With the many financial transactions that occur within the digital space, your organization needs to make sure its data policies are up to date. Recently, even popular, reputable businesses have experienced data leaks. As your organization continues to comply with general fundraising requirements, take extra time to review data protection regulations as well.
It’s essential to perform the necessary research and make needed security changes to protect your organization and its supporters, especially within an online auction setting.
For these events, many organizations partner with an auction software provider. In addition to the rest of your security protocols, review your auction software’s data protection safeguards thoroughly, so you can host a safe and effective online auction.
Let’s take a closer look at data privacy considerations and how they relate to fundraising auctions.
Auction Data Protection: Why it Matters
You might be curious why maintaining data protection matters during your fundraising auction. Whether you’re hosting a school fundraiser or a nonprofit fundraising event, data protection is a necessity since data security measures apply to all fundraising events that use software, including auctions.
More specifically, your organization should implement a data protection policy for the following reasons:
- To communicate transparency. Your supporters need to know if their personal information is at risk. Data protection policies show them you are committed to transparency regarding how and why their information is collected. When looking for a software provider, choose one with a fully fleshed-out data protection policy.
- To protect your organization’s reputation. Severe data leaks reflect poorly on your organization and can severely damage your ability to realize your mission. Protect your reputation by putting data protection safeguards in place.
- To manage risks. Should an unanticipated security issue arise, your organization needs to be prepared so as to not be held liable. Check out your software providers’ liability clauses for a better understanding of how certain circumstances will be managed.
- To adhere to legal requirements. Organizations are now legally required to include data protection and data privacy communications. As Schoolauction.net’s debrief on California consumer privacy laws states, “If you are a group using software to run an auction, you too are an organization running a website, and you should determine whether your group meets the criteria set up in the new law to require the new disclosures.”
As previously mentioned, U.S. data privacy laws have changed in recent years. Stay up to date on the latest legislation and make necessary changes to maintain legal compliance and protect your supporters’ data.
One example is the California Online Privacy Protection Act (CalOPPA) which aims to safeguard “personally identifiable information” and is currently considered to be the strictest data protection law in the country. This means that websites collecting personal data, regardless of if they are California based, must comply with CalOPPA due to the fact that they could attract California residents.
To clarify, personally identifiable information includes:
- First and last names
- Email addresses
- Phone numbers
- Home or physical addresses
If you’re looking into auction software providers, make sure they’ve taken the necessary steps to adhere to these regulations as well.
- The types of data you collect. This includes names, contact details, payment information, and any other information you might gather for your auction. By keeping this list comprehensive, you protect your organization from any potential liabilities.
- How you collect information. List how your organization collects all information, including automatically collected data like IP addresses from third-party sources such as Google Analytics. Other manually collected information, like profile characteristics and login information, should be added as well.
User Agreement Policy
As a final step in maintaining data transparency, be sure to include a detailed user agreement policy or terms of service document. Likewise, if your organization intends to purchase a new software solution, such as an auction platform, review its user agreement policy to make sure your supporters can adhere to it.
Sections covered in a user agreement policy include:
- User responsibilities: Outline user responsibilities determined by recent legislation. This section could include clauses related to users providing truthful information and avoiding fraudulent activity.
- Prohibited activities: Prohibit users from listing counterfeit items and engaging in spam or phishing-related activities.
- Payment disclosure: Explain applicable taxes and fees and discuss acceptable payment methods and how payments will be processed.
- Intellectual property: Discuss any limitations on how users can reproduce website content, in addition to dictating ownership of trademarked or copyrighted items.
- Dispute resolution: Determine the course of action users and your organization will take should a dispute arise, such as mediation or arbitration.
- Termination of user accounts: Discuss under what circumstances a user account may be terminated, such as user agreement violations.
- Modification process: Outline how users will be notified following any changes to the user agreement policy.
Online auctions are an effective and popular fundraising tool. To ensure your guests feel comfortable participating, be sure to review data protection laws and partner with a secure auction platform provider. Or, if you’re hosting your own auction site, put the necessary data privacy information in an accessible location.