CEE Legal Matters

Author: admin

  • Kosovo: Employee Rights in a Remote Work Context

    The COVID-19 pandemic accelerated the shift toward remote work globally, including in Kosovo. While this new way of working offers flexibility and convenience, it also exposes gaps in labor regulations. Kosovo’s Labor Law, like many others, was primarily designed for traditional in-office work environments and has yet to fully adapt to the nuances of remote work. Remote work context has brought to attention legal gaps in areas such as work hours, digital privacy, employer responsibilities, and employee rights.

    Kosovo’s Labor Law defines standard working hours as 40 hours per week, with provisions for rest breaks and overtime compensation. In a remote work context, enforcing these regulations becomes more complex. Employees working from home may find it difficult to separate their personal time from their professional duties, leading to the risk of overwork. While Kosovo’s Labor Law requires employers to track work hours and ensure overtime pay, there is little guidance on how this should be done in a remote setting, where the boundaries between work and personal life blur. Moreover, monitoring overtime in a remote context is challenging, as it may be unclear whether an employee voluntarily chooses to work extra hours or is implicitly required to do so. This lack of clarity can lead to potential violations of the right to rest and can increase the risk of employee burnout, highlighting the need for a more specific legal framework to govern work hours in remote settings.

    One of the major concerns for remote employees is the issue of digital privacy. Many employers, in an effort to ensure productivity and maintain security, use various tools to monitor their employees’ activities. However, Kosovo’s Labor Law does not currently have robust provisions addressing the privacy rights of employees working remotely. In an office setting, monitoring employee activities is typically subject to consent and legal limitations, ensuring that personal privacy is protected. In a remote work context, the line between professional and private life is thinner. Without clear legal protection, employees working from home may be subject to intrusive monitoring, such as the use of software that tracks their keyboard activity or even their webcam. A legal gap exists in the form of insufficient regulation over how much and what kind of surveillance is permissible in remote work environments, which could infringe upon the employee’s right to privacy.

    In traditional work settings, Kosovo’s Labor Law mandates employers to ensure a safe and healthy work environment. However, when employees work remotely, particularly from home, the question of who is responsible for ensuring a safe work environment becomes less clear. Employers may not have the same level of control over home office setups as they do in a company workspace. There is no explicit legal obligation under Kosovo’s Labor Law regarding an employer’s responsibility for the remote work environment. For example, if an employee sustains an injury while working from home due to improper equipment or poor ergonomics, it remains unclear whether the employer is liable. A legal gap exists in defining the extent to which employers are required to provide or compensate for necessary equipment, such as ergonomic chairs or adequate internet connections, to ensure a safe and efficient home-working environment.

    The so-called “right to disconnect,” which refers to an employee’s right to disengage from work outside agreed-upon hours, was pioneered by France’s El Khomri Law in 2017. This issue is particularly crucial in remote work contexts, where the boundaries between work time and personal time often become blurred. While Kosovo’s Labor Law provides general regulations on working hours and overtime, it does not specifically address the right to disconnect. In practice, remote employees may feel pressured to be available at all times, undermining their ability to maintain a healthy work-life balance. This highlights a legal gap respectively the need for specific legal requirements to protect employees from the burden of constant digital connectivity outside working hours.

    Remote work is reshaping the traditional employment relationship, but Kosovo’s Labor Law has not yet fully adapted to this shift. Key areas such as work hours, digital privacy, employer responsibilities, and the right to disconnect require a more specific legal framework to protect remote employees effectively. As remote work continues to grow, Kosovo must address these gaps to ensure that employees’ rights are upheld in this new working environment.

    By Ahmet Hasolli, Managing Partner, and Dardan Makolli, Legal Associate, Kalo & Associates Kosovo

    This article was originally published in Issue 11.10 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

  • Updates to Gambling Regulations in Ukraine

    The Ukrainian parliament recently adopted Law of Ukraine No. 4116-IX[1] to combat gambling addiction (ludomania) and to improve the state regulation of activities related to the organisation and conduct of gambling and lotteries. Most of the amendments will come into force on 1 April 2025.

    The main changes, inter alia, include:

    1. The abolition of the Commission for the Regulation of Gambling and Lotteries and the establishment of a new authorized body. 
    1. A significant expansion and detailing of applicable rules concerning the advertising of gambling, including:
      • a prohibition on using patriotic themes and topics related to the war with Russia, and on using volunteers and military personnel in advertising;
      • a prohibition on offering or providing a reimbursement of expenses for participation in gambling, and on the offering of free bonuses instead of placing a bet;
      • a prohibition on involving popular figures (except for athletes), and on mentioning the names or displaying the images of popular figures, characters from movies, television and animated films;
      • stricter requirements for sponsorship;
      • the application of advertising rules to announcements concerning charitable activities using the gambling organiser’s brand, and where mentioning gambling organisers or their brands as sponsors or partners.
    1. It is established that only Ukrainian resident legal entities that have obtained the necessary license are entitled to provide services for the supply and/or provision of software directly used in the organisation and conduct of gambling activities, including to gambling organisers and non-residents of Ukraine.
    2. Requirements for gambling organisers and gambling service providers have been amended.

    Regulations on accepting bets and paying out prizes have been detailed.

    [1] Law of Ukraine No. 4116-IX dated 4 December 2024 “On Amendments to Certain Legislative Acts of Ukraine to Combat Gambling Addiction (Ludomania) and to Improve the State Regulation of Activities Related to the Organisation and Conduct of Gambling and Lotteries”

    By Natalia Kirichenko, Partner, and Olena Stanishevska, Senior Associate, Kinstellar

  • Unauthorized Monitoring of Employees’ Email – A Case from Italian Practice

    This article analyzes the Decision of the Italian Data Protection Commissioner (“Commissioner“) No. 472 of July 17, 2024 (“Decision“), which concerns the monitoring of employees’ official computers and emails, and the protection of personal data in accordance with Italian regulations and the General Data Protection Regulation of the European Union, which was adopted on April 14, 2016, and came into force on May 25, 2018 (“GDPR”).

    Relevant Provisions of the GDPR

    Article 5 of the GDPR outlines the principles regarding the processing of personal data. Personal data must be:

    • Processed lawfully, fairly, and transparently in relation to the individuals whose data is being processed (lawfulness, fairness, and transparency principle);
    • Collected for specific, legitimate purposes and not further processed in a way that is incompatible with those purposes. Further processing for archiving in the public interest, for scientific or historical research, or statistical purposes is not considered incompatible with the initial purposes, according to Article 89(1) GDPR (purpose limitation principle);
    • Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (data minimization principle);
    • Accurate and, where necessary, kept up to date; all reasonable steps must be taken to ensure that inaccurate personal data is erased or rectified without delay (accuracy principle);
    • Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed. Personal data may be stored for longer if processed solely for archiving in the public interest, for scientific or historical research, or for statistical purposes, in accordance with Article 89(1) GDPR, provided that appropriate technical and organizational measures prescribed by GDPR are implemented to protect the rights and freedoms of the data subjects (storage limitation principle);
    • Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures (integrity and confidentiality principle).

    The data controller is responsible for, and must be able to demonstrate compliance with, paragraph 1 of this article (accountability principle).

    Thus, any processing that does not comply with the aforementioned principles of the GDPR is unlawful and constitutes a violation of individuals’ personal data.

    Factual Background

    On June 6, 2024, the Commissioner issued revised guidelines regarding the management of email at the workplace. These guidelines narrowed the strict requirements for data retention and processing, applying them only to email metadata and excluding the content of emails from their scope, thus reducing the employer’s obligations.

    A specific issue arose when a former employee claimed to the Commissioner that his former employer had accessed his business email account after his employment had terminated.

    The company admitted to using forensic tools to access backup copies of emails as part of an internal investigation into alleged illegal appropriation of business secrets. The emails were later used as evidence in legal proceedings. The company justified its actions by citing legitimate business interests and argued that it was in compliance with the privacy notice sent to the employee.

    Decision of the Commissioner

    In this case, the Commissioner issued a decision in which it found violations of several principles under Article 5 of the GDPR:

    • Data retention limitation and data minimization principles, as the company systematically created backup copies of emails during the employment period and retained them for up to three years after the employment terminated. The Commissioner considered this retention period to be too long and unsupported by clear and specific justifications.
    • Lawfulness, fairness, and transparency principles, as the company’s privacy notice did not provide key details, such as extended retention of backup copies and the possibility of accessing email content after the employment relationship terminated.
    • Purpose limitation principle, as although the company claimed the software was used for IT security and business continuity purposes, the Commissioner deemed its use exceeded these purposes, including the use of emails in legal proceedings.

    Finally, the Commissioner found that the employer’s actions were contrary to applicable Italian legislation on employee monitoring, which requires prior agreement with trade unions or approval from a relevant authority. In this context, the systematic retention of emails for an extended period was considered a form of indirect remote monitoring of employees’ activities.

    As a result, the Commissioner imposed a fine of EUR 80,000 on the company.

    Conclusion

    The Commissioner’s decision confirms that email monitoring must balance business interests with employees’ right to privacy, and such employer actions will be subject to stricter review by data protection authorities and courts.

    In this regard, the employer is required to inform employees about the processing of their data in accordance with the GDPR and to adhere to the GDPR’s provisions when processing this data.

    The implications of the decision are significant, as emails and their metadata are frequently used for internal investigations and to determine employee contract breaches and disciplinary accountability.

    This article is for informational purposes only and does not constitute legal advice. Should you require additional information, feel free to contact us.

    By Borinka Dobrnjac, Senior Associate, PR Legal 

  • Havel & Partners and Dentons Advise on Upvest and RSJ’s Investment in Centrum Cerny Most

    Havel & Partners has advised Komercni Banka’s Investment platform Upvest and the RSJ investment group on acquiring a 25% stake (with a call option of up to 49%) in Centrum Cerny Most from Unibail-Rodamco-Westfield. Dentons advised the sellers.

    According to Havel & Partners, Centrum Cerny Most is the owner and operator of the Centrum Cerny Most shopping center in Prague. The majority stake remains with Unibail-Rodamco-Westfield.

    According to Dentons, “the transaction was achieved at an implied offer price of EUR 553 million (at 100%). As part of the transaction, the asset has been financed with a green mortgage loan of up to EUR 268 million that will be partly used to finance the ongoing shopping mall extension.”

    The Havel & Partners team included Partners Petr Dohnal and Josef Zaloudek, Counsel David Smida, Managing Associates Josef Bouchal and Adam Karban, Senior Associate Patrik Chrast, and Junior Associates Dominika Hrebackova and Anna Gloserova.

    The Dentons team included the Czech Republic Co-Managing Partner Jiri Strzinek, Partners Marketa Tvrda and Ondrej Barton, Associates Samuel Bodik, Jan Sedlak, and Martin Supak, and Junior Associate Jan Mozol.

  • Lexist Advises Aydin Group on Sale of 5% Stake in TOM Financial Group to Dubai Islamic Bank

    Lexist has advised the Aydin Group on its sale of a 5% Stake in the TOM Financial Group to the Dubai Islamic Bank.

    The Dubai Islamic Bank is the largest participation bank by asset size in the United Arab Emirates, according to its own website.

    In 2024, Lexist advised Aydin Group on the sale of a 20% stake in TOM Financial Group companies to Dubai Islamic Bank (as reported by CEE Legal Matters on January 8, 2024). The latest 5% stake acquisition, according to Lexist, is a consequence of the “Dubai Islamic Bank exercising its call option to increase its shareholding from 20% to 25%.”

    The Lexist team included Partner Murat Erbilen, Counsel Duygu Ozturk Dincer, and Associate Ulas Candan.

  • Dalma Ordogh Joins KPMG Legal as Director

    Dalma Ordogh has joined KPMG Legal Hungary as a Director.

    According to KPMG Legal, Ordogh will strengthen the team in the field of banking, financial, and restructuring legal services. 

    Before the move, Ordogh was with Kinstellar as a Senior Associate between 2008 and 2015 and as Of Counsel between 2016 and 2025. Earlier, she was with Linklaters as a Junior Associate between 2000 and 2002, as an Associate between 2002 and 2007, and as a Senior Associate between 2007 and 2008. Earlier, she was a Junior Associate with CMS between 1998 and 2000.

  • Bernitsas Advises Georgoudis on Partnership with Aceitunas Guadalquivir

    Bernitsas has advised Georgoudis Parthenon on its partnership with the Aceitunas Guadalquivir Olives Group, backed by Alantra Private Equity.

    Georgoudis Parthenon is a third-generation Greek producer and exporter of olives and Mediterranean food products.

    Founded over 50 years ago, the AG Olives Group is a Spain-based company operating in the olive sector. 

    According to Bernitsas, through this arrangement, AG acquires a stake in Georgoudis, aimed at enhancing the Greek company’s international expansion.

    The Bernitsas team included Partners Maria Nefeli Bernitsa, Lambros Belessis, and Fotodotis Malamas, Counsel Anastasia Mallerou, and Junior Associate Marinos Shiapanis.

    Bernitsas did not respond to our inquiry on the matter.

  • Greenberg Traurig Advises Cornerstone Investment Management on Redevelopment of V-Tower in Warsaw

    Greenberg Traurig has advised Cornerstone Investment Management on the redevelopment of the V-Tower in Warsaw, with Atlas Ward as the contractor.

    According to Greenberg Traurig, “V-Tower is the iconic office building formerly known as the Warta Tower, which was acquired from Globalworth in 2023. Completion of the refurbishment, which will focus on the implementation of a revamped ESG strategy, is scheduled for 2025.”

    The Greenberg Traurig team included Senior Associate Maciej Roman.

  • D&B David and Baias Advises FAN Courier on 60% Stake Acquisition in Marian’s Trading

    PwC’s Romanian affiliate D&B David and Baias has advised the FAN Courier shareholders on the acquisition of a 60% stake in Marian’s Trading, a customs brokerage company.

    The transaction remains contingent on regulatory approval.

    FAN Courier is a shipping company.

    The D&B David and Baias team included Partners Anda Rojanschi and Lucian Bozian, Counsel Romana Petre, Managing Associates Alice Spridon, Georgiana Balan, and Daniel Vinerean, Senior Associate Andreea Toncu, Associates Nicoleta-Georgiana Potop, Andreea Voicu, and Irina-Maria Neagu, and Lawyer Cristina Bostean-Olariu.

    D&B David and Baias did not respond to our inquiry on the matter.

  • Aksan Advises on Establishment of Entertech Birinci Venture Capital Investment Fund

    Aksan has advised Yapi Kredi Portfoy Yonetimi and Istanbul Teknokent on establishing a new venture capital investment fund, Yapi Kredi Portfoy Yonetimi Entertech Birinci Girisim Sermayesi Yatirim Fonu.

    According to Aksan, the fund aims to support R&D-focused entrepreneurs and academics, transforming innovation outputs into commercially sustainable products, methods, or services.

    The Aksan team included Partner Sevki Ozgur Altindas and Senior Managing Attorney at Law Oyku Okyay Unsal.

    Aksan did not respond to our inquiry on the matter.