Firm Profile > De Luca & Partners > Milan, Italy

De Luca & Partners
20122 MILAN

Employment Tier 3

De Luca & Partners, which is exclusively dedicated to employment law, focuses on assisting companies and top executives with their day-to-day employment law issues and relations with trade unions, as well as restructurings, disputes and M&A-related matters. Practice head Vittorio De Luca has expertise in advising corporates and private equity funds on international M&A and restructurings. Senior associate Marco Giangrande, joined from Lexellent in February 2020. Also notable is that senior associate Alessandra Zilla joined from Grimaldi Studio Legale.

Practice head(s):

Vittorio De Luca

Other key lawyers:

Marco Giangrande; Alessandra Zilla

Key clients

Platinum Equity

Aksìa Group SGR

De Luca & Partners was founded in 1976 by Vincenzo De Luca and consists of a team of 24 people.

The law firm is specialized in employment law and carries out its consultation, assistance activity, including for all aspects of litigation management for national and multinational companies from all commodity sectors, having a specific and exclusive expertise in the following practice areas: labour and employment law, commercial agency law, health and safety in the workplace, anti bribery law (Law 231/01) and GDPR – data protection.

Specialisation, confidentiality, professionalism, independence, efficiency, a pro-active attitude, attention to clients’ needs and transparency: these are the values that have driven De Luca & Partner’s activities since 1976.

Thanks to its in-depth knowledge of laws and practices gained in over 45 years of experience, as well as its ability to explain simply and clearly Italian employment law rules (which are often complex) the firm frequently handles cross-border transactions involving multiple jurisdictions and provides advice to headquarters, legal affairs directors and human resource managers working outside of Italy.

The firm relies on a solid network of counterparts for transactions requiring activity in Italy and around the world.

The firm advises over 400 clients, with whom it enjoys long-term professional relationships due to an ability to adapt to their ever-changing needs. Clients are either large, or medium and small sized Italian and foreign companies from a variety of business industries such as: audit, banking, chemical, design, fashion, furniture, insurance, metal mechanical, retail, food and drink, media and marketing, software, technology and telecommunications, energy, automobiles and parts, etc.

Typically, De Luca & Partners advises international corporations in every single step of the set up of their operations in Italy, as well as in their day to day activity, reorganization and even closure.

De Luca & Partners is partner with:

  • HR Capital S.r.l.
  • Invest in Lombardy
  • Invest in Tuscany
  • Camera di Commercio Italo-Germanica
  • TMA
  • RoadJob

De Luca & Partners is an ongoing partner with:

  • National and international law firms;
  • Private equity companies and investment funds;
  • Auditing firms

in complex M&A and restructuring transactions during the acquisition, restructuring and disposal phases of investments in companies operating in Italy.

De Luca & Partners’ Think Tank manages and coordinates research, training (internal and external) and editorial activities on labour law matters, protection of personal data and administrative liability of entities.

De Luca & Partners invests in researching and disseminating employment law material and for this reason collaborates with Il Sole 24 Ore and with the main employment law publications. Its partners and associates are often invited as speakers at training courses, workshops and seminars on employment law issues in Italy and abroad.

Main areas of practice: De Luca & Partners is specialised in providing advice to companies exclusively in the employment law field. The decision to specialise in this area in the middle of the 1970s has been a winning one and it remains the key point of the firm’s development strategy.

The partners and associates of the firm provide services in the following areas of practice:

Employment and labour: The lawyers of the firm regularly advice corporations and institutions in any and all the issues they face in their day-to-day activity, in order to allow them to concentrate on their core businesses and achieve their targets. The firm normally assists its clients in ordinary issues as well as:

  • stock option plans;
  • retention plans;
  • company policies;
  • disciplinary procedures;
  • grievance procedures.

Industrial relations and restructurings: Due to the specific expertise of the founder and to the skills of its team, the firm, since its foundation, has always been regularly involved in reorganisations and restructurings, including trade unions negotiations. The firm’s experience in restructuring, trade union and business relations and in redundancy procedures and solidarity contracts is well recognised and, for this reason, the firm has long been commissioned by the Regional Agency for Education, Training and Employment of Lombardy – ARIFL (for its acronym in Italian) for the restructuring and use of redundancy arrangements.

Employment within corporate and M&A: De Luca & Partners also works closely with a number of Law firms – and occasionally even for law firms having an employment law department – private equity companies and investment funds where it is typically involved in managing labour aspects of M&A corporate transactions and restructuring of work organisations.

Labour and dispute resolution: Partners and associates of the firm are always committed to achieving Clients’ goals, preventing litigation when opportune. In any case, legal aid is one of their firm’s strong areas of competence, with a dedicated department and an impeccable track record.

The areas of intervention of the firm also include the right of agency, the right of trade union relations, the right of health and safety at work, the right of social security and immigration law.

As part of its specialisation in Labour Law, the firm provides its clients with advice on the protection of personal data and the administrative liability of entities under Legislative Decree 231/01.

Department Name Email Telephone
Employment and labour Vincenzo De Luca 39 02 3655 651
Employment and labour Vittorio De Luca 39 02 3655 651
Employment and labour Enrico De Luca 39 02 3655 651
Employment and labour Alberto De Luca 39 02 3655 651
Privacy compliance (GDPR) Elena Cannone 39 02 3655 651
Privacy compliance (GDPR) Martina De Angeli 39 02 3655 651
Labour Dispute Resolution Marco Giangrande 39 02 3655 651
Photo Name Position Profile
 Alberto De Luca  photo Alberto De Luca As partner at De Luca & Partners, Alberto is regularly involved –…
 Enrico De Luca  photo Enrico De Luca Enrico De Luca is specializes in employment, labour law, including compensation &…
 Vincenzo De Luca  photo Vincenzo De Luca Vincenzo De Luca, recognised as one of the top experts in his…
 Vittorio De Luca  photo Vittorio De Luca Vittorio De Luca is regularly involved – as expert for employment and…
Number of lawyers : 16

Specialisation, confidentiality, professionalism, independence, efficiency, a pro-active attitude, attention to our clients’ needs and transparency: these are the values that have driven De Luca & Partner’s activities since 1976.

De Luca & Partners possesses a Code of Ethics which states the values and principles used as inspiration for its identity and conduct.

The Code applies to partners, associates, employees, clients and suppliers of the Firm, and supplements the laws and regulations set down in statutory professional codes of ethics.

De Luca & Partners has always created the conditions required to value diversity and women in the workplace.

Women currently represent above 60% of the professionals at the firm.

Everybody has the same career chances and remuneration is based on objectivity and meritocracy, in order to encourage a richer and more stimulating work environment each day.

Thanks to its in-depth knowledge of laws and practices gained in over 40 years of activity, as well as its capacity to simply and clearly explain the rules (which are often complex) of Italian employment law, De Luca & Partners frequently handles cross-border transactions involving multiple jurisdictions and provides advise to headquarters, legal affairs directors and human resource managers working outside of Italy.

The Firm relies on a solid network of counterparts for transactions requiring activity in Italy or the world.

De Luca & Partners has Partners that are members of:

  • the EELA (European Employment Lawyers Association);
  • the IBA (International Bar Association);
  • the ABA (American Bar Association);
  • the IPBA (The Inter-Pacific Bar Association).

CLIENT: HR Director of a Client
COMPANY/FIRM: Private Equity Fund
TESTIMONIAL: “They are very proactive, able to offer tailor-made solutions to labour and employment law issues and to understand the overall picture of the transactions.”

CLIENT: Chief Executive Officer of a Client 
COMPANY/FIRM: Pan-European ophthalmic specialty pharmaceutical company
TESTIMONIAL: “Family values and tradition along with an international dimension: an excellent combination.”

CLIENT: Executive Partner and Founder of a Client
COMPANY/FIRM: Global private investment firm
TESTIMONIAL: “Great result. Gives us the opportunity to continue to build a great business in Italy and Europe.”

CLIENT: Chief Executive Officer of a Client
TESTIMONIAL: Technical preparation along with rapid understanding of the organisation and the client’s issues.”

CLIENT: International Manager of a Client
COMPANY/FIRM: Leading global provider
TESTIMONIAL: “Sensibility and availability, knowledge and expertise in employment matters we explicitly trust in.”

CLIENT: Cofounder & CEO of a Client
COMPANY/FIRM: International Corporation
TESTIMONIAL: “Thanks a lot to all of you once again for your reactivity and availability. I’m glad I followed your advice.”

Compliance on Data Protection in Italy


Last 25 May 2018, Regulation (EU) 2016/679, so called the “GDPR” (General Data Protection Regulation) – on the protection of natural persons (data subjects) with respect to the processing and transfer of personal data – became completely applicable in all EU Member States.

As an EU regulation, the GDPR is a provision to be directly applied in its entirety throughout the EU territory and, as clarified by the European Commission, originates from the desire, and the need, to harmonise and simplify the rules on the processing and transfer of personal data of natural persons, providing both Data Controllers (and Processors) and data subjects with legal certainty.

However, it would be a mistake not to consider legislation and peculiarities of each Member State in which the GDPR is applicable. Indeed, the principles and provisions provided for by the GDPR must be applied taking into account the implementation rules of each Member State, making for each case a local adaptation of the compliance obligations.

Specifically, for example, to adapt national law to the new regulation, the Italian law maker adopted Legislative Decree no. 101/2018 of August 10, 2018, adapting the GDPR to the relevant national legislation, represented by Legislative Decree no. 196/2003 (the Privacy Code, and together with the GDPR, the Data Protection Law).

The Data Protection and the employer-employee relationship

With respect to the above, Article 88 of the GDPR provides that each Member State may lay down more specific rules by law and national collective bargaining agreements (NCBA) to ensure the protection of the rights and freedoms regarding the processing of employees’ personal data in the employment relationships.

The above, for instance, allows a continuity in terms of individual and trade union protection and prerogatives, as provided for by Italian law, in primis by the “Statuto dei Lavoratori” (Law no. 300 of May 20, 1970, the Statute).

As a matter of fact, by means of Article 4, the Statute preserves the confidentiality of employees, defining the cases in which audio-visual equipment or other instruments from which the possibility of a remote control of employees’ activities may derive, even only potentially. The same Article 4 requires the employer to provide workers with adequate information on how to use the tools submitted and requires a full compliance with the Data Protection law by referring directly to the provisions of the Italian Privacy Code.

Under Italian Law, the employees’ control is not limited to the “workplace” concept, eg, where it could be implemented through the installation of a video surveillance system (comp. “Video-surveillance Provision” – April 8, 2010 [doc. web. 1712680] and (ii) European Data Protection Board – EDPB, “Guidelines no. 3/2019 on processing of personal data through video devices”) but also extends to devices, apps and generally tools used to perform the employment services. In this respect, before the application of the GDPR the Italian Data Protection Authority has issued “Guidelines for the use of Internet and e-mail in public and private workplaces” [doc. web. 1387522] which clearly define the limits between legal and illegal controls.

Please note that this is only an example of how a correct and compliant application of the provisions of the EU Regulation should be implemented considering local legislation.

In compliance with both the Statute and the Data Protection Law (comp. Article 25(1) of the GDPR), the employer must implement measures to protect employees’ personal data “from the design” of the processing (privacy by design) and by default (privacy by default), in compliance with the “accountability principle”. And compliance with the principle of accountability also means adapting to local regulations.

The 5 most common underestimate tasks in the application of the GDPR in Italy

Based on the experience of our GDPR Team, corporations more often fail to comply with the EU and mentioned Italian provisions in particular in the following 5 cases.

(i) Adoption of security measures and policies – As recently reported by the Italian Data Protection Authority during the presentation of the Report on the activities carried out during the past year, held on June 2, 2021: “2020 was characterised, at global level, by the negative record of cyber-attacks, facilitated by the increased use of telematic channels as a result of the pandemic and which, a few weeks ago, became real hostile acts in the context of the conflict for the cyber domain”.

The high number of cyber-attacks and personal data breaches have undoubtedly raised the awareness of both Data Controllers (and Processors) and data subjects about the importance of the issue, but on the other hand they have revealed a low level of compliance by the actors involved, which goes through the importance of adopting security measures, policies and tools that help prevent them.

Specifically, the adoption of internal policies is one of the tasks that is too often underestimated.

(ii) Appointments – Adopting internal policies that regulate the security of the information processed and define roles and responsibilities is a tool that not only serves to ensure the compliance of the organisation with the applicable Data Protection Law but also reduces the risk of any damage that may directly affect the business of the Company. The internal policies and procedures to be adopted must be tailored for each case based on the characteristics and risks that each situation presents and must comply with any additional procedures already applied by the company. For economic reasons or due to a lack of consciousness, it often happens that to comply with the obligations deriving from the applicable law, standardised internal policies or procedures are adopted which, in fact, are not suitable for the organisation adopting them.

(iii) Training – Once policies and procedures have been adopted, training and awareness-raising of staff on the correct application of these policies and procedures is essential. Systematically educating and updating who must daily apply it contributes to reducing the risks to which the Data Controllers or Processors are exposed.

Defining roles and responsibilities, also through the adoption of internal procedures and policies, makes it possible, among other things, to meet another requirement that is often underestimated by both Data Controllers and Processors and which concerns the “Records of processing activities”.

(iv) Monitoring – Introducing monitoring plans that take the form of continuous verification of the actions taken by the Data Controller to ensure compliance with the Data Protection Law, as well as the effective implementation and compliance with policies, procedures, organisational and security measures, is one of the tools aimed at ensuring full compliance with the so-called accountability principle that requires the Data Controller to proceed with the identification and management of risks relating to the processing operations carried out.

(v) Continuous updating processes – It is frequent to find Records adopted in order to comply with the GDPR but which are never reviewed and updated and which often no longer correspond to the actual reality to which they refer, which has changed and evolved in the meantime.

With respect to the aforementioned, since the entry into force of the GDPR, the Data Protection Law has certainly represented an interesting challenge for Europe, for the recipients of what is prescribed in the Regulation and for the subjects that it wants to protect. A challenge which, in view of a constantly evolving scenario, does not seem destined to end and which, although with common objectives, the legislators and the Authorities of each Member State will have to continue to meet.