Hall Of Fame

Rising Stars

Firms To Watch: Data privacy and data protection

Karin Schurmann, who specialises in the financial regulatory aspects of data protection law, and Anna Eidvall, who focuses on cross-border matters involving new technologies, jointly lead MAQS Advokatbyrå's data privacy and protection practice.

Data privacy and data protection in Sweden

Advokatfirman Cederquist KB

Advokatfirman Cederquist KB’s IP, IT and media group in Stockholm offers a comprehensive service handling a variety of data protection and data privacy matters, ranging from compliance initiatives to breach notifications. Johanna Linder has extensive experience in the IT and tech spaces generally, recently advising major clients in connection with large-scale personal data processing projects, while Henrik Lindstrand’s broad practice covers GDPR, e-Privacy Directive, and Swedish Patient Data Act issues, and tech and telecoms specialist Malin Allard regularly works on data protection mandates, especially those at the intersection of marketing and data privacy. The trio jointly lead the team, with senior associate Daniel Eriksson and associate Antonia Carlsson also playing key roles in the practice.

Practice head(s):

Johanna Linder; Henrik Lindstrand; Malin Allard

Other key lawyers:

Antonia Carlsson; Daniel Eriksson; Agnes Carlsson


‘A great team that shows stellar collaboration abilities and delivers outstanding advice.’

‘Daniel Eriksson is a stellar individual who will become a star and leader within the field. Johanna Linder and Henrik Lindstrand are also great practitioners in the area.’

‘Johanna Linder is quick and knowledgeable and provides excellent, actionable advice.’

‘Daniel Eriksson is one of the best lawyers in Sweden in this area. He is passionate, gives clear advice and is great to work with.’

‘Daniel Eriksson and Malin Allard are both very competent and give practical advice.’

‘Agnes Carlsson is easy to work with and is a very ambitious lawyer who is eager to learn about businesses and consistently provides excellent advice and assistance.’

‘Data privacy can be a complex area, but the team at Cederquist makes it much easier. They are up to date and can sometimes even look a step ahead and anticipate legal developments, due to their deep knowledge of the area.’

‘Their data privacy practice stands out because it is very business oriented.’

Key clients

Dentalum Group AB


Föreningen Svensk Elitfotboll

PostNord AB

Telenor Connexion

Billerud AB


Mips AB


Bonava AB

Acast AB


Storykit AB

Mentimeter AB

SignUp Software AB

The Confederation of Swedish Enterprise (Svenskt Näringsliv)

Skandia Fastigheter

Svensk Adressändring

Kinnevik AB

Newsec Property Asset Management AB

Lumera AB

P27 Nordic Payments Platform AB

Treyd Services AB

Prima Vård AB

Work highlights

  • Assisted Mips AB with its GDPR 2.0 project, with the aim of increasing the company’s privacy compliance level.
  • Assisted SignUp Software AB with its GDPR 2.0 project, increasing the company’s level of GDPR compliance.
  • Assisted Billerud AB with various data protection related issues, including providing legal advice regarding the interpretation of GDPR, reviewing and drafting of agreements, and planning and structuring of policies and routines to be used in Billerud’s continuous compliance work.

Cirio Advokatbyrå AB

With extensive experience advising on domestic and international matters and specialising in investigations, Caroline Olstedt Carlström leads Cirio Advokatbyrå AB’s data privacy practice, which has expertise in regulatory, operational and strategic issues and a client base that includes major multinational companies. IT, outsourcing and telecoms specialist David Frydlinger has considerable experience in data protection matters, while Hanna Tilus, leveraging her in-house experience in the life sciences sector, also plays a key role in the team.

Practice head(s):

Caroline Olstedt Carlström

Other key lawyers:

David Frydlinger; Hanna Tilus

Key clients



City of Stockholm


Swedish Police Authority

ICA Group



Fortnox Finans

Nepa AB

Billogram AB

Hypertype AB


Meliva AB

Dustin Group


Sveriges Tidskrifter (Sweden’s Magazines)



Work highlights

  • Acting as external Data Protection Officer for the Nordic and Baltic regulated Nasdaq entities and as contact person for the supervisory authorities and providing regular and specific advice on a number of different data privacy related matters.
  • Acting as external Data Protection Officer for Dustin, acting also as contact person for the supervisory authorities and providing regular and specific advice on a number of different data privacy-related matters.

Advokatfirman Delphi

Advokatfirman Delphi’s data protection team is experienced in the full spectrum of mandates, from general compliance work to litigation, with particular expertise advising on privacy issues in connection with outsourcings and SaaS-service agreements. Stockholm-based Peter Nordbeck, who advises domestic and international banks, insurance companies, and corporations on contentious and non-contentious matters, leads the team alongside Johan Engdahl in Gothenburg, who brings his notable in-house experience to bear in high-profile cases; he has recently led a team representing a major Swedish political party in relation to an investigation by the Swedish Authority for Privacy Protection. Privacy specialist Agnes Hammarstrand, also in Gothenburg, acts for several leading clients in the retail space.

Practice head(s):

Peter Nordbeck; Johan Engdahl

Other key lawyers:

Agnes Hammarstrand; Louise Sundström


‘The team at Delphi always rises to the challenge and brings new ideas to the table.’

‘Louise Sundström handles every case professionally and knows exactly how to deal with every kind of case. She is very customer focused and solution oriented as a person, and she always delivers in time and according to plan.’

‘Agnes Hammarstrand and Johan Engdahl are friendly, articulate and knowledgeable.’

‘Both Agnes Hammarstrand and Johan Engdahl bring innovation and new ideas time after time.’

‘The team has a broad competence regarding cases related to data privacy and data protection.’

Key clients

Moderata Samlingspartiet

Sjätte AP-fonden

Hedin Group

Swedish Church

JUC Sverige

MindArk PE Aktiebolag

Volvo Car Retail Solutions AB

Work highlights

  • Advising Moderata Samlingspartiet in relation to a supervision performed by the Swedish Authority for Privacy Protection.
  • Advising Volvo Car Retail Solutions AB on all data protection matters in relation to the company’s relationship with car dealerships in the Swedish market.
  • Assisting the Sixth Swedish National Pension Fund (Sjätte AP-fonden) with data protection compliance.

Advokatfirman Kahn Pedersen KB

Advokatfirman Kahn Pedersen KB’s digital team offers a comprehensive service in data privacy and protection matters. Stockholm-based Daniel Lundqvist, who is an experienced technology lawyer and regularly advises on cloud storage, data commercialisation and GDPR compliance issues, leads the team. Johan Kahn has recently focused on financial services and industrial sector mandates, and Martin Brinnen has advised governmental authorities, governmental inquiries, and parliamentary committees. Tahmina Sahibli is particularly strong in the banking and insurance spaces, while senior associate Hanna Bogsjö Österberg has recently advised on third country data transfers and the use of new technology in autonomous vehicles.

Practice head(s):

Daniel Lundqvist

Other key lawyers:

Johan Kahn; Tahmina Sahibli; Hanna Bogsjö Österberg; Martin Brinnen; Staffan Malmgren


‘Advokatfirman Kahn Pedersen KB offers the best team on the market when it comes to data privacy and data protection.’

‘Tahmina Sahibli is a very skilled lawyer with deep knowledge in the area as well as strong negotiation skills and professionalism.’

‘Johan Kahn is undoubtedly the number one Swedish lawyer for any matter in the digital area (including IT, data protection and fintech). His deep knowledge, long experience, creativity and negotiation skills are impressive.’

‘Martin Brinnen has unparalleled experience in data protection matters. He has really deep skills and also a unique background from the Swedish Authority for Privacy Protection. Martin is definitely among the absolute top practitioners within the data protection field in Sweden.’

‘Staffan Malmgren is an experienced, highly qualified legal tech officer who manages to make perfect sense of the complex matters involved and has the excellent skill of finding solutions that match clients’ needs.’

‘Daniel Lundqvist is a very skilled lawyer who offers practically useful advice and gives great partner attention.’

‘An excellent, niche firm with data privacy as one of its two practice areas. The quality of partners and associates, and business knowledge, in this field is unusually high.’

Key clients

Länsförsäkringar Group

Getswish AB

Svenska Handelsbanken AB

Svenskt Näringsliv (Confederation of Swedish Enterprise)


AB Trav och Galopp (ATG)

AFA Sjukförsäkringsaktiebolag

Akelius Residential Property AB

Nordax Bank AB

Exportkreditnämnden (The Swedish Export Credit Agency)

Work highlights

  • Advised Länsförsäkringar on data protection matters in relation to a cloud service for international claims settlement.
  • Advising Getswish on cloud strategy and GDPR compliance.
  • Engaged to investigate and provide concrete proposals for data protection reform in Sweden and the EU.

Mannheimer Swartling

Mannheimer Swartling’s leading data privacy practice advises on the full spectrum of data protection and privacy matters, with a strong reputation for handling investigations by the Swedish Authority for Privacy Protection as well as offering insights into emerging areas of law such as the use of AI and facial recognition technology. Erica Wiking Häger leads the team and has notable experience in both compliance and contentious matters with particular expertise in the retail, financial services, tech and auto sectors. Gothenburg-based Niklas Sjöblom has recently focused on data privacy and cybersecurity issues concerning IT procurement projects and outsourcings, while Anders Bergsten advises on data privacy and protection issues in the context of IT projects, chiefly in the banking, online betting, and manufacturing industries.

Practice head(s):

Erica Wiking Häger

Other key lawyers:

Niklas Sjöblom; Anders Bergsten


‘They are highly engaged to provide the best support possible.’

‘Erica Wiking Häger is a very dedicated and competent lawyer which is reflected in every contact she has with clients and in the work she does and in the legal advice she provides.’

‘A diverse, competent, knowledgeable team which clients feel that they can rely on.’

‘The individuals of the team have great availability, have a business-oriented approach which is easily translated and useable for stakeholders.’

‘They can work independently as well as follow instructions.’

‘Mannheimer Swartling has the ability to set up a team with the competences relevant for the task, which “act as one” when in contact with clients.’

Key clients

Klarna Bank



SAS (Scandinavian Airlines)

Bonnier Group





Capio S:t Görans Hospital

Region Västra Götaland


Kia Sweden

Work highlights

  • Advising Klarna Bank on its appeal of an administrative fine imposed on Klarna by the Swedish Authority for Privacy Protection for alleged deficiencies in Klarna’s privacy notice.
  • Advising Capio S:t Görans Hospital, an emergency hospital, on the appeal of an administrative fine imposed on Capio S:t Görans by the Swedish Authority for Privacy Protection for alleged infringements of the GDPR.
  • Advising a major Swedish industrial manufacturing company in connection with a large scale ransomware data breach which affected the client’s entire production and administration environment.


Setterwalls’ data and privacy team handles the full spectrum of matters, with particular strength in GDPR compliance and cybersecurity issues, including data breaches. The team is strong in the healthcare, auto and financial services sectors, as well as in the IT and telecoms spaces, and boasts a client base ranging from start-ups to blue-chip multinationals. Fredrik Roos in Gothenburg has notable experience in privacy matters relating to new technologies, including machine learning, AI and VR, while Stockholm-based Niklas Follin advises on data use rights, data protection incident responses, and data protection rights claims. Sophia Spala, also in Stockholm, specialises in data protection matters pertaining to SaaS, social media, digital advertising, and digital health issues. The three partners jointly lead the practice.

Practice head(s):

Fredrik Roos; Niklas Follin; Sophia Spala

Other key lawyers:

Jörgen Axelsson


‘Great team with a genuine practice and deep experience in data privacy and technology law generally.’

‘Fredrik Roos is exceptional and stands out for his broad experience.’

‘Jörgen Axelsson is a veteran who is really a knowledgeable.’

‘Niklas Fohlin is up and coming for sure. He is intelligent and skilled.’

‘Fredrik Roos and Niklas Fohlin are talented lawyers.’

‘The team always provides immediate and professional responses.’

‘The team has excellent knowledge and understands clients’ businesses.’ 

‘This team has excellent market knowledge, a pragmatic approach and a creative mindset.’

Key clients


Agency for digital Government (DIGG)

Alligator Bioscience AB

Ascelia Pharma AB

Ford Motor Company AB


Novacura AB

Novo Nordisk Scandinavia

Safeture AB

Stena Line AB

Talentwise AB

The Central Bank of Sweden

Wise Group AB

Work highlights

  • Acted as main adviser to Stena Line on GDPR and e-privacy compliance issues.
  • Providing strategic legal support to The Central Bank of Sweden in relation to high-profile technology matters.
  • Advising 2Secure Sverige AB on various data protection and privacy matters.


edpLaw handles a wide range of data protection and privacy matters, including data breaches, personal data transfers, and impact assessments. Johan Sundberg has over 20 years of experience in the field advising on international data transfers, foreign surveillance laws, and data subject rights requests, among other issues. Firm co-founder Johan Thörn’s practice covers transparency requirements, data processing impact assessments, data sharing agreements, and cookie compliance issues. Senior associate Fredrik Eråker, who has expertise in GDPR compliance, is also a key contact.

Practice head(s):

Johan Sundberg; Johan Thörn

Other key lawyers:

Fredrik Eråker


‘The individuals at edpLaw stand out for managing to keep a professional yet personal approach to their guidance. Both Johan Thörn and Johan Sundberg are friendly and will make sure to help clients in the best way possible. They go the extra mile to help.’

‘Fredrik Eråker has exceptional knowledge and very quickly grasps clients’ needs.’

‘Johan Sundberg is very knowledgeable and responsive to what clients need. He is easy to work with, wise, humble and communicates well.’

‘Johan Thörn is excellent both in terms of pure knowledge, but also in delivery and as an educator.’

‘Johan Thörn and Johan Sundberg provide excellent guidance on issues related to data privacy and data protection. They have a very good understanding of business and provide valuable advice on both a strategic and operational level.’

‘A highly professional team with vast knowledge about data privacy and data protection and great in communication.’

‘A team with extensive experience in the data protection field.’

‘A pragmatic, clear and professional team.’

Key clients

Swedish Equality Ombudsman (DO)

Region Skåne


Klarna Bank AB

Swedbank AB

Skandia AB

ICA Gruppen AB

Advania Sverige AB

Afa Försäkring

Santander Consumer Bank AS

Länsförsäkringar AB



Ragn-Sellsföretagen AB

Floatel International

Vimian Group

CAKE 0 emission AB

Mercuri Urval KMR AB

Svensk Fastighetsförmedling AB

Horten Advokataktieselskab

Dottir Attnorneys

Cooley LLP

BNP Paribas bank

Viaplay group

Avonova Hälsa AB

Strömma Turism & Sjöfart AB

The We Select Company AB

Ancon AB

Advalidation AB

Treyd Services AB

Work highlights

  • Advising Sweden’s leading credit and business information company on various data privacy questions, including questions relating to complex data privacy impact assessments.
  • Advising Swedavia, the owner, operator and developer of Sweden’s basic infrastructure airports, on a range of complex data privacy and data protection matters.
  • Advising Swedbank AB on a range of data privacy and data protection matters.

Hannes Snellman (Sweden)

Hannes Snellman (Sweden)'s data protection and privacy offering covers a variety of matters, ranging from audits and impact assessments to international data transfers and data breach notifications. Practice head Caroline Sundberg is particularly strong in advising financial institutions and telecoms operators on privacy matters. Senior associate Sara Heikfolk specialises in GDPR compliance work, and Jessica Tressfeldt focuses on privacy issues relating to digitalisation projects and outsourcing agreements.

Practice head(s):

Caroline Sundberg

Other key lawyers:

Sara Heikfolk; Jessica Tressfeldt


‘The team is excellent and professional. They are very skilled and provide legal advice based on clients’ specific needs.’

‘Caroline Sundberg is very experienced, skilled and responsive to clients’ needs and circumstances. She is also a great communicator and negotiator.’

‘Caroline Sundberg is a GDPR supernova and super skilled lawyer. She will always be a go-to-person in terms of data privacy.’

‘Caroline Sundberg is a leading practitioner within privacy who has great experience and up-to-date knowledge of all important privacy matters.’

‘The firm has a leading privacy practice on the Swedish market. Their vast knowledge on international data transfers stands out. They have a positive and can-do attitude and are always eager to help.’

Key clients

EH Group AB (Espressohouse)

Dustin Group

Hi3G Access AB

Stockholm Regional Council (Region Stockholm)

Intergiro AB

Konsumentverket (the Swedish Consumer Agency)

Seeburger Group


Vitamin Well

CredPoint AB

Work highlights

  • Advised Hi3G Access AB as external DPO on numerous data privacy-related assignments.
  • Advised EH Group (Espressohouse) on a GDPR 2.0 compliance project for the entire Espresso House Group.
  • Advised Magnet Forensics on the acquisition of Griffeye, which is a leader in digital media forensics for criminal investigations.

Hellström Law

Hellström Law’s data protection team offers advice to both public and private sector clients on all aspects of Swedish and EU data privacy and data protection law, including cybersecurity and GDPR compliance assistance. Practice head Anna Fernqvist Svensson has considerable experience in the field covering third country transfers, data breach investigations, and disputes. Karl-Fredrik Björklund has advised clients in the real estate, IT, e-commerce, healthcare, and pharma sectors, and Erika Juvander Heveus is a data protection and employment specialist and is particularly strong working at the intersection of the two areas, advising employers on GDPR compliance and personal data processing issues.

Practice head(s):

Anna Fernqvist Svensson

Other key lawyers:

Karl-Fredrik Björklund; Erika Juvander Heveus


‘Hellström’s data protection team is very competent and efficient, offering a hands-on approach and partner attention.’

‘Anna Fernqvist Svensson is a very experienced data protection lawyer. She is very knowledgeable and has a commercial approach to each assignment.’

‘Karl-Fredrik Björklund is always very accessible, easy to talk to around the clock and generously shares knowledge and best practice. He is also very loyal to his clients.’

‘Anna Fernqvist Svensson is very thorough in her work and has a vast knowledge of data privacy and data protection.’

‘Anna Fernquist Svensson and Karl-Fredrik Björklund are two of the most experienced data privacy lawyers in Sweden. Karl-Fredrik also has great litigation experience which is today an important aspect when assisting clients in data privacy matters.’

‘Hellström has a good and broad team within privacy and data protection.’

‘Hellström Law is very professional and responsive.’

Key clients

FKP Scorpio Sverige AB

Grifols Nordic AB

Apoteket AB

Lensway Group AB

Omilon AB

Work highlights

  • Advising FKP Scorpio, a global leading organiser of concerts and festivals, on all matters relating to data protection and data privacy. Also acting as DPO for the FKP Scorpio.
  • Advising Grifols, a large global healthcare company, on all matters relating to data protection and data privacy including records or processing activities, data processing agreements, GDPR training courses, data privacy notices for employees, and whistleblowing issues.

Advokatfirman Lindahl KB

Advokatfirman Lindahl KB’s privacy and data protection practice handles a wide range of matters, with particular strength in cross-border matters in the life sciences sector, often involving data protection issues concerning clinical trials and medical research. The team’s broad client base ranges from start-ups through to mid-sized companies and multinationals. M&A and IT outsourcing expert Gabriel Svedberg leads the team alongside Michael Edquist, who specialises in IT and finance-related work. Mårten Lindberg, with notable experience in the TMT sector, focuses on IP and data protection mandates.

Practice head(s):

Gabriel Svedberg; Michael Edquist

Other key lawyers:

Mårten Lindberg; Mikael Olsson


‘The team at Lindahl has a great spread of competencies which makes it easy to quickly find the expertise required.’

‘Mårten Lindberg is very pragmatic and solution oriented. He defines the scope of projects based on the needs, budget and resources of the customer.’

‘Gabriel Svedberg is pragmatic and offers clear advice.’

‘Mikael Olsson has great knowledge within data privacy.’

‘The team is mindful of clients’ operations and true needs and pragmatic.’ 

‘A good company culture with friendly and committed people that have a very high level of individual expertise and good communication skills.’

Key clients

Affibody AB

Philips AB

Esri Group

Amra Medical AB

E.ON Sverige Aktiebolag

Olink Proteomics AB

BHG Group AB

Novare Human Capital AB

Flowbox AB

Bris – Children’s Rights in Society

Neonode Technologies AB

Onemotion Integrated Marketing Communication AB

Swin Technologies AB

Kollektivavtalsinformation i Sverige AB


Valida Due Diligence AB


Fastator Group (Aktiebolaget Fastator, Nordic PM AB and Offentliga Hus i Norden AB)

Viedoc Technologies AB

Berling Media Group


Roschier’s data protection team collaborates with the firm’s TMT, intellectual property, and life sciences groups to offer a comprehensive service to clients in the tech, media, banking and private equity sectors, among others, covering auditing issues, compliance work, third country data transfers, and data breaches. Practice head Björn Johansson Heigis has considerable experience advising Nordic data-intensive companies on GDPR compliance alongside expertise in privacy issues concerning new technologies. Senior associate John Park is also a key contact, specialising in cross-border data protection mandates.

Practice head(s):

Björn Johansson Heigis

Other key lawyers:

John Park


‘The team has a wide range in terms of competence with coverage in all Nordic countries.’

‘Roschier’s representatives are always professional.’

Key clients


Ontario Teachers

Hemnet Group


Advokatfirman Vinge

Advokatfirman Vinge’s IT and telecoms practice advises start-ups as well as leading corporations on a wide range of data protection and data privacy matters, including compliance work, cross-border data transfers, security breaches, and investigations. Emelie Svensäter Jerntorp co-heads the team from Skåne and combines her data experience with employment law expertise. Fellow co-head Nicklas Thorgerzon is based in Stockholm and has a strong track record in large-scale GDPR projects, while senior associate Alexander Lindeberg’s broad practice covers data breaches, third country transfers, and cookie compliance issues, among other areas.

Practice head(s):

Emelie Svensäter Jerntorp; Nicklas Thorgezon

Other key lawyers:

Alexander Lindeberg


‘Nicklas Thorgerzon has deeply impressive expertise in the privacy field. He is outstanding – with meticulous attention to detail, an awesome personality, a profound knowledge of privacy laws and an unwavering commitment to protect clients’ rights and solve challenges in a effective and pragmatic way.’

Key clients


Star Stable

Work highlights

  • Advising Tele2 on various data protection issues, including in relation to an ongoing dispute with the Swedish Data Protection Authority, which has imposed administrative fines of SEK12m on Tele2 for sending data to the US via Google Analytics.
  • Advised Star Stable, an online gaming company, on various data protection issues and coordinated advice for several jurisdictions.

Bird & Bird

Bird & Bird’s commercial team in Stockholm advises on a wide range of cybersecurity and data protection issues, including compliance work and data breach investigations, leveraging the firm’s international network of data protection specialists. Commercial lawyer and practice head Mattias Lindberg has considerable experience in data protection and privacy matters.

Practice head(s):

Mattias Lindberg


‘Mattias Lindberg’s exquisite legal know-how and truly competent social and teamwork abilities personifies the service given. Mattias’ way of working gives clients full trust in him.’

‘Mattias Lindberg has very broad knowledge of privacy legislation and a great ability to communicate his knowledge to business operations and their processes.’

‘Mattias Lindberg has a tremendous understanding of how legislation should be practically implemented in businesses.’

‘The team’s deep know-how of current and upcoming data privacy and data protection regulations gives clients confidence. They have an exquisite ability to make legal wording understandable.’

DLA Piper Sweden

DLA Piper Sweden’s digital, data and cyber team has broad experience in domestic and cross-border matters, which includes representing clients before the Swedish Authority for Privacy Protection. Practice head Jennie Nilsson’s varied practice covers GDPR management projects, data transfers, data subject rights issues, personal data mandates, and litigation.

Practice head(s):

Jennie Nilsson


‘A highly proficient, concise, and practical team.’

‘Jennie Nilsson’s expertise gives clients confidence the right decisions will be made, even in complex situations.’

‘Jennie Nilsson is responsive, knowledgeable and business minded.’

‘Jennie Nilsson’s expertise in the field is remarkable. Not only is she highly knowledgeable, but she has a pragmatic approach.’

‘The team possesses a deep understanding of clients’ requirements and tailors their efforts the most effective assistance.’

‘The team is very very knowledgeable in relevant fields.’

‘The individuals of the team are accessible and have a nice and friendly way about them.’

Key clients



Klarna Bank

Assa Abloy

Dynamic Code


Voi Technology





Utopia Music


Swedish Ski Association

X Shore



Frank Dandy


IPSEN Pharmaceuticals

Work highlights

  • Assisting Sweden-headquartered blue-chip company Electrolux with ongoing data privacy advice.
  • Assisting BMW Nordics with ongoing data privacy advice.
  • Assisting Asics and Haglöfs with ongoing data privacy advice.

Advokatfirman Fylgia KB

Advokatfirman Fylgia KB’s commercial tech and data department has considerable experience advising blue-chip clients in the IT and telecoms, construction, retail, marketing, fashion and entertainment sectors, among others, on data protection and privacy matters, including GDPR compliance issues and personal data processing work. Martin Gynnerstedt heads up the practice.

Practice head(s):

Martin Gynnerstedt


‘A reliable team with a thorough understanding of local and international laws.’

‘Martin Gynnerstedt is an excellent adviser within the field of GDPR. He is very efficient and has very good knowledge within his field. Furthermore he has an excellent commercial approach.’

‘Martin Gynnerstedt delivers on time and provides innovative solutions to complicated questions. He is excellent.’

‘The team consists of smart and efficient lawyers.’

‘The team has a quick grasp of key commercial and legal issues.’

‘A good team with a high level of knowledge.’

‘They team is incredibly fast to get back to clients and offer a simply exceptional service.’

Key clients


Bring Shelfless Nordic AB

Svenska Kraftnät

Glow Technology AB

Mavenoid AB

Beijer Byggmaterial Aktiebolag

Cabonline Group AB

Egencia Sweden AB


DC Training Sweden AB

Work highlights

  • Advised Beijer Byggmaterial Aktiebolag on a compliance project with the focus on reviewing privacy documentation.
  • Advised Bring Shelfless Nordic AB on data privacy and data protection compliance matters related to its services offering.
  • Advised DC Training Sweden AB on ensuring the data privacy and data protection-compliant implementation of a new technology platform.

Gernandt & Danielsson Advokatbyrå

Gernandt & Danielsson Advokatbyrå’s data privacy and protection team has broad experience advising on GDPR, data breaches, data transfers and online tracking issues, among other matters. Practice head Niclas Rockborn is particularly strong at handling data privacy issues in the finance and fintech sectors, while Ulrika Forsberg specialises in regulatory compliance and risk management work.

Practice head(s):

Niclas Rockborn

Other key lawyers:

Ulrika Forsberg

Magnusson Sweden

Magnusson Sweden’s data protection and data privacy team handles a wide range of matters, including GDPR audits, personal data processing work, and impact assessments. Helena Rönqvist, who specialises in data privacy and regulatory issues in the e-commerce, social media and marketing spaces, leads the team alongside Caroline Landerfors, who is particularly experienced in outsourcing matters in the financial sector and GDPR issues.

Practice head(s):

Helena Rönqvist; Caroline Landerfors

Key clients

Fondo Solutions

Nordiska Galleriet





Work highlights

  • Advising Spotlight Stock Market in connection with listings of shares on Spotlight Stock Market’s trading facility, including advice in relation to data protection and data privacy in connection with due diligence work.
  • Advising Fondo on GDPR issues such as data processing agreements and providing strategic advice on data protection perspectives for its business model.
  • Advising Svalna on the privacy set-up on Svalna’s sustainability app.

Norelid Advokatbyrå

Norelid Advokatbyrå’s data privacy and cyber response team is particularly strong at handling cyber incidents and data breaches on behalf of both insurers and policyholders. Founder and managing partner Susanna Norelid has considerable experience advising on GDPR compliance matters as well as data breaches, often as incident manager. Maria Segerholm and Stefan Johansson also play key roles in the team.

Practice head(s):

Susanna Norelid

Other key lawyers:

Maria Segerholm; Stefan Johansson


‘Norelid has in-depth knowledge and a great understanding of business, whilst also being easy to work with and very engaged.’

‘Susanna Norelid is among the best attorneys in Sweden within the field.’

‘Norelid is a skilled and cohesive team.’

Key clients

Trygghetsrådet TRS

SOK Stiftelsen

Signature Litigation

Adlaw International

Pressa Sverige

Modular Finance




Protector Försäkring

Mediehuset Kvartal



Work highlights

  • Advising Trygghetsstiftelsen/SOKstiftelsen on matters relating to data protection and GDPR compliance for the entire organisation.
  • Advising a client and acting as Incident Manager in relation to a national cyber incident.
  • Advised Protector Försäkring in relation to complex compliance and contractual issues regarding personal data protection and data transfers to and from Swedish governmental agencies.


TIME DANOWSKY Advokatbyrå AB’s dedicated data protection team, which sits within the wider digital and tech practice, has experience in a wide range of contentious and non-contentious issues, including GDPR compliance, information security matters, impact assessments, and camera surveillance mandates. Practice head Jonas Forzelius is instructed by both public and private sector clients and regularly collaborates with the IT and telecoms team to advise on the use of personal data in IT systems.

Practice head(s):

Jonas Forzelius

Key clients

Telenor Sverige AB

TM & Partners

TM & Partners’ technology team regularly handles data protection and data privacy matters, especially those arising in the context of acquisitions and procurements. Practice head Fredrik Gustafsson has considerable cross-border experience, advising industrials, real estate companies, banks, fintech companies, and healthcare providers. Erik Woodcock also has notable expertise in the field.

Practice head(s):

Fredrik Gustafsson

Other key lawyers:

Erik Woodcock; Karolina Kjellberg


‘They are super easy to work with, quick to respond and provide great results.’

‘Fredrik Gustafsson is a person who is easy to work with, always provides a high level of quality, and is extremely flexible and cooperative.’

‘Both Fredrik Gustafsson and Karolina Kjellberg are very nice people, like friends you’ve known for quite some time. They are both service minded and can give advice on different matters from different points of view.’

‘The team is very well put together with a lot of different skills and is easy to reach.’

‘The team has a clear work plan/strategy, delivers on time and is flexibility.’

‘They are attentive to detail and yet quickly grasp the overall perspective. They are detailed and honest and clearly know what they are doing.’

‘The team has good knowledge and a high level of flexibility.’

Key clients

LRF Samköp AB

EQUA Simulation AB

Air Liquide Biogas Solution Europe


Priveq Investment

CombinedX AB

Norvestor Equity

Coala-Life Group AB

Vivesto AB

Renewcell AB

Team Olivia

Alliance Marine SAS


Work highlights

  • Advised Veranex in connection with all data privacy and data protection aspects of its acquisition of Devicia and Clarvin together with affiliated companies Kickfile, Lea Group and Limulus Bio.
  • Advising LRF Samköp, an affiliate of the Swedish farmers’ association, on most of its legal matters, including data privacy and data protection issues.
  • Advised EQUA Simulation on all data privacy and data protection aspects of the acquisition of a majority stake of MagiCAD Group Oy, a subsidiary of Glodon Company Limited.