Customer Service users privacy notice
according to art. 13 of EU Regulation 679/2016 and the applicable privacy provisions
According to the provision of General Data Protection Regulation, Regulation EU no. 679/2016 (hereinafter the "GDPR"), GLS Italy S.p.A., with registered office in 20098 - San Giuliano Milanese (MI), via Basento n. 19, as franchisor of the Companies network operating as express courier under the "GLS" trademark (hereinafter, the"Company" or the "Data Controller"), informs you that personal data ("Data") provided by you and / or collected during the call may be processed as follows:
1. Purpose and legal basis of the processing.
The Data will be collected and processed by the Data Controller in order to:
(i) provide a feedback to your request and allow the correct management of the request.
In this case, the legal basis of the processing for the hereabove mentioned purpose is the correct management and performing of the contract signedby you , or of the service expressly requested by you.
(ii) the management of any complaint, report and / or dispute, including the management of any judicial or extrajudicial proceeding and for the prevention of unlawful conduct, within the limits provided by law;
(iii) the statistical analysis by the Data Controller, in an aggregate form, of the customer service call volumes
In both cases, the legal basis for the Data processing for the described purposes is the pursuit of a legitimate interest of the Company and / or of third parties that, on the basis of the assessments carried out at the Company, is not detrimental to your rights;
(iv) purposes related to the fulfillment of legal obligations, regulations, national and EU regulations as well as instructions given by authorities legitimated under the law.
The legal basis of data processing in this case is the fulfillment of obligations under the law and applicable regulations.
2. Nature of the conferment of Data and consequences of non-conferment of Data
For the fulfilment of the aforementioned purposes, the processing of the Data is necessary and the non-conferment of Data will make impossible to manage and correctly process your request.
3. Categories of recipients of personal data, persons and entities to which personal data may be disclosed
Within the scope required for the achievement of the specified purposes, the Data may be disclosed to the following persons and entities:
- persons, companies, associations or professional firms that provide services or assistance and advice or provide services to the Data Controller, in particular but not limited to administrative, legal and financial matters;
- companies belonging to the same Group of the Data Controller (eg for the provision of services necessary for your request or for administrative and financial purposes);
- persons having the right to access the Data recognized under the law and secondary legislation or under provisions of competent authorities.
The persons listed above , all located within the European Union, will process the Data as independent data controllers or data processors, appointed in compliance with the provisions of the GDPR. In particular, in relation to the service GLS Italy, will process the data both as an independent Data Controller, with reference to the courier activities directly managed, and as Data Processor on behalf of the other companies of the Group for the management of the customer care service.
The Data may also be taken to the attention of our staff who will process them as a Data Processor.
4. Retention of personal data
The Data will be retained for the time necessary for the management of your request, and then they will be retained for administrative purposes and / or to enforce or protect a right or a legitimate interest, and they will be deleted at the end of the relevant period necessary to accomplish the purposes herein.
We also inform you that the Data may be stored a period longer then the relevant period for analysis and statistics purposes on call volumes, realized in aggregated mode.
5. Rights of the data subject
We inform you that, you have the rights as provided by Article 15 and seq. of the GDPR more specifically:
(i) obtain from the Data controller confirmation whether or not the Data are being processed, and, where that is the case, access to the information on the processing of Data
(ii) request from the Data Controller the rectification of incorrect or incomplete Data;
(iii) request from the Data Controller the erasure of the Data;
(iv) request a restriction of the Data processing;
(v) request to receive the Data in a structured, commonly used and machine-readable format or to transmit such Data to another data controller where technically feasible (so-called “data portability”).
Moreover, You have the right to object, wholly or partially, for legitimate reasons, to processing of Data.
The exercise of the aforementioned right can be exercised submitting a request to the e-mail address firstname.lastname@example.org
In the end, if you believe that the data processing violates the legislation regarding the protection of personal data, you have the right to lodge a complaint with the Autorità Garante for the protection of Data (www.garanteprivacy.it).