DATA4'S MISSION
DATA4 creates Smart & Scalable digital facilities for our customers. Our network of highly connected, resilient and sustainable data center campuses underpins our customers' digital growth in Europe.
DATA4 Group finances, designs, constructs and operates its own data centers. Delivered through our data center campus model, we provide our customers with secure, scalable and high-performance data hosting solutions.
DATA4 VALUES
At DATA4 we are driven by our values. These are the core of everything we do – from the proactivity we show in delivering great outcomes for our clients, to the responsibility we show as a key contributor to the digital economy. Our three values are:
* To be entrepreneurial – we are teams of doers who make things happen - with autonomy, energy and a sense of responsibility
* To always take responsibility – for our impact on the people we work with, the society we are part of, and the environment in which we operate
* To constantly be adaptable – our business is designed to adapt, answering not only today's challenges, but also anticipating what's coming next.
ABOUT THE ROLE
Based in our Italian office in Cornaredo (Milan), the Senior Legal Counsel Compliance acts as the local compliance lead and the primary bridge between the Italian subsidiaries (existing and future) and Group Headquarters. You will ensure that the Group's global ethics strategy is seamlessly integrated with the complex Italian regulatory requirements. You will be responsible for the \"living\" nature of the 231 Model and for fostering an impeccable culture of integrity across all local operations.
RESPONSIBILITIES
Italian Compliance Leadership (Decree 231/01)
* Model 231 Governance: Lead the implementation, maintenance, and periodic updating of the Modello di Organizzazione, Gestione e Controllo (Model 231) to prevent corporate criminal liability.
* Organismo di Vigilanza (OdV): Act as the primary legal support for the Italian Supervisory Body, ensuring all reporting obligations and flows of information are meticulously managed.
* Local Risk Mapping: Conduct granular risk assessments focused on \"reati presupposto\" (predicate offenses), specifically tailored to the Italian business landscape, update of the local risk maps in light of ABC Program principles.
* Ensure all new Italian companies are compliant with the applicable legislation.
Integrated Risk Management (81/08 & 24/23)
* Health & Safety (Decree 81/08): Monitor the compliance of the Health & Safety framework as a core component of the 231 Model to prevent unintentional offenses related to workplace safety.
* Whistleblowing (Decree 24/23): Ensure the Italian reporting channels are legally compliant with local specificities (Decree 24/2023), coordinating with the Group to ensure the protection of whistleblowers and adherence to local investigation protocols.
* Regular update of the ABC Program policies (whistleblowing policy etc.) in compliance with local legislation.
* Development: ensure full local compliance of development activities with the ABC Program.
* Patronage and Sponsorship: management of the local requests, audit on NAVEX.
* Procurement: support to internal customers in the context of tenders and the implementation of the procurement policies.
* DOA: ensure compliance of the existing DOA with the applicable local legislation, collaboration with the corporate legal counsel to update the local DOA.
Contractual Compliance & ABC Review on CLM Juro (Local & Group)
* ABC Clauses: Review and negotiate Anti-Bribery and Corruption (ABC) clauses in all local and cross-border commercial contracts to safeguard the Group.
* GDPR Clauses: Review and negotiate GDPR clauses in all local and cross-border commercial contracts to safeguard the Group.
* Contractual Audits: Ensure that all Italian vendors and partners sign off on the Group's Compliance Annexes and Code of Ethics.
Third-Party Due Diligence & NAVEX
* NAVEX Expert: Serve as the local \"Power User\" for NAVEX tools (RiskRate) to automate third-party screening and policy management.
* KYC/KYS Oversight: Perform due diligence on Italian partners, analyzing screening results (Sanctions, PEPs) and providing risk-based recommendations.
* Training, monitoring, audits & reporting
* Training: Ensure a \"compliance culture\" at local level.
* Internal Audits: Execute regular compliance audits of Italian operations to ensure adherence to Group BP5 procedures.
* Reporting: Prepare monthly or quarterly compliance status reports for the Compliance Legal Manager, Group Legal Director and the Italian Board of Directors.
Data Privacy & GDPR (Local & Group)
* DPA Liaison: Act as the main point of contact for the Italian Garante per la protezione dei dati personali and support the Group Data Protection point of contact/DPO in French CNIL matters or other applicable EU data protection authorities involved.
* Privacy Operations: Ensure all local processing activities, marketing initiatives, and HR data flows are compliant with GDPR and the Italian Codice della Privacy.
* DPIA & ROPA: Maintain the Record of Processing Activities for the Italian scope and perform impact assessments for local projects, regular updates of ROPA, perform internal audits.
RESPONSIBILITES IN TERMS OF IMS CERTIFICATIONS
Respect and enforce certification policies in terms of:
* H&S: Respect and enforce health and safety rules.
* Environment: Respect and enforce environmental policies.
* Information security: Respect and enforce information security policies
* Energy: Respect and enforce the policy of reducing energy consumption.
REQUIREMENTS
* Experience: years of experience in Compliance or Legal, with a significant portion spent in a multinational company based in Italy or a top-tier Italian law firm.
* Legal Expertise: Expert knowledge of Italian Legislative Decree 231/01, knowledge of GDPR is a plus. Strong command of French Sapin II is highly desirable.
* Advanced proficiency in NAVEX or similar compliance platforms.
* Strong team player, clear sense of prioritization, collective-interest driven, and solution-oriented.
* Bilingual environment: Native/Fluent in Italian, and full professional proficiency in English.
Location
Cornaredo, Lombardy
Department
Legal
Employment Type
Full-time
Minimum Experience
Experienced