CyberGrants Position Statement: EU General Data Protection Regulation (GDPR)

CyberGrants’ mission is to help our Clients achieve their philanthropic goals by providing innovative software and services in the most secure and efficient way. Since our inception nearly 20 years ago, we have been committed to protecting our clients’ data, including information about their donors, employees, retirees, and the non-profit organizations they support. We regularly review and evolve our processes and procedures to meet or exceed the applicable regulations.

Similar to current legal requirements, compliance with the EU General Data Protection Regulation (GDPR) will require a collaborative partnership between our Clients (the Data Collectors) and CyberGrants (the Data Processors).

CyberGrants recently updated our internal policies to insure compliance with the EU General Data Protection Regulation (GDPR), prior to its official launch on May 25, 2018. Specifically:

Additional Points

In 2017, CyberGrants became a member of the EU-US and Swiss-US Privacy Shield Frameworks under the GDPR requirement to have a data protection mechanism to transfer personal data from the EU.

While GDPR has increased standards regarding how personal data can be used for marketing purposes, CyberGrants does not use or redistribute any of our clients’ data for such purposes.

Similarly, none of the personal data collected by our Clients is subject to an automated decision-making process as our Clients control how their employees’ funds and volunteer activities are processed under each Client’s philanthropic program.



If you have any questions regarding CyberGrants compliance under GDPR, please email privacy@cybergrants.com.

To learn more about the GDPR: https://ec.europa.eu/info/strategy/justice-and-fundamental-rights/data-protection_en