The most important principles of the data protection regulation

The page was last modified:

The data protection regulation contains a long list of rules and requirements for how personal data can be processed in an organisation. Despite that, these rules do not provide a lot of guidance on how you as a small business owner is permitted to process personal data relating to your customers, suppliers, employees and others.

However, the rules, reasons and other legal text in the regulation are all based on a few fundamental principles:

  • Only collect and process personal data if it is permitted.
  • Inform the people whose information you are collecting. It might for example involve information about customers, suppliers and employees.
  • Decide in advance what the personal data will be used for and do not use the data for any other purpose.
  • Do not collect more personal data than what is needed. Never collect personal data “because it might be useful”.
  • Ensure that the personal data is correct and up to date.
  • Delete personal data that is no longer needed.
  • Protect the data from unauthorised use and unauthorised access.
  • Document your intentions with regard to your processing of personal data.

If you want to further simplify these basic principles, these three points will get you quite far:

  • Do not collect more personal data than what is needed and only collect it for a certain predetermined purpose.
  • Do not save the data longer than what is needed.
  • Protect the personal data that you are processing in your company.

Did you find this information helpful?

Thank you for your feedback!

Please help us improve verksamt.se by telling us what you think about the page.

Processing of personal data

When you fill in the form, the personal data you include will be collected by the Swedish Companies Registration Office (Bolagsverket). Bolagsverket is responsible for this data. We store the data so that we can contact you. The data is not used for any other purpose.

More about personal data, your rights and how to complain

Responsible: Swedish Agency for Economic and Regional Growth

Back to top