Concrete tips from Paloma about GDPR

Don’t panic about GDPR. You can safely keep communicating with your customers and store personal data if you follow our simple tips. 

  • Take it easy, don’t believe all crazy interpretations and intimidation tactics. 
  • Keep in mind that you don’t own your customers’ data. You are borrowing it.
  • Think about what data you collect and save and why you do it. We recommend that you collect as little information as possible about the person.
  • Ask yourself why you collect the data.
  • When do you remove the data?
  • Who has access to it?
  • Do we share it with any third parties?
  • Make sure that you delete any old and irrelevant data that you don’t use any more.
  • Draw up a document about where and how you store personal data.
  • Do not buy or exchange addresses with partners either. At Paloma, this has been prohibited for a long time.
  • Do you have foreign suppliers and/or are your customers’ data held in a third country? Ensure that your supplier has a Private Shield contract. If not, change supplier immediately!
  • As a general rule, you should always seek consent, even if you don't need it. This improves the quality of your communication.
  • Create consent procedures and ensure that you also obtain consent for older personal data, so that you from herein on have obtained consent for both old and new personal data if you don’t have a legitimate interest.
  • Remember that consent only applies to the actual area for which you have obtained consent.
  • You don’t need consent to continue communicating with existing customers and stakeholders. It is sufficient to refer to legitimate interest and GDPR. It is, however, important to remember that the customer must be able to contact you at any time to opt out of further communication.
  • For those who send newsletters B2B: Our interpretation is that there will be no change when GDPR enters into force. Swedma’s recommendations continue to apply for the time being. See the lawyer’s comment below.
  • Your customer has the right to request a copy of all data that you hold about him/her. The customer also has the right to be forgotten, i.e. to be removed completely from your records.
  • Legitimate interest/ balance of interest applies when the individual has not explicitly given his/her consent. The company can carry out an assessment of whether the interest for them as a business outweighs the individual’s right to data protection. But in such cases, the customer also has the right to have his/her data removed, and that always carries more weight. 
  • Do you need to update user terms and conditions, which the customer then has to actively accept? The Swedish Data Protection Authority states that no new consent is needed ‘if the previously obtained consent meets the requirements set out by the Data Protection Regulation.’
  • Identify your primary risk areas:
    • Do we manage sensitive data? Such as illnesses or political affiliation. And what do our procedures and processes for this look like? What is our level of security?
    • Create procedures and policies for how unstructured personal data should be handled and how to ensure compliance with the rights of the data subjects.
    • Unstructured form: Personal data on employees’ computers, on leisure time images, in e-mails, in Excel or Word files, i.e. anything that may be attributed to a specific person.
    • How do we manage incidents? I.e. the risk of personal data falling into the wrong hands.
  • Do I as a customer have the right to know what my personal data is used for? Yes, and this already applies, but now your obligation will increase to cover the individual’s right to and control of his/her own personal data. 
  • Which personal data do I as an individual have the right to request? Data that you have provided, for example e-mail address, user name and age, but also location information and search history. You are not, however, entitled to the data about you that the company has created, such as health status and credit rating.
  • You don 't need consent from new customers to communicate with them, as long as the communication relates to the product or service that the customer has purchased. Remember to have terms of purchase in place so that you can refer to them!
  • View consent as something positive. It deepens your relationship with the customer, as he/she actively approves their communication with you.
  • Data portability means that the individual has the right to have his/her data in a sensible format to be able to use it for another service.

Want to know more?

Last but not least... Especially if you work with newsletters. The lawyer writes the following about legitimate interest:

‘There is the possibility, primarily in B2B relationships, to use the legal basis ‘legitimate interest’ in e-mail marketing. The Swedish Data Protection Authority has previously approved the trade organisation SWEDMA’s guidelines of what constitutes legitimate interest. However, please keep in mind that the guidelines may be updated after the introduction of GDPR in May.

As a general rule, these guidelines prohibit the collection of e-mail addresses in B2C relationships without consent. Exceptions are made for so-called ‘soft opt ins’, where collection and mailing may be carried out in connection with sales negotiations under certain conditions. In B2B relationships, the assessment is much more discretionary. As a general rule, it is legitimate to collect and send marketing material via e-mail with the objective to reach people in one’s professional role. There are, however, limitations concerning, among others, sole proprietors that are important to be aware of.’ 

Swedma is the industry and trade organisation for the companies and organisations that operate within the context of direct and data-driven marketing.

If you are concerned about how GDPR will affect your company, remember that common sense and orderliness go a long way. Feel free to read the articles here on Paloma’s GDPR blog and note that Swedma’s guidelines apply for the time being. At Paloma, we have the tools to support your work to fully comply with GDPR. 


Get our smart tips on digital marketing. The newsletter will be published with about 10 numbers a year and of course we will not leave your address to anyone. Much pleasure!

Lämna följande fält tomt


Event planning & management made easy with the right software

Yes, this is it. Here is the ultimate event planning and management software, serving you with structure and sharp functions while easy to use. Manage your event within every step of the way using Magnet event planning tool online.

Event planning software – for any event

Use Magnet event planning software whether you are a professional event planner, planning business events from time to time, or setting out to create a meet up free of charge.

Free event planning software

Magnet offers free event planning software. If you want to send out invitations and set up an event registration page for a free event, you can use Magnet event planning software for free.

Affordable event planning tool when you sell tickets

If you aim to sell tickets, you will find a highly flexible ticket sales system within the tool, and a range of payment solutions to connect with. There is no curing time for Magnet event planning tool, and you can upgrade or downgrade whenever you wish.

Event Planning Software

Allowing you to manage events in every detail

To promote and manage your event and ticket sales you will have a strong line up of smart functions behind you.
This will save you time when getting as many attendees as possible to your event.

Manage everything from printing name tags to communicating important updates by SMS and checking in the guests at arrival.
All using the same event management software.

When the event is over, you will also have access to relevant data, such as metrics. And the opportunity to easily follow up on the experience of your attending guests.

Different types of tickets

Provide Early Bird tickets, discounts and discount codes on one or more tickets. Set timed tickets, add products to your ticket such as admission along with a T-shirt.
Offer a waiting list when fully booked.

Check in app

Using the check in app at the entrance you will also keep track of which and how many guests that has arrived.

Select payment method

Choose which payment method to use for each event, and set a preferred method if you have a first option.
Visa and Mastercard, Payex, Payson, Billogram, Invoicing, Economy.

Different VAT rates

Admin interface for sales, revenues and VAT, receipts, reports.

Distribute, market, and sell more tickets

Create your own event page with individual event URL, retrieve automatic map, add videos or pictures, embed on website.
Send invites, share on social media, send SMS.

Follow up on sales statistics and orders

Are there any tickets left for sale? Have a closer look at the orders, number of attendees and checked in attendees.


Facebook pixel and LinkedIN.

Event planner software free

Time to create an event?

Let’s try it out; sign up for free and start exploring. Once you’ve created an account you will have access to our help center with FAQ:s and guides.

Go create your first event.

At the centre of event & digital marketing – blog & news letter

Get in tune and keep up to date with events and digital marketing. You will find good advice, checklists and relevant reads
featured in both our blog and news letter (sign up below). If there is anything in particular you would like us to cover, please feel free to make a request.