SAP Privacy Statement
Protecting the individual's privacy on the Internet is crucial to the future of Internet-based business and the move toward a true Internet economy. SAP has created this privacy statement to demonstrate our firm commitment to the individual's right to privacy. This policy outlines our personal information handling practices for this website.
This Privacy Statement covers this website and other sites that reference this Privacy Statement. Some SAP entities, programs and/or sites may have their own, possibly different, privacy statements. We encourage you to read the privacy statements of each of the SAP websites you visit and any program information you visit or review.
Global Privacy Fundamentals
Our privacy practices reflect current global principles and standards on handling personal information. These principles include notice of data use, choice of data use, data access, data integrity, security, onward transfer and enforcement/oversight. We abide by the privacy laws in the countries where we do business.
By using this Website, you consent to the collection and use of the information as described here. If we decide to make changes to this Privacy Statement, we will post the changes on this site so that you will always know what information we collect, and how we use it.
From time to time, as may be required by applicable law, we may also seek your explicit consent to process certain data and information collected on this website or volunteered by you.
Back to Top
Collection and Processing of Your Personal Data
To serve you better and understand your needs and interests, SAP collects, exports and uses personal information with adequate notice and consent, along with required filings with data protection authorities, when applicable.
We may further collect and process any information and data that you volunteer to us, e.g. when you register for events, subscribe to newsletters, participate in online surveys, discussion groups or forums, or when you make purchases.
Back to Top
Use and Purpose of Collected Personal Data
The information SAP collects to understand your needs and interests helps SAP deliver a consistent and personalised experience. We will use such information only as described in this Privacy Statement and/or in the way we specify at the time of collection. We will not subsequently change the way your personal data is used without your consent, as required by applicable law. Unless stated otherwise at the time of collection, we will use your personal data only in the following ways:
- To process your orders and deliver the products and services that you have ordered;
- To keep you up to date on the latest product announcements, software updates, software upgrades, security patches, system enhancements, special offers and other information. This may occasionally include information from other technology companies or business partners about products and services that can add value to your SAP products;
- To tailor information about our products and services to your individual interests. For example, during a visit to our site, it allows us to provide you with specific information on products and services that may be of interest;
- To provide the ability to create personal profile areas and view protected content;
- To conduct online “Click to Chat” and “Click to Call” sessions;
- In order to ensure and control the quality of the information and experience you have during chat sessions with SAP by educating our personnel to effectively answer your questions;
- To provide the ability to contact you, and provide you with shipping and billing information, and to provide customer feedback and support;
- To provide contests, sweepstakes or other marketing or promotional activities on the SAP.com or affiliate websites. Personal data may be collected to administer those programs;
- To conduct questionnaires and surveys in order to provide better products and services to our customers and end users. Your completion of any questionnaires is voluntary;
- To support recruitment inquiries; and
- To meet contractual obligations.
Back to Top
We use IP addresses to help diagnose problems, to administer our website and to gather demographic information. We may also use IP addresses or other information, such as your SAP.com user information you have shared on this website or at any earlier occasion or a campaign code, to determine which pages on our sites are being visited and topics that may be of interest so we can provide you with information about relevant products and services. SAP will aggregate such data only in an anonymous way and will not tie it to a particular individual unless he or she has given consent. When you visit our site, we recognise only your domain name.
SAP may also collect IP addresses (and other technical information such as browser type) during a Click-to-Chat or Click-to-Call sessions that you initiate. This information is collected when you connect to SAP so that we may identify your session, deliver content based on the technical capabilities of your browser, and for quality control purposes. Your IP address will not be used to identify you unless you provide your prior consent.
SAP will only gather information related to your visit to the SAP site. We do not track or collect personal information from your visits to companies or entities outside the SAP Group of companies.
Back to Top
In addition to the information you provide, SAP may also collect information during your visit to an SAP website through automated tools, which include Web beacons, cookies, embedded Web links and other commonly used information-gathering tools. These tools collect certain standard information that your browser sends to our website, such as your browser type and language, access times and the address of the website from which you arrived at an SAP website. Using these tools, SAP is also able to confirm receipt of e-mails that the recipient consented to receive, and can track other information such as pages visited on the SAP site and whether or not the recipient registers for an event offered by SAP and certain other aggregate data that is not related to a particular individual.
Back to Top
Embedded Web Links
E-mails from SAP often use links designed to lead you to a relevant area on the Web, after redirection through SAP’s servers. The redirection system allows SAP to change the destination URL of these links, if necessary, and to determine the effectiveness of our marketing initiatives.
In e-mails, such links may also allow SAP to determine if you have clicked on a link in the e-mail, and the information about this interaction may be connected to your personal identity. If you do not want SAP to collect information about the links you clicked, you can simply choose not to click on the links in an e-mail that SAP sends you.
Back to Top
The Privacy and Electronic Communications (EC Directive) Regulations 2003 implemented a European Directive - 2002/58/EC - which is concerned with the protection of privacy in the electronic communications sector. In 2009 this Directive was amended by Directive 2009/136/EC. This included a change to Article 5(3) of the E-Privacy Directive requiring consent for storage or access to information stored on a subscriber or users terminal equipment – in other words a requirement to obtain consent for cookies and similar technologies.
What is a cookie?
A cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies are then sent back to originating website on each subsequent visit. Cookies are useful because they allow a website to recognize a user’s device. The Regulations apply to cookies and also to similar technologies for storing information.
How to control and delete cookies
If you wish to restrict or block the cookies which are set by SAP websites, you can do this through your browser settings. The "Tools/Settings" function within your browser should tell you how.
List of Cookies on SAP
This is a list of the main cookies set by SAP Websites:
- Client: this is a persistent cookie that tracks user interest as well as personalized content according to user interest.
- Session: this cookie tracks user activity on the visited site.
- SAP.TTC: a persistent conversion cookie that checks when the user first visits the site.
- SAP.SITE.COOKIE: this is a non-persistent mega cookie that contains a sub-cookie.
- NPC_CPS_SESSION: this cookie indicates the Central Profile Services (CPS) session status and prevents multiple tries.
- CodeTrackingCookie: creates multiple cookies based on global/settings/ctracking codesettings. It’s created anytime the url_id and referrer changes.
- SSO: this cookie tracks the user’s login status. It’s non-persistent unless the user chooses to “remember” when he logs in.
- Pmereturnurl/pmeoriginalurl/pmelayerurl/pmedialogmode: cookie to track various URLs used in Permission Marketing Enablement (PME) registration in the event of redirection.
- CheckSecurityURL: used when download server to verify user registration levels.
- SingleSignOnURL: cookie is used for third party site registration.
- SingleSignOnEvent: cookie is used for third party site registration.
- Cstoken: this non-persistent cookie indicates whether the user has completed certain campaign form – used on the download server.
- Formresult: this cookie indicates the campaign form the user has complete
- CMPField-***: cookie tracks relevant campaign field information used by certain campaign and is wiped out after form submission.
- SelectedCountryURL: this persistent cookie helps remember the country the user selected in the country selector. If in the new session, he types www.sap.com, a redirection to the country site occurs. Persistent duration is 365 days.
- CountryRedirectFlag: this cookie only allows redirection to country site once.
- SAP_SCORING_COOKIE: this cookie is set to track and score user activities on the visited site.
- Redirect2msite: this cookie prevents redirecting the user to mobile sites.
- SAP_Download_Tracking: this cookie is used to track users’ download activities.
- Nurture: this cookie is set per session when a user lands on a nurture page and stores nurture-specific details such as nurture campaign code, nurture ID, and nurture e-mail status.
- IDP_J_COOKIE: received from SAPID (formerly CPS) SAML service when a user is authenticated by SAPID and an SSO session has been established. This cookie contains session information for the SAPID user.
- Ecomguid: this persistent cookie is used as unique reference for each customer accessing the site. It allows user tracking over any of the training sites. Persistent duration is 365 days.
Back to Top
If you choose to give us your e-mail address, we will communicate with you via e-mail. We do not share your e-mail address with others outside the SAP Group of companies. You can choose not to receive any more e-mail at any time.
Depending on how your e-mail application is set up, information about you may be transmitted automatically when you send e-mail to SAP.
If you choose to register for third-party services, we may need to send some information from your SAP.com registration to the service provider, possibly including your e-mail address.
Back to Top
Shopping or Event Registration
Our site includes order forms that you fill out to request information, products and services. These forms may collect your financial information, such as your bank details or credit card numbers. SAP promises to use any financial information that you submit solely for billing and payment purposes for that special transaction. This may include the transfer of your data to third parties involved in executing the transaction, such as banks, credit card companies and other financial and credit control institutions.
Back to Top
Sharing Your Personal Data
As a global company, SAP operates a number of Web sites around the world. Any data and information that you volunteer or that is otherwise collected on one of our sites in any one country may be sent electronically to a server for one of these sites in another country. We safeguard your privacy interests around the world by ensuring that this SAP site adheres to our data protection principles described in this statement.
Companies in the SAP Group may use the information internationally in connection with processing your inquiries and orders, to help improve our products and services and for processing and storage.
We may also share such information with business partners, service vendors, authorised third-party agents or contractors in order to provide a requested service or transaction, including processing orders, processing credit card transactions, hosting websites, hosting event and seminar registration and providing customer support, or providing you with information on products and services that may be of interest to you.
We only provide these third parties with the minimum amount of personal data necessary to provide the services on our behalf, and the third parties are not permitted to use your personal data except for the limited purpose of completing the requested service or transaction.
We do not sell or rent your personal data to third parties for marketing purposes unless you have granted us permission to do so.
We may respond to subpoenas, court orders or legal process by disclosing your personal data and other related information, if necessary. We also may choose to establish or exercise our legal rights or defend against legal claims.
Circumstances may arise where, whether for strategic or other business reasons, SAP decides to sell, buy, merge or otherwise reorganise businesses in some countries. Such a transaction may involve, in accordance with applicable law, the disclosure of personal information to prospective or actual purchasers, or the receipt of it from sellers. It is SAP’s practice to seek appropriate protection for information in these types of transactions.
Back to Top
Security of Your Personal Data
SAP is committed to protecting the personal data you share with us. SAP uses a combination of industry-standard security technologies, procedures and organisational measures to help protect your personal data from unauthorised access, use or disclosure.
SAP supports online security using secure server technology because we want your data to be safe. There are state-of-the-art security arrangements and facilities on SAP sites to prevent abuse.
We bind our employees to observe your privacy and confidentiality rights.
Back to Top
Links to Other Sites
This site may contain links to other sites. SAP is not responsible for the privacy practices or the content of other websites outside the SAP Group of companies.
Back to Top
We communicate with users who subscribe to our services on a regular basis via e-mail, and we may also communicate by phone to resolve customer complaints or investigate suspicious transactions. We may use your e-mail address to confirm your opening of an account, to send you notice of payments, to send you information about changes to our products and services, and to send notices and other disclosures as required by law. Generally, users cannot opt out of these communications, but they will be primarily informational in nature rather than promotional.
SAP provides you the opportunity to exercise an opt-out choice if you do not want to receive other types of communication from us, such as e-mails or updates from us regarding new services and products offered on this website or if you do not want us to share your personal information with third parties. The opt-out choice may be exercised by unsubscribing at
Back to Top
SAP will not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations.
Back to Top
SAP does not knowingly collect Personal Data from children under the age of 13. If we learn that we have collected Personal Data on a child under the age of 13, we will delete that data from our systems.
Back to Top
Inquiries, Access and Updating Your Personal Data
SAP needs your help in keeping the personal data you have shared with us accurate and up to date. If you are a registered user, you may make these updates yourself online via www.sap.com/profile. You may also make these updates or other changes by sending an e-mail to webmaster@SAP.com.
If you have any other questions about this privacy statement or if you wish to inspect the information we hold about you, please contact:
Back to Top
Revised and posted as of 21 January 2010