Privacy Notice

  1. Data Controller and basis for processing

This Privacy Notice applies to activities related to and participation at Nordic Legal Tech Day (”NLTD”, ”we”, ”our”, ”us”), an event organised by LegalWorks Nordic AB corporate identity number 559046-3922 (Data Controller), who conducts the processing of personal data relating to individuals who use NLTD’s services (”you”, ”your”). NLTD processing of personal data complies with the General Data Protection Regulation (EU) 2016/679, (”GDPR”).


Processing of personal data is based on a contract with your company or you, the data subject, or as a speaker, sponsor, exhibitor or participant at one of our events. We may also process your personal data if we believe that you may be interested in attending one of our events. Processing also takes place in order to comply with legal obligations under law and decisions by public authorities.


  1. Personal data processed

Personal data is any information that can be directly or indirectly linked to a living person. NLTD collects and processes various types of personal data in the course of its activities.


NLTD may collect the following personal data from you:

  • Identity Data – first name and last name.
  • Contact Details – address, email address, telephone number and job title.
  • Payment Information – information to make payments to or from NLTD or issue invoices.
  • Health Information – information about any allergies or disabilities that require adaptation at our events.


In addition to the above, we also collect information about the organisation you belong to and how to contact them.


  1. Purposes of the processing

NLTD processes your personal data:

  • When this is necessary to perform in accordance with an agreement with you.
  • For information about and performance of services and contact with you.
  • To be able to investigate any complaints.
  • As a basis for invoicing.
  • As required to comply with obligations incumbent on NLTD under government decisions and law.
  • To send you communications about our business.


For full details of the purposes and legal basis for processing your personal data, please see the table below.


  1. Retention of personal data

Personal data is retained for as long as necessary to fulfil the purposes described above. This means that most personal data about you will be automatically deleted after our event and its follow-up work has been completed or a statutory archiving period has expired.


For example, NLTD is obligated by the Swedish Accounting Act to retain certain personal data, e.g. those contained in invoices and similar accounting documents, for seven years. Personal data retained for accounting purposes will only be used for that purpose.

Information about you that is linked to you as a speaker, sponsor, exhibitor or participant will be retained until our post-event work is completed, at which point most of your information will be deleted when it does not need to be retained for other purposes. An example of this is that certain information, such as information about your identity and contact details, will be kept for 36 months after the event has been organised for marketing purposes.

For full details of how long we keep your personal data, please see the table below.


  1. Deletion of personal data

Personal data will be deleted or anonymised when the data no longer needs to be retained and this will be done in accordance with what we described above.

When NLTD performs a deletion of personal data, it cannot be revoked/recreated and once the deletion has been carried out, no person can be associated with the information that remains.



Legal basis

Categories of

personal data

Retention period

Administrate the event

Performance of a contract

– Identity Data

– Contact Details


Until the event and its aftermath is completed.

Documentation obligation according to law

Legal obligation

– Identity Data

– Contact Details

– Payment Information


As long as we are obliged to keep the data in accordance with

applicable law or a decision by a public authority, such as 7 years in accordance with the Swedish Accounting Act.

Marketing by letter, phone or e-mail.

Legitimate interest

– Identity Data

– Contact Details


36 months after you were at an event. You can opt out at any time from marketing by contacting us at




– Identity Data

– Contact Details


As long as you are an active subscriber to our newsletter.

Administrate registrations for, follow-up and development of our events

Legitimate interest

– Identity Data

– Contact Details

– Payment Information


36 months after the

event has been completed.

Ensure that special diets or disabilities that require adaptation are respected at our events


– Identity data

– Health Information


Until the event is completed.

Images used for marketing purposes


– Identity Data


Until you withdraw your consent

Investigate any complaints

Legitimate interest

– Identity Data

– Contact Details


12 months after the event has taken place.

Preventing and investigating possible fraud

Legitimate interest

– Identity Data

– Contact Details

– Payment Information


12 months after the event has taken place.


  1. Recipients of personal data

NLTD cooperates and interacts with other companies, and we use vendors. We will therefore transfer your personal data and enlist the help of other parties to process your personal data when necessary. The following types of recipients may be eligible:

  • Notification services – NLTD uses services to communicate automatically with you, e.g. with confirmations or reminders. These companies will only have access to your contact information and have undertaken not to share your personal data beyond what is necessary to perform the service.
  • Authorities – NLTD may need to disclose information to government agencies if we are required to do so by law or if you have requested us to do so. In some cases, NLTD may be prevented by law from telling you that your personal information has been requested by a government agency.

NLTD may also share your personal data with the companies that are sponsors or exhibitors at our events. These companies may in turn choose to contact you and will then inform you about how they intend to process your personal data. If you do not want us to share your personal data, you can contact us at


NLTD processes as much of its data as possible within the EU/EEA. If data is transferred for processing by a supplier or subcontractor outside the EU/EEA, the recipient has always entered into contractual terms with NLTD that ensure that the recipient maintains a level of protection comparable to that of the EU/EEA in accordance with Chapter V GDPR.


  1. Information security

As a Data Controller, NLTD takes appropriate technical and organisational measures to protect the personal data processed in accordance with Chapter 3 Section 2 of the GDPR. We have specific internal policies and processes in place to deal with information security issues and to prevent and detect leaks.

If your personal data is subject to an occurring security incident (better known as a ”personal data breach”), we may contact you in accordance with Article 34 GDPR.


  1. Your rights
  • Withdraw consent:

You have the right to withdraw consent to a particular processing operation free of charge without affecting the lawfulness of the processing before the withdrawal. You do this by sending an e-mail to

  • Right to restriction of processing:

You have the right to request that the processing be restricted to storage and to object to the processing. For example, you can choose to unsubscribe from newsletters and other mailings by following a link in these mailings or by sending an e-mail to

  • Right to object:

You may at any time object to the processing of personal data that NLTD bases on its legitimate interest. You can also object at any time to the processing of your personal data for direct marketing purposes at any time. If you wish to object to a processing operation, you do so by contacting us by e-mail to

  • Right of access:

You also have the right to request an extract from the register, in electronic format or on paper. NLTD will compile information about how your personal data is processed and send it to you, normally within one month. You do this by sending an e-mail to

  • Right to rectification:

You have the right to request NLTD to rectify personal data that you believe is inaccurate and to submit supplementary personal data (in special cases) if you believe that the personal data NLTD has processed has given an inaccurate picture of you. You do this by sending an e-mail to

  • Right to data portability:

You can ask us to move your personal data from our IT environment to someone else, either another company or to you, by contacting us by emailing  This does not apply to data that NLTD is required to retain by law.

  • Right to erasure:

You have the right to request that NLTD delete your personal data. We will then delete personal data that we are not required to keep in order to fulfil legal obligations. NLTD will also continue to process personal data in certain other cases, including when personal data needs to be processed to fulfil a contract with you. You do this by sending an e-mail to


If you believe that we have done something wrong or do not live up to this Privacy Notice, we would like you to contact us in the first instance, but you always have the right to lodge a complaint with the Swedish Authority for Privacy Protection, for more information see .



This Privacy Notice was last updated on January 29, 2024.

Rulla till toppen