The recent €345m fine imposed on TikTok by the Irish Data Protection Commission (DPC) for breaches related to the processing of children’s data is a stark reminder of the importance of data protection and compliance with the General Data Protection Regulation (GDPR). However, data breaches and violations of children’s privacy are not the only concerns charities should be aware of. In the last month alone, three companies and a charity were found guilty of sending unwanted marketing messages, highlighting the need for organisations to take GDPR compliance seriously.