookie Policy Covers

All sections are included and pre-filled for Nonprofit businesses

What Are Cookies

Included in all documents

Types of Cookies We Use

Included in all documents

Third-Party Cookies

Included in all documents

Cookie Consent

Included in all documents

Managing and Disabling Cookies

Included in all documents

Data Collected Through Cookies

Included in all documents

Contact Us

Included in all documents

๐Ÿ‡ฌ๐Ÿ‡ง Key UK GDPR Requirements

Following Brexit, the UK retained its own version of GDPR (UK GDPR), supplemented by the Data Protection Act 2018. The UK GDPR is closely aligned with EU GDPR but enforced by the ICO (Information Commissioner's Office). UK GDPR fines can reach ยฃ17.5 million or 4% of global turnover. Organizations serving both UK and EU residents must comply with both frameworks.

  • Same core principles as EU GDPR: lawfulness, fairness, transparency, purpose limitation
  • UK-specific lawful bases for processing must be documented
  • ICO registration required for most data controllers (annual fee applies)
  • PECR (Privacy and Electronic Communications Regulations) governs cookies and e-marketing
  • International data transfers require UK adequacy decisions or UK-specific SCCs
  • Data breaches must be reported to the ICO within 72 hours
Data retention note: Same as EU GDPR: data must not be retained longer than necessary. Document your retention schedule.

Ready to generate your Cookie Policy?

Free, no signup, customized for Nonprofit under UK GDPR.

Nonprofit โ€” Specific Considerations

Nonprofits collect donor information โ€” names, addresses, giving history, and payment details โ€” which donors expect to be handled with particular care and discretion. Many donors specifically check that their data won't be sold to other charities or used for political purposes. Transparent data practices build the donor trust that nonprofits depend on.

Data typically collected by Nonprofit businesses: donor name and contact info, donation history, payment details, volunteer information, event registration data

  • Donor data confidentiality commitment
  • No-sell pledge for donor information
  • Gift acknowledgment and tax receipt data
  • Volunteer and event registration data
  • Grant applicant data handling

Frequently Asked Questions

Is a Cookie Policy required under UK GDPR?

Yes โ€” under UK GDPR, a Cookie Policy is legally required. You must obtain consent from users before placing non-essential cookies, and your policy must clearly explain which cookies you use and why.

What cookies does a Nonprofit website typically use?

A typical Nonprofit website uses: essential session cookies, analytics cookies (Google Analytics, etc.), functional preference cookies, and marketing/advertising cookies if you run paid campaigns. Each type must be disclosed in your Cookie Policy with its purpose.

Do I need a cookie consent banner if I have a Cookie Policy?

Under UK GDPR, a Cookie Policy alone is not sufficient. You must also implement a consent mechanism (cookie banner) that allows users to accept or reject non-essential cookies before they are placed.

Other Documents for Nonprofit โ€” UK GDPR

Privacy Policy

for Nonprofit ยท UK GDPR

Terms of Service

for Nonprofit ยท UK GDPR

Refund Policy

for Nonprofit ยท UK GDPR

Disclaimer

for Nonprofit ยท UK GDPR