Data Protection GLS Ireland
On this website GLS Ireland Ltd. informs about the collection and further processing of personal data for the purpose of parcel delivery.
I. Identity and contact details of the Controller and Data Protection Officer/Country Data Protection Manager
The following information is valid for GLS Ireland Ltd., responsible for the collection and further processing of personal data in GLS Ireland Ltd. (Controller):
GLS Ireland Ltd.
Stadium Business Park
Ballycoolin Road, Dublin 11
Tele: 01 8606200
(Hereinafter GLS Ireland)
If you want to contact the Data Protection Manager/Data Protection Officer please use the email address firstname.lastname@example.org . If you want to contact us via unencrypted e-mail, please note that the confidentiality of the transmitted information cannot be guaranteed. Unencrypted e-mails can possibly be read by unauthorised third parties.
You may also contact GLS by sending a written letter to the Data Protection Manager of GLS Ireland
Data Protection Manager of GLS Ireland,
c/o GLS Ireland
Stadium Business Park
Ballycoolin Road, Dublin 11
II. General Information
1. Personal data
Personal data includes particulars on personal or factual circumstances of a specific or determinable individual person. This includes for instance information such as name, address, telephone number and email address.
Information that cannot be linked to a specific or determinable individual - such as statistical data - is not considered as personal data.
2. Applicable Data Protection Law and Commitment to Data Secrecy
All GLS entities located within EU countries are subject to the regulations of the General Data Protection Regulation (GDPR) and other relevant national data protection laws.
GLS Ireland renders a parcel delivery service for the public or contributes to rendering such services and is thus obliged to adhere to the principles postal secrecy. All employees of GLS Ireland have committed themselves by signature to adhere to data secrecy and postal secrecy.
3. Information Security
By means of technical and organisational security measures, GLS companies do their best to protect personal data from loss or misuse. Personal data is processed only in systems which are protected by appropriate security measures according to the GLS IT Security Policies. GLS will modify the security and data protection measures as much as necessary in the light of technological progress.
III. Consignment and Consignee Data
1. Data Categories, Purposes of Processing Personal Data and Legal Basis
For carrying out parcel services and therefore fulfilling the contract with its customers (the consignors) [According to Art. 6 (1)(b) GDPR] including in particular delivery of the parcel, payment of services, complaints management, quality and safety management, statistical performance data and compliance with relevant government bodies such as the Revenue Commission GLS Ireland needs consignor data (address details and further contact details, payment information and other relevant contractual data according to the services ordered by the consignor) as well as consignee data (name, address, postcode, city, country, optionally phone no. and e-mail address).
Consignee data transferred to GLS companies as well as interface documentation (scans of the parcels at different locations) and the proof of delivery (POD) may be processed and recorded by various GLS subsidiaries. GLS uses personal consignment and consignee data only for the fulfilment of its contractual obligations. Any further use is not permitted.
In some cases we may process data on consent basis [According to Art. 7 GDPR] or because of our legitimate interest [According to Art. 6 (1)(f) GDPR] (in particular regarding the following purposes: customer solvency checks, Compliance programme).
Compliance with the applicable statutory regulations on data protection is an original duty of each GLS company. The transfer of data by a consignor to a GLS company is no processing of data on behalf of others.
Additional services like the FlexDeliveryService and ShopDeliveryService require the e-mail address or phone number of the consignee to inform him/her about the status of the parcel delivery. GLS companies receive the telephone number and/or e-mail address from the consignor who ordered these additional services. The consignor is also responsible for the proper collection of this data and in particular the consent of the consignee to the transfer of his e-mail address and/or telephone number to GLS.
If you have questions regarding this procedure, please contact your contractual partner (the consignor). You can also express your withdrawal of consent towards GLS Ireland. In this case please use the contact details of the GLS Ireland Data Protection Manager (I). If you want to contact us via unencrypted e-mail, please note that the confidentiality of the transmitted information cannot be guaranteed. Unencrypted e-mails can possibly be read by unauthorised third parties.
You may also contact GLS by sending a written letter to the Data Protection Manager of GLS Ireland (I).
3. Data Sharing and Recipients
Generally, only the consignor and consignee of a parcel are entitled to receive information about the parcel. GLS provides parcel information to third parties (e.g. governmental authorities) only on the basis of statutory regulations.
GLS companies will not sell or lease personal data to any third party. However, there are certain circumstances where GLS may share your personal data without additional notice to you. Parties which may receive your data include:
- GLS subsidiaries and contractors in other EU countries or outside of the EU for the purpose of parcel delivery from the consignor to the consignee. [According to Art. 49 (1)(b); (1)(c) GDPR respectively.]
- Affiliated or unaffiliated third parties that are under contract to perform services for or on behalf of GLS (Processors), in particular IT-Service providers. GLS Ireland has concluded appropriate data protection contracts with these parties.
- Other persons or organisations as permitted by applicable law or regulation.
- Law enforcement personnel and agencies for the purpose of meeting national security requirements or as part of a legal process in order to protect our property or in furtherance of an investigation regarding a breach of GLS´ rules and policies, unauthorized access to or use of GLS equipment or any other illegal activity.
4. Retention and Erasure
GLS Ireland is processing personal data as long as it is required for the purpose for which we use it. We will determine how long to retain the data based on the following requirements:
- Operational requirements: such the length of time that information is needed in order to provide the services.
- Legal requirements: such as where GLS Ireland needs to retain records for a certain amount of time in order to comply with the law.
Archived data is recorded on storage media accessible only for authorised personnel. After the legal retention period has expired, the data is deleted.
IV. Data Subjects Rights, Withdrawal of Consent, Exercising your Rights, Complaint with Data Protection Authority
1. Data Subjects Rights
You have the right to
- be informed about and have access to your personal data processed (Right to be informed and Right of access according to Art. 15 GDPR)
- obtain the correction of inaccurate personal data (Right to rectification according to Art. 16 GDPR)
- obtain deletion of your personal data (Right to erasure according to Art. 17 GDPR)
- restrict processing (Right to restriction of processing according to Art. 18 GDPR)
- receive your personal data provided to us (Right to data portability according to Art. 20 GDPR)
- object to processing data on grounds relating to your particular situation based on legitimate interests or the performance of a task in the public interest (Right to object according to Art. 21)
Provided that the necessary legal requirements are fulfilled.
2. Withdrawal of Consent
In case your consent has been requested for the processing of your personal data, please be informed that you have the right to withdraw that consent at any time in the future, without affecting the lawfulness of the processing based on the consent before its withdrawal.
3. Exercising your Rights
If you want to exercise your data subjects rights or withdraw an explicit consent given please send a message to the Data Protection Manager of GLS Ireland (I) explaining what right you want to exercise so that GLS Ireland can take the necessary further steps to respect your rights.
If you want to contact us via unencrypted e-mail, please note that the confidentiality of the transmitted information cannot be guaranteed. Unencrypted e-mails can possibly be read by unauthorised third parties. You may also contact GLS by sending a written letter to the Data Protection Manager of GLS Ireland (I).
Please be aware that we might ask for a proof of identification in order to protect your information against unauthorised access.
4. Right to lodge a complaint
You have the right to lodge a complaint with the data protection authority of your country if you believe that your rights have been violated. For further information on the complaints process, please click here .
V. Updates to this data protection information
GLS Ireland may in its sole discretion, update this information by posting the amended information on this site.
This information was last updated on 25th May 2018.