
A large national charity asked us to review their GDPR arrangements for a major event that they run each year, involving dozens of staff and hundreds of volunteers The initiative was key to its business, making a big contribution to helping homeless people and rough sleepers.
This annual event also represented a significant income stream and helped raise awareness about the charity’s work. It involved thousands of volunteers working across multiple sites.
Our review focused upon the business processes for the area and on how the personal data is used, sourced, created or shared in its delivery and management. Our outputs combined traditional reporting methods with visual and colourful process maps, so that improvements could be quickly identified. This helped engage the senior managers of the charity and supported the organisation in ensuring that it could meet its GDPR requirements. Specifically, we delivered: detailed maps of ‘data journeys’; updated and improved activity records that were GDPR compliant; and, a comprehensive risk register for the event.
By reviewing and refining data handling processes, we ensured the safeguarding of personal information, building trust among stakeholders. Our work also reinforced the importance of privacy and data security, contributing to a culture of ethical responsibility.
This not only ensured legal compliance but also enhanced the organisation’s reputation for integrity and respect for individual rights.