Advokatfirman Cederquist KB’s IP, IT and media group in Stockholm offers a comprehensive service handling a variety of data protection and data privacy matters, ranging from compliance initiatives to breach notifications. Johanna Linder has extensive experience in the IT and tech spaces generally, recently advising major clients in connection with large-scale personal data processing projects, while Henrik Lindstrand’s broad practice covers GDPR, e-Privacy Directive, and Swedish Patient Data Act issues, and tech and telecoms specialist Malin Allard regularly works on data protection mandates, especially those at the intersection of marketing and data privacy. The trio jointly lead the team, with senior associate Daniel Eriksson and associate Antonia Carlsson also playing key roles in the practice.

With extensive experience advising on domestic and international matters and specialising in investigations, Caroline Olstedt Carlström leads Cirio Advokatbyrå AB’s data privacy practice, which has expertise in regulatory, operational and strategic issues and a client base that includes major multinational companies. IT, outsourcing and telecoms specialist David Frydlinger has considerable experience in data protection matters, while Hanna Tilus, leveraging her in-house experience in the life sciences sector, also plays a key role in the team.

Advokatfirman Delphi’s data protection team is experienced in the full spectrum of mandates, from general compliance work to litigation, with particular expertise advising on privacy issues in connection with outsourcings and SaaS-service agreements. Stockholm-based Peter Nordbeck, who advises domestic and international banks, insurance companies, and corporations on contentious and non-contentious matters, leads the team alongside Johan Engdahl in Gothenburg, who brings his notable in-house experience to bear in high-profile cases; he has recently led a team representing a major Swedish political party in relation to an investigation by the Swedish Authority for Privacy Protection. Privacy specialist Agnes Hammarstrand, also in Gothenburg, acts for several leading clients in the retail space.

Advokatfirman Kahn Pedersen KB’s digital team offers a comprehensive service in data privacy and protection matters. Stockholm-based Daniel Lundqvist, who is an experienced technology lawyer and regularly advises on cloud storage, data commercialisation and GDPR compliance issues, leads the team. Johan Kahn has recently focused on financial services and industrial sector mandates, and Martin Brinnen has advised governmental authorities, governmental inquiries, and parliamentary committees. Tahmina Sahibli is particularly strong in the banking and insurance spaces, while senior associate Hanna Bogsjö Österberg has recently advised on third country data transfers and the use of new technology in autonomous vehicles.

Mannheimer Swartling’s leading data privacy practice advises on the full spectrum of data protection and privacy matters, with a strong reputation for handling investigations by the Swedish Authority for Privacy Protection as well as offering insights into emerging areas of law such as the use of AI and facial recognition technology. Erica Wiking Häger leads the team and has notable experience in both compliance and contentious matters with particular expertise in the retail, financial services, tech and auto sectors. Gothenburg-based Niklas Sjöblom has recently focused on data privacy and cybersecurity issues concerning IT procurement projects and outsourcings, while Anders Bergsten advises on data privacy and protection issues in the context of IT projects, chiefly in the banking, online betting, and manufacturing industries.

Setterwalls’ data and privacy team handles the full spectrum of matters, with particular strength in GDPR compliance and cybersecurity issues, including data breaches. The team is strong in the healthcare, auto and financial services sectors, as well as in the IT and telecoms spaces, and boasts a client base ranging from start-ups to blue-chip multinationals. Fredrik Roos in Gothenburg has notable experience in privacy matters relating to new technologies, including machine learning, AI and VR, while Stockholm-based Niklas Follin advises on data use rights, data protection incident responses, and data protection rights claims. Sophia Spala, also in Stockholm, specialises in data protection matters pertaining to SaaS, social media, digital advertising, and digital health issues. The three partners jointly lead the practice.

edpLaw handles a wide range of data protection and privacy matters, including data breaches, personal data transfers, and impact assessments. Johan Sundberg has over 20 years of experience in the field advising on international data transfers, foreign surveillance laws, and data subject rights requests, among other issues. Firm co-founder Johan Thörn’s practice covers transparency requirements, data processing impact assessments, data sharing agreements, and cookie compliance issues. Senior associate Fredrik Eråker, who has expertise in GDPR compliance, is also a key contact.

Hannes Snellman (Sweden)'s data protection and privacy offering covers a variety of matters, ranging from audits and impact assessments to international data transfers and data breach notifications. Practice head Caroline Sundberg is particularly strong in advising financial institutions and telecoms operators on privacy matters. Senior associate Sara Heikfolk specialises in GDPR compliance work, and Jessica Tressfeldt focuses on privacy issues relating to digitalisation projects and outsourcing agreements.

Hellström Law’s data protection team offers advice to both public and private sector clients on all aspects of Swedish and EU data privacy and data protection law, including cybersecurity and GDPR compliance assistance. Practice head Anna Fernqvist Svensson has considerable experience in the field covering third country transfers, data breach investigations, and disputes. Karl-Fredrik Björklund has advised clients in the real estate, IT, e-commerce, healthcare, and pharma sectors, and Erika Juvander Heveus is a data protection and employment specialist and is particularly strong working at the intersection of the two areas, advising employers on GDPR compliance and personal data processing issues.

Advokatfirman Lindahl KB’s privacy and data protection practice handles a wide range of matters, with particular strength in cross-border matters in the life sciences sector, often involving data protection issues concerning clinical trials and medical research. The team’s broad client base ranges from start-ups through to mid-sized companies and multinationals. M&A and IT outsourcing expert Gabriel Svedberg leads the team alongside Michael Edquist, who specialises in IT and finance-related work. Mårten Lindberg, with notable experience in the TMT sector, focuses on IP and data protection mandates.

Roschier’s data protection team collaborates with the firm’s TMT, intellectual property, and life sciences groups to offer a comprehensive service to clients in the tech, media, banking and private equity sectors, among others, covering auditing issues, compliance work, third country data transfers, and data breaches. Practice head Björn Johansson Heigis has considerable experience advising Nordic data-intensive companies on GDPR compliance alongside expertise in privacy issues concerning new technologies. Senior associate John Park is also a key contact, specialising in cross-border data protection mandates.

Advokatfirman Vinge’s IT and telecoms practice advises start-ups as well as leading corporations on a wide range of data protection and data privacy matters, including compliance work, cross-border data transfers, security breaches, and investigations. Eva Fredrikson and Carl Johan af Petersens in Stockholm lead the team alongside Malmö and Helsingborg-based Henrik Borna. Nicklas Thorgerzon has a strong track record in large-scale GDPR projects, while senior associate Alexander Lindeberg’s broad practice covers data breaches, third country transfers, and cookie compliance issues, among other areas.

Bird & Bird’s commercial team in Stockholm advises on a wide range of cybersecurity and data protection issues, including compliance work and data breach investigations, leveraging the firm’s international network of data protection specialists. Commercial lawyer and practice head Mattias Lindberg has considerable experience in data protection and privacy matters.

DLA Piper Sweden’s digital, data and cyber team has broad experience in domestic and cross-border matters, which includes representing clients before the Swedish Authority for Privacy Protection. Practice head Jennie Nilsson’s varied practice covers GDPR management projects, data transfers, data subject rights issues, personal data mandates, and litigation.

Advokatfirman Fylgia KB’s commercial tech and data department has considerable experience advising blue-chip clients in the IT and telecoms, construction, retail, marketing, fashion and entertainment sectors, among others, on data protection and privacy matters, including GDPR compliance issues and personal data processing work. Martin Gynnerstedt heads up the practice.

Gernandt & Danielsson Advokatbyrå’s data privacy and protection team has broad experience advising on GDPR, data breaches, data transfers and online tracking issues, among other matters. Practice head Niclas Rockborn is particularly strong at handling data privacy issues in the finance and fintech sectors, while Ulrika Forsberg specialises in regulatory compliance and risk management work.

Magnusson Sweden’s data protection and data privacy team handles a wide range of matters, including GDPR audits, personal data processing work, and impact assessments. Helena Rönqvist, who specialises in data privacy and regulatory issues in the e-commerce, social media and marketing spaces, leads the team alongside Caroline Landerfors, who is particularly experienced in outsourcing matters in the financial sector and GDPR issues.

Norelid Advokatbyrå’s data privacy and cyber response team is particularly strong at handling cyber incidents and data breaches on behalf of both insurers and policyholders. Founder and managing partner Susanna Norelid has considerable experience advising on GDPR compliance matters as well as data breaches, often as incident manager. Maria Segerholm and Stefan Johansson also play key roles in the team.

TIME DANOWSKY Advokatbyrå AB’s dedicated data protection team, which sits within the wider digital and tech practice, has experience in a wide range of contentious and non-contentious issues, including GDPR compliance, information security matters, impact assessments, and camera surveillance mandates. Practice head Jonas Forzelius is instructed by both public and private sector clients and regularly collaborates with the IT and telecoms team to advise on the use of personal data in IT systems.

TM & Partners’ technology team regularly handles data protection and data privacy matters, especially those arising in the context of acquisitions and procurements. Practice head Fredrik Gustafsson has considerable cross-border experience, advising industrials, real estate companies, banks, fintech companies, and healthcare providers. Erik Woodcock also has notable expertise in the field.