隐私政策

Privacy Statement – 【C4C】
隐私政策 — 【C4C】
Last updated: [March 2024 ]
更新日期：[ 2024年3月]

Note: The 【C4C】is not a stand-alone application, but an interface to provide you an access to log into the backend Cloud Service through your mobile device as long as you remain a user authorized by your Company to access the backend Cloud Service. Thus, SAP as data controller will normally only collect your Personal Information (e.g., username ID and related password information) for user authentication purposes in the Mobile App to enable your access to the backend Cloud Service through your mobile device. This Privacy Statement will neither cover the personal information collected or processed by the backend Cloud Service nor cover the personal information processed by SAP as data processor on behalf of data controller.
注意：【C4C】不是一独立的移动应用软件而是一仅提供界面功能的软件以便您通过您的移动设备有入口登录其后端的云服务（只要您始终是您公司授权可登录后端云服务的客户）。所以，SAP通常仅收集您的个人信息(比如用户名ID或密码等) 用于在本软件的用户认证以便您从本应用连通后端云服务。本隐私政策既不涵盖您后端云服务所收集或处理的个人信息也不涵盖SAP作为数据处理方为数据控制方所处理的个人信息。

This Privacy Statement applies to the [ SAP Cloud for Customer Mobile App ] (“[C4C]”) published and operated by SAP (China) Co., Ltd. (an SAP subsidiary company formed under the laws of the People’s Republic of China, with offices at Unit 01, 47F, Wheelock Plaza, No. 1717 West Nanjing Road, Jing’An District, Shanghai, China) (“SAP”) for the People’s Republic of China (“China”) market.
本隐私政策适用于【SAP Cloud for Customer Mobile App 】（以下简称“【C4C】”），由【思爱普(中国)有限公司】（一家按照中华人民共和国法律成立的SAP子公司，注册地址为上海市南京西路1717号会德丰广场47楼，200040，以下简称“SAP”）面向中华人民共和国（简称“中国”）市场发布和运营。
This Privacy Statement describes how SAP processes the personal information you provide to SAP and the information that SAP collects or generates in the course of operating the [C4C]. “Personal Information” refers to any information relating to an identified or identifiable natural personal, recorded electronically or in other manners, excluding anonymized information.
本隐私政策将向您说明SAP在运营【C4C】的过程中，如何处理您提供给SAP以及SAP收集和产生的您的个人信息。“个人信息”指的是以电子或者其他方式记录的、与已识别或者可识别的自然人有关的各种信息，但不包括匿名化处理后的信息。
Your employer, client company, business, institution or other providing entity (“your Company”) may have subscribed to [SAP Cloud for Customer] (“[Cloud Service]”) provided by [China Datacom Corporation Limited] (“Service Provider”). The [C4C] is used to provide you with a channel to log in and use the [Cloud Service] and allow you to access and use the [Cloud Service] through your mobile device as long as you remain a user authorized by your Company to access the [Cloud Service]. The [C4C] will not collect and process your Personal Information generated during your use of the [Cloud Service]. Regarding how your Personal Information will be collected and processed during your use of the [Cloud Service], please carefully read the End User License Agreement (“EULA”) (http://www.cndatacom.com/sapDetail.html?index=4&type=1&noticeId=E8CAD642E2DB4BEDB18DE67E0BF1CC12&id=1327)and privacy statement of the [Cloud Service] (https://www.sapcloud.cn/corporate/legal/privacy.html). The use of the [Cloud Service] will not be subject to the Privacy Statement.
您的雇主、客户公司、业务部门、机构或其他提供实体（简称“贵公司”）可能订阅了【请填入APP链接的服务/产品名称】（简称“【云服务】”），该服务由【中数通信息有限公司】（简称“服务提供商”）提供。本【C4C】是用于向您提供登录和使用【云服务】的通道，只要您是被贵公司授权访问【云服务】的用户，您就可以通过您的移动设备访问【云服务】。【C4C】不会收集和处理您在使用【云服务】过程中产生的个人信息。关于您在使用【云服务】的过程中，您的个人信息如何被收集和处理，请仔细阅读【云服务】自己的用户条款及隐私政策，或联系贵公司获取更多信息。使用【云服务】不受本隐私政策的约束。
This Privacy Statement will help you understand the following:
本隐私政策将帮助您了解以下内容：
I. How does SAP collect and use your Personal Information?
SAP如何收集和使用您的个人信息
II. How does SAP use Cookie or other third-party similar tracking technologies?
SAP如何使用 Cookie或其他第三方追踪技术
III. Processing based on the legal bases other than “consent”
基于除“同意”以外其他合法依据的处理
IV. Why and how does SAP process your Sensitive Personal Information?
SAP为何以及如何处理您的敏感个人信息
V. How does SAP share, transfer or disclose publicly your Personal Information?
SAP如何共享、转让、公开披露您的个人信息
VI. How does SAP protect your Personal Information?
SAP如何保护您的个人信息
VII. How can you exercise your Personal Information protection rights?
您如何执行您的个人信息保护权利
VIII. Processing Personal Information of children.
儿童个人信息的处理
IX. Where is your Personal Information stored and how is it transferred cross-border?
您的个人信息储存在哪里以及如何在全球范围内转移
X. How long does SAP store your Personal Information?
SAP会保留您的个人信息多长时间
XI. How is this Privacy Statement updated?
本隐私政策如何更新
XII. How may you contact SAP?
如何联系SAP

I. HOW DOES SAP COLLECT AND PROCESS YOUR PERSONAL INFORMATION?
SAP如何收集和处理您的个人信息
The [C4C] may collect and process your Personal Information for the following purposes:
【C4C】会出于以下目的，收集和处理您的个人信息：
1. Authentication. When you log in on C4C, C4C collects your unique device identifier, username ID and related password information for user authentication purposes before permitting you to access C4C services. If you do not provide such information, C4C cannot authenticate you and without authentication you cannot access C4C services.
身份验证。当您登录C4C时，C4C会收集您的设备唯一标识符、用户名和相关密码信息，用于用户身份验证，然后再允许您访问C4C服务。如果您不提供此类信息，C4C就无法对您进行身份验证。不经过验证，您将无法访问C4C服务。
2. Calendar. To use C4C features related to your calendar information (for instance, to merge your activities for the day on C4C with your calendar information), you have to grant C4C access to your calendar on the mobile device. You can choose not to grant C4C access to your calendar, in which case you will not be able to use C4C features related to calendar information, but this does not affect your normal use of the other C4C features. In addition, you can withdraw your consent at any time by turning off C4C’s access to your calendar in the settings of your mobile device.
日历。要使用与日历信息有关的C4C功能（例如，将C4C记录的日历活动信息与您的日历信息合并），您需要允许C4C访问移动设备上的日历。您可以选择不允许C4C访问您的日历。在这种情况下，您将无法使用与日历信息相关的C4C功能，但这不会影响您正常使用其他C4C功能。此外，您随时可以通过在移动设备的设置中关闭C4C对日历的访问来撤回同意。
3. Geo-location. To use C4C features related to your geo-location on C4C (for instance, to verify your visit to a physical store), you have to grant C4C access to the geo-location of your mobile device. Geo-location information may be regarded as sensitive personal information. You can choose not to grant C4C access to your geo-location information, in which case you will not be able to use C4C features related to geo-location, but this does not affect your normal use of the other C4C features. In addition, you can withdraw your consent at any time by turning off C4C’s access to your geo-location in the settings of your mobile device.
地理位置。要在C4C中使用与地理位置相关的C4C功能（例如，验证到访实体店），您需要允许C4C访问移动设备的地理位置。地理位置信息被认为是个人敏感信息。您可以选择不允许C4C访问您的地理位置信息。在这种情况下，您将无法使用与地理位置相关的C4C功能，但这不会影响您正常使用其他C4C功能。此外，您随时可以通过在移动设备的设置中关闭C4C对地理位置的访问来撤回同意。
4. Camera. To upload the attachments to the C4C backend cloud services, the camera may be used to take photograph for these attachments. If C4C has no access to the camera, you cannot upload your scanned images.
相机。为了能上传附件到C4C后端云服务，相机将用于为附件拍照片。如果C4C不能通向手机里的相机功能，您将不能上传您扫描的图片。
5. Photos and Media (Access to READ_EXTERNAL_STORAGE & WRITE_EXTERNAL_STORAGE). When you upload images captured from your device or attachments stored in your device to C4C backend cloud services, you have to grant access to READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE permissions. This access is also required when you try to download images or attachments from the C4C backend cloud services to your device. Additionally while using the C4C when something goes wrong then they are logged in the device storage and hence this access is required to write the logs to the device. You can withdraw this access at any time by turning off C4C’s access to your media and storage in the settings of your mobile device.
5. 照片和媒体 (进入READ_EXTERNAL_STORAGE & WRITE_EXTERNAL_STORAGE)。当您上传您手机所拍的照片或您手机所储存的附件到C4C后端云服务时，您必须授予本软件权限可进入READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE permissions。当您尝试从C4C后端云服务下载照片或附件到您的手机时，您也需要授予本软件权限可进入您储存在本手机里的照片与媒体。此外，在使用C4C出现问题时，它们将被记录在手机设备存储中，因此本软件需要此访问权限才能将日志写入手机设备。您可以随时通过在手机设备的设置中关闭C4C对媒体和存储的访问权限来撤销此访问权限。
6. Logs and Android ID. While using the C4C, if anything goes wrong, then the C4C logs the issue to identify the root cause. If you would like SAP’s support regarding the issue, you have the possibility to upload these logs to the C4C backend cloud services and SAP may use these logs to analyze the root cause to provide you with solutions. While uploading these logs to the C4C backend cloud services, to uniquely identify the device to which the logs belong to, C4C collects your Android and associates your logs to it. C4C does not use this Android ID for any purpose other than to uniquely identify the device to which the logs belong to.
6. 日志和安卓ID。使用 C4C 软件时，如果出现任何问题，C4C会记录问题以确定根本原因。如果您希望SAP支持该问题的解决，您可以将这些日志上传到C4C后端云服务，SAP可能会使用这些日志来分析根本原因，从而为您提供解决方案。当将这些日志上传到 C4C 后端云服务时，为了唯一标识日志所属的设备，C4C 会收集您的手机设备安卓 ID 并将您的日志关联到该手机设备。C4C 不会将此手机设备安卓 ID 用于唯一标识日志所属设备以外的任何目的。
7. Notification (Access to ACTION_BOOT_COMPLETED broadcast & No Self-Starting Behavior). The C4C app triggers push notifications to the user’s mobile device for approval tasks or when workflow conditions are met. But if the mobile device is switched off when these notifications are being sent, upon restarting, the app listens to the ACTION_BOOT_COMPLETED broadcast to ensure that these notifications are not lost and notify the user.
通知 (进入ACTION_BOOT_COMPLETED广播 & 无自启动行为)。C4C 软件会触发向用户移动设备发送推送通知，以执行审批任务或满足工作流条件。但是，如果在发送这些通知时移动设备已关闭，则在手机重新启动时，软件将倾听ACTION_BOOT_COMPLETED广播，以确保这些通知不会丢失并及时通知用户。
8. No collection of IMEI, MAC address, Software Installation List, Address book, and SMS. Except for the above Personal Information collected by C4C, C4c does not collect any other personal information, such as IMEI, MAC Address, Software Installation List, Address book and SMS.
不收集IMEI, MAC 地址，软件下载表格，用户地址和SMS。除了C4C所收集的以上个人信息之外，C4C不收集任何其他个人信息，比如IMEI, MAC 地址，软件下载表格，用户地址和SMS。
For more detailed description of the types of Personal Information to be collected by SAP, the manner of collection, frequency or timing of collection as well as the impact of refusing to process this type of Personal Information on you, please refer to Appendix I – I. List of Personal Information Collection.
有关更详细的SAP收集的您的个人信息的类型、收集方式、收集频率及时间点，以及拒绝处理该等个人信息对您的影响，请参考附件1 – 个人信息收集清单。
II. HOW DOES SAP USE COOKIE OR OTHER THIRD-PARTY TRACKING TECHNOLOGIES?
SAP如何使用 COOKIE 或其他第三方追踪技术？
1. Cookies
To facilitate your access to the App, we will store a small data file call Cookie on your mobile device. The Cookie usually contains an identifier and some numbers and characters. By using the Cookie, the App can temporarily store your Personal Information such as your log in information. We will not use the Cookie for purposes other than those stated in this Privacy Statement. You may, based on your preferences, manage or delete the Cookie. Please refer to AboutCookies.org for more information. You may remove any or all the cookies stored on your mobile device at any time.
为便于您访问APP，我们会在您的移动设备上存储名为 Cookie 的小数据文件。Cookie 通常包含标识符以及一些号码和字符。借助于 Cookie，APP能够临时存储您的个人信息（如登录信息）。我们不会将 Cookie 用于本隐私政策所述目的之外的任何用途。您可根据自己的偏好管理或删除 Cookie。有关详情，请参见 About Cookies.org。您随时可以清除在您的移动设备上保存的任何或所有 Cookie。
2. Third-party codes or SDKs
第三方代码或SDKs
To provide and optimize products and services, SAP may use third-party software development kits (“SDKs”) in the C4C App. The SDKs may collect your following Personal Information when helping SAP provide comprehensive services to you. SAP will take necessary measures to control the collection and use of your Personal Information by such SDKs to effectively protect your Personal Information.
• Photos & Camera
照片&相机
The SDK, “ZXing” shall access your camera to enable you to perform Barcode Scanning, after you give us your consent to access your camara.
此SDK, “ZXing”将在您给予我们同意之后通向您手机里的相机功能以便您能进行Barcode扫描。
Please refer to Appendix III. List of SDKs for the identities of third parties, the types of SDKs, the types of Personal Information to be collected by SDKs, the purposes and manners of processing as well as the links to the third parties’ privacy policies, etc.
为了提供及优化产品和服务，SAP可能在【C4C】中使用第三方软件开发工具包（“SDKs”）。SDKs在帮助SAP为您提供全面服务时收集您的个人信息。SAP将采取必要措施控制此类SDK收集和使用您的个人信息，以有效保护您的个人信息。有关第三方的身份、SDKs的类型、SDKs收集的个人信息的类型、处理的目的和方式以及第三方隐私政策的链接等，请参阅附件3 - SDK列表。
III. PROCESSING BASED ON THE LEGAL BASES OTHER THAN “CONSENT”
基于除“同意”以外其他合法依据的处理
SAP is allowed by applicable laws to process your Personal Information based on several legal bases. You acknowledge that SAP could process your Personal Information based on one of the following legal bases without the need to obtain consent from you:
根据适用的法律，SAP可以基于几种合法依据处理您的个人信息。您承认SAP可以基于以下合法依据处理您的个人信息而无需获得您的同意：
• the processing is necessary for entering into or performing a contract to which you are a party；
处理是为了签订或履行您作为一方的合同所必须；
• compliance with legal duties and obligations to which SAP is subject;
为履行SAP的法定职责或者法定义务所必需；
• in response to public health incidents or to protect the vital interests of natural persons;
为应对突发公共卫生事件，或者紧急情况下为保护自然人的生命健康和财产安全所必需；
• for news reporting and media supervision for purpose of protecting public interest and within a reasonable scope;
为公共利益实施新闻报道、舆论监督等行为，在合理的范围内处理个人信息；
• the processing within a reasonable scope of Personal Information publicized by you to otherwise lawfully made public；or
在合理的范围内处理您自行公开或者其他已经合法公开的个人信息；或者
• other situations provided by applicable laws and regulations.
法律、行政法规规定的其他情形。
IV. WHY AND HOW SAP PROCESSES YOUR SENSITIVE PERSONAL INFORMATION?
SAP为何以及如何处理您的敏感个人信息
Sensitive Personal Information means any Personal Information that once leaked or illegally used, is likely to cause harm to the personal dignity of the relevant natural person or potentially endangers the physical and property safety of the individual, including biometric data, religious belief, special identity, medical/health data, financial account information and location tracking data, etc., and Personal Information of minors under the age of 14.
敏感个人信息是指一旦泄露或者非法使用，容易导致自然人的人格尊严受到侵害或者人身、财产安全受到危害的个人信息，包括生物识别、宗教信仰、特定身份、医疗健康、金融账户、行踪轨迹等信息，以及不满十四周岁未成年人的个人信息。
Sensitive Personal Information is subject to additional protections or restrictions by applicable laws and regulations. SAP will only process your Sensitive Personal Information allowed by and comply with the relevant applicable laws and regulations.
敏感个人信息将受到适用法律法规的额外保护或限制。SAP只会在法律允许且遵守相关法律法规的情况下，处理您的敏感个人信息。
For the following specific purposes, we need to process your Sensitive Personal Information, otherwise, these purposes will not be achieved and may affect the rights and interests of yourself or other individuals:
为以下特定目的，我们需要处理您的敏感个人信息，否则这些目的将无法实现，并可能影响您本人或其他人的权益：
V. HOW DOES SAP PROVIDE YOUR PERSONAL INFORMATION TO THIRD PARTIES AND DISCLOSE PUBLICLY YOUR PERSONAL INFORMATION?
SAP如何向第三方提供您的个人信息以及公开披露您的个人信息
(1) Providing your Personal Information to Third Parties
向第三方提供您的个人信息
Your Personal Information will be passed on to the following categories of third parties to process you Personal Information:
您的个人信息将会被提供给以下第三方处理：
• Companies within the SAP Group;
SAP集团内的公司；
• Third party service providers, for example, [for the fulfillment and provisioning of services from SAP]。
第三方服务提供方，【例如，为了履行和提供SAP的服务】
SAP may engage service providers (“Entrusted Parties”) to process your Personal Information on behalf of SAP. For example, [IT and communication service providers, cloud service providers, law firms, accountants, auditors, consultants] These Entrusted Parties are obligated to keep your Personal Information confidential and may only use your Personal Information for the purposes described in this Privacy Statement. SAP will require the Entrusted Parties to strictly abide by our measures and requirements on Personal Information and privacy protection, including but not limited to processing Personal Information according to the relevant agreement between the Entrusted Party and SAP.
SAP可能会聘请服务提供商（“受托方”）代表SAP处理您的个人信息。例如，[IT和通信服务提供商、云服务提供商、律师事务所、会计师、审计师、顾问]。这些受托方有义务对您的个人信息保密，并且只能将您的个人信息用于本隐私政策中所述的目的。SAP将要求受托方严格遵守SAP关于个人信息和隐私保护的措施和要求，包括但不限于根据受托方与SAP之间的相关协议处理个人信息。
(2) Merger and Acquisition
合并和收购
In the event of a merger and acquisition, division, dissolution or declaration of bankruptcy scenario, involving the transfer of Personal Information, SAP will require the new company or organization holding your Personal Information to observe this Privacy Statement, otherwise SAP will require such company or organization to seek your consent again.
在发生涉及个人信息转让的合并、收购、分立、解散或破产清算等情形时，SAP会要求新的持有您个人信息的公司或组织继续受本隐私政策的约束，否则SAP将要求该公司或组织重新向您征求授权同意。
(3) Public Disclosure
公开披露
SAP will not disclose your Personal Information publicly except:
SAP不会公开披露您的个人信息，但以下情况除外：
1. Having obtained your explicit consent.
获得您的明示同意。
2. Law-based disclosure: if required by applicable law, legal process, legal orders or in accordance with mandatory requirements of a competent authority, SAP may disclose your Personal Information accordingly.
基于法律的披露：在法律、法律程序、诉讼或政府主管部门强制性要求的情况下，SAP可能会公开披露您的个人信息。
VI. HOW DOES SAP PROTECT YOUR PERSONAL INFORMATION?
SAP如何保护您的个人信息
1. SAP has employed security measures complying with industry standards to protect the Personal Information SAP collects via the [C4C], to prevent such Personal Information from unauthorized access, public disclosure, use, modifications, damage or loss. SAP will adopt reasonable measures to protect your Personal Information. For example, SAP has used a trusted protection mechanism to protect such Personal Information from attacks and we deploy an access control mechanism to ensure only authorized persons can access such Personal Information.
SAP已使用符合业界标准的安全防护措施来保护SAP通过【C4C】收集的个人信息，防止此类个人信息遭到未经授权访问、公开披露、使用、修改、损坏或丢失。SAP会采取一切合理的措施来保护您的个人信息。例如，SAP会使用受信赖的保护机制防止此类个人信息遭到恶意攻击；SAP会部署访问控制机制，确保只有授权人员才可访问此类个人信息。
2. SAP may adopt reasonable measures to ensure irrelevant Personal Information is not collected. SAP only keep your Personal Information within the minimum period required for fulfilling the purposes stated in this Privacy Statement, unless an extension is required or permitted by applicable law.
SAP会采取一切合理的措施，确保未收集无关的个人信息。SAP只会在达成本隐私政策所述目的所需的最短期限内保留您的个人信息，除非根据适用法律的需要或允许延长保存期。
3. SAP has put in place measures to protect your Personal Information from loss, misuse and unauthorized access. SAP will keep your Personal Information secure using reasonable security measures as appropriate, for example, encryption (e.g., SSL) and anonymization. SAP use the protection mechanisms offered by the mobile operating system inside the application's sandbox environment. Your Personal Information is also protected by application-level encryption based on 256-bit Advanced Encryption Standard (AES) or better method. Further, SAP may make available to your Company certain optional security measures for managing the [C4C] which your Company can deploy at its end, for example, single-sign-on, multi-factor authentication and other mobile device management security features. SAP will continue to improve the technical measures to protect your Personal Information collected by the [C4C].
SAP已采取适当措施来防止您的个人信息遭丢失、滥用或未经授权的访问。SAP将适当采用加密技术（例如 SSL）、匿名技术等合理的安全防护措施来确保您个人信息的安全。SAP不仅在应用程序的运行环境中应用了移动端操作系统提供的保护机制，同时您的个人信息还将受到基于256位高级加密标准（AES）或更好方法的应用程序级加密保护。此外，SAP可能会向贵公司提供一些可自行选择部署的安全防护措施来帮助管理【C4C】，例如单点登录、多重身份验证以及其他移动设备管理安全功能。SAP将不断优化技术措施，保护【C4C】收集的个人信息。
In the event of a Personal Information security breach, SAP will notify you as required by the applicable laws and regulations. SAP will cooperate with your Company to notify the affected users and handle the event. Personal Information security breaches by the [Cloud Service] are not subject to this Privacy Statement. Personal information security breaches caused by the [Cloud Service] will be handled according to the privacy statement of the [Cloud Service].
如果出现个人信息安全漏洞，SAP会根据适用法律法规的要求告知您。SAP将协助您的公司告知受影响的用户并处理该安全事件。由【云服务】导致的个人信息安全事件不受本隐私政策的约束。【云服务】造成的个人信息安全事件将根据【云服务】自己的隐私政策处理。
VII. HOW CAN YOU EXERCISE YOUR RIGHT TO PROTECT PERSONAL INFORMATION?
您如何行使您的个人信息保护权利
In accordance with applicable laws and regulations, you are guaranteed certain rights to your Personal Information.
按照适用的法律法规，SAP保障您对自己的个人信息行使特定权利。
With respect to the Personal Information under our control, you may contact SAP at https://support.sap.com/en/contact-us.html should you have any questions or concerns regarding such Personal Information. To the extent SAP has retained such information with an identifier that can be connected to you, you have the following rights.
对于由SAP控制的个人信息，如有任何问题或疑虑，请通过 https://support.sap.com/en/contact-us.html 联系SAP。如果SAP保存的信息中包含与您关联的标识符，您可以行使以下权利：
(1) Accessing or requesting a copy of your Personal Information
访问您的个人信息并获取副本
You have the right to access or request a copy of your Personal Information under our control, except for the exceptions specified in applicable laws and regulations. If you wish to exercise the right to access or request a copy of your Personal Information, you may contact SAP at https://support.sap.com/en/contact-us.html.
您有权访问由SAP控制的您的个人信息并获取副本，但适用法律法规规定的例外情况除外。如果您想行使个人信息访问权或获取副本，请通过 https://support.sap.com/en/contact-us.html 联系SAP。
If it does not incur a significant cost or cause other significant difficulties for us, upon your written request, SAP can also provide you with a copy of your Personal Information under our control (if any) that is generated during your use of the [C4C]. If you wish to access such Personal Information, please contact us at https://support.sap.com/en/contact-us.html.
在不会产生较高成本或造成其他较大困难的情况下，应您的书面请求，SAP可以提供您在使用【C4C】期间所产生的、由SAP控制的您的个人信息（如有）的副本。如果您想访问此类个人信息，请通过 https://support.sap.com/en/contact-us.html 联系SAP。
(2) Correcting your Personal Information
更正您的个人信息
As the types of Personal Information that SAP collects is very limited, if you discover errors in your Personal Information under SAP’s control, you have the right to require SAP to make the correction. You may request a correction by contacting SAP at https://support.sap.com/en/contact-us.html.
由于SAP作为个人信息处理者收集的个人信息类别非常有限，您不太可能需要更正由SAP控制的您的个人信息。但是，如果您发现SAP控制的您的个人信息有错误，您有权要求SAP做出更正。您可以通过 https://support.sap.com/en/contact-us.html 联系SAP来要求更正。
(3) Deleting your Personal Information
删除您的个人信息
In the following cases, you may send a request to https://support.sap.com/en/contact-us.html to delete your Personal Information under SAP’s control:
在以下情形，您可以通过 https://support.sap.com/en/contact-us.html 向SAP提出删除由SAP控制的您的个人信息的请求：
1. If SAP’s behavior in processing your Personal Information violates applicable laws or regulations;
如果SAP处理您个人信息的行为违反了适用法律法规；
2. If SAP’s behavior in processing your Personal Information violates our agreement with you;
如果SAP处理您个人信息的行为违反了与您的约定；
3. If you desist from the use of the [C4C], or you cancel the account;
如果您不再使用【C4C】，或您注销了帐号；
4. If SAP desists from providing the [C4C] to you, or the retention period has expired.
如果SAP不再为您提供【C4C】。
If you request for deletion, while the retention period provided by any law or administrative rules has not expired, or it is difficult to realize the deletion of Personal Information technically, SAP will cease the processing of Personal Information except for storing and taking necessary security protection measures for such information.
如果您请求删除，而任何法律或行政法规规定的保留期尚未到期，或者在技术上很难实现个人信息的删除，SAP将停止除储存之外的对您个人信息的任何处理，并采取必要的安全保护措施。
If SAP agrees to your deletion request, SAP will also inform the entities which has obtained such Personal Information from SAP to delete such Personal Information without delay, unless otherwise specified in laws and regulations, or these entities have obtained your separate authorization.
如果SAP同意了您的删除信息请求，SAP也会通知从SAP这里获取了此类个人信息的实体，要求其立即删除，除非法律法规另有规定，或这些实体已单独获得您的授权。
(4) Right to Stop or Restrict
请求停止或限制处理
You can request SAP to stop or restrict your Personal Information from further processing in certain circumstances.
在特定的情况下，您可以请求SAP停止或限制对您的个人信息进行进一步处理。
(5) Right to Object
拒绝权
You can request not to be subject to a decision based solely on automated processing.
您可以拒绝仅基于自动决策处理您的个人信息。
(6) Right to Withdraw Consent
撤回同意的权利
Wherever SAP is processing your Personal Information based on your consent, you may at any time withdraw your consent. After your withdrawal, you can log out of [C4C] at any time. Upon logging out of [C4C], [C4C] will not store or process any of your Personal Information on your mobile device . In case SAP is required to retain your Personal Information for legal reasons your Personal Information will be restricted from further processing and only retained for the term allowed by law. However, any withdrawal has no effect on past processing of Personal Information by SAP up to the point in time of your withdrawal.
若SAP是基于您的同意处理您的个人信息，您可以随时撤回您的同意。在您撤回您的同意之后，您可以随时退出S [ C4C] 一旦退出后， [C4C] 将不会在您的移动设备中存储任何您的个人信息。如果SAP因法律原因需要保留您的个人信息，您的个人信息将被限制进一步处理，并且仅保留法律允许的期限。然而，任何撤回都不会影响SAP在您撤回之前对您的个人信息的处理。
(7) Canceling your Account
注销您的帐号
Please note that the [C4C] is used to allow you to access and use the [Cloud Service] through your mobile device, You can log out of [C4C] at any time. Upon logging out of [C4C], [C4C] will not store any of your Personal Information on your mobile device. If you request to cancel your account on the Cloud Service, please contact your Company to cancel it, because your Company controls the Cloud Service. Please note that you will not be able to access and use the [Cloud Service] after the cancellation of your account.
请注意本【C4C】是允许您通过您的移动设备访问和使用【云服务】的通道。您随时可以退出 C4C】。退出后，【C4C】将不会在您的移动设备中存储任何您的个人信息。如果您想要注销您的账号，请您联系贵公司进行删除，因为云服务由贵公司控制。请注意如果您注销账户，您将无法访问和使用【云服务】。
(8) Right to Lodge a Complaint
投诉权
If you take the view that SAP is not processing your Personal Information in accordance with the requirements in this Privacy Statement or under applicable data protection laws, you can at any time, to the extent required by applicable law, lodge a complaint with competent data protection authority.
如果您认为SAP没有按照本隐私政策或适用数据保护法律的要求处理您的个人信息，您可以在适用法律要求的范围内，随时向数据保护主管机构提出投诉。
(9) Responding to Your Above Requests
响应您的上述请求
Please submit your request in writing. To ensure security, SAP may need to verify your identity before processing your request. SAP will reply to your request within 15 working days after verification of your identity. If you have any concerns, you may contact SAP at https://support.sap.com/en/contact-us.html.
请以书面形式提出请求。为保障安全，SAP可能会先要求您验证自己的身份，然后再处理您的请求。SAP将在您完成身份验证后的 15 个工作日内做出答复。如有任何疑虑，请通过 https://support.sap.com/en/contact-us.html 联系SAP。
Generally, SAP will not charge fees to process any reasonable request. But if you submit the same request frequently or your request exceeds a reasonable extent, SAP may charge a fee based on our processing costs as SAP may reasonably determine. Where the requests are repeated without good reasons, or require too many technical measures (e.g. a new system is needed or current practice will be changed fundamentally), or put others’ legitimate rights and interests at risk or are very impractical (e.g. require a backup of the Personal Information stored in the tape), SAP reserves the right reject such requests.
对于合理的请求，SAP一般不收取费用。但对多次重复、超出合理限度的请求，SAP将根据处理成本酌情合理地收取一定费用。对于那些无端重复、需要过多技术手段（例如，需要开发新系统或从根本上改变现行惯例）、给他人合法权益带来风险或者非常不切实际（例如，要求用磁带备份存储个人信息）的请求，SAP有权予以拒绝。
In the following cases, in accordance with applicable laws and regulations, SAP is unable to accommodate your request:
在下列情况下，按照适用法律法规要求，我们将无法响应您的请求：
1. Directly related to national security and national defense security;
与国家安全、国防安全直接相关的；
2. Directly related to public security, public health, and major public interests;
与公共安全、公共卫生、重大公共利益直接相关的；
3. Directly related to criminal investigation, prosecution, trial, and enforcement of judgments;
与犯罪侦查、起诉、审判和判决执行等直接相关的；
4. There is sufficient evidence indicating that you have subjective malicious intentions or abuse your rights;
有充分证据表明您存在主观恶意或滥用权利的；
5. Responding to your request will cause serious damage to the legitimate rights and interests of the data subject or other individuals or organizations;
响应您的请求将导致数据当事人或其他个人、组织的合法权益受到严重损害的；
6. Involving trade secrets.
涉及商业秘密的。
VIII. PROCESSING PERSONAL INFORMATION OF CHILDREN
儿童个人信息的处理
The [C4C] and any related websites, products and services are intended for adults. We consider anyone less than 14 years old a child. You represent and warrant that you are an adult and not a child and you will not transmit Personal Information of any child through the [C4C] without the explicit consent of the child’s parents or guardians. If SAP discover that SAP has collected Personal Information of children without verifiable consent of their parents or guardians, SAP will find ways to delete such data as soon as possible.
【C4C】及任何相关的网站、产品和服务主要面向成年人。SAP将所有未满 14 周岁的人视为儿童。您声明并保证您不是儿童，您是一个成年人，您不会在未经儿童父母或监护人明示同意的情况下通过【C4C】传输任何儿童的个人信息。如果SAP发现自己在未获得可验证的儿童父母或监护人同意的情况下收集了儿童的个人信息，SAP则会设法尽快删除相关数据。
IX. WHERE IS YOUR PERSONAL INFORMATION STORED AND HOW IS IT TRANSFERRED CROSS-BORDER?
您的个人信息储存在哪里以及如何在全球范围内转移
Your Personal Information will be stored within China (for the purpose of this Privacy Statement only, China refers to the mainland of China and does not include Hong Kong SAR, Macau SAR and Taiwan region). However, as SAP may provide products or services via servers and resources located worldwide, your Personal Information may be transferred to jurisdictions outside China. Such jurisdictions may have different data protection laws or have no such laws. However, for your Personal Information under our control, SAP will ensure such Personal Information will have no less protection than under the laws protecting Personal Information in China.
您的个人信息将会被储存在中国境内（仅为本隐私政策之目的，中国仅指中国大陆，不包含香港特别行政区、澳门特别行政区和台湾地区）。然而，鉴于SAP可能通过遍布全球的服务器和资源提供产品或服务，您的个人信息可能会转移至中国之外的辖区。此类辖区可能设有不同的数据保护法，甚至未设立相关法律。但是，对于由我们控制的您的个人信息，SAP会确保此类个人信息获得不少于中国境内的个人信息保护法所提供的保护。
Names and contact details of such overseas recipients, the purposes and manners of processing, and the types of Personal Information to be provided are set out in Appendix II. List of Personal Information recipients.
境外接收方的姓名、联系方式、处理目的和处理方式，以及转移出境的个人信息类型，请参阅附件2 – 个人信息接收方列表。
X. HOW LONG DOES SAP STORE YOUR PERSONAL INFORMATION?
SAP会保留您的个人信息多长时间
SAP only keeps your Personal Information within the necessary minimum period required for fulfilling the purposes stated in this Privacy Statement, unless an extension is required or permitted by applicable law. Once the retention period expires, personal data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of the retention period.
SAP 仅在实现本隐私声明中所述目的所需的最短必要期间内保留您的个人信息，除非适用法律要求或允许延长该期限。一旦保留期限到期，个人数据将被删除。因此，访问权、删除权、更正权和数据可搬迁权在保留期限过期后将无法执行。

XI. HOW IS THIS PRIVACY STATEMENT UPDATED?
本隐私政策如何更新
Our Privacy Statement may be updated from time to time. If the updates to the Privacy Statement may essentially impact the rights you are entitled to under this Privacy Statement, the [C4C] will alert you of these updates through a pop-up notice or other prominent methods and obtain your explicit consent to these updates to the Privacy Statement. Without your explicit consent, SAP will not diminish the rights you are entitled to under this Privacy Statement.
SAP可能会不时更新本隐私政策。如果本隐私政策的更新有可能实质性影响您在本隐私政策下所应享有的权利，【C4C】将通过弹出通知或其他有效方式提醒您相关内容的更新，并征求您对隐私政策更新的明示同意。未经您明示同意，SAP不会削减您按照本隐私政策所应享有的权利。
XII. HOW MAY YOU CONTACT SAP?
如何联系SAP
If you have any question, comment or suggestion relating to this Privacy Statement, you can contact SAP at https://support.sap.com/en/contact-us.html. Generally, SAP will strive to reply within 15 working days.
如您对本隐私政策有任何疑问、意见或建议，请通过以下地址与SAP联系：https://support.sap.com/en/contact-us.html。一般情况下，SAP将在 15 个工作日内回复。

APPENDIX I: LIST OF PERSONAL INFORMATION COLLECTION
附件1：个人信息收集表
Services/Functions
服务/功能
(Basic Function/Additional Function) Manner of collection
收集方式 Frequency or timing of collection
收集频率及时点 Type of Collected Personal Information
收集的个人信息类型 Impact of refusing to process this type of Personal Information on individuals
拒绝处理个人信息对个人的影响

Authentication.
身份验证

When you log in on C4C, C4C collects perosnal Information for user authentication purposes before permitting you to access C4C services.

当您登录C4C时，C4C会收集您的设备唯一标识符、用户名和相关密码信息，用于用户身份验证，然后再允许您访问C4C服务。 When you log in on C4C
当您登录C4C时 unique device identifier, username ID and related password information for user authentication purposes
您的设备唯一标识符、用户名和相关密码信息
If you do not provide such information, C4C cannot authenticate you and without authentication you cannot access C4C services.
如果您不提供此类信息，C4C就无法对您进行身份验证。不经过验证，您将无法访问C4C服务。

Calendar
日历

. To use C4C features related to your calendar information (for instance, to merge your activities for the day on C4C with your calendar information), you have to grant C4C access to your calendar on the mobile device.要使用与日历信息有关的C4C功能（例如，将C4C记录的日历活动信息与您的日历信息合并），您需要允许C4C访问移动设备上的日历。 When you use C4C features related to your calendar information Calendar
日历。 To use C4C features related to your calendar, you have to grant C4C access to your calendar on the mobile device.
要使用与日历信息有关的C4C功能, 您需要允许C4C访问移动设备上的日历。
Geo-location.
地理位置 To use C4C features related to your geo-location on C4C (for instance, to verify your visit to a physical store), you have to grant C4C access to the geo-location of your mobile device.
要在C4C中使用与地理位置相关的C4C功能（例如，验证到访实体店），您需要允许C4C访问移动设备的地理位置。
When you use C4C features related to your geo-location on C4C

要在C4C中使用与地理位置相关的C4C功能 Geo-location.
地理位置。 To use C4C features related to your geo-location on C4C, you have to grant C4C access to the geo-location of your mobile device.
要在C4C中使用与地理位置相关的C4C功能，您需要允许C4C访问移动设备的地理位置。
Camera
相机 To upload the attachments to the C4C backend cloud services, the camera may be used to take photograph for these attachments.
为了能上传附件到C4C后端云服务，相机将用于为附件拍照片。

When you want to upload the attachments in a form of photograph

当您想要以照片形式上传附件时 Camera If C4C has no access to the camara, you cannot upload your scanned images.

如果C4C不能通向手机里的相机功能，您将不能上传您扫描的图片。
Photos and Media
照片和媒体
(Access to READ_EXTERNAL_STORAGE & WRITE_EXTERNAL_STORAGE).
（进入READ_EXTERNAL_STORAGE & WRITE_EXTERNAL_STORAGE）

When you upload images captured from your device or attachments stored in your device to C4C backend cloud services or when you try to download images or attachments from the C4C backend cloud services to your device, the App shall access READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE .
当您上传您手机所拍的照片或您手机所储存的附件到C4C后端云服务时，或当您尝试从C4C后端云服务下载照片或附件到您的手机时，您需要授予本软件权限可进入您储存在本手机里的照片与媒体。

When you upload images captured from your device or attachments stored in your device to C4C backend cloud services;
When you try to download images or attachments from the C4C backend cloud services to your device.
当您上传您手机所拍的照片或您手机所储存的附件到C4C后端云服务时 ;当您尝试从C4C后端云服务下载照片或附件到您的手机时 Photos and Media
照片和媒体
(Access to READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE).

You can withdraw this access at any time by turning off C4C’s access to your media and storage in the settings of your mobile device.
您可以随时通过在手机设备的设置中关闭C4C对媒体和存储的访问权限来撤销此访问权限。
6. Logs & Android ID
日志和安卓ID。
Use the Logs to identify and analyse the root cause of bugs ;
Use the Logs to uniquely identify the device by collecting your Android ID and associating your logs to it.
使用日志来识别和分析错误的根本原因;
通过收集设备安卓 ID 并将日志关联到设备来唯一标识设备。
While using the Logs to identify and analyse the root cause of bugs ;
While using the Logs to uniquely identify the device by collecting your Android ID and associating your logs to it.
当使用日志来识别和分析错误的根本原因时;
当通过收集设备安卓 ID 并将日志关联到设备来唯一标识设备时。

Logs & Android ID
日志 & 安卓ID Without access to logs, you cannot use certain features of the C4C.
若无权限访问日志，您将不能使用C4C的特定功能。
Notification
通知
(Access to ACTION_BOOT_COMPLETED
& No Self-Starting Behavior)
（进入ACTION_BOOT_COMPLETED &无自启动行为） The C4C app triggers push notifications to the user’s mobile device for approval tasks or when workflow conditions are met. But if the mobile device is switched off when these notifications are being sent, upon restarting, the app listens to the ACTION_BOOT_COMPLETED broadcast to ensure that these notifications are not lost and notify the user.

C4C 软件会触发向用户移动设备发送推送通知，以执行审批任务或满足工作流条件。但是，如果在发送这些通知时移动设备已关闭，则在手机重新启动时，软件将倾听ACTION_BOOT_COMPLETED广播，以确保这些通知不会丢失并及时通知用户。 If the mobile device is switched off when these notifications are being sent, upon restarting, the app listens to the ACTION_BOOT_COMPLETED broadcast to ensure that these notifications are not lost and notify the user.
如果在发送这些通知时移动设备已关闭，则在手机重新启动时，软件将倾听ACTION_BOOT_COMPLETED广播，以确保这些通知不会丢失并及时通知用户。

Access to ACTION_BOOT_COMPLETED & No Self-Starting Behavior Without this feature, these notifications will get lost.
若此软件没有此功能，则用户不能及时得到通知。

APPENDIX II: LIST OF PERSONAL INFORMATION RECIPIENTS
附件2 – 个人信息接收方列表
Domestic recipients of Personal Information
个人信息境内接收方

Name
姓名 Contact Information
联系信息 Purpose of the processing
处理目的 Manner of processing
处理方式 Type of Shared Personal Information
分享的个人信息类型
None
无 None
无 None
无 None
无 None
无

OVERSEAS RECIPIENTS OF PERSONAL INFORMATION
个人信息海外接收方

Name
姓名 Contact Information
联系方式 Purpose of the processing
处理目的 Manner of processing
处理方式 Country/region
国家/地区 Type of Shared Personal Information
分享的个人信息类型
Entities of SAP Group
SAP集团的各公司 webmaster[@]sap.com These entities may have access to personal data for the purpose of processing customers tickets that are raised by the customer and the customers are aware of this and provide such permissions while raising tickets.
这些实体公司可能会访问个人数据，以处理客户提出的工单，客户知晓此事并在提出工单时提供了相应权限。

Processing customer ticket raised by customer; Customers are aware of this and provide such permissions while raising tickets.
处理客户提出的工单，客户知晓此事并在提出工单给予了权限。 Country/region where the entities of SAP Group are located

SAP集团各实体公司所在国家或地区 The personal data included in the tickets.
客户工单里的个人数据。

APPENDIX III – LIST OF SDKS
SDK 清单
Name of SDK
SDK名称 Name of third party
第三方名称 Description of scenario / Purpose
场景描述/目的 Link to third party’s privacy statement
第三方隐私政策链接 Type of Personal Information to be collected
收集的个人信息类型
ZXing ZXing The SDK, “ZXing” shall access your camera to enable you to perform Barcode Scanning, after you give us your consent to access your camara.
此SDK, “ZXing”将在您给予我们同意之后通向您手机里的相机功能以便您能进行Barcode扫描。
https://github.com/zxing/zxing/blob/master/LICENSE Photos in Camera
用户手机的相机里的照片。