Privacy Statement – SAP Work Zone mobile app
Privacy Policy – SAP Work Zone mobile app
This Privacy Statement applies to the SAP Work Zone mobile app ("App") published by SAP SE, Dietmar-Hopp-Allee 16 Walldorf 69190, Germany ("SAP ", "we", "us", "our") for the People\'s Republic of China (China) market.
This privacy policy applies to SAP (Dietmar-Hopp-Allee 16, 69190 Walldorf, Germany, hereinafter referred to as "SAP "Or "we") SAP Work Zone mobile app (hereinafter referred to as "APP") released for the People\'s Republic of China (China) market.
Last updated: [06, 2020]
Updated: June 2020
This Privacy Statement will help you understand the following:
This Privacy Policy will help you understand the following:
I. How WE the collect and use your Personal Information?
How do we collect and use your personal information
II. how do we use Cookie?
how do we use Cookie
III. How do we share, transfer the control of or disclose publicly your personal information?
How do we share, transfer, public disclosure of your personal information
IV. How do we protect your personal information?
How do we protect your personal information
V. Your rights.
your rights
VI. processing personal information of children.
processing personal information from children
VII. how is your personal information transferred cross-border?
your personal information how to transfer worldwide
VIII. how is this Privacy Statement updated ?
this Privacy how to policy update
IX. how you may contact us?
how to contact us
I. how we collect and use your personal information?
how do we collect and use your personal information
This Privacy Statement outlines how we handle the information that can be used to directly orindirectly identify an individual ("Personal Information").
This privacy policy outlines how we process information that can be used to directly or indirectly identify individuals ("Personal Information").
Your employer, client company, business, institution or other providing entity (“your Company”) may have subscribed to the SAP Work Zone on-demand services (“Cloud Service”) provisioned either by (for Cloud Service hosted in China) China Datacom Corporation Limited or (for Cloud Service hosted outside China) a member of the SAP group of companies (“Cloud Service Provider”). Consult your Company for the location of the Cloud Service data center. This Privacy Statement does not change any terms of the business agreement for Cloud Service between your Company and the Cloud Service Provider.
Your employer, client company, business department, organization, or other providing entity ("your company") may have leased from China Datacom Information Co., Ltd. (for cloud services hosted in China) or a member company of the SAP group (for SAP Work Zone on-demand services ("cloud services") provided by cloud services hosted outside of China ("cloud service providers").Please consult your company for the location of the cloud service data center.This privacy policy will not modify any terms in the commercial agreement between your company and the cloud service provider regarding cloud services.
Your Company is the data controller of the Personal Information hosted on the Cloud Service within the meaning of the applicable data protection laws. The processing of such Personal Information by the Cloud Service Provider is under the direction of your Company.
Company as a data controller , Which controls the personal information hosted in cloud services in accordance with applicable data protection laws.The cloud service provider processes such personal information in accordance with your company\'s instructions.
The App may collect and process your Personal Information for the following purposes: The App may collect and process your Personal Information for the following purposes
:
a. Provide on the App functions and features similar to the Cloud Service. The App connects to the Cloud Service. SAP provides this App so that you can access the Cloud Service from your mobile device as long as you remain a user authorized by your Company to access the Cloud Service. The categories of the Personal Information about you collected or derived within the Cloud Service depends, in part, on the Cloud Service to which your Company has subscribed and the manner in which your Company has configured the Cloud Service. Should you have any questions about how your Personal Information is processed by the Cloud Service, please contact your Company.
Provide functions and features similar to cloud services in the APP.APP and cloud services are interconnected.As long as you are a user authorized by your company to access cloud services, you can access cloud services on mobile devices through this APP provided by SAP.The type of personal information collected or obtained in cloud services depends in part on which cloud services your company rents and how cloud services are configured.If you have any questions about how cloud services handle your personal information, please contact your company.
b. Authentication. When you log in on the App, the App collects your unique device identifier, username ID and related password information for user authentication purposes before permitting you to access the App services. If you do not provide such information, the App cannot authenticate you and without authentication you cannot access the App services
.When you log in to the APP, the APP will collect your device\'s unique identifier, user name and related password information for user authentication, and then allow you to access the APP service.If you do not provide such information, the APP will not be able to authenticate you.Without verification, you will not be able to access APP services.
c. Calendar. To use App features related to your calendar information (for instance, to merge your activities for the day on the App with your calendar information), you have to grant the App access to your calendar on the mobile device. You can choose not to grant the App access to your calendar, in which case you will not be able to use App features related to calendar information, but this does not affect your normal use of the other App features. In addition, you can withdraw your consent at any time by turning off the App\'s access to your calendar in the settings of your mobile device.
Calendar.To use APP functions related to calendar information (for example, to merge the calendar event information recorded by the APP with your calendar information), you need to allow the APP to access the calendar on the mobile device.You can choose not to allow APP to access your calendar.In this case, you will not be able to use APP functions related to calendar information, but this will not affect your normal use of other APP functions.In addition, you can withdraw consent at any time by turning off APP access to the calendar in the settings of your mobile device.
d. Geo-location. To use App features related to your geo-location on the App (for instance, to verify your visit to a physical store), you have to grant the App access to the geo-location of your mobile device. Geo-location information may be regarded as sensitive personal information. You can choose not to grant the App access to your geo-location information, in which case you will not be able to use App features related to geo-location, but this does not affect your normal use of the other App features. In addition, you can withdraw your consent at any time by turning off the App\'s access to your geo-location in the settings of your mobile device.
Geographic location.To use the app\'s features related to geographic location in the app (for example, to verify visits to a physical store), you need to allow the app to access the geographic location of your mobile device.Geographical location information is considered personal sensitive information.You can choose not to allow APP to access your geographic location information.In this case, you will not be able to use app functions related to geographic location, but this will not affect your normal use of other APP functions.In addition, you can withdraw consent at any time by turning off the app\'s access to the geographic location in the settings of your mobile device.
e. Data analyses. We may create analyses utilizing, in part, information derived from your Personal Information and your use of the App as explained herein. Analyses will anonymize such information. Analyses may be used for the following purposes: (i) product improvement (in particular, product features and functionality, workflows and user interfaces) and development of new products and services, (ii) improving resource allocation and support, (iii) internal demand planning, (iv) training and developing machine learning algorithms, (v ) improving product performance, (vi) verification of security and data integrity, (vii) identification of industry trends, development indices and anonymous benchmarking.
data analysis.To a certain extent, we can use your personal information and the information generated by your use of the APP to create analysis reports.The analysis report will be conducted anonymously.The analysis report can be used for the following purposes: (i) product improvement (especially product features, workflow and user interface) and development of new products and services, (ii) optimization of resource allocation and support, (iii) development of internal demand plans , (Iv) training and developing machine learning algorithms, (v) improving product performance, (vi) verifying security and data integrity, (vii) identifying industry trends and development results, indicators and anonymous benchmarking.
Please note that the Personal Information the App collects will be uploaded to the Cloud Service instance controlled by your Company. Your provision of the above Personal Information means you authorize us and your Company to collect, store, use or otherwise process them on the Cloud Service .
Please note that personal information collected will be uploaded to the APP cloud service instances controlled by your company.By providing the above personal information, you are authorizing your company and us to collect, store, use or otherwise process this personal information in the cloud service.
Duration of retention of your Personal Information will be in accordance with the policy set by your Company who is the controller of the Cloud Service instance. Should you have any questions about the retention period of your Personal Information and how your Personal Information is handled beyond the The retention period, please contact your Company. The retention period of
personal information will be based on the policy established by your company as the cloud service instance controller.If you have any questions about the retention period of personal information or the handling of personal information beyond the retention period, please contact your company.
II. How Do We Use Cookies? How do
we use cookies
To facilitate your access to the App, we will store a small data file call Cookie on your mobile device. The Cookie usually contains an identifier and some numbers and characters. By using the Cookie, the App can temporarily store your Personal Information such as your log in information. We will not use the Cookie for purposes other than those stated in this Privacy Statement. You may, based on your preferences, manage or delete the Cookie. Please refer to AboutCookies.org for more information. You may remove any or all the cookies stored on your mobile device at any time. In
order to facilitate your access to the APP, we will store a small data file named Cookieon your mobile device.Cookies usually contain identifiers and some numbers and characters.With the help of cookies, APP can temporarily store your personal information (such as login information).We will not use cookies for any purpose other than those described in this privacy policy.You can manage or delete cookies according to your preferences.For details, see AboutCookies.org.You can clear any or all cookies saved on your mobile device at any time.
III. How Do We Share, Transfer the Control of or Disclose Publicly Your Personal Information?
How do we share, transfer, public disclosure of your personal information
(1) Sharing
Sharing
We will not share your Personal Information with any company, organization or individual beyondSAP and its affiliates, except for the following cases:
We will not share your personal information with any company, organization or individual other thanSAP and its affiliates, except for the following cases:
1. Your Company. The App connects to the Cloud Service. The App uploads data to and downloads data from the Cloud Service.
Your company.The APP is interconnected with cloud services, and supports uploading and downloading data to and from cloud services.
2. Suppliers, service providers and other partners. We may send your Personal Information to suppliers, service providers and other partners supporting our business, and the support includes providing technical and infrastructure services, analyzing the use pattern of our services, measuring the effectiveness of services, and providing customer services.
Suppliers, service providers and other partners.We may send your personal information to suppliers, service providers, and other partners that support our business. These supports include providing technical and infrastructure services, analyzing how our services are used, measuring the effectiveness of services, and providing customers Serve.
3. External organizations as required by applicable law. Applicable law and regulation or mandatory requirements of a competent authority may require that we share your Personal Information with certain external organizations
.According to applicable laws and regulations or mandatory requirements of competent authorities, we may need to share your personal information with certain external organizations.
To the maximum extent permitted by applicable laws and regulations, we will enter into a strict non-disclosure agreement or data processing agreement with companies, organizations and individuals with which we share Personal Information, requiring them to process Personal Information in accordance with our instructions, this Privacy Statement and any other relevant non-disclosure and security measures.
To the maximum extent permitted by applicable laws and regulations, we will sign strict confidentiality agreements or data processing agreements with these companies, organizations and individuals, and require them to follow our instructions, This privacy policy and any other relevant confidentiality and security measures are used to handle personal information.
(2) Transfer of Control
Transfer
To the extent there is any user Personal Information under our control, we will not transfer the control of such Personal Information to any company, organization or individual outside of the SAP group of companies, except where:
If we control any of your personal information, we will not transfer such personal information to any company, organization or individual outside the SAP group of companies, except in the following circumstances:
1. User\'s explicit consent is obtained. We will not transfer the control of your Personal Information to a third party unless we have first obtained your explicit consent
.Unless we obtain your express consent in advance, we will not transfer your personal information to third parties.
2. Merger, acquisition or bankruptcy. In the event of a merger or acquisition case or bankruptcy or liquidation scenario, involving the transfer of Personal Information, we will require the new company or organization holding your Personal Information to observe this Privacy Statement, otherwise we will require such company or organization to seek your consent again.
Mergers, acquisitions or bankruptcies.In the event of a merger or bankruptcy liquidation involving the transfer of personal information, we will require the new company or organization that holds your personal information to continue to be bound by this privacy policy, otherwise we will require the company or organization to re-seek your authorization and consent .
(3) Public Disclosure
public disclosure
We will not disclose your Personal Information publicly except:
We will not disclose your personal informationpublicly except in thefollowing circumstances:
1. Having obtained your explicit consent
.
2. Law-based disclosure: if required by applicable law, legal process, legal orders or in accordance with mandatory requirements of a competent authority, we may disclose your Personal Information accordingly.
Disclosures based on law: the law, legal proceedings or litigation We may publicly disclose your personal information when required by government authorities.
IV. How We Protect Your Personal Information ?
How do we protect your personal information
(1) We have employed security measures complying with industry standards to protect the Personal Information we collect via the App, to prevent such Personal Information from unauthorized access, public disclosure, use, modifications, damage or loss. We will adopt reasonable measures to protect your Personal Information. For example, we use a trusted protection mechanism to protect such Personal Information from attacks and we deploy an access control mechanism to ensure only authorized persons can access such Personal Information.
We have used industry-standard security protection measures to protect The personal information we collect through the APP prevents unauthorized access, public disclosure, use, modification, damage or loss of such personal information.We will take all reasonable measures to protect your personal information.For example, we will use trusted protection mechanisms to prevent malicious attacks on such personal information; we will deploy access control mechanisms to ensure that only authorized personnel can access such personal information.
(2) We may adopt reasonable measures to ensure irrelevant Personal Information is not collected. We only keep your Personal Information within the period required for fulfilling the purposes stated in this Privacy Statement, unless an extension is required or permitted by applicable law.
We will Take all reasonable measures to ensure that irrelevant personal information is not collected.We will only retain your personal information for the period required to achieve the purpose stated in the privacy policy, unless required by applicable laws or permitted to extend the retention period.
(3) We have put in place measures to protect your Personal Information from loss, misuse and unauthorized access. We will keep your Personal Information secure using reasonable security measures as appropriate, for example, encryption (eg, SSL) and anonymization. [We use the protection mechanisms offered by the mobile operating system inside the application\'s sandbox environment. Your Personal Information is also protected by application-level encryption based on 256-bit Advanced Encryption Standard (AES) or better method.] Further, we may make available to your Company certain optional security measures for managing the App which your Company can deploy at its end, for example, single-sign-on, multi-factor authentication and other mobile device management security features.We will continue to improve the technical measures to protect your Personal Information collected by the App. SAP has achieved and maintains C5, ISO22301, ISO27001, ISO27017, ISO27018, SOC1/2 and similar other international technical standards.
We have taken appropriate measures to prevent the loss, misuse or unauthorized access of your personal information.We will appropriately adopt encryption technology (such as SSL), anonymity technology and other reasonable security protection measures to ensure the security of your personal information.[We not only apply the protection mechanism provided by the mobile operating system in the operating environment of the application, but also your personal information will be protected by application-level encryption based on the 256-bit Advanced Encryption Standard (AES) or better.] In addition, we may provide your company with some security measures that you can choose to deploy to help manage APP, such as single sign-on, multi-factor authentication, and other mobile device management security features.We will continue to optimize technical measures to protect personal information collected by APP.SAP has reached and continues to comply with the requirements of C5, ISO22301, ISO27001, ISO27017, ISO27018, SOC1/2 and other similar international technical standards.
In the event of a Personal Information security breach, we will notify your Company as required by the applicable laws and regulations. We will cooperate with your Company to notify the affected users and handle the event.
If personal information security loopholes, we will Inform your company of the requirements of applicable laws and regulations.We will assist your company to inform the affected users and deal with the security incident.
V. Your Rights.
Your Rights
In accordance with applicable laws and regulations, you are guaranteed certain rights to your Personal Information.
In accordance with applicable laws and regulations, we guarantee that you exercise specific rights with respect to your personal information.
Most of the Personal Information collected by the App is controlled by your Company. With respect to the Personal Information under our control, you may contact us at https://support.sap.com/en/contact-us.html should you have any questions or concerns regarding such Personal Information. To the extent we have retained such information with an identifier that can be connected to you, you have the following rights.
Most of the personal information collected by the APP is controlled by your company.For personal information controlled by us, if you have any questions or concerns, please contact us at https://support.sap.com/en/contact-us.html.If the information we hold is included identifier associated with you, you can exercise the following rights:
(1) Accessing Your Personal Information
to access your personal information
You have the right to access your Personal Information under our control, except for the exceptions specified in applicable laws and regulations. If you wish to exercise the right to access your Personal Information, you may contact us at https://support.sap. com/en/contact-us.html.
You have the right to access your personal information controlled by us, except for exceptions provided by applicable laws and regulations.If you want to exercise your personal information access right, please contact us at https://support.sap.com/en/contact-us.html.
If it does not incur a significant cost or cause other significant difficulties for us, upon your written request, we can also provide you with a copy of your Personal Information under our control (if any) that is generated during your use of the App. If you wish to access such Personal Information, please contact us at https://support.sap.com/en/contact-us.html.
Without incurring higher costs or causing other major difficulties, at your written request, we can provide a copy of your personal information (if any) generated during your use of the APP and controlled by us.If you want to access such personal information, please contact us at https://support.sap.com/en/contact-us.html.
(2) Correcting Your Personal Information
correct your personal information
As the types of Personal Information that we (as a data controller) collect is very limited, it is unlikely for you to wish to correct your Personal Information under our control. However, ifyou discover errors in your Personal Information under our control, you have the right to require us to make the correction. You may request a correction by contacting us at https://support.sap.com/en/contact-us.html.
As the categories of personal information collected by us as a data controller are very limited, it is unlikely that you will need to correct your personal information controlled by us.However, if you find that your personal information we control is wrong, you have the right to request us to make corrections.You can request corrections by contacting us at https://support.sap.com/en/contact-us.html.
(3) Deleting Your Personal Information
Delete your personal information
In the following cases, you may send a request to https://support.sap.com/en/contact-us.html to delete your Personal Information under our control:
In the following cases, you can https ://support.sap.com/en/contact-us.html Request us to delete your personal information controlled by us:
1. If our behavior in processing your Personal Information violates applicable laws or regulations;
if we process Your personal information behavior violates applicable laws and regulations;
2. If we collect and use your Personal Information, without obtaining your consent;
If we collect and use your personal information, without obtaining your consent;
3. If our behavior in processing your personal information violates our agreement with you;
if we handle your personal information in violation of the agreement with you;
4. the If you desist from at the App at the use of, or the Cancel you at the the Account;
If you no longer use APP , Or you have cancelled your account;
5. If we desist from providing the App to you
.
If we agree to your deletion request, we will also inform the entities which has obtained such Personal Information from us to delete such Personal Information without delay, unless otherwise specified in laws and regulations, or these entities have obtained your separate authorization.
If we agree In response to your request to delete information, we will also notify the entities that have obtained such personal information from us and require them to delete them immediately, unless laws and regulations provide otherwise, or these entities have obtained your authorization separately.
When you delete your Personal Information on the App, the deletion will be promptly synchronized and reflected in the production instance of the Cloud Service. However, complete deletion from the backup systems may take longer, as back-up processes run according to a periodic schedule .
When you delete your personal information on the APP, the deletion will be synchronized in time and reflected in the production instance of the cloud service.However, it may take a long time to delete all from the backup system because the backup program runs regularly as scheduled.
(4) Canceling Your Account
cancellation of your account
You can log out of the App at any time. Upon logging out of the App, the App will not store any of your Personal Information on your mobile device. Your Company controls the Cloud Service.Should you have any questions about how to cancel your account on the Cloud Service, please contact your Company.
You can log out of the APP at any time.After logging out, the APP will not store any of your personal information in your mobile device.Since cloud services are controlled by your company, if you have any questions about how to cancel your cloud service account, please contact your company.
(5) Responding to Your Above Requests
to respond to your request above
Please submit your request in writing. To ensure security, we may need to verify your identity before processing your request. We will reply to your request within 15 working days after verification of your identity. If you have any concerns, you may contact us at https://support.sap.com/en/contact-us.html.
Please submit your request in writing.To ensure security, we may ask you to verify your identity before processing your request.We will respond within 15 working days after you complete your identity verification.If you have any concerns, please contact us at https://support.sap.com/en/contact-us.html.
Generally, we will not charge fees to process any reasonable request. But if you submit the same request frequently or your request exceeds a reasonable extent, we may charge a fee based on our processing costs as we may reasonably determine. Where the requests are repeated without good reasons, or require too many technical measures (eg a new system is needed or current practice will be changed fundamentally), or put others\' legitimate rights and interests at risk or are very impractical (eg require a backup of the Personal Information stored in the tape), we reserve the right reject such requests.
For reasonable requests, we generally do not charge fees.However, for multiple repeated requests that exceed reasonable limits, we will reasonably charge a certain fee based on the processing cost.For those who are unreasonably repeated, require too many technical means (for example, need to develop new systems or fundamentally change current practices), bring risks to the legitimate rights and interests of others, or are very impractical (for example, require the use of tape backup to store personal information) We have the right to refuse the request.
In the following cases, in accordance with applicable laws and regulations, we are unable to accommodate your request
:
1. Directly related to national security and national defense security;
directly related to national security, national defense security;
2. Directly related to public security, public health, and major public interests
;
3. Directly related to criminal investigation, prosecution, trial, and enforcement of judgments ;
and crime investigation, directly related to the prosecution, trial and sentencing execution;
4. there iS sufficient evidence Indicating, that you have have subjective malicious Intentions or abuse your Rights;
there is sufficient evidence that you have malice Or abuse of power;
5. Responding to your request will cause serious damage to the legitimate rights and interests of the data subject or other individuals or organizations;
respond to your request will lead to the legitimate interests of the data subject or other individuals, organizations suffer severe damage;
6. Involving trade secrets.
Involvingtrade secrets.
VI. Processing Personal Information of Children. Processing of
children\'s personal information.
The App and any related websites, products and services are intended for adults. We consider anyone less than 14 years old a child. You represent and warrant that you are an adult and not a child and you will not transmit Personal Information of any child through the App without the explicit consent of the child\'s parents or guardians. If we discover that we have collected Personal Information of children without verifiable consent of their parents or guardians, we will find ways to delete such data as soon as possible.
APP and any related \'S website, products and services are mainly for adults.We consider all persons under the age of 14 to be children.You declare and warrant that you are not a child, you are an adult, and you will not transmit any child\'s personal information through the APP without the explicit consent of the child\'s parent or guardian.If we find that we have collected a child’s personal information without the consent of a verifiable parent or guardian of the child, we will try to delete the relevant data as soon as possible.
VII. How is Your Personal Information Transferred Cross-Border?
How to transfer your personal information on a global scale
The App connects to the Cloud Service, which may or may not be hosted in China. (See section I above.) As we may provide products or services via servers and resources located worldwide, you agree that your Personal Information may be transferred to jurisdictions beyond the country/region where you use the App. Such jurisdictions may have different data protection laws or have no such laws. However, for your Personal Information under our control, we will ensure such Personal Information will have no less protection than under the laws protecting Personal Information in China. By agreeing to this Privacy Statement, you consent that your Personal Information may be stored and processed outside of China as described above.
The APP is interconnected with cloud services that may be hosted within or outside of China.(Please refer to Section I above.) Given that we may provide products or services through servers and resources all over the world, you agree that your personal information may be transferred to jurisdictions other than the country/region where you use the APP.Such jurisdictions may have different data protection laws or even no relevant laws.However, for your personal information controlled by us, we will ensure that such personal information is not less protected than that provided by the Personal Information Protection Law in China.By agreeing to this privacy policy, you agree to the storage and processing of your personal information outside of China.
VIII. How Is This Privacy Statement Updated ?
How this Privacy Policy Updates
Our Privacy Statement may be updated from time to time. Without your explicit consent, we will not diminish the rights you are entitled to under this Privacy Statement. The App will alert youthrough a pop-up notice or other prominent method of any update and obtain your explicit consent to the new version of the Privacy Statement.
We may update this privacy policy from time to time.Without your express consent, we will not reduce your rights in accordance with this privacy policy.The APP will remind you of relevant content updates through pop-up notifications or other effective methods, and ask for your express consent to the new version of the privacy policy.
IX. How You May Contact Us?
How to contact us
If you have any question, comment or suggestion relating to this Privacy Statement, you can contact us at https://support.sap.com/en/contact-us.html. Generally, we will strive to reply within 15 working days.
If you have any questions, comments or suggestions about this privacy policy, please contact us at the following address: https://support.sap.com/en/contact-us.html. Under normal circumstances, we will reply within 15 working days.