GDPR and Paloma

We receive lots of questions about the GDPR and many have expressed their concern in terms of what it implies for those who use Paloma services to, for example, send newsletters. GDPR replaces PUL on 25 May 2018. In brief, the GDPR is about how businesses, organisations, and authorities manage personal data, how data are stored, and why. Personal protection is enhanced and you have the right to be forgotten, i.e. to have your data deleted from all registries. Private individuals also have the right to receive the personal data concerning them, so-called Data Portability.

It is also important to point out that there is no common practice yet, as the regulation has not yet come into force. Therefore, nobody knows exactly what the regulation will entail. The assessment is that there will be an established practice in about three to four years.

I was involved as a consultant during the millennium, working frantically with the so-called Millennium Bug, which had been described as a minor disaster for the world. But as we all know, virtually nothing happened. We’ll see what the GDPR will end up doing, but the strengthening of personal protection is positive. Common sense and keeping things in order will go a long way.

At Paloma, we are working hard with the development and changes required to enable our customers to properly apply the GDPR.

Among other things, we will enhance and make our products GDPR-compliant well before the new regulation enters into force, using the following features:

  • A completely new subscription form for those collecting e-mail addresses for their newsletter. You’ll be able to add your own consent text and no checkboxes will be pre-checked.
  • When selling tickets or seats via Magnet, the buyer will need to consent to the storage of his or her personal data.
  • Automatic deletion of mailing lists. Time-controlled. So that you never store data unnecessarily.
  • Blocking of SMS text messages
  • Feature to be forgotten.


Peter Berg, MD & Founder Magnet