Preparation and review of order processing contracts
Records of processing activities
Data protection information and privacy policies
Erasure concepts
Processes following data protection breaches
Data protection impact assessments (DPIA) and transfer impact assessments (TIA)
Transfer of personal data to third countries
Binding Corporate Rules (BCR) and approval procedures
Answers to data protection questions and requests for information in accordance with Art. 15 GDPR
Employee data protection
Handling personal data in human resources
Data protection for applicants
Admissibility of surveillance measures
Usability of evidence from internal investigations
Data protection requirements for a mobile working environment
Health data protection
Legal assistance with data protection breaches
Advice after a cyber attack
Advice on e-commerce issues, such as General Terms and Conditions, terms of use, the legal notice, data protection provisions, cookies, and consent management tools
Legal advice on software and IT projects
Dr. Sonja Kreß mainly advises:
Enterprises and employers
Managing directors, other executive bodies, and senior executives
With BRP RENAUD since 2016, became partner in 2022
Attorney-at-law (Germany) since 2016
Earned her doctorate as part of a part-time doctoral program of a large international automotive supplier based in Stuttgart
Legal clerkship at the Regional Court of Ulm, at the Administrative University in Speyer and in an international commercial law firm as well as the legal department of an international corporation in Stuttgart
Studied law at the University of Tübingen
languages
German
English
Publications
Criminal Compliance und Datenschutz im Konzern [Criminal Compliance and Data Protection in Corporations, Dissertations, articles on Compliance, Nomos Verlagsgesellschaft, Volume 12, Baden-Baden 2018