Global Data and Cyber Handbook

Italy

Select a Topic
Start Comparison
Data localization and regulation of non-personal data
Jump to
Data localization and regulation of non-personal data Start Comparison
Are there data localization/data residency or other types of laws that may require the retention and storage of data in the local jurisdiction, or prohibit the transfer of data out of the jurisdiction?

[Last reviewed: January 2025]

Yes.

☒   b)   other laws that may require the retention and storage of personal data (including, for example, where such data is part of another type of record or dataset) in the local jurisdiction or otherwise prohibit the transfer or disclosure of the personal data outside of the local jurisdiction:

☒   national security laws

☒   anti-investigatory/blocking statutes that restrict any activity on local territory that aids a foreign government investigation

☒   tax or financial record laws

☒   employment laws

Does law or regulation impose mandatory requirements to share or make accessible non-personal data?

Last review date:

☒         Obligation for private organizations to share or make accessible data generated by connected or "IoT" devices under the Data Act

☒         Obligation for private organizations to share or make accessible other non-personal data under cyber laws.

If so, please provide brief details of the relevant law or regulation.

What specific obligations do these data-sharing rules impose on private organizations?

Last review date: January 2025

          Obligation to share data on request

          Obligation to (re)design products or services to facilitate data accessibility

          Obligation to standardize products or services to facilitate data portability or interoperability

{{ $store.state.loadingScreen.message }} ...