Affärsadvokaterna i Sverige AB is headed by Mattias Lindberg and advises on a range of data protection and privacy issues, including handling AI, digital transformation, and large-scale technology projects.

Led by Jennie Nilsson and Erik Ullberg, the TMC group at CMS Wistrand advises clients on a range of regulatory matters, including the EU AI Act, alongside advising on data protection agreements, privacy notices, and contracting. Nilsson joined the firm from DLA Piper Sweden in January 2025, and regularly advises on cybersecurity matters.

Advising on a comprehensive range of data privacy and protection issues, the team at Advokatfirman Cederquist KB frequently advises on information security, regulatory guidance, and compliance initiative work. Johanna Linder is regularly instructed by large companies, where she advises on financial crime prevention. Malin Allard is a key contact for regulatory matters surrounding new and developing technologies, while Henrik Lindstrand is noted for his work in GDPR and wider data legislation. The three jointly head the team, and Antonia Carlsson works alongside them with experience with data protection compliance programmes.

The team at Cirio Advokatbyrå AB remains active, advising on complex, multi-jurisdictional data protection matters. Team head Caroline Olstedt Carlström is a leading figure in Swedish data protection and privacy. With over 25 years of experience, she is frequently engaged in advising government expert groups on a comprehensive range of data issues, including GDPR, and is also noted for her work in data protection investigations. David Frydlinger is another key member of the team, specialising in handling claims relating to complex IT contracts, outsourcings, and telecoms alongside his data protection expertise. Working alongside them is Hanna Tilus with expertise in life sciences and IP data matters. Ina Laurell and Jessica Sondell are further key contacts.

The data protection and privacy offering at Advokatfirman Delphi remains comprehensive, with the team advising on a range of mandates, including camera surveillance issues, compliance frameworks, and regulatory impact. The firm also has experience in handling cyber attacks. Gothenburg-based Johan Engdahl jointly leads the team and is regarded for his 'business and solution-oriented mindset'. Fellow co-head Peter Nordbeck, based in Stockholm, is noted for his data protection litigation experience. Agnes Hammarstrand is a key contact within the team, specialising in e-commerce and privacy, while Emilia Malmberg Larson has expertise in advising on legal issues around cookies, websites, and apps.

Advokatfirman Kahn Pedersen KB is a go-to for public authorities, with expertise in public sector laws and regulations such as GDPR and the Swedish Public Access to Information and Secrecy Act. Beyond this, the team regularly engages with private equity firms, foreign defence contractors, and trade unions. The group also has experience in working on cybersecurity mandates, including information and national security matters. Johan Kahn heads the practice group, noted for his work with outsourcings, IT contracts, and cloud computing issues. Daniel Lundqvist is another key contact, with expertise in regulatory matters, and Tahmina Sahibli has experience in strategic sourcing. Hanna Bogsjö Österberg is a key name, having advised on third-country transfers and the use of new technology.

Mannheimer Swartling remains the go-to firm for handling investigations by the Swedish Authority for Privacy Protection. The group also has expertise in advising on the ethical use of AI and personal data, as well as on digital sustainability and human rights issues relating to data. The group has a blue-chip client base, including clients in the life sciences, telecoms, and financial sectors. Erica Wiking Häger heads the group, and has over 20 years of experience in a range of compliance and contentious matters, as well as working on global investigations and data breaches. Niklas Sjoblom is recognised for his expertise in data privacy screenings and multinational cloud mandates, while Anders Bergsten frequently advises companies in the generative AI sector. Martin Hallström is also a key contact.

The group at Setterwalls remains active, handling matters across data privacy and protection, including supporting clients with cross-border data transfers, GDPR issues, and compliance audits. Furthermore, the team has extensive experience managing cybersecurity mandates, advising on compliance issues, data breaches, and incident response matters. Fredrik Roos works on a range of regulatory and compliance work involving machine learning, AI, and VR. Niklas Follin is noted for his work in the fintech space and data breaches. Sophia Spala leads the group alongside Roos and Follin, and has expertise at the intersection of IP and technology. Alexandra Rosell is another key name.

With extensive experience advising on a range of GDPR matters, including litigation, data breaches, and cross-border transfers, the group at edpLaw remains a strong player within the data protection and privacy space. The group frequently advises on the EU Artificial Intelligence Act, as well as other areas of EU law, including the Data Governance Act. Team co-head Johan Sundberg is recognised for his expertise in supervisory matters, and fellow co-head Johan Thörn is frequently involved in privacy management programs and e-privacy compliance. Fredrik Eråker is also a notable name.

The team at Hellström Law advises on data breaches, cybersecurity issues, and GDPR compliance. Alongside this, the group often takes the role of Data Protection Officer for public and private clients. Anna Fernqvist Svensson leads the group, noted for her role in the development of a whistleblowing channel offered to clients. Karl-Fredrik Björklund is another key name, advising large and mid-size companies on a comprehensive range of data issues, while Erika Juvander Heveus specialises in employment and data protection law.

Roschier fields an active team, advising clients across the Nordics on GDPR work, whistleblowing issues and IT-related carve-outs. The group has experience in handling audits and disputes against the Swedish Authority for Privacy Protection, as well as advising on daily data protection compliance programmes. Björn Johansson Heigis heads the practice and is frequently engaged by clients in the media and technology sectors. Björn Hård af Segerstad has expertise in regulatory and fintech matters, and John Park is another notable name for compliance programs and implementation work.

Elisabeth Vestin heads the IP and technology team at Snellman, which advises clients, including blue-chip companies, on a range of data protection and privacy issues. The group has experience representing clients in investigations before the Swedish Authority for Privacy Protection, as well as handling data breaches and conducting data protection audits. Caroline Sundberg heads the data, privacy, and cybersecurity practice group; she is well-regarded for her work with financial institutions, government entities, and telecoms operators. Jessica Tressfeldt works alongside, and is frequently engaged in commercial data mandates.

The data protection team at TIME DANOWSKY Advokatbyrå AB advises on a range of matters, including AI issues, IoT mandates, regulatory compliance work, and system integrations. Alongside this, the group has experience in representing clients against the Swedish Authority for Privacy Protection. Jonas Forzelius heads the group, frequently advising public and private sector clients on data protection matters. Ulrika Geissler is another key player within the team, advising on a range of data protection policies as well as cloud computing work and cross-border data transfers. Esa Kymäläinen and Mats Ohlén are other key names.

Vinge Advokatfirman KB assists clients in the AI, adtech, and cloud services sectors on a broad range of data protection and privacy issues, adeptly handling the changing legal landscape around new technologies. The group frequently designs compliance strategies and advises on a range of GDPR regulatory issues, and Nicklas Thorgerzon routinely works on large-scale GDPR projects as well as advising clients in the sports, media, and gaming industries. Emelie Svensäter Jerntorp is noted for her expertise in personal data compliance. Thorgerzon and Svensäter Jerntorp lead the group alongside Eva Fredriksson.

The team at DLA Piper Sweden advises a range of clients on data and AI governance alongside handling cybersecurity mandates. Gustav Lundin leads the practice group, and is regularly engaged in advising on key EU frameworks such as GDPR and the Digital Markets Act. Astrid Bohlin is another key name within the team, with expertise in legislative frameworks surrounding connected vehicles and privacy matters.

Eversheds Sutherland‘s Stockholm practice regularly advises on a range of data privacy and protection issues, including advising on GDPR compliance, cybersecurity issues, and commercial IT matters. Recently, the group has been engaged on cloud-based matters. Sara Malmgren leads the practice group, with experience advising start-ups and large companies on compliance issues and privacy incident management. Torbjörn Lindmark is another key name, noted for his cross-border work.

Advokatfirman Fylgia KB fields an active practice, advising on a diverse range of matters, spanning risk and vulnerability assessments, regulatory assessments, and implementation strategies for cloud computing. Team lead Martin Gynnerstedt advises a range of clients including technology ventures and listed companies. Working alongside him is Björn Karlsson, who undertakes an array of GDPR mandates as well as advising on compliance matters in the private and public sectors. Linda Mazaheri is another key name.

With particular expertise in advising clients in the financial and fintech sectors, the team at Gernandt & Danielsson Advokatbyrå handles mandates involving AI, cybersecurity, and regulatory compliance elements. The group has experience in GDPR, bank secrecy, and cross-border matters. Niclas Rockborn heads the team, noted for his work in the emerging technologies sector. Astrid Svensson is another key contact, with experience in compliance and risk management within the data privacy and protection space.

The privacy and data protection team at Advokatfirman Lindahl KB provides a comprehensive offering, handling public documentation issues, confidentiality matters, data protection impact assessments, and EU law compliance work. Michael Edquist leads the group alongside Gabriel Svedberg, who is noted for his work with medtech companies and experience handling multi-jurisdictional mandates. Johan Åberg is also a key player, specialising in EU regulations impacting the digital sphere, including AI mandates.

The IT and data protection practice at Magnusson has experience in GDPR audits, AI regulatory work, e-commerce issues, and digital media matters. Helena Rönqvist is regarded for her work in contract negotiations. She leads the team alongside Caroline Landerfors, who is noted for her work on regulatory issues with expertise in distribution and data protection matters. Susanna Norelid is another key name, working within cybersecurity, and Vilma Slättegård is also a key contact.

MAQS Advokatbyrå provides comprehensive advice surrounding data transfers, including intra-group and third-party cross-border flows. Recently, the group has been advising clients on AI integration, in line with EU regulation. Karin Schurmann is well regarded for her work advising clients on the EU Digital Decade initiatives, supporting clients in the retail, financial, and insurance sectors. She jointly leads the team with Anna Eidvall, who is noted for her work in designing and implementing data protection programs and data governance strategies.

Advising on a wide range of data privacy and protection matters, the team at Synch Law AB handles matters in the IT, retail, mining, and healthcare sectors. The group frequently advises on regulatory frameworks, including on GDPR and the Data Act. Karolina Pekkari leads the group, bringing expertise in the international IT industry to the group. Jim Runsten is another key contact, with experience in both advisory and data protection officer work.

Advising on GDPR and other regulatory matters, the team at TM & Partners remains active, supporting clients within the financial, fintech, and healthcare sectors. The group is particularly noted for its work advising on data privacy matters during acquisitions and mergers. Fredrik Gustafsson leads the practice group, with expertise working with industrial clients and real estate companies.