Home > About > The Principles  > I protect others’ data like it’s my own 

Dignified Storytelling respects and strictly follows existing national or regional laws and regulations on storing and publishing stories. 

Many countries and regions have privacy and data protection laws and stipulations in place; for example, the European Union’s General Data Protection Regulation (GDPR), Brazil’s Lei Geral de Proteção de Dados (LGPD), Singapore’s Personal Data Protection Act (PDPA), or China’s Personal Information Protection Law (PIPL). Organisations and storytellers often work with lawyers, particularly if taking on assignments in many regions or countries, to ensure they are adhering to all relevant legal requirements.


When consent for a story is granted, it is reasonable that there is a time limit or expiry date on the consent, which needs to be agreed upon by all parties. Evidence of consent and other personal information must be stored securely, and information about people should not be kept for longer than is necessary for the purpose it was collected.

Voices from the Field behind the scenes, Dennis Lupenga, Malawi, 2016 (WaterAid/ Alexia Webster)

Guidelines for Principle No. 8:

Dignified storytelling processes and manages content responsibly in line with existing data protection guidance and laws.


While there is not a prescribed time frame for keeping or using content, it is something that must be agreed upon between the storyteller and contributors at the time of granting formal consent.

 If working for an organisation, it is the organisation’s responsibility to establish the policies and procedures for data storage and management and to hold all staff – as well as external contractors, interns, volunteers or anyone else involved with the organisation – accountable to these conditions.

Evidence of informed consent should be kept for the time period that the storytellers or organisation is processing the personal data based on that consent.

Organisations should have a data storing system that makes it possible to link the evidence of consent to the content files (which may include images, notes, or case studies). However, the evidence of consent, which contains personal information, needs to be secure and not accessible for all users.

After the period of consent, it is recommended that images are deleted. However, if retained for future use with reaffirmed consent, these images – as well as images for which there is active consent – need to be stored with relevant contextual data.

If consent was not given, the image should be deleted from any databases to avoid inadvertent future use.

Top Tips for Principle No. 8

Adherence to local laws

Follow all existing national or regional laws and regulations on storing and publishing stories.

Concurrence with contributors

Agree with contributors on how long a story will be kept or used

More in the Handbook

The Dignified Storytelling Handbook is a resource to help storytellers and organizations promote and
employ storytelling practices that are grounded in a deep respect for human dignity

Available for download in English, Arabic, Spanish and French