Bite-Sized Deep Dives

Critical Direct Response Updates You Need to Know

Jon Dartley, Ph.D
Attorney, Perlman & Perlman, LLP
Joseph Gomez
Business Development Director,
Production Solutions
Rayna Clarke
Senior Account Manager, Tripi
Consulting
Lisa Maska, CFRE
Partner, Lautman Maska
Neill & Company

GDPR
What You Need to Know and Do Today
Presented by
Jon Dartley, Ph.D
Attorney, Perlman & Perlman, LLP
Please be advised that the information provided in the presentation is for general
information purposes only and is not to be construed as legal advice.

5
General Data Protection Regulation (GDPR)
Providing individuals with more control of their privacy

6
What you need to know about GDPR now
To whom
does GDPR
apply?
What are the
penalties for
noncompliance?
!
The regulation applies to all
organizations collecting, processing,
using and/or storing the personal data
of affected individuals, regardless of
the organization’s location.
This includes U.S.-based companies
who touch EU citizen and resident
personal data such as: name, address
information, email address, racial or
ethnic data, political opinions, religious
or philosophical beliefs, trade union
membership, health and genetic data,
biometric data, political opinions and
sexual orientation.
While certain clients have been
working on their compliance
approaches for some time, others
may not yet realize GDPR’s
applicability and, either way, they
may need our help to gain
assurance on their progress or to
jump-start their compliance efforts.
Why are
we just
discussing
this now?
After May 25, 2018, fines for non-
compliance are €20 million or 4
% of global revenue – whichever
is greater.
The enforcement posture remains
to be seen, but expectations are
that, at a minimum, organizations
experiencing any type of a
(publicly known) breach may be
likely enforcement targets.

Myth or Fact?
The GDPR doesn’t apply to my organization because…
We have no offices or employees in the EU
Our EU membership / contact lists is small
We are a nonprofit
We are a service provider
The information we hold is anonymous
The bottom line is that the GDPR applies to any organization that
collects and holds “personal data” of individuals residing in the EU,
regardless of the organization’s location.
7
GDPR Applicability

Risk of Noncompliance
 Reputational concerns
 Loss of opportunities
 Disruption due to regulator inquiries
 Fines
8
GDPR Applicability

9
Nuts and Bolts
The Main Requirements of GDPR

 Transparency
 Right of Access
 Right to Erasure
 Right to Restrict Processing
 Right to Data Portability
 Right to Object
10
New Obligations Related to Personal Data

11
Higher Bar for “Consent”
A clear, affirmative act
Ticking a box
Technical settings that
record/verify
acceptance
Silence
Pre-ticked boxes
Inactivity
Too broad
-

Example of Acceptable Consent
 👎 I hereby consent to the processing of my personal
data for the prize draw, and for general marketing
purposes, and other related activities.
 👍 I hereby consent to the processing of my personal
data for the prize draw.

Additional Requirements
 Responsibility for Third-Party Vendors
 Controller vs. Processor
 Limits on Data Retention
 New Data Security and Breach Notification Obligations

14
What Steps Can I Take to Comply / Mitigate Risk?

Immediate Actions to Take in Light of GDPR
1) Evaluate current compliance – Review compliance across the
organization
2) Update website and applications: privacy policy and cookie notices
3) Vendor contracts: complete data processing addendum and review
for additional changes
4) Explicit consent: Review past and current practices to determine
compliance
5) Design and implement compliance systems to comply with the
GDPR: the right to be forgotten; portability, etc.

Privacy is here to stay
Organizations Must be Proactive
Canada
PIPEDA – Personal Information Protection and
Electronic Data Act (2000)
European Union
• GDPR – General Data Protection Regulation (2016)
• Privacy Shield
• E-Privacy (2002)
• EU Member Regulations
United States
• CCPA – California Consumer Privacy Act (2018)
• COPPA – Children’s Online Privacy Protection Act (2000)
• HIPAA – Health Insurance Portability and Accountability Act (1996)
• GLBA – Gramm-Leach-Bliley Act (1999)
• Other U.S. state regulations
China
CSL - Cybersecurity Law of the
People’s Republic of China (2017)
United Kingdom
• Data Protection Act (2018)
• PECR – Privacy and Electronic
Communications Regulation (2003)
Australia
APP – Australian’s Privacy Principles (1988)
India
PDPB – Personal Data Protection Bill
Philippines
Data Privacy Act (2012)
Brazil
• Brazilian Internet Act (2014)
• LGGP - General Data Privacy Law
(2018) effective 2020
Malaysia
PDPA – Personal Data Protection
Act (2010)
New Zealand
Privacy Act (1993)

Wake–up Call
Organizations Experiencing Loss of Personally Identifiable
Information Grows Each Year
According to a report from the Identity Theft Resource Center and CyberScout,
despite organizations faced a greater risk than ever of having their data stolen
Total number of personal records exposed more than doubled in 2018, according
to a new report.
Costs also continue to rise:
Global average cost of a data breach is up 6.4 percent over the previous year to $3.86
million.
The average cost for each lost or stolen record containing sensitive and confidential
information also increased by 4.8 percent year over year to $148.

Why is Protecting Data Important?
 Data is a valuable organization asset, like any other
 Data is at a higher risk of theft or misuse than ever before
 Loss of data can have long-lasting consequences
 Reputational harm
 Loss of donor trust
 Financial penalties and costs
 Legal liability
 Organizations have obligations to protect data
 Laws, regulations, guidelines
 Contracts with third parties
 Privacy policies

Best Practice – PII Audit
What
Why
Who
Where
When
How
DATA
What data does your organization collect?
Why is the data collected?
Who has access to the data?
Where is the data stored?
How is the data protected?
When is the data deleted?

Best Practice – Review Vendor Agreements
 Organizations are increasingly relying on third parties to provide
critical services, and to host PII of their donors and employees.
 Unfortunately, these vendor contracts are typically extremely one
sided in favor of the vendor.
 Review contracts with vendors that collect, process of hold your PII
 Privacy and Security
 Limitation of Liability
 Indemnifications
 Breach Notification

Best Practice - Implement Data Retention and
Destruction Policy
Get Organized
First step in any retention policy process is to organize the data you already have.
Get Informed
State, federal, and tax laws may vary with respect to what data and communication you are
expected to retain and for how long. You will certainly want to consult legal counsel at this
point.
Get Backed Up
No policy in the world can help you if you don’t implement physical methods of ensuring that
data is protected until you decide to take action on it.
Get Destructive
Backing up takes care of the stuff you need to retain indefinitely; you need to have equally
robust procedures for destroying data that you decide not to retain

Best Practice - Cybersecurity Insurance
 Identify your unique risks
 Match your insurance to your company’s risks
 Beware of exclusions
 Consider coverage for acts by third parties
 Negotiate for an early retroactive date
 Understand the “triggers”
 Evaluate coverage for data restoration costs
 Consider coverage for loss of information on unencrypted devices
 Consider coverage for regulatory actions

Where to Go for More
Information/Updates
iapp.org/news/daily-dashboard/
jon@perlmanandperlman.com

www.perlmanandperlman.com
jon@perlmanandperlman.com

Postage & Production
A changing volatile world for your direct mail program.
Joe Gomez, slide 1

Joe Gomez, slide 2
Being
Prepared
is Your
Best Plan
Effective research, planning and preparation
insulates your direct mail program.
✓ Why the paper market has changed and how it is
affecting you
✓ How to save money on postage
✓ China Tariffs - What’s Next?
✓ Planning for the future - risk management
✓ USPS Informed Delivery
✓ Marketing Mail & Flats Requirements

The Paper Market
Joe Gomez slide 3

What Is Causing Our Current Paper Market Woes?
Joe Gomez Slide 4
❏ Consolidation
❏ Paper Manufacturers
❏ Converting to more profitable products
❏ No longer stocking low use items
❏ China
❏ Simple Economics - Supply & Demand

❏ Pre-planning Is the First Step
❏ One year out if possible
❏ Adding estimated increases to annual budget is a double edged sword
❏ Give longer lead times on specialty stocks
❏ Work closely with your production partner
❏ Print full tints rather then order colored stocks
❏ Stay informed, use that information strategically
Navigating the Paper Market
Joe Gomez Slide 5

Postage Cost
Containment
Joe Gomez Slide 6
Start with a Postal Audit
❏ Goal – Compare cost to delivery time
❏ Different products based on program volume
❏ Options:
➢ Standard Presort
➢ Drop ship / Co-pal / Comingle
❏ *Additional – re-test 1st class segments & paying for
reply mail

USPS 2019 Mailing Incentives
➢ Tactile, Sensory & Interactive
Promotion
➢ Emerging and Advanced Technology
Promotion
➢ Earned Value Promotion
➢ Personalized Color Transpromo
Promotion
Joe Gomez Slide 7
Mobile Shopping Promotion
•Active: August 1 – December 31
•Registration Period: June 15 – December 31
•Up to 2% of eligible postage
Informed Delivery Promotion
•Active: September 1 – November 30
•Registration Period: July 15 – November 30
•Up to 2% of eligible postage

China Tariffs - What’s Next
➢ The Office of the United States Trade Representative (USTR)
➢ May 10th Increase
➢ Some items that already had an additional 10% tariff applied were
hit with another 15%
➢ What you need to know:
➢ Not all items are subject to the additional tariffs
➢ Work with your partners to review import items.
➢ What’s next?
➢ Potentially new 25% tariff on additional items, hitting previously
spared goods such as apparel, electronics, toys, and other
household goods. A public hearing will be held on June 17th
Joe Gomez Slide 8

Joe Gomez, slide 9
Mail
Tracking
Information Tool & Risk Management
✓ Complete transparency on
distribution
✓ Launch E-mail or TM
campaigns
✓ Return mail tracking – budget
forecasts
✓ Warm blanket when issues
arise
✓ Inexpensive

Joe Gomez, slide 10
USPS:
Informed
Delivery
✓ Simple and inexpensive
✓ Get additional impressions to donors
and prospects
✓ Still in its infancy
with plenty of
opportunities on
the horizon!

Joe Gomez, slide 11
USPS Decision on Marketing Mail
and Flats Requirements!
Bonus
for 2019
✓Grass roots effort of NPO’s
& fundraising associations
were heard by the USPS
✓Over 4700 opposition letters
sent
✓Results – No changes to
current requirements

Tooting Your Horn to
Build Trust:
EVERYTHING YOU NEED TO KNOW ABOUT FEATURING WATCHDOGS,
ENDORSEMENTS, AND TESTIMONIALS
Rayna Clarke, Slide 1

Why Feature Endorsements?
• Build trust with your donors and
prospects.
• Announce new awards or ratings.
• Communicate that you value
transparency.
• Give a quick snapshot of your
financials.
• May boost response. Always test!

Watchdog
Rundown • America’s Best Charities
• BBB Wise Giving Alliance
• Charity Navigator
• CharityWatch
• GuideStar
• Other Endorsement Options

America’s Best Charities
• ABC is a nonprofit that works as a liaison between
charities and the Combined Federal Campaign (CFC);
ABC uses the CFC’s application process for their membership.
• Any ABC member can use their “Best in America” seal.
• ABC’s only DM-related requirement for application is:
“Applicants' fund raising materials and other information to the
public must be truthful and nondeceptive.”
• Cost: requires both an application fee and (if approved) a
listing fee; these are per the CFC, are updated each year, and
use a sliding scale based on the organization’s budget.

BBB Wise Giving Alliance
• Standards 8 and 9: Program Expenses and Fund Raising Expenses
Maximum 35% of total expenses to fundraising, minimum 65% to
programs.
• Standard 18: Donor Privacy
Must offer an exchange opt-out at least once per year for all
donors who are solicited via the mail. Must also offer a
comprehensive privacy policy on the website.
• Standard 15: Accurate Materials
Relevant info: solicitations must not be misleading or outdated.
STANDARDS MOST RELEVANT TO DIRECT RESPONSE:

STANDARD 15: ACCURACY OF MATERIALS
Source: www.give.org/for-charities/How-We-Accredit-Charities/

STANDARD 15: ACCURACY OF MATERIALS
So how does this affect our acquisition control?
For any photos or stories in your control package, ensure nothing is
presented in a misleading way, and identify the year that the photo
or story is from. This can be done most easily and unobtrusively in a
photo credit or caption.
The same strategy can be used in renewal appeals to ensure
accuracy, and is overall a good practice to maintain transparency.

SEAL LICENSING COSTS:
Annual fees are on a sliding scale, “based on the level of total contributions received by the
national charity in the past fiscal year” (excluding government grants and in-kind gifts).
Total Contributions Annual Seal Licensing Fee Total Contributions Annual Seal Licensing Fee
< $1 Million $1,000 $100M - $124.9M $16,000
$1M - $4.9M $2,000 $125M - $149.9M $17,500
$5M - $9.9M $3,500 $150M - $174.9M $20,000
$10M - $19.9M $4,750 $175M - $199.9M $22,500
$20M - $39.9M $6,000 $200 M - 299.9M $25,000
$40M - $49.9M $6,750 $300M - 499M $27,500
$50M - $74.9M $11,000 $500M + $30,000
$75M - $99.9M $12,500

Charity Navigator
• Rating system is one through four stars.
• Rating criteria based on two broad areas of a nonprofit:
financial health and accountability and transparency.
• Charity Navigator does not accept any fees from the
nonprofits it rates, in order to remain objective.

Charity Navigator
• Website Privacy Policy
Nonprofits should have a written donor privacy policy on their
website, which informs the donor how their data will be used.
Charity Navigator categorizes privacy policies in three ways: yes, opt-
out, and no.
If a nonprofit rents or exchanges its donor list, it should specify this
in the privacy policy and provide a way for donors to opt-out.

Charity Navigator
Source: www.charitynavigator.org/index.cfm?bay=content.view&cpid=1093

CharityWatch
• Rates on a letter scale, A to F.
• Rating is based on two metrics:
program % (total percent of
expenses spent on programs) and
cost to raise $100, within the
rating year.
• Receiving a rating is free for
nonprofits, and CharityWatch
chooses whom to rate based on
member requests.
Source: www.charitywatch.org/charitywatch-criteria-methodology

CharityWatch
• In CW’s evaluations, joint cost allocation (i.e., educational
content) within fundraising appeals are adjusted out of
program expense totals.
• Highly-rated organizations must have a clear privacy policy
and way for donors to opt-out of data exchange.
Source: www.charitywatch.org/charitywatch-criteria-methodology

GuideStar
• Assigns seals of transparency, which rank from worst to best
as: bronze, silver, gold, platinum.
• Seals are cumulative; a nonprofit must have bronze to
become silver, etc.
• Each new seal is gained when a nonprofit enters more
information into their GuideStar profile
• There is no cost to create a profile or gain a seal.

Examples of Other Endorsement Options
INDUSTRY-SPECIFIC GROUPS & AFFILIATIONS
PRIZES & ACCOLADES

Examples of Other Endorsement Options
“BEST OF” LISTS
TESTIMONIAL QUOTES & MEDIA FEATURES
• Praise from public figures with good name recognition (always test this!)
• Article quotes from prominent media organizations
AND DON’T FORGET TO SHOUT OUT YOUR FINANCIALS
… as long as they’re good!

Endorsement
Audit
Our office conducted an audit of the
following for all endorsement and
financial information:
• Renewal appeals we received in the
mail over several months from
November 2018 to early 2019
• Acquisition packages we received in the
mail during the same time period
• Website donation pages of
organizations featured on Charity
Navigator and Consumer Reports
top/best charities lists

AUDIT FINDINGS: Renewal Appeals
6%
7%
4%
4%
4%
20%
31%
41%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Testimonial Quote
Financial Info
Other Endorsement
CharityWatch
GuideStar
Charity Navigator
BBB
Any Endorsement
Sample: 54 unique renewal packages across 27 organizations. Tripi Consulting clients not included.

AUDIT FINDINGS: Renewal Appeals
ENDORSEMENT LOCATION WITHIN AUDITED PACKAGES
• Outer envelope: 4%
• Reply coupon front: 7%
• Reply coupon back: 22%
• Letter: 4%
• Insert: 11%
• Reply envelope: 4%
Sample: 54 unique renewal packages across 27 organizations. Tripi Consulting clients not included.

AUDIT FINDINGS: Acquisition Packages
5%
24%
14%
15%
17%
29%
31%
51%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Testimonial Quote
Financial Info
Other Endorsement
GuideStar
CharityWatch
Charity Navigator
BBB
Any Endorsement
Sample: 100 unique packages across 80 organizations. Tripi Consulting clients not included.
Other Endorsements:
• ECFA
• Nobel Prize
• America’s Best Charities
• Hilton Prize
• InterAction
• The Life You Can Save
• Media endorsements

ENDORSEMENT LOCATION WITHIN AUDITED PACKAGES
• Outer envelope front: 3%
• Outer envelope back: 11%
• Reply coupon front: 1%
• Reply coupon back: 29%
• Letter front: 4%
• Letter back: 7%
• Insert: 13% (incl. label sheet back)
• Reply envelope back: 5%
AUDIT FINDINGS: Acquisition Packages
Sample: 100 unique packages across 80 organizations. Tripi Consulting clients not included.

AUDIT FINDINGS: Website Donation Pages
4%
14%
10%
27%
30%
39%
50%
66%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Testimonial Quote
Financial Info
Other Endorsement
CharityWatch
GuideStar
BBB
Charity Navigator
Any Endorsement
Sample: 98 unique nonprofit organization donation pages.

PLACEMENT: OUTER ENVELOPE

PLACEMENT: REPLY COUPON

PLACEMENT: LETTER

PLACEMENT: LETTER
NAME
ADDRESS
CITY STATE ZIP

PLACEMENT: SPECIAL INSERTS

PLACEMENT: REPLY ENVELOPE

Considerations
If your rating changes next year,
will you need to reprint stock?
Will this endorsement resonate
with my audience?
How many endorsements do we
need to get the message across?
What cost is worth it for our organization
to secure an endorsement?
Icons designed by Freepik via flaticon.com

Bite-Sized Deep Dives

Recomendados

Recomendados

Más contenido relacionado

Último

Último (20)

Destacado

Destacado (20)

Bite-Sized Deep Dives