What This Demonstrates

Orbit Consent Ledger is a proof of concept addressing one of the most common and consequential data governance failures in the UK charity sector: the absence of a unified, auditable record of who consented to what, and what happened to their data after that consent was given - or withdrawn. Most charities hold data about the same individual across multiple disconnected systems - a fundraising CRM, a volunteer management platform, a case management system - each operating under different consent grounds, with no real-time view of whether active data sharing still aligns with current consent records. When the ICO comes knocking, the honest answer for most organisations is a spreadsheet, an email chain, and a hope. Orbit is built around the premise that it does not have to be.

The POC is designed for data protection officers, heads of information security, and senior charity leaders who carry personal accountability for GDPR compliance and are familiar with the ICO's enforcement history in the sector. It models a scenario that every cancer charity will recognise: a single individual - Margaret - who is simultaneously a donor, a volunteer, and a service user receiving clinical support, with an NHS referral in her pathway. Each role sits in a different database, under a different consent basis, with different permissible data flows. The POC demonstrates what happens when those boundaries are respected, what happens when they are violated, and what an immutable, tamper-evident audit trail of both looks like when you need to hand something credible to a regulator.

To explore: open Org Sandbox, seed data, then inspect Timeline, Alerts, Individual Timeline, and ICO Audit View.

MULTI-ROLE INDIVIDUAL MODEL

Margaret appears across donor, volunteer, service user, and NHS referral data domains. Orbit tracks role separation with a pseudonymous OII and flags cross-domain bleed as CRITICAL.

Domain Wall Status

Role Records (Margaret)