GLS-ONE

I. General

Subject of this Privacy Policy

Subject of this privacy policy is General Logistics Systems B.V., Amsterdam (GLS B.V).

GLS performs reliable and high quality parcel services as well as express deliveries and logistics related value added products.

Personal data

Personal data includes particulars on personal or factual circumstances of a specific or determinable individual person. This includes for instance information such as name, address, telephone number and email address.

Information that cannot be linked to a specific or determinable individual - such as statistical data - is not considered as personal data.

Applicable Data Protection Law and Commitment to Data Secrecy

All GLS entities located within EU countries are subject to the regulations of the General Data Protection Regulation (GDPR) and other relevant national data protection laws such as the Data Protection Act 2018.

Information Security

By means of technical and organisational security measures, GLS companies act to protect personal data from loss or misuse.

Personal data is processed only in systems which are protected by appropriate security measures according to the GLS IT Security Policies.

GLS will modify the security and data protection measures as much as necessary in the light of technological progress.

Data Subjects Rights

GLS B.V. respects the fundamental rights and freedoms of data subjects. GDPR increases the privacy rights of the data subject. Under this regulation you have the right to

be informed about and have access to your personal data processed (Right to be informed and Right of access according to Art. 15 GDPR)
obtain the correction of inaccurate personal data (Right to rectification according to Art. 16 GDPR)
obtain deletion of your personal data (Right to erasure according to Art. 17 GDPR)
restrict processing (Right to restriction of processing according to Art. 18 GDPR)
receive your personal data provided to us (Right to data portability according to Art. 20 GDPR)
object to processing data on grounds relating to your particular situation based on legitimate interests or the performance of a task in the public interest (Right to object according to Art. 21)

Provided that the necessary legal requirements are fulfilled.

Withdrawal of Consent

In case your consent has been requested for the processing of your personal data, please be informed that you have the right to withdraw that consent at any time in the future, without affecting the lawfulness of the processing based on the consent before its withdrawal.

Exercising your Rights

If you want to exercise your rights as a data subject or withdraw an explicit consent given please send a message to the Data Protection Manager of GLS B.V explaining what right you want to exercise so that GLS B.V. can take the necessary further steps to respect your rights.

If you want to contact us via unencrypted e-mail, please note that the confidentiality of the transmitted information cannot be guaranteed. Unencrypted e-mails can possibly be read by unauthorised third parties. You may also contact GLS by sending a written letter to the Data Protection Manager of GLS B.V via the following address:

Data Protection Manager of GLS B.V.,
c/o General Logistics Systems B.V,
Breguetlaan 28-30
1438 BC Oude Meer
The Netherlands

Please be aware that we might ask for a proof of identification in order to protect your information against unauthorised access.

Right to lodge a complaint

You have the right to lodge a complaint with the data protection authority of your country if you believe that your rights have been violated. For further information on the complaints process, please click here.

II. Consignment and Consignee Data

Data Categories, Purposes of Processing Personal Data and Legal Basis

For carrying out parcel services and therefore fulfilling the contract with its customers (the consignors) [According to Art. 6 (1)(b) GDPR] including in particular delivery of the parcel, payment of services, complaints management, quality and safety management, statistical performance data and compliance with relevant government bodies such as the Revenue Commission GLS needs consignor data (address details and further contact details, payment information and other relevant contractual data according to the services ordered by the consignor) as well as consignee data (name, address, postcode, city, country, optionally phone no. and e-mail address).

Consignee data transferred to GLS companies as well as interface documentation (scans of the parcels at different locations) and the proof of delivery (POD) may be processed and recorded by various GLS subsidiaries. GLS uses personal consignment and consignee data only for the fulfilment of its contractual obligations. Any further use is not permitted.

In some cases we may process data on consent basis [According to Art. 7 GDPR] or because of our legitimate interest [According to Art. 6 (1) (f) GDPR] (in particular regarding the following purposes: customer solvency checks, Compliance programme).

Responsibility

Compliance with the applicable statutory regulations on data protection is an original duty of each GLS company. The transfer of data by a consignor to a GLS company is no processing of data on behalf of others.

Additional services like the FlexDeliveryService and ShopDeliveryService require the e-mail address or phone number of the consignee to inform him/her about the status of the parcel delivery. GLS companies receive the telephone number and/or e-mail address from the consignor who ordered these additional services. The consignor is also responsible for the proper collection of this data and in particular the consent of the consignee to the transfer of his e-mail address and/or telephone number to GLS.

If you have questions regarding this procedure, please contact your contractual partner (the consignor). You can also express your withdrawal of consent towards GLS B.V. In this case please use the contact details of the GLS B.V. Data Protection Manager (I). If you want to contact us via unencrypted e-mail, please note that the confidentiality of the transmitted information cannot be guaranteed. Unencrypted e-mails can possibly be read by unauthorised third parties.

Data Sharing and Recipients

Generally, only the consignor and consignee of a parcel are entitled to receive information about the parcel. GLS provides parcel information to third parties (e.g. governmental authorities) only on the basis of statutory regulations.

GLS companies will not sell or lease personal data to any third party. However, there are certain circumstances where GLS may share your personal data without additional notice to you. Parties which may receive your data include:

GLS subsidiaries and contractors in other EU countries or outside of the EU for the purpose of parcel delivery from the consignor to the consignee. [According to Art. 49 (1)(b); (1)(c) GDPR respectively.]
Affiliated or unaffiliated third parties that are under contract to perform services for or on behalf of GLS (Processors), in particular IT-Service providers. GLS B.V. has concluded appropriate data protection contracts with these parties.
Other persons or organisations as permitted by applicable law or regulation.
Law enforcement personnel and agencies for the purpose of meeting national security requirements or as part of a legal process in order to protect our property or in furtherance of an investigation regarding a breach of GLS´ rules and policies, unauthorized access to or use of GLS equipment or any other illegal activity.

Retention and Erasure

GLS B.V. is processing personal data as long as it is required for the purpose for which we use it. We will determine how long to retain the data based on the following requirements:

Operational requirements: such the length of time that information is needed in order to provide the services.
Legal requirements: such as where GLS B.V. needs to retain records for a certain amount of time in order to comply with the law.

Archived data is recorded on storage media accessible only for authorised personnel. After the legal retention period has expired, the data is deleted.

III. Collection, Processing and Use of Personal Data

Logging and IP

Each time a user accesses a GLS web page data is saved in a log file. The following specific data is temporarily saved:

IP number of the querying computer
Domain name
Date and time of access
HTTP answer code
Visited pages
Operating system with version
Browser with version
Screen resolution

The logfile data is anonymously analysed for statistical purposes. Statistical reports are used to evaluate the usage of the GLS websites. In particular, the order in which the pages are visited and the path taken between pages is shown. This is intended to give GLS B.V. an indication how the usability of the website can be improved further.

Cookies

For usage of the GLS pages it may be necessary for the GLS servers to set cookies. These cookies are used by the technical administrators of the web site. Every visitor can configure his/her browser to reject cookies. All visitors have the right to refuse cookies. Unless the consent of the user is given, no cookie data will be saved on the computer of the visitor. In this case, the data stored in the cookies will not be transferred to GLS. The functionality of specific areas of the website may be inaccessible with cookies disabled.

Your GLS

GLS fundamentally differentiates between an open and closed area during usage of the GLS web site. Functions in the open area can be used without prior registration. Functions in the closed area assists GLS customers in the performance of a contract between the customer and GLS. Functions in the closed area can only be accessed by means of a secure login file, which is issued by GLS.

Contact Forms

Among other functions the open area provides the user with an E-mail contact form, "Track and Trace", and the Parcel Shop search. Data entered in the scope of an enquiry via the E-mail form such as name, street, postcode, city, etc. is required by us in order to process your enquiry. Forwarding, sale or any other means of transfer of your personal data to third parties does not occur.

Google Analytics

This web site uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses so called "cookies", i.e. text files that are saved on your computer, allowing an analysis of how you use the web site. The information about your use of this web site, generated by the cookie (incl. your IP address), is transmitted to a Google server in the USA and saved there. Google will use this information in order to analyse your use of the web site, to compile reports about the web site activities for the web site operators and to perform further services that are connected with the web site use and the internet use.

Moreover, Google will transmit this information to a third party when indicated, as far as this is legally mandatory or as far as a third party is processing this data on behalf of Google. Google will in no case connect your IP address with other data of Google. You can avoid the installation of cookies by adjusting the according settings of your browser software; however we would like to point out that in this case you might not be able to use all functions of this web site to the full extent. By using this web site you agree that Google will process the data collected about you in the manner described before and for the purpose named before.

IV. Identity and contact details of the Controller and Country Data Protection Manager

If you want to contact the Data Protection Manager, please use the email address dataprotection@gls-holding.com.

You may also contact GLS by sending a written letter to the Data Protection Manager of GLS B.V.