Introduction

The integration of digital technologies into the workplace has substantially altered the boundaries between employees’ professional activities and their private lives. In this context, an employer’s ability to monitor the use of a work computer raises critical issues of lawfulness from the perspective of personal data protection. In particular, questions arise regarding the scope of employees’ reasonable expectation of privacy in the workplace and the conditions under which the employer’s processing of their data may be considered lawful. Within this framework, legitimate concerns emerge that directly affect employees, such as whether the employer may monitor the use of a work computer, gain access to files stored on it, or even review their electronic communications in the course of performing their duties.

The Protection of Employees’ Privacy within the Employment Context

At the outset, it should be emphasized that the collection and processing of employees’ personal data, even where intended to ensure the proper functioning of the undertaking, to fulfil the purposes of the employment contract and the employment relationship itself, and to serve the employer’s freedom to conduct a business, cannot take place without oversight and limitations. Employees retain a legitimate and reasonable expectation of protection of their private life even while present in the workplace. This expectation cannot be diminished or restricted merely because the employee uses equipment, communication devices, or other professional facilities and infrastructure belonging to the employer.

In contemporary working conditions, the boundaries between professional and private life are becoming increasingly blurred. In particular, the possibility of remote work and the use of devices or technologies owned by the employee further erode these boundaries, while simultaneously increasing the flow of employees’ personal data to which employers or even third parties may have access. The European Court of Human Rights (ECtHR), in its interpretation of Article 8(1) of the European Convention on Human Rights (ECHR), has consistently held that the concept of “private life” should not be interpreted narrowly or restrictively^[1]. More specifically, it has recognized that there is no justification for excluding professional activities from the scope of protection afforded to private life. Furthermore, in its relevant case law, the Court has interpreted the notion of “home” under Article 8 ECHR as also encompassing professional premises—that is, the workplace itself—irrespective of the ownership status of the premises or the legality of the activities carried out therein.

Accordingly, employees do not forfeit their right to the protection of their private life and personal data upon “entering” the workplace. On the contrary, they retain a reasonable expectation of a certain degree of privacy within the working environment, particularly given that a significant part of their social and interpersonal relationships develops there. It is important to underline, however, that although employees enjoy a legitimate and reasonable expectation of privacy even within the framework of their professional activities, this right must be balanced, on the one hand, against the employer’s right to protect the undertaking from actions by employees that may jeopardize its reputation and overall proper functioning and, on the other hand, against the purpose and function of the employment contract, which must be duly performed.

Monitoring and Access to the Computer Used by the Employee in the Performance of Their Duties

The use of computers and internet access constitutes a fundamental and integral element of contemporary working life. However, it is frequently observed that employees also make use of internet access during working hours for personal purposes, such as browsing websites unrelated to their professional duties or storing personal files on the hard drive of a work-issued computer. The monitoring and recording of employees’ activity, as well as the employer’s access to personal data stored and maintained on the computer used by the

employee for the performance of their professional duties, constitute processing within the meaning of the GDPR (Regulation (EU) 2016/679)^[2].

Accordingly, for such processing of employees’ data by the employer to be considered lawful, the requirements set out in Articles 5 and 6 GDPR must be satisfied. In particular, monitoring and access to personal files stored on the devices used by employees in the provision of their services—activities which qualify as processing of personal data—must be based on one of the legal bases exhaustively provided for in Article 6 GDPR, and must cumulatively comply with the general principles governing lawful processing under Article 5 GDPR (namely, the principles of lawfulness, fairness and transparency; purpose limitation; data minimization; proportionality and necessity; accuracy; and integrity and confidentiality).

Furthermore, pursuant to Article 13 GDPR, the employer, acting as data controller, is under obligation to provide employees with clear and comprehensive prior information regarding the introduction and use of monitoring and surveillance measures relating to their activities^[3]. According to the Article 29 Working Party^[4], employees must be informed in advance about the monitoring of their work-related activities, the purposes of the processing of their data, and any other information necessary to ensure fair and lawful processing. In addition, employees should not only receive prior notification but should also be provided with an intelligible, clear and precise statement of the relevant monitoring policies and procedures.

It should also be noted that where monitoring of employees’ electronic activity is carried out through the use of artificial intelligence, for example, through AI applications intended to assess employee performance, the lawfulness of such processing must also be examined in light of the provisions of Regulation (EU) 2024/1689 (the AI Act).

You can read the article on Lexology here: Employee Digital Monitoring and Data Privacy: Where Does the Employer’s Authority End? – Lexology

The full article is also available here: ROKAS_Lexology_ Employee Digital Monitoring and Data Privacy

The post Employee Digital Monitoring and Data Privacy: Where Does the Employer’s Authority End? appeared first on Rokas Law Firm.

Overview

The Directive (EU) 2023/2225, which has replaced Directive 2008/48/EC on consumer credit, innovates with highly consumer protection provisions that promote responsible lending in the financial world as aligned with the new digital era. The Directive at hand, which is yet to be transposed into Greek law, with a penalty pending against our country from European Commission for the late implementation, marks a significant transformation in the European Union’s legal framework governing consumer credit agreements. While the previous directive was designed primarily for traditional credit products offered by banks and financial institutions, the new one responds to the rapid digitalization of financial services, the emergence of fintech actors, and the proliferation of innovative credit models such as Buy Now Pay Later (BNPL). As such, it represents a comprehensive modernization of consumer credit regulation, with a strong emphasis on consumer protection, transparency, and responsible lending.

Expanded Scope: Closing the Regulatory Gaps of the former regime

Directive (EU) 2023/2225 has markedly expanded its scope. Under the earlier framework, certain credit agreements—particularly low-value loans and short-term, interest-free arrangements—fell outside full regulation or were only partly covered. Therefore, this created regulatory gaps that were increasingly exploited by new market actors. The new directive, on the other hand, addresses these shortcomings by extending its application to a much broader range of credit products, including low-value loans and BNPL schemes, thereby ensuring that consumers benefit from regulatory protection regardless of the form or size of the credit they obtain. This expansion effectively closes loopholes and ensures a more level playing field across the internal market.

Lending through digital and online credit environments

Closely linked to this broader scope is the directive’s explicit recognition of digital and online credit environments. Unlike its predecessor, Directive (EU) 2023/2225 incorporates detailed provisions on distance and digital contracting, acknowledging that consumer credit is now frequently offered and concluded via online platforms and mobile applications. In this context, the directive also introduces safeguards related to automated decision-making, including the use of algorithms and artificial intelligence in creditworthiness assessments. Creditors are required to ensure transparency in such processes and to avoid discriminatory or opaque practices, thereby aligning consumer credit law with broader EU digital and data protection principles (see GDPR & AI Act).

Pre-Contractual Information and Transparency

Another cornerstone of the new directive is the strengthening of pre-contractual information requirements. While Directive 2008/48/EC already mandated the provision of standardized information, the new framework enhances both the content and the clarity of such disclosures. Creditors must provide detailed, comprehensible, and standardized information on key elements such as the total cost of credit, the annual percentage rate of charge (APR), the duration of the agreement, and repayment conditions, with the newly hereby provided option for early repayment included. The objective is not only formal compliance but also the effective understanding by consumers, enabling them to make informed comparisons between different credit offers.

You can read the article on Lexology here: Directive (EU) 2023/2225 on Consumer Credit: A Comprehensive Overhaul for the Digital Era – Lexology

The post Directive (EU) 2023/2225 on Consumer Credit: A Comprehensive Overhaul for the Digital Era appeared first on Rokas Law Firm.

Alongside the new General Product Safety Regulation (GPSR) which was adopted on 13 December 2024 and the increasing relevance of the EU collective redress framework (EU class action) established by the Representative Actions Directive, the adoption of the new EU Product Liability Directive 2024/2853 (PLD) on 23 October 2024, represents a significant development in the field of consumer redress. This new instrument will replace the existing Product Liability Directive 85/374/EEC, which has regulated product liability for nearly 40 years ago.

Beside the issue of general product safety and liability, the question of legal responsibility for damage caused by artificial intelligence (AI) systems has been widely introduced in legal scholarship. Initially, the European Union sought to address the issue of liability for damage caused by artificial intelligence (AI) through two complementary legislative instruments proposed in 2022: the revised (EU) Product Liability Directive 2024/2853 (PLD) and the AI Liability Directive (AILD), the latter intended to complement the regulatory framework established by the AI Act .

However, the landscape changed on 11 February 2025 when the Commission published its 2025 work programme and revealed the likely withdrawal of the Proposal for an Artificial Intelligence Liability Directive (‘AILD proposal’), citing “no foreseeable agreement” among Member States and evoking  mixed reactions in the European Parliament: some welcoming the withdrawal considering the proposal “unnecessary and premature”, while others continued to support the harmonization of AI Liability, partially on the basis of AI FOMO (fear of missing out). Following the withdrawal of the AI Liability Directive and the adoption of the revised Product Liability Directive in October 2024, the revised PLD has become the principal legal instrument through which EU Member States may regulate liability from defective products—including AI-based systems—which cause harm to consumers or other natural persons (Articles 1(2), 5 and 7 PLD). The PLD, which is required to be implemented into domestic legal order of Member States by 9 December 2026 according to Article 21 since the 1985 Directive is repealed with effect from 9^th of December 2026, broadens the notion of a “product” to expressly include software and AI systems (Article 4 (1) PLD), thereby extending the strict liability regime to damage caused by such technologies.

From a structural and doctrinal point of view, the revised PLD introduces significant conceptual and procedural changes, which can be organized into four categories: a) The scope of application, b) the elements of liability the claimants must prove, 3) the exemptions from liability /available defences and d) procedural provisions addressing evidence disclosure and evidentiary presumptions. On this basis, the revised PLD modifies the conceptual understanding of “strict product liability” by introducing mechanisms to deal effectively with the ‘evidentiary asymmetry’ and ease the claimant’s burden of proof. The earlier framework under 1985 Directive structured on two pillars: a defect-based liability and limited defences[1]. Hence, a) the manufacturer had to ensure that the product was safe and did not cause harm, rather than merely exercising due care to make it safe and b) the product liability regime of the 1985 Directive predetermined the defenses available to the defendant, so that liability could be avoided only in clearly defined and exceptional circumstances[2]

The concept of product liability under the revised PLD maintains the two original pillars of a “no fault” strict liability and a narrow scope of available defences, however, it introduces an additional feature, or a third pillar: a set of procedural rules designed to assist claimants in proving their claims[3].

1. The two stages of “product liability” on the EU legislation

The adoption of the revised PLD 2024/2853 is considered as an important evolution of EU product liability law, because it provides an homogenous framework which invites reconsideration within EU Law of the concepts of “product liability” and  “harm caused by defective products”, including products incorporating AI technologies, whilst it updates the legal framework to address challenges posed by digital adaption and transformation (digitalization), software-driven products and complex technological systems. On the other hand, the Directive is a highly detailed legislative instrument that employs specialised terminology and numerous “lex specialis” provisions, features which may complicate its interpretation and practical application.

Product liability is typically described as “no fault” liability for a damage caused by defective products, which is a form of strict liability applicable when damage results from defective products[4]. However, the traditional definition offers only a limited explanation, because it focuses mainly on the absence of fault and on the circumstances in which this kind of liability applies, rather than the structural characteristics of the product. In the European Union, product liability is primarily defined and evolved through legislation, rather than judicial development, in two basic stages. The first stage extends from the adoption of the original Product Liability Directive in 1985 until its replacement in 2024, as a response to major industrial accidents and the growing recognition that traditional fault-based liability rules were inadequate for addressing risks associated with mass-produced goods[5]. The second stage begins with the adoption of the revised Directive in 2024, a reform motivated largely by concerns, that the earlier framework could not adequately regulate modern technological developments and products incorporating digital technologies, particularly digital products and AI systems[6]

2. Scope of Application

An important factor in determining whether the Directive applies to a particular dispute when damage occurs is to examine its scope of application, since the product liability regime of the revised PLD provides, in general, favourable conditions for claimants and defendants have strong reasons to argue whether a case falls within its boundaries. To this direction, three main questions determine applicability: what is a product, who is entitled to claim compensation, and who will be held liable.

1. Definition of Product. The Directive adopts a broad definition in Article 4(1) defining as products “all movables, even if integrated into, or interconnected with, another movable or an immovable; it includes electricity, digital manufacturing files, raw materials, and software”. Unlike the earlier framework, which primarily concerned tangible goods, the revised Directive explicitly includes software and digital technologies in contemporary products. Even if the main text of the revised Directive does not define software, Directive’s Recitals provide a non-exhaustive list, including operating systems, computers programs applications and AI systems (Recital 13 of PLD). This expansion, however, is subject to certain limitations, i.e. free and open-source software distributed outside commercial activities is excluded (Article 2(2) and Recital 14). Similarly, purely informational digital content does not qualify as a product. The Directive also extends the concept of product to certain services that are closely connected to product functionality. Such services fall within the scope only when they are integrated into the product and directly influence its safety. Examples include safety-related software updates, navigation systems, or health-monitoring features (Article 4 (3) and 4 (2) of PLD and Recital 17[7]. In this respect, the clarification provided by the Krone‑Verlag (Case C‑65/20) by the Court of Justice of the EU remains relevant, beyond the revision of the Directive: damage caused solely by inaccurate information contained in a medium, such as a newspaper, does not render that medium a defective product within the meaning of the PLD (Case C-65/20 VI v KRONE-Verlag GmbH & Co KG [2021] ECLI:EU:C:2021:471, para 42)
2. Persons Entitled to Claim. The Directive grants standing primarily to natural persons, who suffer damage caused by defective products (Article 5(1) PLD). Although this formally includes all individuals, the framework retains a strong consumer protection orientation, since the notion of product liability has been traditionally understood and oriented as a consumer protection regime. A strong argument in favour of this observation is provided by the provision of Article 6 of PLD which clarifies that certain categories of compensable harm remain limited to non-professional or not exclusively professional use. Compensation for health-related harm is broadly available, whereas claims concerning property or data are more limited when such assets are used exclusively for professional purposes. In conclusion, while the Directive extends protection to all natural persons in relation to damage to health, it provides a narrower protection for those acting in a professional capacity, where the damage concerns property or data. In that sense, the revised Directive formally protects all natural persons but offers stronger protection to consumers. Finally, it shall be also noted that the revised PLD includes persons who have inherited the right to compensation or to whom it has been subrogated, as well as persons acting on behalf of one or more injured persons (Article 5 (2) of PLD).
3. The system of potential liable persons & the Economic Operators. The revised Directive’s ratio legis is based on the principle that those harmed by defective products have a realistic chance of obtaining compensation, even when the manufacturer, as the primary responsible party, cannot be reached.

A claimant seeking compensation according to Article 5 of the revised PLD is not entitled to act against anyone who is involved with the defective product, because only the persons explicitly included in the Directive may be held liable. In addition, liability under the revised PLD may extend to several persons within the product supply chain, collectively referred to as economic operators (Article 4 (15) PLD). These include manufacturers, importers, authorised representatives, fulfilment service providers, distributors, and in certain cases online platforms. We observe that the revised Directive establishes a hierarchical chain of liability, meaning that it is introduced a sequential order in which potential defendants may be sued. Manufacturers normally constitute the primary defendants. However, when the manufacturer cannot be identified or is located outside the European Union, liability may extend to other actors involved in placing the product on the market.

Overall, the liability framework is structured in four tiers. The 1st tier consists of” manufacturers”, a concept that the Directive defines broadly and which encompasses the “real manufacturers”, namely those who actually produce the product, including instances where the product is manufactured for their own use (Article 4(10)(a) and (c)) and the “manufacturers by labelling” that is, parties that have a product manufactured by another entity but place it on the market under their own name, trademark, or other distinguishing sign (Article 4(10)(b)). Although these two categories reflect different degrees of control over the design and production process, the Directive does not require claimants to identify or pursue the “real manufacturer” before bringing an action against a “manufacturer by labelling”, an interpretation confirmed by the Court of Justice of the EU in Case C-264/21 Fennia v Philips (coffee machine)[8] and it continues to be relevant following the revision of the Directive[9].

When the manufacturer is not established or cannot be identified within the EU (Article 8(3) of PLD), the Directive allows the claimant to pursue other economic operators (2nd tier) in the supply chain, on the basis of  “risk – benefit” or “risk – profit” justification of liability, such as importers, authorized representatives, fulfilment service providers, and distributors. Each one of the mentioned above operators can contribute to the process by which unsafe products reach consumers through import, handling, storage or sale, whilst they can make economic profit from placing unsafe products in the market[10]. The 3rd tier operators are fulfilment service providers27—those who handle key logistics tasks such as warehousing, packaging, shipping products (Article 8(1)(c) of PLD) because of their role in enabling product placement procedures aiming to ensure safety (Article 4 (13) of PLD). The Directive defines fulfilment service provider as “any natural or legal person offering, in the course of a commercial activity, at least two of the following services: warehousing, packaging, addressing and dispatching of a product, without having ownership of that product”. This definition excludes postal services (art. 2(1) of Directive 97/67/EC), parcel delivery services (art. 2(2) of Regulation (EU) 2018/644), and other postal or freight transport services.

Because of their soft power to decide which (safe or unsafe) products to distribute or host on their platforms and reach consumers, while they benefit from this activity, in the operators of the 4^th tier are included distributors and online platforms. Online platforms can be held liable only if the criteria in Article 6 (3) of the Digital Services Act are met, that is, where the platform actively presents the product or otherwise enables the specific transaction, see Article 8(3) and (4) of PLD). Hence, in this tier included persons, who serve as last resort defendants, liable only when the claimant cannot identify a higher – tier operator, because they control a product’s initial entry into the EU market.

In conclusion, the above structure reflects the Directive’s aim of ensuring that victims have a realistic opportunity to obtain compensation[11].

[1] I. Rokas, Die Umsetzung der Produkthaftungsrichtlinie der EG, Das Beispiel Griechenland, Versicherungsrecht, 1989, Heft 13, II.2.

[2] Th. Verheyen, ‘Modern Theories of Product Warnings and European Product Liability Law’, Utrecht Law Review, 2019, Vol. 15 (3), no. 1 -2, p. 44-46. doi:10.36633/ulr.541, Cees van Dam, European Tort Law, Oxford UP, 2nd ed, 2013, Part II, Strict Liability, par. 1003-3, 301, I. Rokas, Die Umsetzungder Produkthaftungsrichtlinie der EG.. Versicherungsrecht, 1989, Heft 13, ΙΙ.1.a–b, H. Taschner, Produkthaftung: Richtlinie des Rates vom 25. Juli 1985 zur Angleichung der Rechts- und Verwaltungsvorschriften der Mitgliedstaaten über die Haftung für fehlerhafte Produkte (85/374/EWG) (1986), pp. 66–67, Case C-300/95, Commission v United Kingdom, ECLI:EU:C:1997:255, para. 24.

[3] D. Rimkutė, ‘The New EU Product Liability Directive: Doctrinal Analysis’, 8(Spec), (2025) Access to Justice in Eastern Europe, no. 3, p 76, Fr. Parisi & G. Frezza, Burdens of Proof in Establishing Negligence: A Comparative Law and Economics Analysis, Italian Law Journal 2023/Vol. 9, p. 77, II, p.78.

[4] El. van Gool, Product Liability in a More Circular Economy: A Study of Liability for Alternative Methods of Distributing and Producing Consumer Goods. Law. Université de Lille; Katholieke Universiteit Leuven, 2024, D. Rimkutė, ‘The New EU Product Liability Directive: Doctrinal Analysis’, 8(Spec), (2025) Access to Justice in Eastern Europe, no. 3, p 77.

[5] D. Wuyts, ‘The Product Liability Directive – More than Two Decades of Defective Products in Europe’ (2014) 5(1) Journal of European Tort Law 1. doi:10.1515/jetl-2014-0001.

[6] Digital Technologies and the Law of Obligations, ed. Zvonimir Slakoper & Ivan Tot, Routhledge 2022, esp. no. 1 ‘Contract and Tort Law in the Digital Age’, para. 2, 2.2 – 2.3, pp. 7 -9 and No 6 ‘Liability for AI’ by Nasir Muftic, para. 2.2, pp 98 ff, Seb. Lohsse et al., ‘Liability for Artificial Intelligence’ in Sebastian Lohsse, Reiner Schulze and Dirk Staudenmayer (eds), Liability for Artificial Intelligence and the Internet of Things (Nomos 2019) 9. doi:10.5771/9783845294797-9.

[7] G. Wagner, ‘Next Generation EU Product Liability – For Digital and Other Products’ Journal of European Tort Law 2024, Vol. 15 (2), pp. 185-6. doi:10.1515/jetl-2024-0011)

[8] Case C-264/21 Keskinäinen Vakuutusyhtiö Fennia v Koninklijke Philips NV [2022] ECLI:EU:C: 2022: 536, para 35 -36.

[9] See Case C-157/23 Ford Italia SpA v ZP Stracciari SpA, 18.4.2024 & Case C/2025/1062/24.2.2025).

[10] See M. Cappelletti, Justifying Strict Liability: A comparative analysis in Legal Reasoning, OUP 2022, Ch. 3.2, The risk-based justification of Strict Liability, pp 73-75.

[11] D. Rimkutė, ‘The New EU Product Liability Directive: Doctrinal Analysis’, 8(Spec), (2025) Access to Justice in Eastern Europe, no. 3, pp 82 -83.

You can read the full article here: The modernization of the product liability rules in the revised EU Product Liability Directive 20242853

The post The modernization of the product liability rules in the revised EU Product Liability Directive 2024/2853 appeared first on Rokas Law Firm.

1. Legislative background and scope of article 198A

Article 178 of Law 5259/2025, published in the Government Gazette on 12.12.2025, added Article 198A to Law 4738/2020 (Debt Settlement and Provision of a Second Chance and Other Provisions, otherwise the “Bankruptcy Code” or, in contrast to the previous regime, the “Insolvency Code”), which concerns the regulation of certain criminal implications of bankruptcy proceedings.

The above Article is a specific arrangement, according to which the suspension, as a matter of principle, and the extinction of criminal liability in cases of bankruptcy are provided for with regard to criminal prosecutions for the offences of Article 25 of Law 1882/1990 (debts to the State) and paragraphs 1, 2 and 7 of Article 1 of Compulsory Law 86/1967 (debts to social security institutions – EFKA). The adoption of Article 198A is deemed necessary on legal-policy grounds, since it has already been held by the Supreme Court that the discharge of the debtor, when the conditions of Articles 192 to 195 are met, does not entail the criminal absolution.

This regulation has substantive and procedural law implications, while at the same time it extends to the execution of sentences that have already been imposed and covers sentences that are being served or are about to be served. Therefore, it constitutes an exception which, in fact, concerns a limited and exclusive number of criminal offences.

2. Mechanism of suspension and extinction of criminal liabilit

In particular, the mechanism for protecting the debtor against criminal proceedings for the offences referred to in Article 198A unfolds in successive stages, which are directly linked to distinct milestones in the bankruptcy proceedings, each with different legal consequences. With the publication of the bankruptcy decision or the registration of the debtor in the Electronic Solvency Register in the event of lack of estate, the criminal prosecution is suspended and the execution of any penalty imposed is suspended. Subsequently, if the debtor is discharged after one (1) or three (3) years respectively, criminal liability is extinguished, while any serving of the sentence is interrupted with res judicata force. As a counterbalance to the above, an equally timed suspension and extension of the statute of limitations period by one (1) additional year is explicitly provided.

 3. Relation to the reorganization procedure and legislative inconsistencies

The possibility of suspending and ultimately extinguishing criminal liability for the relevant offences is not without precedent in the existing provisions of the Insolvency Code. Already in the context of the reorganization procedure, and in accordance with Articles 60 and 61 of the Insolvency Code, it was expressly stated that criminal prosecutions for the above offences are suspended and subsequently extinguished. However, in the above reorganization process, the protection of the debtor also includes the offence of issuing a dishonored cheque (Article 79 of Law 5960/1933), an option which is absent from Article 198A. With Articles 60 and 61 and with the newly established Article 198A of the Insolvency Code, the principle of autonomy between civil and criminal liability for bankruptcy debts is bent. However, there do not appear to be any apparent reasons justifying the exclusion of the offence of issuing a dishonored cheque.

4. Persistence of criminalization of civil debts

With the enactment of Article 198A, the question resurfaces of the rationale underlying the persistence in the criminal prosecution of private debts covered by insolvency proceedings. Apart from the above, there are still existing and universally applicable legal provisions for the criminal prosecution of civil debts, such as non-payment of wages (Article 156 of Presidential Decree 62/2025) and Article 1 of Legislative Decree 3424/1955 “on the liability of buyers of agricultural products”, which often arise in bankruptcy and reorganization proceedings and are not affected in any way or included in any exceptional provisions that lead to criminal relief. In such cases, the debtor, in the position of the defendant, must rely on general principles of criminal law, such as lack of culpability, state of necessity or invoking the status of bankruptcy among other mitigating circumstances. Whether this legislative approach coheres with the “second chance” principle or complies with the doctrine of proportionality is a matter to be tested in practice.

You can read the article on Lexology here:

“Criminal liability and the “Second Chance” Principle: Discharge from criminal liability and article 198A of the Insolvency Code” – Lexology

The post “Criminal liability and the “Second Chance” Principle: Discharge from criminal liability and article 198A of the Insolvency Code” appeared first on Rokas Law Firm.

 e-Sick Leave system effective 1 January 2026

As of the date of commencement of the Law on the Exchange of Data, Documents and Notifications in Cases of Temporary Incapacity for Work, implemented through the software solution “e-Sick Leave – Employer” (Official Gazette of the Republic of Serbia, No. 109/2025, “Law”), i.e. as of 1 January 2026, a new, fully digitalized procedure for the exchange of data relating to employees’ temporary incapacity for work is introduced.

With the entry into force of this Law, Article 103 and Article 179 paragraph 3 item 2) of the Labour Law cease to apply, insofar as they relate to the obligation of the insured person to notify the employer of the medical commission’s assessment of temporary incapacity for work. As a result, the previous obligation of employees to submit notifications, certificates, or other documents related to the medical commission’s decision on sick leave is abolished.

In practice, this means that all data concerning temporary incapacity for work—including the commencement of sick leave, its duration, extensions, and termination—will be exchanged exclusively in electronic form, through the centralized information system e-Sick Leave. Employers will receive all relevant information directly via the software solution, without additional involvement of employees and without the exchange of paper documentation.

The new legal framework applies to employees, as well as to persons who are engaged in work, on duty, or performing services for an employer, in accordance with Article 2 paragraph 1 of the Law. In this way, a broad category of work-engaged persons is covered, ensuring uniform application of the rules in practice.

Practical implications for employers

The introduction of the e-Sick Leave system significantly alters the practical allocation of responsibilities between employees and employers. While employees are required only to initiate the medical examination process, all subsequent communication and data exchange are conducted electronically between healthcare institutions, competent authorities, and employers.

From an employer’s perspective, the centralized system enhances legal certainty, as data received through the platform constitutes official information and reduces the risk of delays, inconsistencies, or incomplete documentation. At the same time, employers are expected to actively monitor the system and promptly act upon changes recorded therein, particularly with respect to the start, extension, or termination of sick leave.

Although the new framework reduces administrative burdens, its effective implementation will largely depend on employers’ internal organization, including the designation of responsible HR or payroll personnel and timely familiarization with the technical operation of the e-Sick Leave – Employer system.

Employers are therefore advised to review and align their internal procedures, employment policies, and HR practices with the new digital regime ahead of 1 January 2026, in order to ensure compliance and avoid operational disruptions.

The post Serbia introduces mandatory e-Sick Leave system appeared first on Rokas Law Firm.

I. Introduction

Although Switzerland has long been synonymous with neutrality, the Swiss franc and the widespread conclusion of loan agreements denominated in that currency has, in combination with fluctuations in the CHF/EUR exchange rate, generated a complex web of non-performing loans. This development has evolved into a multifaceted legal, social, and political issue.

Following years of controversy, litigation, and legislative inertia, Article 128 of Law 5264/2025 (Government Gazette A’ 239/19.12.2025) introduces a structured mechanism for the conversion of such loan agreements into euros, followed by a binding method for calculating and restructuring the outstanding debt.

ΙΙ. Judicial Background and Case Law Developments

After a period of inconsistent and often contradictory judgments issued by courts of first and second instance across Greece, the Plenary Session of the Supreme Court (Areios Pagos) addressed the issue in Decision No. 4/2019.

By majority, the Court interpreted Article 6(2) of Law 2251/1994 on consumer protection in a manner consistent with EU law, particularly Directive 93/13/EEC on unfair terms in consumer contracts and the relevant jurisprudence of the Court of Justice of the European Union (CJEU). The Court held that where a contractual term merely reflects a provision of national law, i.e. where it is declaratory in nature, such a term cannot be classified as unfair. The rationale lies in the presumption that the legislator has already balanced the interests of both contracting parties.

The issue was also examined at EU level. In its judgment of 20 September 2017 in Case C-186/16, Andriciuc and Others v Banca Românească SA, the CJEU held that a loan clause requiring repayment in the same foreign currency in which the loan was denominated cannot be considered unfair, if it is drafted in clear and intelligible terms and was not individually negotiated.

You can read the article on Lexology here:

A Timely Legislative Initiative: Untangling the “Swiss Franc Knot”

The full article is available here: A timely Legislative Initiative Untangling the “Swiss Franc Knot”

The post A Timely Legislative Initiative: Untangling the “Swiss Franc Knot” appeared first on Rokas Law Firm.

Introduction

Climate change requires a transition to sustainable development models, with green financing playing a crucial role. Green bonds  are a key tool for financing environmentally friendly projects, such as renewable energy, energy efficiency, and sustainable infrastructure. At European level, the sustainable development strategy is institutionally reinforced, with Regulation (EU) 2023/2631 establishing the European Green Bond standard (EuGB), ensuring transparency, credibility, and investment exclusively in sustainable activities. Greece is following the guidelines encompassed therein, with the integration of green bonds being a recent development.

Despite their benefits, their issuance comes with challenges, such as high costs, the need for transparency, high regulatory standards stemming from the harmonized legal framework thereof, and the risk of “greenwashing,” making an in-depth assessment of their role in the country’s sustainable development necessary.

Concept of Green Bonds

To understand green bonds, it is useful to briefly refer to conventional bond financing, in the first place. Bonds are a fundamental means of raising capital from the markets, through which a company or other issuer borrows from investors, committing to repay the capital at a predetermined time, along with an agreed-upon return. Legally and operationally, green bonds do not differ from conventional bonds in terms of structure or issuance process; they are subject to the same basic rules and create the same financial obligations for the issuer.

The essential difference lies in the use of the funds. While funds raised through the issuance of conventional bonds can be allocated for general business purposes, green bond proceeds are exclusively dedicated to financing projects with a clear environmental benefit, such as combating climate change, reducing greenhouse gas emissions, and promoting sustainable development. This commitment is not merely declarative; it is accompanied by monitoring and verification procedures to ensure that the funds are indeed used for the intended “green” purpose.

Green bonds therefore add an additional dimension to the investment: beyond financial returns, the investor contributes to measurable environmental outcomes. Various types of green bonds exist in the market, depending on the issuer. They can be issued by governments for large-scale environmental projects, by local authorities for sustainable infrastructure at local level, by international organizations for broader environmental initiatives, or by private companies to implement green investments. A common feature of all these bonds is that the funds are directed to specific environmentally targeted projects, offering investors a combination of financial return and environmental responsibility.

You can read the article on Lexology here:

Financing Sustainable Development with Green Bonds: EU Regulation 2023/2631 and the Rollout of European Green Bonds in Greece

Τhe full article is available in Greek and English here

The post Financing Sustainable Development with Green Bonds: EU Regulation 2023/2631 and the Rollout of European Green Bonds in Greece appeared first on Rokas Law Firm.

“Hellenic Data Protection Authority fines Insurance Company for poor handling of customer data requests”

(article by Mara Vasileiou (Associate Rokas Thessaloniki) and Eirini-Eftychia Gkiniki (Associate Rokas Athens))

In Decision 32/2025, the Hellenic Data Protection Authority imposed fines of €20,000 on NN Hellas and €2,000 on MediDent for failing to properly handle an insured individual’s data access request. The Authority held NN Hellas, as the data controller and legal successor to MetLife, responsible for ensuring its processor’s compliance under the GDPR. MediDent was further sanctioned for non-cooperation with the investigation. The decision reaffirms that controllers remain accountable for their processors’ conduct, particularly in merger contexts, and reflects the HDPA’s growing inclination toward stricter, sanction-based enforcement of data protection obligations.

You can read the whole article on Lexology here:

https://www.lexology.com/library/detail.aspx?g=4dd6a6b7-d6df-4779-9b4b-b28a2515fe16

Access the full article  [here]

The post Hellenic Data Protection Authority fines Insurance Company for poor handling of customer data requests appeared first on Rokas Law Firm.

“Legal Consequences of Euro Adoption in Bulgaria”

(article by Dimitrios Chatzimichael Partner (Rokas Thessaloniki) and Desislava Dimitrova Senior Associate (Rokas Bulgaria))

Bulgaria’s switch to the Euro in January 2026 marks far more than a simple change of currency, it represents the final step in the country’s journey toward full EU integration. The Euro Act ensures that every contract, account, and obligation in lev automatically converts into euros, protecting consumers and maintaining legal continuity. This transition will reshape Bulgaria’s financial and corporate landscape, aligning its systems with eurozone rules and institutions. Beyond the technicalities, adopting the euro signifies a deeper transfer of monetary sovereignty to the European Central Bank and a stronger connection to Europe’s shared legal and economic framework. The reform opens a new chapter for Bulgaria—one of stability, transparency, and full participation in the EU’s economic core.

You can read the whole article on Lexology here:

Legal Consequences of Euro Adoption in Bulgaria-Lexology

Access the full article  [here]

The post Legal Consequences of Euro Adoption in Bulgaria appeared first on Rokas Law Firm.

“Serbia: Beneficial Ownership Register – New Compliance Obligations from 1 October 2025”

(article by Jelena Pejovic and Mirjana Mladenovic Paripovic, Attorneys at Law (Rokas Belgrade)

“What regulatory changes will take effect on October 1st, 2025, for companies in Serbia, and what actions are required? The transition period regarding the Law on the Central Register of Beneficial Owners (“Official Gazette RS”, no. 19/2025, 51/2025, 60/2025,) is ending, and several important obligations will become mandatory.”

You can read the whole article on Lexology here:

Serbia: Beneficial Ownership Register – New Compliance Obligations from 1 October 2025 – Lexology

Access the full article here: [pdf]

The post Serbia: Beneficial Ownership Register – New Compliance Obligations from 1 October 2025 appeared first on Rokas Law Firm.