Your donor database is one of your most valuable assets — and one of the most quietly neglected. Dirty data costs real money: mail returned for bad addresses, the same household solicited twice (or asked again right after they gave), reports nobody trusts, and major-gift signals that disappear into duplicate records. The fix is not a new system; it is a routine. Good data hygiene is governance plus a handful of recurring tasks done on a predictable cadence.
This guide gives you a simple governance model (who owns what, who can edit what), the core hygiene routine (deduplication, standardized entry, address and email validation, lapsed and deceased flagging, consent and source tracking), a plain-language take on retention and privacy, and an embedded monthly checklist you can copy into your own CRM today.
Why dirty data quietly costs you money
Most nonprofits do not have a data problem they can see; they have one they pay for invisibly. Every dollar of fundraising efficiency depends on the records underneath it being accurate, de-duplicated, and current. When they are not, the costs show up in five predictable places.
- Wasted print and postage. Mail to a moved or deceased donor is printed, stuffed, and stamped before it is returned (or silently discarded). At scale, undeliverable mail is pure waste — and for bulk and presort discounts, the USPS actually requires you to keep addresses current.
- Double-asks and embarrassing over-contact. Duplicate records mean the same household gets two appeals, or gets solicited again the week after a generous gift. Over-contact is a leading driver of donor attrition.
- Reports nobody trusts. If "total donors" double-counts spouses and "lapsed" includes people who actually gave under a misspelled name, leadership stops believing the numbers — and starts making decisions on gut feel.
- Lost major-gift signals. A pattern of rising annual gifts is a flag for a major-gift conversation. Split that giving history across three duplicate records and the signal vanishes. Dirty data hides your best prospects.
- Compliance and trust risk. Mailing someone who asked to be removed, or losing track of who consented to what, erodes the donor relationship the AFP Donor Bill of Rights exists to protect.
The reframe
Data hygiene is not IT housekeeping — it is fundraising. Clean data raises response rates, protects donor relationships, and surfaces the major gifts that fund your mission. Treat it as a revenue activity, because it is one.
A simple data governance model: who owns what
"Governance" sounds heavy, but for most organizations it comes down to answering three questions clearly: who owns the data, what are the standards, and who can edit what. Write the answers down in a one-page document and you have a governance policy. The Nonprofit Technology Network (NTEN) frames this as building a data culture — shared habits and accountability, not a binder nobody reads.
1. Ownership
Name a single data steward — often the operations or development-operations person — who is accountable for hygiene. They do not enter every record; they own the standards, run the routine, and arbitrate disputes ("is this a duplicate?"). Without a named owner, hygiene becomes everyone's job and therefore no one's.
2. Standards
Agree on a small number of formatting and entry rules so the database stays consistent no matter who is typing. Document them where staff actually look.
- Names: store first and last separately; capture preferred name and salutation as distinct fields.
- Addresses: one consistent format (e.g., "St" vs "Street" — pick one); always capture ZIP+4 if your tool returns it.
- Phones and emails: one format for phones; one primary email flagged per record.
- Households: a clear rule for linking spouses/partners and how soft-credit is recorded.
- Dates and source: every gift and every new contact gets a source code (where did this record come from?).
3. Permissions — who can edit what
Use role-based access so a volunteer entering event sign-ups cannot accidentally merge donors or change giving history. A worked permission matrix:
| Role | Add records | Edit contact info | Edit gift/giving history | Merge duplicates | Delete records |
|---|---|---|---|---|---|
| Data steward / admin | Yes | Yes | Yes | Yes | Yes (with log) |
| Development staff | Yes | Yes | Yes | Flag only | No |
| Program / front-line staff | Yes | Yes | No | No | No |
| Volunteer / temp | Yes (queue for review) | No | No | No | No |
Rule of thumb: the more irreversible the action (merge, delete, edit financial history), the fewer people who should be able to do it — and it should always be logged.
The core hygiene routine
Six recurring practices keep a database healthy. None require a data scientist; all reward a steady cadence over heroic once-a-year cleanups.
Deduplication
Duplicates are the costliest form of dirty data because they split giving history and trigger double-asks. Run your CRM's duplicate-finder on name + email and name + address, review matches manually before merging (never auto-merge giving history blindly), and fix the cause — usually an import or a web form that creates instead of matching.
Standardized data entry
Most dirt enters at the keyboard. Constrain it: use dropdowns instead of free text where you can, validate formats on entry, and give staff a short "how we enter a record" cheat-sheet. Clean-at-the-source beats clean-up every time.
Address updates (NCOA)
Americans move constantly, and the USPS keeps the record. Through a USPS-licensed NCOALink service provider, you can run your list against roughly four years of permanent change-of-address filings and get updated addresses back. This is not optional housekeeping if you mail at presort or nonprofit rates: the USPS Move Update standard requires mailers claiming those prices to have updated addresses within the window USPS specifies before mailing. Translation: clean addresses are a condition of your discount, so build NCOA into your pre-mail process.
Email validation
Bad email addresses inflate your list, hurt deliverability, and can get you flagged as a spammer. Use list-validation tools to catch syntax errors, dead domains, and known traps; honor bounces and unsubscribes immediately; and treat a hard bounce as a signal to flag, not to keep retrying.
Lapsed and deceased flagging
Define "lapsed" precisely (e.g., no gift in 13+ months) so your reports and segments mean the same thing every time. Flag deceased records the moment you learn of a death — through returned mail marked deceased, family notification, or a deceased-suppression screen — and suppress, do not delete, so giving history is preserved for acknowledgement and stewardship of the estate.
Consent and source tracking
For every record, capture where it came from (source code) and what the person agreed to (email opt-in, mail preferences, do-not-contact). This is the operational backbone of honoring the donor's right to control their data — and it makes your segmentation honest. A record with no source and no consent state is a liability waiting to happen.
Worked example: a monthly CRM-hygiene routine
Here is the embedded routine to copy. It splits work into a light monthly rhythm, a deeper quarterly pass, and annual resets — with an owner named for each task so nothing falls through the cracks. Adapt frequencies to your volume.
| Task | Frequency | Owner | What "done" looks like |
|---|---|---|---|
| Run duplicate-finder; review & merge | Monthly | Data steward | Merge queue cleared; root cause of new dupes noted |
| Process bounces, unsubscribes & opt-outs | Monthly | Comms / email manager | Hard bounces flagged; opt-outs suppressed same week |
| Review new-record queue (volunteer/web entries) | Monthly | Data steward | Each new record has source code + valid contact info |
| Flag deceased records as learned | Monthly (ongoing) | Development staff | Suppressed, not deleted; history preserved |
| Spot-check 20 records against entry standards | Monthly | Data steward | Formatting drift caught early; cheat-sheet updated |
| NCOA / address update before each mailing | Per mail drop (≥ quarterly) | Direct-mail lead | List run through NCOALink within USPS Move Update window |
| Refresh lapsed segment per agreed definition | Quarterly | Development staff | "Lapsed" recalculated; reactivation list pulled |
| Verify backup restored successfully (test, don't assume) | Quarterly | Ops / IT | A test record restored from backup, confirmed |
| Review data-retention schedule; purge per policy | Annually | Data steward + leadership | Records past retention archived or deleted; log kept |
| Audit user permissions & offboard departed staff | Annually | Ops / IT | Access matches current roles; no orphan logins |
Make it stick
Put these rows in a shared task tracker with due dates and the named owner, not in someone's head. A 30-minute monthly hygiene block, religiously kept, prevents the dreaded "we need to spend a month cleaning the database" project that never quite happens.
Data minimization, retention & privacy basics
The cleanest data is data you never collected unnecessarily. Two disciplines — minimization and retention — keep your database lean, and a short privacy stack keeps you trustworthy.
Collect only what you'll use
Every field you collect is a field you must keep clean, secure, and eventually dispose of. Before adding a question to a form, ask: what decision or communication does this enable? If the answer is "none yet," don't collect it. Data minimization shrinks your hygiene burden and your risk surface at the same time.
A retention schedule
Decide, in writing, how long you keep each category of data and what happens when that period ends. A simple worked schedule:
| Data category | Keep for | Then |
|---|---|---|
| Donation & receipt records | Per your accountant / IRS substantiation needs | Archive (retain for audit) |
| Deceased donor records | Indefinite, suppressed | Preserve history; never solicit |
| Lapsed prospect (no engagement) | Defined window (e.g., a few years) | Archive or delete per policy |
| Event sign-up / one-time contact | Short, unless converted to donor | Delete if no further relationship |
| Payment card numbers | Do not store | N/A — see PCI below |
Confirm financial-record retention periods with your own accountant or auditor before you delete anything; substantiation and audit requirements vary, and this guide can't be your tax advisor.
The nonprofit privacy stack
- Donor privacy policy. Post a plain-language policy on your website stating what you collect, how you use it, whether you ever share or exchange lists, and how a donor can opt out or request changes. The Donor Bill of Rights — created in 1993 by AFP with the Association for Healthcare Philanthropy, CASE, and the Giving Institute — affirms donors' right to know how their information is used.
- PCI for card data. The single safest move is to never store card numbers and let a compliant processor handle them. The PCI Security Standards Council provides a simplified self-assessment (SAQ A) for organizations that fully outsource card handling to a PCI-compliant third party and never store, process, or transmit card data on their own systems. Outsource the card, simplify your compliance.
- CCPA / GDPR — a plain-language take. These laws can reach nonprofits depending on facts: GDPR turns on handling data of people in the EU/EEA, and California's privacy law has specific applicability and exemptions that depend on your activities and revenue. The honest guidance: don't guess. If you knowingly market to EU residents or operate at scale in California, get qualified advice on whether and how these apply, rather than relying on a one-line rule of thumb. Good consent and source tracking (above) is the practical foundation for whichever rules apply to you.
Segmentation that depends on clean data — and backups
Clean data is not an end in itself; it is what makes everything downstream work. Two payoffs are worth calling out.
Segmentation only works on clean data
Every useful segment is a query against your fields — and a query is only as good as the data it runs on. Consider what breaks when hygiene slips:
- "Lapsed donors to reactivate" is wrong if duplicates hide that someone actually gave under another record.
- "Major-gift prospects" misses people whose rising giving is split across duplicates.
- "Email-only appeal" wastes sends on invalid addresses and risks deliverability if you skip validation.
- "Local supporters" mis-targets if addresses are stale and un-NCOA'd.
- "Opted-in for monthly newsletter" is a compliance risk if consent isn't tracked per record.
In other words, the governance and routine above are what let you trust a segment enough to act on it. Investment in hygiene pays off precisely at the moment you ask the database a question.
Backups: assume you'll need one
A clean database you can't recover is still a single point of failure. Two practices:
- Know your provider's backup posture. If you use a hosted CRM, understand what the vendor backs up, how far back, and how you'd actually request a restore. "It's in the cloud" is not a backup plan.
- Keep your own export. Periodically export your data (a full CSV or the vendor's export) and store it somewhere separate. This protects you against accidental mass-deletes, a bad import, and the day you decide to switch systems.
Test the restore, don't assume it
A backup you have never restored is a hypothesis, not a safety net. Once a quarter, actually pull a record back from a backup and confirm it works — that is the difference between feeling safe and being safe.
For deeper, vendor-neutral guidance on choosing and running a CRM well, TechSoup and Tech Impact (which now publishes the former Idealware reviews) offer nonprofit-focused reviews and how-tos, and NTEN offers data-culture training and policy templates. Start free, build the routine, and add paid tools only where they save real labor.
Cleaner data, more to fund the mission
Clean CRM data is what turns supporters into sustained revenue — and a recurring, no-cost revenue stream gives you supporters worth tracking well. With Good Circles, when your supporters shop at participating local merchants, your nonprofit receives 10% of the merchant's net profit on each purchase, shoppers save roughly 10%, and merchants keep 89% (paying just a 1% fee). It's free for nonprofits. A conservative estimate is about $72 per active supporter per year — roughly $36,000 a year from 500 supporters — all flowing through supporters you'll want clean records for. Good Circles launches September 2026.
Learn more for nonprofitsSources & tools
Free first
- NTEN (Nonprofit Technology Network) — Data-culture training, the Data Empowerment Report, and sample data-use and privacy policy templates for nonprofits.
- AFP Donor Bill of Rights — The sector-standard statement of donor rights, including privacy and control over how donor data is used — a free basis for your own policy.
- USPS NCOALink (PostalPro) — The USPS National Change of Address system and Move Update guidance; find licensed providers to keep your mailing addresses current.
- PCI Security Standards Council — Official card-data security standards and the simplified SAQ A self-assessment for organizations that fully outsource card processing.
- TechSoup — Nonprofit technology guidance, discounted/donated software, and vendor-neutral how-tos on CRMs and data tools.
- Tech Impact (formerly Idealware) — Independent, nonprofit-focused software reviews and reports to help you choose and run a CRM without bias.
Paid — optional labor-savers
- USPS-licensed NCOALink service provider — A vendor that runs your mailing list against USPS change-of-address data and returns corrected addresses. Worth it when you mail at presort or nonprofit rates and need to meet the USPS Move Update standard at volume
- Email list-validation service — Bulk-checks email addresses for syntax errors, dead domains, and spam traps before you send. Worth it when you have a large or aging email list and bounce rates are hurting deliverability
- Data-append / deceased-suppression service — Appends or corrects records and screens lists against deceased-suppression files at scale. Worth it when manual flagging can't keep up and undeliverable or deceased mailings are wasting budget
Last verified 2026-06-17. Figures and rules change — verify at the source before you act.
FAQ
How often should we clean our nonprofit's CRM?
Build a recurring routine rather than relying on occasional big cleanups. A practical cadence is a light monthly pass (process bounces and opt-outs, review new records, merge obvious duplicates), a deeper quarterly pass (NCOA address updates before mailings, refresh your lapsed segment, test a backup restore), and an annual reset (apply your retention schedule and audit user permissions). Thirty consistent minutes a month prevents the dreaded month-long emergency cleanup later.
What is NCOA and do we have to use it?
NCOALink is the U.S. Postal Service's National Change of Address system, run through USPS-licensed service providers, which updates your mailing list using permanent change-of-address records filed over roughly the prior four years. It is effectively required if you claim presort or nonprofit mailing prices: the USPS Move Update standard says mailers using those discounts must keep addresses current within the window USPS specifies before mailing. Even if you mail at full rates, running NCOA before a drop saves printing and postage on undeliverable pieces.
Do we need to worry about PCI compliance if we take donations online?
Yes, but you can make it simple. If you let a PCI-compliant payment processor handle the card and you never store, process, or transmit card numbers on your own systems, you typically fall under the simplest self-assessment (SAQ A) from the PCI Security Standards Council. The safest design is to never store card numbers at all. Confirm your processor is PCI-compliant and complete the appropriate self-assessment questionnaire for how you actually handle payments.
Should we delete deceased or lapsed donor records to keep the database clean?
Suppress deceased records, don't delete them — flag the record as deceased so they're never solicited again, while preserving giving history for acknowledgement, estate stewardship, and accurate historical reporting. For lapsed donors, define lapsed precisely (for example, no gift in 13 or more months) and keep them for a defined window for reactivation campaigns before archiving per your written retention schedule. Deleting destroys the history you may need; suppressing achieves the same hygiene benefit safely.
Do CCPA or GDPR apply to small nonprofits?
It depends on your specific activities, so don't rely on a one-line rule. GDPR can apply when you handle personal data of people located in the EU or EEA, and California's privacy law has applicability tests and exemptions that turn on factors like your activities and revenue. If you knowingly market to EU residents or operate at meaningful scale in California, get qualified legal advice on whether and how these laws apply rather than guessing. In all cases, solid consent and source tracking on every record is the practical foundation that makes compliance manageable.
Why are duplicate records such a big deal?
Duplicates are the most expensive form of dirty data because they split a person's history across multiple records. That causes double-asks (the same household gets two appeals), wastes print and postage, makes your reports double-count, and — most damagingly — hides major-gift signals when a pattern of rising gifts is scattered across three separate entries. Running your CRM's duplicate-finder regularly, reviewing matches before merging, and fixing the import or web form that creates them protects both your budget and your best prospects.