Soft opt-in changes for charities – FJ’s quick guide

The Data (Use and Access) Act 2025—previously the Data (Use & Access) Bill—received Royal Assent on 19 June 2025, introducing a key change: extending the “soft opt-in” rule under PECR to charities. Historically, only commercial organisations could send marketing by relying on soft opt‑in, letting them email or text customers who had made purchases, provided they offered opt-out at collection and in each message.

What’s changing?
Charities can now send direct electronic marketing (emails, texts, social media DMs) to individuals who newly provide their contact details by expressing interest in or supporting their charitable purposes—without needing explicit opt-in consent each time. However, they must:
1. Clearly offer an opt‑out when collecting the data.
2. Include an opt‑out link in every subsequent message.
3. Use the lawful basis of legitimate interests under UK GDPR, ensuring it’s solely for furthering the charity’s purposes.

What it doesn’t cover
- Charity calls/texts collected before the law change cannot retroactively rely on soft opt‑in.
- It doesn’t apply to telephone marketing—only electronic mail.
- Mixed-purpose messaging (e.g. third-party endorsements or commercial tie-ins) likely disqualifies soft opt‑in.

Why it matters
- Major fundraising potential: The DMA estimates up to £290 million annually in extra donations.
- Enhanced supporter engagement: it allows more consistent follow-up to initial interest (e.g. after petitions, event sign-ups).
- Requires robust systems: charities must track whether supporters joined under consent or soft opt‑in, record opt-outs, perform Legitimate Interest Assessments, update privacy notices, train staff, and monitor vulnerability risks.

Next steps
The Act’s relevant provisions will be phased in through late 2025/early 2026. Charities should begin planning now:
- Audit data collection forms & CRM systems.
- Update privacy policies.
- Train staff and volunteers.
- Create internal guidance aligning PECR, UK GDPR, and Fundraising Regulator Code.

Useful reading

1. Fundraising Regulator – Preparing for the Soft Opt-In:

https://www.fundraisingregulator.org.uk/about-fundraising/resources/preparing-soft-opt-in

2. Mishcon de Reya – Charities and the Soft Opt-In:

https://www.mishcon.com/news/charities-and-the-soft-opt-in-a-change-for-fundraising-emails

3. Foot Anstey – Soft Opt-In for Charities:

https://www.footanstey.com/our-insights/articles-news/can-the-soft-opt-in-for-charities-deliver-hard-results-what-charities-need-to-know/

4. ICO Summary – Data Use and Access Act:

https://ico.org.uk/about-the-ico/what-we-do/legislation-we-cover/data-use-and-access-act-2025/

5. CIOF Update – Data (Use and Access) Bill:

https://ciof.org.uk/about-us/latest-news/data-%28use-and-access%29-bill-2025-update

6. NationBuilder – What Soft Opt-In Changes Mean for You:

https://nationbuilder.com/what_soft_opt_in_changes_in_uk_law_mean_for_you

7. Fundraising Regulator – What Charities Need to Know:

https://www.fundraisingregulator.org.uk/news/fundraising-regulator-publishes-information-what-charities-need-know-about-changes-soft-opt

FJ Philanthropy is currently working with charities to adapt fundraising and supporter engagement strategies to the new rules. Please do get in contact with us if you would like to discuss how we may be able to support.