Hardline no more: charities to benefit immediately from the soft opt-in when carrying out email fundraising or marketing

A new provision under the Data (Use and Access) Act 2025 comes into force today which is a gamechanger for charities. 

Since the coming into effect of the GDPR in May 2018, we have all become accustomed to the general rule that marketing, promotional, and fundraising emails can only be sent with the recipient’s prior opt-in consent. 

There is an exception to that general rule known as the “soft opt-in” exception, which (in brief) provides that:

• if an organisation already has a person’s email address (e.g. because they are an existing customer or they have given you their email address when e.g. expressing interest in your products/services); and
• if the organisation wants to send information about their (similar) products/services only; and
• previous marketing/promotional emails contain a clear unsubscribe mechanism which the relevant individual has not used;
• then that organisation can continue to send marketing/promotional material without opt-in consent (provided the emails continue to have a clear unsubscribe mechanism).

Until today, this exception was only available for commercial for-profit organisations. Legislators and the ICO (Information Commissioners Office) did not see fit to extend its generous provisions to charities, despite a strong argument that the public interest (or interests of charities’ beneficiaries’) outweighs the degree of privacy intrusion an ordinary person experiences when receiving an unwanted/unsolicited email. 

We have long been of the view that legislators and the ICO should draw a clear distinction between privacy intrusion caused by receiving unwanted commercial marketing and privacy intrusion carried out in the name of genuine, purposeful, and beneficial charitable activity, and have advocated for this position in the ICO’s various consultations on the subject. It seemed to us that the inevitable conclusion was that email fundraising was considered more intrusive than email marketing, which we do not agree with.

From today, the position changes in charities’ favour: they can now use the soft opt-in exemption in the same way that commercial organisations are entitled to. This will have a significant positive impact for charities, increasing the reach and impact of their fundraising and promotional activities. If the promotional/fundraising content is solely carried out for the relevant charity’s aims, the individual’s contact details have been collected when they showed interest or support (e.g. through donation, event sign-up, or volunteering) and those individuals are offered a clear unsubscribe mechanism in emails they receive, then their consent is no longer required. 

There are two main benefits:

• no longer needing to refresh/update consent as time passes; and
• making it a lot easier to add new supporters/potential supporters to your email database. 

Charities will need to update their privacy notices and likely carry out or amend existing legitimate interests assessments (if consent is no longer the applicable lawful basis for email contact, then the only other option will be legitimate interests under Article 6(1)(f) UK GDPR).

If you would like any targeted advice or assistance with reviewing/amending compliance documentation, or have any questions on the topic, please get in touch with us today.