Our role as your supplier
We are the Data Processor (learn more) in the eyes of the GDPR, and you, the client, are the Data Controller.
As a result, we have a comprehensive data processing agreement in place that spells out our responsibilities and commitments as your data processor.
This is updated on a regular basis to reflect changes in legislation and technological advancements.
The DPA in its entirety can be found here.
Your data is safe and sound in our servers. But sometimes your data may be handled by other parties – for example when you integrate icharms with Mailchimp. These sub-processors, as they are called in GDPR, are listed here.
Passwords and API keys, for example, are strongly secured.
icharms does not save any credit card or bank account information that can be used.
They are stored by payment processors’ systems (see Integrations), which are held to the tightest compliance standards.
icharms role in enabling you to comply with data protection legislation
icharms provides a host of features to enable you to meet your obligations as a data controller, and to enable you to set and comply with your own data management policies. These features include:
Legitimate Interest or Opt In policy, for each comms channel.
Subject Access Request (coming soon).
Bulk archive and bulk delete to ensure data retention policy can be adhered to.
Filtering based on channel permissions.
Why charities choose icharms - in their own words
— Charlie Fraser, Back Up Trust
— Emma Lynn, Individual Giving Manager, FitzRoy
—Rachel Hogg, The Benjamin Foundation