+40 269 501 900
Log in
+40 269 501 900

GDPR - Data Protection

1.Identity and contact details of the Controller and Data Protection Officer/Country Data Protection Manager

The following information is valid for GLS Romania, responsible for the collection and further processing of personal data in GLS Romania (Controller):

GLS General Logistics Systems Romania SRL

Sibiu, Dorobanților Street,  no. 106, zipcode 550231

Phone number: 0269-501.900

Fax: +40269-501.950

E-mail: info@gls-romania.ro

(hereinafter GLS Romania)

 

If you want to contact the Data Protection Manager/Data Protection Officer please use the email address dataprotection@gls-romania.ro.  If you want to contact us via unencrypted e-mail, please note that the confidentiality of the transmitted information cannot be guaranteed. Unencrypted e-mails can possibly be read by unauthorised third parties.

You may also contact GLS by sending a written letter to the Data Protection Manager of GLS Romania:

Data Protection Manager of GLS Romania,

GLS General Logistics Systems Romania SRL

Sibiu, Dorobanților Street,  no. 106, zipcode 550231

 

2.General Information

  1. Personal data

Personal data includes particulars on personal or factual circumstances of a specific or determinable individual person. This includes for instance information such as name, address, telephone number and email address.

Information that cannot be linked to a specific or determinable individual - such as statistical data - is not considered as personal data.

 

  1. Applicable Data Protection Law and Commitment to Data Secrecy

All GLS entities located within EU countries are subject to the regulations of the General Data Protection Regulation (GDPR) and other relevant national data protection laws.

GLS Romania renders postal services for the public or contributes to rendering such services and is obliged to adhere to postal secrecy regulations. All employees of GLS Romania have committed themselves by signature to adhere to data secrecy and postal secrecy.

  1. Information Security

By means of technical and organisational security measures, GLS companies do their best to protect personal data from loss or misuse. Personal data is processed only in systems which are protected by appropriate security measures according to the GLS IT Security Policies. GLS will modify the security and data protection measures as much as necessary in the light of technological progress.

 

3.Consignment and Consignee Data

  1. Data Categories, Purposes of Processing Personal Data and Legal Basis

For carrying out parcel services and therefore fulfilling the responsibility towards its customers (the consignors)[1]including in particular delivery of the parcel, payment of services, complaints management, GLS Romania needs:

  • In case of natural persons:
    • consignor data: name, address details, phone number, e-mail, payment information – personal ID code and bank account. This information is only requested for invoicing the services and sending the parcel label via e-mail.
    • consignee data name, address details, phone number and e-mail. This information is only requested for the delivery service performed by GLS Romania.

Consignee data transferred to GLS companies as well as interface documentation (scans of the parcels at different locations) and the proof of delivery (POD) may be processed and recorded by various GLS subsidiaries. GLS uses personal consignment and consignee data only for the fulfilment of its obligations. Any further use is not permitted.

 

  1. Responsibility

Compliance with the applicable statutory regulations on data protection is an original duty of each GLS company. The transfer of data by a consignor to a GLS company is no processing of data on behalf of others.

GLS companies receive the telephone number and/or e-mail address from the consignor who ordered the services. The consignor is also responsible for the proper collection of this data and in particular the consent of the consignee to the transfer of his e-mail address and/or telephone number to GLS.

If you have questions regarding this procedure, please contact the consignor. You can also express your withdrawal of consent towards GLS “Country”. In this case please use the contact details of the GLS “Country” Data Protection Manager (dataprotection@gls-romania.ro). If you want to contact us via unencrypted e-mail, please note that the confidentiality of the transmitted information cannot be guaranteed. Unencrypted e-mails can possibly be read by unauthorised third parties.

You may also contact GLS by sending a written letter to the Data Protection Manager of GLS Romania (dataprotection@gls-romania.ro).

  1. Data Sharing and Recipients

Generally, only the consignor and consignee of a parcel are entitled to receive information about the parcel. GLS provides parcel information to third parties (e.g. governmental authorities) only on the basis of statutory regulations.

GLS companies will not sell or lease personal data to any third party. However, there are certain circumstances where GLS may share your personal data without additional notice to you. Parties which may receive your data include:

  • GLS subsidiaries and contractors in other EU countries or outside of the EU for the purpose of parcel delivery from the consignor to the consignee[2].

 

  • Affiliated or unaffiliated third parties that are under contract to perform services for or on behalf of GLS (Processors), in particular IT-Service providers, GLS Romania has concluded appropriate data protection contracts with these parties.

 

  • Other persons or organisations as permitted by applicable law or regulation.

 

  • Law enforcement personnel and agencies for the purpose of meeting national security requirements or as part of a legal process in order to protect our property or in furtherance of an investigation regarding a breach of GLS´ rules and policies, unauthorized access to or use of GLS equipment or any other illegal activity.
  1. Retention and Erasure

GLS Romania is processing personal data as long as it is required for the purpose for which we use it. We will determine how long to retain the data based on the following requirements:

  • Operational requirements: such the length of time that information is needed in order to provide the services.

 

  • Legal requirements: such as where GLS Romania needs to retain records for a certain amount of time in order to comply with the law.

Archived data is recorded on storage media accessible only for authorised personnel. After the legal retention period has expired, the data is deleted.

 

 

4.Data Subjects Rights, Withdrawal of Consent, Exercising your Rights, Complaint with Data Protection Authority

  1. Data Subjects Rights

You have the right to 

  • be informed about and have access to your personal data processed (Right to be informed and Right of access according to Art. 15 GDPR)
  • obtain the correction of inaccurate personal data (Right to rectification according to Art. 16 GDPR)
  • obtain deletion of your personal data (Right to erasure according to Art. 17 GDPR)
  • restrict processing (Right to restriction of processing according to Art. 18 GDPR)
  • receive your personal data provided to us (Right to data portability according to Art. 20 GDPR)
  • object to processing data on grounds relating to your particular situation based on legitimate interests or the performance of a task in the public interest (Right to object according to Art. 21)

provided that the necessary legal requirements are fulfilled.

 

  1. Withdrawel of Consent

In case your consent has been requested for the processing of your personal data, please be informed that you have the right to withdraw that consent at any time in the future, without affecting the lawfulness of the processing based on the consent before its withdrawal.

  1. Exercising your Rights

If you want to exercise your data subjects rights or withdraw an explicit consent given please send a message to the Data Protection Manager of GLS Romania (dataprotection@gls-romania.ro)  explaining what right you want to exercise so that GLS Romania can take the necessary further steps to respect your rights.

If you want to contact us via unencrypted e-mail, please note that the confidentiality of the transmitted information cannot be guaranteed. Unencrypted e-mails can possibly be read by unauthorised third parties. You may also contact GLS by sending a written letter to the Data Protection Manager of GLS Romania (dataprotection@gls-romania.ro).

Please be aware that we might ask for a proof of identification in order to protect your information against unauthorised access.

  1. Right to lodge a complaint

You have the right to lodge a complaint with the data protection authority of your country if you believe that your rights have been violated (http://www.dataprotection.ro / B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, cod postal 010336 București, România).

 

5.Updates to this data protection information

GLS Romania may in its sole discretion, update this information by posting the amended information on this site.

This information was last updated on 25 May 2018

 

 

[1] according to Art. 6 lit. (b) GDPR

[2] according to  Art. 49 para 1 lit (b) respectively (c) GDPR