We, E.ON One GmbH, Brüsseler Platz 1, 45131 Essen, as the data controller for the website brightfield.de pursuant to Art. 4 No. 7 EU GDPR (hereinafter “we”), are pleased to provide you with information through this data protection statement as to whether and to what extent your personal data is processed when visiting the website at this domain. In addition, we also hereby provide you information on your rights and identify relevant contacts. This information applies to the domain specified above as well as to other websites that we host online, if these are explicitly referenced in this statement. Personal data includes all information that identifies you individually, e.g. name, address, email address, IP address, data about website use.

A. Necessary data, cookies and pixel

1. Provision of the website and creation of log files

In case of purely informational use of our website, which means when you do not register, log in or otherwise transmit any additional information to us, we initially collect and process only the personal data that your browser and your internet provider transmit to our server. This involves data that is needed for technical reasons in order to display the website and to ensure the security and stability of our site. Specifically, this is the shortened and thus anonymous IP address (the reduction excludes person-specific identifiers and thus, a personal relationship), the website, the site you last visited (referrer), the websites belonging to E.ON One GmbH that you visited, the names of the retrieved files, the date and time of the retrieval, the operating system and version of browser installed on your PC. We also store the aforementioned data in log files. This occurs based on legitimate interests, Art. 6(1) lit. f) GDPR, in order to ensure that the website functions properly. In addition, we use the data to improve our online presence and to ensure its security. However, none of the aforementioned data is stored together with other personal information. Log files are stored for a maximum of 7 days. In order for the website to operate properly and to fulfil our own obligations, we forward your data to our service providers and in turn receive data from them. This is also applicable if you contact us in the ways specified by us (emails, forms, newsletters, chat inquiries, contests) or use other offers on our website.

2. What are cookies, pixels and tracking technologies

In addition to the aforementioned data, when you visit our website, data is stored on your computer in so-called “cookies” and in the local storage of your browser (hereinafter collectively referred to as “cookies”). Cookies are small text files that are saved to a browser on your computer and are used by the entity that placed them there (i.e. us) to obtain certain information. Cookies cannot run programs or place viruses on your computer. They are used for the purposes described in the following paragraphs.  Our websites (as well as emails) may contain small, transparent image files, called "pixels," or lines of code ("scripts") to record how you interact with them. This information is also used for the purposes described in the following paragraphs.

3. Required, technically necessary cookies

When you visit our website for the first time or if no cookie is detected on your device, you will be notified of our use of cookies, pixels and tracking technologies. In addition, we obtain your consent for certain processings. When issuing the initial Cookie Notice and obtaining your consent, we refer to this Privacy Policy. For the duration of your visit, so-called session cookies are set. These store a so-called session ID, through which different requests of your browser can be assigned to the common session and make your surfing experience on our website a more pleasant one for you. Session cookies can be used to recognise your computer when you return to our website. Session cookies are automatically deleted when you close your browser. In addition, we use technically necessary persistent cookies. Persistent cookies are automatically deleted after a specified period, which can differ from one cookie to another. You can delete the cookies at any time using the security settings in your browser. At no time will personal data be stored in a cookie

Persistent cookies will be used onbrightfield.de
Name	from Domain	Term	Purpose
donottrack	brightfield.de	1 Monat	Speicherung des Widerspruchs

Most browsers are pre-set to automatically accept cookies. However, you can disable the storage of cookies or set your browser to notify you before storing cookies. Users who do not accept cookies may not be able to access certain areas of our websites. The legal basis for the processing of personal data using technically necessary cookies is Art. 6(1) lit. f) GDPR.Important:
You may configure your browser however you like so that it, for example, refuses to accept third-party cookies or any cookies. You should be aware, however, that such refusal may potentially prevent you from accessing all the website’s features or the site may not display at all.

B. Implemented technologies

Google Tag Manager
Usercentrics Consent Management Platform
Google Analytics and Optimize
LinkedIn
Twitter
Contentsquare
Twitter

C. Specific offers on our website

Integration of YouTube Videos
Contact via e-mail or contact form
Newsletter
LiveChat
Fan pages and social media channels

D. Data Recipients and Data Sources

1. Categories of data recipients

Within the scope allowed by law (as previously described), we relay personal data to companies in our group as well as to external service providers:

• Group companies, for the purpose of fulfilling contractual obligations and for reporting purposes;

• IT service providers, for the purpose of maintaining our IT infrastructure

• Public agencies where justified on a case-by-case basis (e.g. national insurance carriers, financial authorities, police, public prosecutor’s office, regulatory agencies)

2. Data Sources

We process personal data that we obtain from you within the context of our user and business relationships. Where necessary in order to provide our services, we process personal data that we have collected within the context of your use of our website.

3. Data transfer to a third country

In addition to the data transfers to third countries as already described above, data is also transferred to countries outside the European Union and the European Economic Area ("third countries") in the context of the administration, development and operation of IT systems. When doing so, the following must be observed: Transfer is in principle permissible because the requirements allowing for such transfer under law have been satisfied or you have given your consent to the transfer of the data and special conditions exist for transfer to a third country. Specifically, the data importer guarantees an adequate level of data protection in accordance with standard EU clauses for the transfer of personal data to data processors in third countries.

E. Retention period or criteria in determining retention period

Where purely informational use is involved (see Item A.), we retain the designated personal data for as long as necessary to provide services or for use. It is deleted once the respectively designated purpose has been achieved.
Data stored in log files is deleted within a maximum of 7 days. In addition, personal data stored in log files is also anonymised.
If there are statutory or contractual retention periods (e.g. where a user or contractual relationship is involved), we are obligated to retain the data until expiration of this period. We delete the relevant data following expiry or discontinuation of relevant obligations arising from statutory retention periods stipulated by commercial and tax law (see §§ 147 General Tax Code (AO) and 257 Commercial Code (HGB)).
We retain your data for marketing purposes until you object to its use, withdraw your consent or such use is no longer legally permitted. We retain your other data only as long as we need it to fulfil the specific purpose for which it was collected (e.g. fulfilment or conclusion of contract) and delete it once it ceases to be needed for that purpose.

F. Your rights

Unless otherwise indicated, E.ON One GmbH is responsible for processing your data. You may request information from us at any time regarding the data stored about you and you may request the correction of this data in the event it contains errors. In addition, you may also request restrictions be placed on processing, the portability of the data you provided us in a machine-readable format or the deletion of your data – provided it is no longer needed. Moreover, you have the right to object to the use of your data on the basis of public or legitimate interests at any time. To do so, please contact:
E.ON One GmbH, Data Protection, Brüsseler Platz 1, 45131 Essen Email datenschutz@eon.com
It is imperative that we retain the data collected in our log files in order to ensure the functioning of the website. Therefore, there is no right to object to the processing of this information.
For the cookies that we place with your consent, we have specified the technical option in which you can revoke your consent. This has been termed as Opt Out.
If we process your data on the basis of your consent, you may withdraw this consent with future effect at any time. Upon receipt of your withdrawal of consent, we cease processing your data for the purpose for which consent was granted. Please direct your withdrawal of consent or revocation of your consent to the commercial use of your data to
E.ON One GmbH, Data Protection, Brüsseler Platz 1, 45131 Essen Email datenschutz@eon.com
In addition, you can direct a complaint at any time to a regulatory authority. For us, the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, Helga Block, PO Box 20 04 44, 40102 Düsseldorf, Germany, Phone: 02 11 / 384 24-0, is responsible. Alternatively, you may also approach the regulatory authority with jurisdiction at your location.

G. Verantwortliche Stelle und Kontakt