Privacy policy

of General Logistics Systems Croatia d.o.o.

Protection of personal data

I PREAMBLE

The identity and contact information of the Controller and the data protection officer

GLS General Logistics Systems Croatia d.o.o. (GLS Croatia) is a subsidiary of the company General Logistics Systems B.V., Amsterdam. GLS Croatia offers reliable and high-quality parcel delivery service as well as express delivery and additional logistics services.

If you wish to contact the data protection officer, we urge you to primarily use the following e-mail address: dataprotection@gls-croatia.com . At Your disposal is also the following telephone number +385 1 2369 605 , and You may also contact us through a written request addressed to the data protection officer at GLS Croatia:

Data protection officer at GLS Croatia

General Logistics Systems Croatia d.o.o.

Stupničke šipkovine 22

10255 Donji Stupnik

Hrvatska

Personal data

Personal data refers to details about the personal or factual characteristics of an identified or identifiable person. The above includes information such as name, address, telephone number and e-mail address. Data that cannot be linked to an identified or identifiable person - such as statistical data - is not considered personal data.

Data subject

Individual whose identity is or can be determined and who visits or uses our website.

Applicable legal sources for data protection and data confidentiality obligations

GLS Croatia manages personal data in accordance with the applicable personal data protection regulation, in particular in accordance with the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, to be referred to as: GDPR), as well as in accordance with the applicable provisions of the Postal Services Act.

GLS Croatia provides other postal services to general public or contributes to the provision of such services and is therefore obliged to adhere to the regulations on the confidentiality of postal items. All employees of GLS Croatia signed and therefore accepted the obligation to respect the confidentiality of data and postal items.

Data security

By implementing technical and organizational measures, all companies within the GLS group make the maximum effort to protect personal data from loss or misuse. Personal data is processed exclusively in systems that are protected by appropriate security measures. GLS Croatia will in accordance with the development of technological achievements, adapt security and data protection measures to the greatest extent possible.

For how long we retain Your data

We only retain Your data for as long as it is absolutely necessary, which depends on the category of data or the purpose for which the data was collected. Some data must be retained by us for a period up to 11 years in accordance with our obligations from tax and accounting regulation. We retain some data (e.g., certain video materials) for as long as the user of postal services is entitled to initiate complaint proceedings in accordance with the Postal Services Act (from three to 6 months starting from the day of the parcel handover), provided that the complaint proceedings weren't initiated in which case the data must be retained longer for evidentiary purposes. We delete some data as soon as the purpose for which it was collected is fulfilled (e.g., job applications after the candidate has been excluded from the selection process).

You can certainly contact us at any time with a question about whether we keep Your data, for how long and why, and You can also request its transfer and deletion, i.e. you can use all your rights provided by the GDPR (see point IV Rights of data subjects).

II COLLECTION, PROCESSING AND USE OF PERSONAL DATA WHEN SENDING PARCELS

Categories of data, purpose and legal basis of personal data processing

For the purpose of carrying out the service of sending a parcel, and thereby fulfilling the contract with its clients (senders [in accordance with Article 6, point (b) of the GDPR]), including the delivery of the parcel, payment of services, management of complaints, payment of taxes, customs duties, security measures and quality assurance, GLS Croatia needs information about the sender (address details, contact information, payment information and other relevant contractual information necessary to perform the services ordered by the sender), as well as information about the recipient (name and surname, address, postal code, city, country, phone number and e-mail address).

Recipient information provided to GLS as well as documentation from the interface (scans of packages at various locations) and proof of delivery (POD) can be processed and stored by GLS subcontractors. GLS uses personal sending and information about recipients only to the extent necessary for the performance of the contractual obligation. Any further use is not allowed.

We can (apart from You) also receive Your personal data from third parties - for example, senders who send You parcels using our services, as well as from other companies or services providers that might hire us.

Depending on the situation and if needed, we share data about the recipient and the sender with our subcontractors (warehouses, persons responsible for delivery, contractual partners in the ParcelShop system) in the proportion necessary to perform the contracted service. In case of package damage/loss, data may be shared with the insurance company.

We also collect data about our partners (subcontractors, persons responsible for delivery, warehouse managers and other partners). Before entering, and while maintaining a business relationship, if the need arises, we are obliged to carry out background checks such as checks relating to compliance with provisions related to sanctions, checking of used vehicles, existing licenses and permits or other information, for which it is necessary to have appropriate personal data. When necessary, we share the above data with external partners such as accounting services or legal advisors, all for the purpose of fulfilling contractual obligations i.e. our legitimate interests.

If you are a candidate for a job position in our company, we collect data that You give us yourself, and we either delete it immediately after the end of the employment cycle, or we keep it (in the case of establishing an employment relationship) and possibly pass it on to an external partner (accounting service) in order to fulfill contractual obligations towards You as our employee.

We process data on the basis of consent [pursuant to Art. 7 of the GDPR] or due to our legitimate interest [pursuant to Art. 6. (f) GDPR] (e.g. for the purpose of: solvency checks, compliance programs).

We may also collect voice recordings made during telephone contact with any of our customer services or our other employees. If voice recordings are collected, we will definitely inform you at the beginning of each conversation. Voice recordings are collected to ensure the quality of our service.

From time to time, we may contact You with questions about Your preferences and opinions through surveys, or with promotional offers, which is direct marketing that represents our legitimate interest.

Liability

Compliance with the applicable rules on data protection is the core obligation of every company within GLS group. Data transmission by the sender to GLS Company does not represent data processing on behalf of others.

For additional services such as FlexDeliveryService and ShopDeliveryService an e-mail address or phone number of the recipient is required in order to inform the recipient about the status of the shipment. GLS companies receive phone numbers and/or e-mail addresses of senders who have ordered such additional services. The sender is responsible for the appropriate collection of such data and the recipient's consent to the transfer of their e-mail address and/or phone number to GLS.

If you have any questions about this procedure, please contact your contractual partner (sender). You can also declare your withdrawal of consent towards GLS Croatia. In this case, please use the contact details of the Data protection officer at GLS Croatia. If you want to contact us by e-mail that is not encrypted, please take into account that the confidentiality of the information sent cannot be guaranteed. It is possible for such e-mails to be read by a third, unauthorized party. You can also contact us by sending a letter to the Data protection officer.

Data sharing and recipients

As a rule, only the sender and recipient of the postal item are authorized to receive information about the parcel. GLS provides parcel information to third parties (e.g., government authorities) only based on obligatory laws.

Companies within GLS group do not sell or rent personal data to any third party. However, there are certain circumstances in which GLS may share your personal data without additional notice to You. The persons that may receive Your data are:

  • GLS subcontractors and contractual partners in other EU countries or outside the EU for the purpose of delivering the shipment from the sender to the recipient [according to Art. 49 paragraph 1. (b) or (c) of the GDPR].
  • affiliated or unaffiliated third parties who, based on the contract, provide services for or on behalf of GLS (External contractors), especially IT service providers. GLS Croatia has concluded appropriate data protection contracts with these parties.
  • other persons or organizations when permitted by applicable law or regulations.
  • police, other personnel, and national security agencies or as part of a legal process with the purpose of protecting our assets or as part of an investigation into a breach of GLS rules and regulations, unauthorized access and/or use of GLS equipment or any other illegal activity.


III THE COLLECTION, PROCESSING AND USE OF PERSONAL DATA WHEN USING OUR WEBSITES

gls.group.com and paket.hr

Every time a user accesses GLS website, data is stored in the so-called log file. The following specific data is temporarily stored:

  • IP number of the personal computer from which the request was made
  • domain name
  • date and time of access
  • HTTP response code
  • visited pages
  • operating system with version
  • browser with version
  • screen resolution.

For the use of GLS pages it may be required that the GLS servers set the so-called cookies, which are used by the technical administrators of the website. Each visitor can configure their browser to reject cookies. All visitors have the right to refuse cookies. Unless the user gives his consent, the cookie data will not be stored on the visitor's computer. In this case, data stored in cookies will not be transferred to GLS. The functionality of specific parts of the website could be unavailable if cookies are disabled.

GLS Hrvatska distinguishes between open and closed areas for use of GLS web page. The closed area is necessary for the fulfillment of the contract between GLS Croatia and its partners. Access is allowed only with the use of a username and password. In addition to other functions, the open area offers users an e-mail contact form, "Track and Trace", as well as locating ParcelShops. We require the data entered in order to make an inquiry via the e-mail form, such as first and last name, street, postal code, city, etc., in order to process your inquiry. Your personal data will not be forwarded, sold or transferred in any other way to third parties.

The data from the log file are analyzed anonymously for statistical purposes. Statistical reports are used to evaluate usage of GLS websites. In particular, the schedule according to which pages are visited and the path taken between them is shown. The purpose of this is for the GLS to find out how to improve the usability of the site. This website uses Google Analytics, which is an internet analysis service of Google Inc. ("Google"). Google Analytics uses the so-called "cookies", i.e. text files that are stored on Your computer, which enables the analysis of Your use of the website. The information generated by the cookie about Your use of this website (including your IP address) is sent to a Google server in the United States and stored there. Google uses this information to analyze your use of the website, to compile a report on site activity for site administrators and to perform other services related to the use of the website.

In addition, Google forwards this information to third parties, if this is legally required or if the third party processes this data on behalf of Google. Google will under no circumstances connect your IP address with other data in Google. You can avoid the installation of cookies if you adjust the appropriate settings in your browser software; however, in that case we must emphasize that there is a possibility that you will not be able to use all the functions of this site to their full extent. By using this website, you agree that Google will process the data it collects about you in the manner described above and for the previously stated purposes.

Sending the newsletter

GLS Croatia– until revocation of consent – has the right to send the newsletter to those users who previously agreed to sending it to the e-mail address they provided. The database for the newsletter includes first and last name, email address and time of consent or withdrawal.

Data subjects have the right to revoke their consent at any time, by clicking on the link in the newsletter, or by sending a notification to info@gls-croatia.com or by contacting GLS customer service. The database for the newsletter is used exclusively for the purpose of sending the newsletter.

IV RIGHTS OF DATA SUBJECTS

GLS Croatia respects the fundamental rights and freedoms of the data subjects. The GDPR increases the data subject's right to privacy. Based on that Regulation, you have the right to

● be informed about and have access to Your personal data that has been processed (right to access in accordance with Article 15 of the GDPR)

● obtain correction of incorrect personal data (right to correction in accordance with Article 16 of the GDPR)

● obtain the deletion of Your personal data (right to deletion or oblivion in accordance with Article 17 of the GDPR)

● limit processing (right to limit processing in accordance with Article 18 of the GDPR)

● receive Your personal data provided to us (the right to data portability in accordance with Article 20 of the GDPR)

● object to data processing based on your special situation based on legitimate interest or performance of tasks in the public interest (right to object in accordance with Article 21)

all assuming that the necessary legal prerequisites are met.

Withdrawal of consent

If Your consent to the processing of Your personal data is required, please note that you have the right to withdraw your consent at any time in the future, without thereby affecting the legality of the processing based on the consent given before the withdrawal.

Exercising Your rights

If you wish to exercise your rights as a data subject, or withdraw your explicit consent, please send a message to the Data protection officer at GLS Croatia and state which of Your rights You wish to exercise so that GLS Croatia could take the neccesary steps to respect Your rights.

dataprotection@gls-croatia.com

Please note that Your withdrawal of consent to data processing, deletion and or restriction of data processing may result in GLS, due to the nature of the service to be provided, not being able to perform the contracted service. Also, Your revocation of consent to data processing, deletion of data and/or restriction of data processing may possibly negatively affect the exercising of Your rights arising from the Postal Services Act (e.g. exercising of the right to object beyond the deadline).

The right to submit a complaint

You have the right to submit a complaint, either to us as the controller, in which case please use the contact information provided in the Preamble; but also to the supervisory authority for data protection.

Agencija za zaštitu osobnih podataka

(Croatian Personal Data Protection Agency)

Selska cesta 136

10 000 Zagreb

Tel. 00385 (0)1 4609-000

Fax. 00385 (0)1 4609-099

E-mail: azop@azop.hr

Web: www.azop.hr

Updating this data protection information

This information was updated on 26th of September 2022