Not registered for a My SCVO account?

Sign up below to create a My SCVO account.
It's best to use a work email address in your own name if you can. Fill in your details and we'll send you a link to verify your email address. You'll then have the option to create an individual account or link your account to an organisation. If your organisation is an SCVO member or supporter, you'll gain immediate access to exclusive content and benefits.
Privacy notice

Already have an account? Sign in

Sign in

Forgot your password? Reset password

Not registered for a My SCVO account?

This website uses cookies for anonymised analytics and for account authentication. See our privacy and cookies policies for more information.

Supporting Scotland's vibrant voluntary sector

The Scottish Council for Voluntary Organisations is the membership organisation for Scotland's charities, voluntary organisations and social enterprises. Charity registered in Scotland SC003558. Registered office Caledonian Exchange, 19A Canning Street, Edinburgh EH3 8EG.

Data protection

The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR).

If you hold and process information about your clients, employees or suppliers, you are legally obliged to protect that information. Under the Data Protection Act 2018 you must make sure the information is:

used fairly, lawfully and transparently
used for specified, explicit purposes
used in a way that is adequate, relevant and limited to only what is necessary
accurate and, where necessary, kept up to date
kept for no longer than is necessary
handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage

If you handle personal information you may need to register with the Information Commissioner’s Office (ICO) as a data controller. Notification is a statutory requirement and every organisation that processes personal information must notify the ICO unless they are exempt. Failure to notify is a criminal offence.

The ICO has an online Data Protection Self-Assessment Toolkit which provides a ‘health check’ of where organisations are currently in relation to the specific areas covered in the toolkit: records management, security and the handling of subject access requests.

About Data Protection

The ICO has produced lots of resources about Data Protection for organisations which includes tools to assess your lawful basis for processing personal information and resources for reporting a data breach.

Organisations can also sign up to the ICO E-newsletter to stay up to date with new guidance as and when it is released.

The ICO advice service for small organisations Tel: 0303 123 1113

Learn more

We have a series of Data Protection courses which are open to all voluntary sector organisations, with a discount for SCVO members.

The ICO have shared the information governance and legislation training modules they provide to their staff as part of their internal training and made these available for everyone to access.

Resources

Guide to Data Protection (ICO)
Create your own privacy notice (ICO)
Data Protection Self-Assessment Toolkit (ICO)
UK GDPR FAQs for small organisations (ICO)
ICO helpline for small businesses and charities – 0303 123 1113 (ICO)
GDPR essentials for fundraising organisations (IOF)
SCVO’s free legal advice service for members – online referral
Charities going digital - top 10 Data Privacy Tips (Bates Wells)

Last modified on 24 March 2025

Information service

SCVO's information service is an online knowledge bank and enquiry service delivered by experts.

We provide:

Information
Free resources
Guidance for charities and voluntary organisations in Scotland
Support to set up and run a voluntary organisation

Find out more

Data protection

Information service

About

Social

Help