01.27.2023 | Linda J. Rosenthal, JD
Which documents should your organization have in that expensive, “gold-embossed,” three-ring binder you ordered back in the day when you first got started? There are dividers for your articles of incorporation, your bylaws, and the minutes of the first meeting. Of course, you should keep it up to date with the minutes of each board meeting, along with formal resolutions adopted, and any amendments to the bylaws. What else should be included in your official organizational records?
In the “must-have” category are certain official corporate policy documents that the IRS strongly recommends you adopt and follow scrupulously. Check out our series When the Revenue Agent Comes Calling. The government auditor will have in hand IRS Form 14114 , Governance Check Sheet, and will ask to see your written conflict of interest policy, your document-retention policy and sometimes your whistleblower protection policy.
There are two types of donor privacy policies: explicit or opt-out. An explicit policy tells donors you won’t sell or share their personal information without permission and gives donors the choice to let you use their data or not. An opt-out policy informs your supporters that you may use their information unless they specifically ask you not to do that.
Our Commitment to Our Donors
We will not sell, share or trade our donors’ names or personal information with any other entity, nor send mailings to our donors on behalf of other organizations.
This policy applies to all information received by Charity Navigator, both online and offline, on any Platform (‘Platform’, includes the Charity Navigator website and mobile applications), as well as any electronic, written, or oral communications.
To the extent any donations are processed through a third-party service provider, our donors’ information will only be used for purposes necessary to process the donation.
Other organizations choose more detailed documents. For a longer policy, the Charities Review Council provides recommendations. First, it should be available in one of a number of ways: included in donor “giving envelopes” as well as on the group’s website, and printed out as a standalone document for any donor requesting one.
Second, it should:
- Describe, specifically, which information – including “personally identifiable matter” – the organization collects from donors and how it’s collected.
- Explain how the group uses donor information.
- Give donors an “opt-out” choice or state that the charity doesn’t sell, trade, or share private data. Otherwise, explain which personally identifiable data the group may share with third parties, and why; and tell donors how they can access their data or change it.
- List third-party websites and links on the organization’s website, and disclose if it uses “cookies.”
- Describe security measures in place.
By the way, that lavish corporate binder you felt pressured to buy isn’t needed; a simple, drugstore version is adequate. It’s a racket by the nation’s incorporation-service businesses from which they make gobs of money. (We admit: The nonprofit binders we supply to our clients are purchased through Amazon.)
Anyhow, it’s the twenty-first century; corporate records should be digitized and key documents posted on the website for the sake of transparency for your supporters and the general public.