Customer Service users privacy notice

According to the provision of General Data Protection Regulation, Regulation EU no. 679/2016 (hereinafter the "GDPR"), GLS Italy S.p.A., with registered office in 20098 - San Giuliano Milanese (MI), via Basento n. 19, as franchisor of the Companies network operating as express courier under the "GLS" trademark (hereinafter, the"Company" or the "Data Controller"), informs you that personal data ("Data") provided by you and / or collected during the call may be processed as follows:

1. Purpose and legal basis of the processing.

Data such as phone number, advanced request, shipping number etc. will be collected and processed for:

(i) provide a feedback to your request and allow the correct management of the request. Where the service is available and should you choose to be contacted again (so-called "call back") you will be invited to leave a short message, which will be recorded by the system along with your phone number. Please note that in case of unsuccessful contact we will try to call you back for a maximum of 10 attempts within a maximum of 10 days. In any case, subsequent attempts to follow up on your request will be made in the following time slot from 08:30 to 18:30 (excluding holidays). Upon conclusion, your data will be deleted.

In this case, the legal basis of the processing for the hereabove mentioned purpose is the correct management and performing of the contract signedby you , or of the service expressly requested by you.

(ii) the management of any complaint, report and / or dispute, including the management of any judicial or extrajudicial proceeding and for the prevention of unlawful conduct, within the limits provided by law;

(iii) the statistical analysis by the Data Controller, in an aggregate form, of the customer service call volumes

In both cases, the legal basis for the Data processing for the described purposes is the pursuit of a legitimate interest of the Company and / or of third parties that, on the basis of the assessments carried out at the Company, is not detrimental to your rights;

(iv) purposes related to the fulfillment of legal obligations, regulations, national and EU regulations as well as instructions given by authorities legitimated under the law.

The legal basis of data processing in this case is the fulfillment of obligations under the law and applicable regulations.

2. Nature of the conferment of Data and consequences of non-conferment of Data

For the fulfilment of the aforementioned purposes, the processing of the Data is necessary and the non-conferment of Data will make impossible to manage and correctly process your request.

3. Categories of recipients of personal data, persons and entities to which personal data may be disclosed

Within the scope required for the achievement of the specified purposes, the Data may be disclosed to the following persons and entities:

(i) persons, companies, associations or professional firms that provide services or assistance and advice or provide services to the Data Controller, in particular but not limited to administrative, legal and financial matters;

(ii) companies entrusted with the management of Customer Service as well as companies belonging to the GLS Group. In this regard, it should be noted that GLS Italy will also process the Data as the data controller of GLS Enterprise, by virtue of a specific deed of appointment

(iii) GLS Group Companies for administrative-accounting or internal control purposes;

(iv) persons to whom the right to access the Data is recognized by provisions of law and secondary legislation or by provisions issued by authorities empowered to do so by law.

The persons listed above , all located within the European Union, will process the Data as independent data controllers or data processors, appointed in compliance with the provisions of the GDPR.

The Data may also be taken to the attention of our staff who will process them as a Data Processor.

4. Retention of personal data

The Data will be retained for the time necessary for the management of your request, and then they will be retained for administrative purposes and / or to enforce or protect a right or a legitimate interest, and they will be deleted at the end of the relevant period necessary to accomplish the purposes herein.

We also inform you that once the retention time has elapsed, the Data will be anonymized and aggregated and will be retained for call volume analysis and statistical purposes only.

5. Rights of the data subject

We inform you that, you have the rights as provided by Article 15 and seq. of the GDPR more specifically:

(i) obtain from the Data controller confirmation whether or not the Data are being processed, and, where that is the case, access to the information on the processing of Data;

(ii) request from the Data Controller the rectification of incorrect or incomplete Data;

(iii) request from the Data Controller the erasure of the Data;

(iv) request a restriction of the Data processing;

(v) request to receive the Data in a structured, commonly used and machine-readable format or to transmit such Data to another data controller where technically feasible (so-called “data portability”).

Moreover, You have the right to object, wholly or partially, for legitimate reasons, to processing of Data.

The exercise of the aforementioned rights can be done by contacting the data controller with whom it has a contractual relationship by sending a request to the e-mail address dataprotection@gls-italy.com

In the end, if you believe that the data processing violates the legislation regarding the protection of personal data, you have the right to lodge a complaint with the Autorità Garante for the protection of Data (www.garanteprivacy.it) .