Contact
2026-06-04 · DonationPort

GDPR for donor data: what every NGO should know

NGOs handle sensitive personal data — names, contact details, donations and payments. Under the EU GDPR (AVG) you are responsible for processing that data lawfully. Here are the essentials. (This is general information, not legal advice.)

Lawful basis and purpose

Process donor data only for clear purposes — registering donations, forming qurban groups, sending confirmations — on a valid legal basis such as performance of a contract or consent for marketing.

Retention and security

Keep data no longer than necessary (accounting rules may require several years), and protect it with encryption, HTTPS and role-based access so people only see what they need.

Donor rights

  • Access, rectification and erasure of their data
  • Restriction of and objection to processing
  • Data portability in a machine-readable format

DonationPort centralises donor data with role-based access and one-click export, which makes honouring these obligations far easier.

Donations →

Ready to get started?

Join organisations that trust DonationPort for their qurban and donation management.

Get in touch today