Privacy policy
Privacy policy on the Website and social networking sites
PRIVACY POLICY OF https://www.kusch.com/en
1. TERMS AND DEFINITIONS
1.1. Data Controller – Kusch+Co GmbH with its registered office in Hallenberg, Gundringhausen 5, 59969 Hallenberg, Germany, registered at Arnsberg Local Court (Amtsgericht Arnsberg), HRB 12998, tax identification number: DE322452059.
1.2. Joint Controllers - The following companies, insofar as they jointly decide on the processing of the personal data of users who subscribe to the newsletter:
1.2.1. Kusch+Co GmbH, with its registered office, Gundringhausen 5, 59969 Hallenberg, Germany, registered at the Arnsberg Local Court, HRB 12998, tax identification number: DE322452059.
1.2.2. NOWY STYL Sp. z o.o. with its registered office in Krosno, ul. Pużaka 49, 38-400 Krosno, entered in the Register of Entrepreneurs kept by the District Court in Rzeszów, 12th Commercial Division of the National Court Register, under KRS number [National Court Register number]: 0000077550, tax identification number: 6840009302, REGON [National Business Registry Number] 370016299.
1.2.3. NOWY STYL FRANCE S.A.S. with its registered office in Lavallois - Perret, 40 Rue Anatole France, 92300 Lavallois -Perret, France, entered in the Registre du Commerce et des Societes in Grenoble, kept by the Register of Entrepreneurs under number: 347 866 576 R.C.S. Grenoble, tax identification number: FR20347866576.
1.2.4. NOWY STYL UK Limited, with its registered office, 58 St John's Square, London EC1V 4JG, United Kingdom, registered with Companies House under number: 03216609, tax identification number: GB670795794.
1.2.5. Nowy Styl GmbH, with its registered office, Jubatus-Allee 1, Industriegebiet Schafhof II, D-92263 Ebermannsdorf, Germany, registered at Amberg Local Court, HRB 2140, tax identification number: DE812025183.
1.2.6. Nowy Styl Deutschland GmbH, with its registered office, Voigtei 84, 31595 Steyerberg, Germany, registered at Walsrode Local Court, HRB 100469, tax identification number: DE201665056.
1.2.7. Nowy Styl Hungary Zrt. with its registered office in Budapest, 1133 Budapest Váci út 116-118, Hungary, registered with the Budapest Környéki Törvényszék Cégbírósága under number: Cg.01-10-141336, tax identification number: HU12561791.
This privacy policy contains the essential content of the agreement between the Joint Controllers.
Personal data - any information related to an identified or identifiable natural person by one or more specific identifiers, including – but not limited to - IP address, location data, Internet identifier and information gathered through cookies and other similar technology.
1.3. Policy - this Privacy Policy.
1.4. GDPR - the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
1.5. Website - a site run by the Data Controller at: ...
1.6. User - any natural person visiting the Website or using one or more services or functionalities described herein.
2. PROCESSING OF PERSONAL DATA RELATED TO THE USE OF THE WEBSITE
2.1. When a User visits the Website, the Data Controller collects that User’s personal data to the extent necessary to provide the requested individual services, as well as information on the User's activity on the Website. The detailed rules and purposes of the processing of personal data collected while using the Website by the User are described below.
3. PURPOSES AND LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA ON THE WEBSITE
USE OF THE WEBSITE
3.1. Personal data of any persons using the Website (including IP address or other identifiers and information collected via cookies or other similar technologies), is processed by the Data Controller:
3.1.1. in order to provide Users with access to the content available on the Website - the legal basis for processing of personal data is the Data Controller's legitimate interest consisting in enabling the Website to be run and Users to read the content published on the Website (Article 6(1)(f) GDPR);
3.1.2. for analytical and statistical purposes - the legal basis for the processing of personal data is the given consent of the User (Article 6(1)(a) GDPR) for carrying out analyses of the Users' activity on the Website and their preferences in order to improve the functionalities and provided services; based on the User's consent to store cookies in his or her end device and their use by the Data Controller and his or her Partners, the list of which is available here;
3.1.3. in order to establish and seek claims or defend against claims - the legal basis for the processing of personal data is the Data Controller's legitimate interest (Article 6(1)(f) GDPR) consisting in protecting the Data Controller’s rights;
3.1.4. for the Data Controller’s and other entities’ marketing purpose, i.e., subsidiaries of Nowy Styl - the principles of personal data processing for marketing purposes are thoroughly described in the "MARKETING" section.
3.2. The User's activity on the Website, including his or her personal data, is recorded in logs (a special software used to store chronological record of events and activities concerning the IT system, which is used to provide services by the Data Controller). The information recorded in the logs is processed for the provision of services. In addition, the Data Controller processes the information for technical and administrative purposes in order to ensure the security of the IT system and its management - legal basis for processing the personal data is the Data Controller's legitimate interest (Article 6(1)(f) GDPR).
CONTACT FORMS
3.3. The Data Controller may be contacted using electronic contact forms. The User must provide his or her personal data in the contact form in order to contact the User and reply to the request. The User may also provide other data to make the contact or handling of the request easier. The required data must be provided in order to receive and handle the request. Failure to do so will result in being unable to handle the request. The provision of other data is not obligatory.
3.4. Your personal data is processed:
3.4.1. in order to identify the sender and to handle his or her requests sent by the contact form - within the data indicated in the form as required, the legal basis for processing of personal data is the Data Controller's legitimate interest consisting in enabling identification of the sender and efficient handling of the request sent by the contact form by persons interested in services or products of Nowy Styl and its subsidiaries, the list of which is available here (Article 6(1)(f) GDPR);
3.4.2. in order to identify the sender and to handle his or her request sent by the contact form - with regard to data not indicated as required, the legal basis for processing of personal data is the User’s consent (Article 6(1)(a) GDPR).
3.4.3. for the purpose of handling and responding to the contact enquiry - if the User contacts the Data Controller within the scope of an existing contractual relationship between the User and Data Controller or in advance for information about its portfolio of services, the legal basis for processing is the fulfilment of a contract or the implementation of pre-contractual measures (Article 6(1)(b) GDPR).
4. MARKETING
4.1. The Users' personal data is processed by the Data Controller for the following marketing purposes:
4.1.1. displaying marketing content to the User without analysing the User's preferences in order to adapt the content to his or her expectations (contextual advertising);
4.1.2. displaying marketing content to the User that is adapted to his or her preferences (behavioural advertising);
4.1.3. performing other activities related to direct marketing of goods and services (sending commercial information by electronic means and telemarketing activities).
NEWSLETTER
4.2. The Joint Controllers provide the newsletter service to persons who have registered with their email address (i.e. their customers, subscribers, trade fair participants) and confirmed their identity using the double opt-in procedure. The provision of personal data is necessary for the provision of the newsletter service. Otherwise, we cannot send the newsletter.
4.3. The provision of the newsletter service involves the joint processing of the user's personal data by Kusch+Co GmbH, with its registered office in Hallenberg, Nowy Styl Sp. z o.o., with its registered office in in Krosno, NOWY STYL FRANCE S.A.S., with its registered office in Lavallois – Perret, NOWY STYL UK Limited, with its registered office in London, Nowy Styl GmbH, with its registered office in Ebermannsdorf, Nowy Styl Deutschland GmbH, with its registered office in Steyerberg, Nowy Styl Hungary Zrt., with its registered office in Budapest, so that joint processing of personal data by the Joint Controllers in accordance with Article 26 of the GDPR. Accordingly, the Joint Controllers have concluded an agreement on the joint management of personal data, in which they have jointly and mutually agreed on the respective tasks and responsibilities for fulfilling the respective obligations for the protection and processing of the User's personal data.
4.4. The Joint Controllers have agreed that the activities covered by the joint processing include obtaining consent to send newsletters and transferring personal data via the newsletter registration form to the Joint Controller responsible for a specific geographical market, the storage of this personal data in a database managed by Nowy Styl Sp. z o.o. and the sending of personalised newsletters depending on the user's choice when subscribing to newsletters from specific countries. The Joint Controllers have also established rules for dealing with data breaches, handling data subject requests and ensuring the protection and security of data processing. The Joint Controllers will assess the risks of data processing with regard to data subject rights and, where necessary, carry out a data protection impact assessment on a case-by-case basis. In addition, the Joint Controllers will authorise each other to conclude data processing agreements in accordance with Art. 28 GDPR for the processing of data by third parties and standard data protection clauses for the transfer of data to third countries. Upon request, the Joint Controllers will provide each other with all information necessary to ensure compliance with data protection regulations.
4.5. The data will be processed continuously from the moment the User agrees to receive the newsletter and provides their personal data via the newsletter registration form, and for the entire duration of the newsletter service or until the User revokes their consent to receive the newsletter or objects to the newsletter being sent.
4.6. With regard to activities jointly managed and processed by the Joint Controllers, the User has the right to obtain confirmation regarding the processing of personal data, the right to access, rectification, erasure, restriction of processing, the right to data portability and the right to object to the processing of the data, as well as the right to lodge a complaint with the supervisory authority responsible for the protection of personal data.
4.7. Users may withdraw their consent at any time. The lawfulness of data processing carried out prior to the withdrawal of consent remains unaffected by the withdrawal.
4.8. In accordance with Article 26(1) of the GDPR, the Joint Controllers designate a contact point to which the user may refer in all matters relating to the processing of personal data by the Joint Controllers. The contact point is Nowy Styl sp. z o.o. Data subjects may contact the contact point via electronic communication at [email protected] or by traditional mail at ul. Pużaka 49, 38-400 Krosno. Notwithstanding the above, the User may exercise their rights under the GDPR in accordance with Article 26(3) GDPR against any of the Joint Controllers of personal data.
4.9. Your personal data is processed:
4.9.1. in order to send the newsletter including using a newsletter provider - (upon given consent of the User for the distribution of the newsletter (Article 6(1)(a) GDPR);
4.9.2. for analytical and statistical purposes – the legal basis for the processing of personal data is ’the given consent of the User (Article 6(1)(a) GDPR), for conducting analyses of the Users’ activity on the Website in order to improve the functionalities;
DIRECT MARKETING
4.10. The User’s personal data may also be used by the Data Controller to send marketing content to the User via e-mail. Such actions are undertaken by the Data Controller only if the User has provided his or her consent in this respect (Article 6(1)(a) GDPR), which may be withdrawn at any time, or based on the Data Controller’s legitimate interest (Article 6(1)(f) GDPR) consisting in providing existing customers with up-to-date commercial information about own similar services and/or products, including the Data Controller’s marketing information, resulting from the current commercial or business relations. The provision of personal data for marketing purposes is voluntary. The User has the right to object to the use of its personal data at any time pursuant to Article 21(2) GDPR.
5. SOCIAL NETWORKING SITES
5.1. The Data Controller processes the personal data of Users visiting the Data Controller’s profiles created on social networking sites (for instance, Facebook, YouTube, Instagram, Twitter). The personal data is processed only in connection with the created profile, including for the purpose of informing the Users about the Data Controller’s activities and promoting various events, services and products. The legal basis for the Data Controller’s processing of personal data in this respect is its legitimate interest (Article 6(1)(f) GDPR) consisting in promoting its own brands. If Users use the profiles of the Data Controller in social networks to communicate (e.g. by creating their own posts, responding to posts or through private messages), the data provided will be processed by the Data Controller exclusively for the purpose of contacting Users. The legal basis for the data collection is Article 6(1)(a) GDPR in the case of consent given and otherwise Article 6(1)(b) GDPR in the case of the fulfilment of a contract or pre-contractual measures.
5.2. The Data Controller processes the Users' personal data obtained using the following tools: Facebook Ads Manager, Google Ad Manager and LinkedIn Campaign Manager.
5.3. The User's personal data indicated in the contact forms referred to in point 5.2. Is processed:
5.3.1. in order to provide the User with marketing information on the Data Controller's products and services (within the framework of the newsletter service) - the legal basis for the processing of personal data is the User's given consent (Article 6(1)(a) GDPR) resulting from the User's order for marketing information by e-mail);
5.3.2. in order to make the User's personal data available to subsidiaries of Nowy Styl, the list of which is available here for the marketing purposes - the legal basis for processing of personal data is the User's consent for processing his or her data for this purpose (Article 6(1)(a) GDPR; if the consent is not provided, the User’s personal data will not be processed for this purpose).
5.4. The provision of personal data for marketing purposes is voluntary. The User has the right to object at any time pursuant to Article 21(2) GDPR.
6. COOKIES AND SIMILAR TECHNOLOGY
6.1. Cookies are text sets that may be used by websites to make the site better tailored to the Users’ needs.
The Data Controller may store cookies on the User's device, if this is necessary for the proper functioning of the Website. In the case of other types of cookies, the Data Controller must obtain the User's consent.
The Data Controller uses a cookie consent management tool to inform Users of the type and extent of cookies and to obtain consent of Users for cookies which are not technically necessary for the operation of the Website.
6.2. The Website uses various types of cookies. Some cookies are placed by third party services that appear on our Website.
The User can at any time withdraw his or her consent from the Cookie Declaration on our Website. The types of cookies described below are used on the Website:
6.2.1. Necessary cookies - help to make the Website usable by enabling basic functions like page navigation and access to secure areas of the Website. The Website cannot function properly without these cookies.
6.2.2. Preference cookies - enable the Website to remember choices Users have made in the past, like preferred language or the region the User is in.
6.2.3. Statistic cookies - help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
6.2.4. Marketing cookies - are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual User and thereby more valuable for publishers and third-party advertisers.
6.3. Cookies are used in order to:
6.3.1. make the Website usable by enabling basic functions and secure the Website;
6.3.2. tailor the content of the Websites to the User's preferences and to optimise the use of websites; in particular, these data sets make it possible to recognise the User's device and display the website, adapted to his or her individual needs;
6.3.3. create statistics and prepare analyses that help to understand how Users use the websites, allowing for improving their structure and content;
6.3.4. meet the marketing purposes in connection with directing contextual advertising to Users (i.e., advertising the display of which is not preceded by analysis of the Users’ preferences) and behavioural advertising (i.e., advertising that is tailored to the User's preferences)
6.4. The legal basis for the processing of personal data collected by means of cookies is (i) the Data Controller’s legitimate interest (Article 6(1)(f) GDPR) consisting in ensuring the proper functioning of the Website in terms of the necessary cookies and (ii) based on the User's consent (Article 6(1)(a) GDPR) to the storage of cookies in his or her end device and their use by the Data Controller and partners, the list of which is available here, consisting in:
6.4.1. keeping statistics and conducting analyses of User’s activity on the Website, as well as User's preferences in order to improve the functionalities and services provided; and
6.4.2. directing contextual advertising to Users (i.e., advertising the display of which is not preceded by analysis of the Users’ preferences) and behavioural advertising (i.e., advertising that is tailored to the User's preferences)
6.5. Cookie settings can be changed by the user via the cookie consent management tool by clicking on the following button: , located in the lower left corner of the screen. The controller points out that changes to cookie settings may affect some of the features available on the website.
7. ANALYTICAL AND MARKETING TOOLS USED BY THE DATA CONTROLLER'S PARTNERS
7.1. The Data Controller and its partners use various solutions and tools for analytical and marketing purposes. Basic information about these tools is listed below. Detailed information can be found in the privacy policy of a given partner. We have concluded contracts for order processing according to Article 28 GDPR as well as in case of data transfers to third countries standard contractual clauses issued by the European Commission complying with the respective legal requirements.
GOOGLE ANALYTICS
7.1.1 Google Analytics cookies are data ets used by Google (Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland) to analyse how Users use the Website, compile statistics and generate reports on how the Website is performing. Google does not use the collected data to identify the User, nor does it combine this information to enable identification. Detailed information about the scope and principles of personal data collection in connection with this service can be found in the Privacy Policy – Privacy Policy & Terms of Service – Google. You can block the transfer of your activity data to Google Analytics by installing the browser plugin available here: https://tools.google.com/dlpage/gaoptout?hl=en
GOOGLE ADS
7.1.2. Google ADS is a tool provided by Google (see business details above) allowing for measuring the performance of advertising campaigns of the Data Controller, allowing for the analysis of the data, such as keywords or the number of unique users. Google ADS makes it possible to show our ads to Users that have visited our Website. Information on the processing of personal data by Google in relation to this service is available at: https://policies.google.com/technologies/ads?hl=en. You can block the transfer of your activity data to Google Analytics by installing the browser plugin available here: https://adssettings.google.com/anonymous?hl=en
FACEBOOK PIXEL
7.1.3. Facebook Pixel is a tool provided by Meta Platforms, Inc. 1601 Willow Rd Menlo Park, CA 94025, USA allowing for measuring the performance of advertising campaigns run by the Data Controller on Facebook. This tool makes it possible to conduct advanced data analytics to optimise the Data Controller's activities, also in using other Facebook tools. Detailed information on the Facebook's personal data processing can be found at: https://pl-pl.facebook.com/help/443357099140264?helpref=about_content.
7.2. The legal basis for the processing of personal data is based on the User's consent (Article 6(1)(a) GDPR) for the described analytical and marketing purposes of the Data Controller.
SOCIAL MEDIA PLUG-INS
7.3. Social media plug-ins (Facebook, Google+, LinkedIn, Twitter) are used on the Website. Plug-ins allow the User to share content published on the Website in a social networking site. The use of plug-ins on the Website means that the relevant social networking site receives information on the User's exploitation of the Website and can assign it with the User's profile created on the relevant social networking site. The Data Controller is not aware of the purpose and scope of collection of personal data by social networking sites. More information can be found at the links below:
7.3.1. Facebook: https://www.facebook.com/privacy/policy?_rdr
7.3.2. Google: https://privacy.google.com/take-control.html?categories_activeEl=sign-in
7.3.3. LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=pl_EN
7.3.4. Twitter: https://twitter.com/en/privacy
7.4. HotJar allows the Data Controller to conduct analyses of the User's activity on the Website, for instance, through questionnaires or satisfaction surveys, and through anonymous collection of information about clicks on particular sections on the Website. The tool does not allow for identification of the User. Detailed information on the data collected by means of HotJar and on how to deactivate User's monitoring is available at: https://www.hotjar.com/privacy.
8. PERIOD OF THE PERSONAL DATA PROCESSING
8.1. The period of the personal data processing by the Data Controller depends on the type of service provided and the purpose of the processing. As a rule, personal data is processed for the time of provision of the service or execution of the order, handling of the request sent via the contact form, until the withdrawal of the consent provided or until an objection is raised to the processing of the personal data in cases where the legal basis of the personal data processing is the Data Controller’s legitimate interest.
8.2. The period of the personal data processing may be extended, if the processing is necessary for establishing or seeking claims or defending against any possible claims, and thereafter only if and to the extent required by law. Upon the expiry of the period in question, the personal data is erased or made anonymous.
9. USER’S RIGHTS
9.1. The User has the following rights:
9.1.1. Right to information about the processing of personal data - On this basis, a person who submits a request will receive information about the data processing by the Controller, in particular about the purposes and legal bases of the processing, the scope of the stored data, the recipients or categories of recipients to whom this data is disclosed, and the planned date of data erasure;
9.1.2. Right to obtain a copy of the data – on this basis, the Controller will provide a copy of the processed data concerning the person making a request;
9.1.3. Right to rectify – the Controller is required to rectify any discrepancies or mistakes in processed personal data and to amend such data, if incomplete;
9.1.4. Right to erasure of data - on this basis, you may request the erasure of the personal data if: a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; b) the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) GDPR, or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing; c) the data subject objects to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) GDPR; d) the personal data have been unlawfully processed; e) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject; f) the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
9.1.5. Right to restrict processing – if such a request is made, the Controller will cease to perform operations on personal data - except for operations consented to by the data subject, and to retain data, in accordance with accepted retention rules or until the reasons for restriction of data processing have ceased to exist (for example, a supervisory authority decision is issued allowing further processing of data);
9.1.6. Right to transfer data – on this basis - to the extent that data is processed in connection with a contract concluded or a consent expressed - the Controller will issue data provided by the data subject in a machine-readable format. It is also possible to request that data be sent to another entity – provided, however, that there is technical capacity in this regard on the part of both the Controller and the other entity;
9.1.7. Right to object to the processing of data for marketing purposes – the data subject may at any time object to the processing of their personal data for marketing purposes, without the need to justify such objection
9.1.8. Right to object to other purposes of data processing – the data subject may at any time object to the processing of personal data which takes place on the basis of a legitimate interest of the Controller (eg. for analytical or statistical purposes or for reasons related to the protection of property); objection in this respect must contain a justification;
9.1.9. Right to object to other purposes of data processing – the data subject may at any time object to the processing of personal data which takes place on the basis of a legitimate interest of the Controller (e.g. for analytical or statistical purposes or for reasons related to the protection of property); objection in this respect must contain a justification;
9.1.10. Right to lodge a complaint - if it is found that the processing of personal data violates the provisions of GDPR or other regulations on the protection of personal data, the data subject may file a complaint with the supervisory authority for the processing of personal data competent for their habitual residence, place of work or place where the alleged violation was committed. In Poland, the supervisory authority is the President of the Personal Data Protection Office. The list of supervisory authorities in Germany can be found at: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html
9.2. Insofar as the user's data is processed with their consent, the user may revoke this consent at any time by contacting the controller at the following address: [email protected]
10. DATA RECIPIENTS
10.1. As a result of the provision of services, personal data may be disclosed to third-party entities, including in particular, operators of IT systems, IT services, banks and payment operators, accounting and legal services companies, couriers (in connection with the execution of orders), marketing agencies (within the framework of marketing services), mailing services companies, subsidiaries of Nowy Styl, the list of which is available here and the Data Controller's partners (only to the extent of information contained in cookies), the list of which is available here.
10.2. If the User provides his or her consent, then his or her personal data may also be made available to other entities for their own purposes, including marketing purposes.
10.3. The Data Controller reserves the right to disclose selected information about the User to competent authorities or third parties that have requested the provision of such information under the appropriate legal basis and in accordance with the provisions of the applicable law.
11. TRANSMISSION OF PERSONAL DATA OUTSIDE THE EEA
11.1. The level of protection of personal data outside the European Economic Area (EEA) is different from that provided by European law. Due to this reason, the Data Controller transfers personal data outside the EEA, only if it is required and at the same time with the provision of an adequate level of protection, mainly by:
11.1.1. cooperation with entities processing personal data in countries for which a relevant EC's decision has been issued,
11.1.2. following the standard contractual clauses issued by the European Commission,
11.1.3. applying binding corporate rules, approved by the relevant supervisory authority,
11.2. The Data Controller always notifies the User of the intention to transfer personal data outside the EEA at the time of its collection.
12. SAFETY OF PERSONAL DATA
12.1. The Data Controller conducts a risk analysis on a regular basis in order to ensure that personal data is processed in a safe manner by ensuring, in particular, that only authorised persons have access to the personal data and only to the extent necessary for the performance of their tasks. The Data Controller ensures that all operations associated with personal data are recorded and performed only by authorised employees and collaborators.
12.2. The Data Controller takes all necessary actions to ensure that its subcontractors and other cooperating third-party companies apply the appropriate security measures while processing personal data at the request of the Data Controller.
13. CONTACT DATA
13.1. Users may contact the Data Controller using the electronic means: [email protected] or by post using the following correspondence address: ul. Pużaka 49, 38-400 Krosno.
14. CHANGES TO THE PRIVACY POLICY
14.1. This Policy is reviewed on a regular basis and updated, if needed.
14.2. The current Privacy Policy is valid from 1.12.2025.