ITALY Law and Practice Contributed by: Angelo Zambelli, Barbara Grasselli and Alberto Testi, Zambelli & Partners
nation, including dismissal for “just cause” (ie gross misconduct). 2.2 Non-Solicits There is no legal regulation of non-solicitation of employees and customer restraints. Therefore, such restraints must be clearly drafted and explicitly defined. There are no requirements in terms of the duration of a non-solicitation restraint. However, this restraint is usually inserted in a non-competition agreement, and therefore, the parties usually agree that this restraint will last for the same duration as the non-competition restraint. As to the compensation, it is debated whether the above statutory requirement for non-compete agree - ments would also apply to the non-soliciting covenant. 3. Data Privacy 3.1 Data Privacy Law and Employment Italy is currently subject to the Italian Data Protection Act (Law No 196/2003), as amended by Legislative Decree No 101 of 10 August 2018, and the GDPR. Data protection legislation must apply jointly with the employment laws set out in the Workers’ Statute (Law No 300/1970). According to its Article 4, the instru - ments and equipment that are potentially able to mon - itor employees are permitted only to the extent they are required for organisational, productive or safety reasons or the safeguarding of company assets, and provided that their use is agreed with the works coun - cil or most representative trade unions or authorised by the Labour Office, depending on the specific case. Such rules do not apply (thus no agreement or author - isation is needed) to the instruments and equipment used by employees for their work (eg, laptop or mobile phone) or to devices that the employer uses to register employees’ access and attendance at the workplace. In addition, the data and the information collected through such instruments and equipment can be used for all purposes related to the employment relation -
ship, provided that the employees have been ade - quately informed of how the instruments can be used and how the controls can be carried out, in compli - ance with data protection legislation. From a privacy perspective, the Italian Data Protec - tion Authority (DPA) on 1 March 2007 issued some provisions (“Guidelines applying to the use of email and the internet in the employment contest”) requiring data processors to define internal policy for the use of the internet, email and IT equipment and, in general, internal procedures for data protection purposes. The employer should inform employees in advance and unambiguously about any processing operations that may concern them in connection with possible con - trols. In particular, employers are required to provide information and instructions on the appropriate use of the IT devices supplied and relevant controls (eg, monitoring), if there are any. More specifically, employ - ers must inform their employees about the type of tools being used, as well as the nature of the controls in place. With reference to email management systems, the 2024 guidelines by the Italian DPA provides that meta - data (ie, technical information automatically generated during email exchanges, such as sender and recipient email addresses, IP addresses of servers, etc) should generally be retained for a limited period typically not exceeding 21 days, unless there are proven needs that justify a longer period. Every year, the Italian authorities set thresholds for the maximum number of regular work permits that may be applied for (so-called quotas). However, pursuant to Legislative Decree 286/1998 (the so-called Immigration Act), highly skilled individu - als or employees who perform specific activities can apply to stay and work in Italy under an “extra quotas” procedure. As for highly qualified individuals, the law provides that they shall have the proper educational or profes - 4. Foreign Workers 4.1 Limitations on Foreign Workers
320 CHAMBERS.COM
Powered by FlippingBook