Privacy Statement – SAP Asset Manager

隐私政策  SAP Asset Manager

 

This Privacy Statement applies to the SAP Asset Manager mobile app (“App”) published by SAP SE, Dietmar-Hopp-Allee 16 Walldorf 69190, Germany (“SAP”, “we”, “us”, “our”) for the People’s Republic of China (China) market.   

本隐私政策适用于 SAP SE(地址为 Dietmar-Hopp-Allee 16, 69190 Walldorf, Germany,以下简称“SAP”或“我们”)面向中华人民共和国(中国)市场发布的 SAP Asset Manager 移动APP(以下简称“APP”)。   

Last updated: 05/2021 

更新日期:20215

 

This Privacy Statement will help you understand the following:  

本隐私政策将帮助您了解以下内容:  

I. How we collect and use your personal information? 

我们如何收集和使用您的个人信息 

II. How do we share, transfer the control of or disclose publicly your personal information? 

我们如何共享、转让、公开披露您的个人信息 

III. How do we protect your personal information? 

我们如何保护您的个人信息 

IV. Your rights. 

您的权利 

V. Processing personal information of children. 

儿童个人信息的处理 

VI. How is your personal information transferred cross-border? 

您的个人信息如何在全球范围转移 

VII. How is this Privacy Statement updated? 

本隐私政策如何更新 

VIII. How you may contact us? 

如何联系我们 

 

I.                   How We Collect and Use Your Personal Information? 

我们如何收集和使用您的个人信息 

This Privacy Statement outlines how we handle the information that can be used to directly or indirectly identify an individual ("Personal Information").

本隐私政策概述了我们如何处理可用于直接或间接识别个人的信息(“个人信息”)。 

Your employer, client company, business, institution or other providing entity (“your Company”) may have subscribed to the SAP Asset Manager on-demand services (“Cloud Service”) provisioned either by (for Cloud Service hosted in China) China Datacom Corporation Limited or (for Cloud Service hosted outside China) a member of the SAP group of companies (“Cloud Service Provider”). Consult your Company for the location of the Cloud Service data center. This Privacy Statement does not change any terms of the business agreement for Cloud Service between your Company and the Cloud Service Provider. 

您的雇主、客户公司、业务部门、机构或其他提供实体(“贵公司”)可能租用了由中数通信息有限公司(针对在中国境内托管的云服务)或 SAP 集团的成员公司(针对在中国境外托管的云服务)(“云服务提供商”)所提供的 SAP Asset Manager 按需服务(“云服务”)。请咨询贵公司,了解云服务数据中心的位置。本隐私政策不会修改贵公司和云服务提供商之间就云服务达成的商业协议中的任何条款。 

 

Your Company is the data controller of the Personal Information hosted on the Cloud Service within the meaning of the applicable data protection laws. The processing of such Personal Information by the Cloud Service Provider is under the direction of your Company. 

贵公司作为数据控制方,控制着根据适用的数据保护法在云服务中托管的个人信息。云服务提供商根据贵公司的指示处理此类个人信息。 

The App may collect and process your Personal Information for the following purposes:

APP会出于以下目的,收集和处理您的个人信息:

a.       Provide on the App functions and features similar to the Cloud Service. The App connects to the Cloud Service. SAP provides this App so that you can access the Cloud Service from your mobile device as long as you remain a user authorized by your Company to access the Cloud Service. The categories of the Personal Information about you collected or derived within the Cloud Service depends, in part, on the Cloud Service to which your Company has subscribed and the manner in which your Company has configured the Cloud Service. Should you have any questions about how your Personal Information is processed by the Cloud Service, please contact your Company.

APP中提供与云服务类似的功能和特性。APP与云服务互联。只要您是贵公司授权访问云服务的用户,您就能通过 SAP 提供的这款APP在移动设备上访问云服务。在云服务中收集或获取的个人信息的类别,部分取决于贵公司租用了哪些云服务和如何配置云服务。如对云服务如何处理您的个人信息有任何疑问,请联系贵公司。

b.      Authentication. When you log in on the App, the App collects your unique device identifier, username ID, face ID and/or fingerprint ID (stored locally in your mobile device), and related password information for user authentication purposes before permitting you to access the App services. If you do not provide such information, the App cannot authenticate you and without authentication you cannot access the App services.

身份验证。当您登录APP时,APP会收集您的设备唯一标识符、用户名、面容ID/或指纹ID (本地储存于您的移动设备中)、和相关密码信息,用于用户身份验证,然后再允许您访问APP服务。如果您不提供此类信息,APP就无法对您进行身份验证。不经过验证,您将无法访问APP服务。

c.       Geo-location. To use App features related to your geo-location on the App (for instance, to provide driving directions, as well as identify “nearby” work orders, notifications and assets that you will be working on ), you have to grant the App access to the geo-location of your mobile device. Geo-location information may be regarded as sensitive personal information. You can choose not to grant the App access to your geo-location information, in which case you will not be able to use App features related to geo-location, but this does not affect your normal use of the other App features. In addition, you can withdraw your consent at any time by turning off the App’s access to your geo-location in the settings of your mobile device.

地理位置。要在APP中使用与地理位置相关的APP功能(例如,向您提供驾驶向导,同时发现“附近”工单、通知和您将要使用的资料),您需要允许APP访问移动设备的地理位置。地理位置信息被认为是个人敏感信息。您可以选择不允许APP访问您的地理位置信息。在这种情况下,您将无法使用与地理位置相关的APP功能,但这不会影响您正常使用其他APP功能。此外,您随时可以通过在移动设备的设置中关闭APP对地理位置的访问来撤回同意。

d.      Push notification. The App collects your unique device ID for the purpose to allow the Cloud Service instance to send you push notification. If you do not wish to receive push notification, please contact your Company to disable such function on the Cloud Service instance.

信息推送。我们会收集您的设备唯一标识符,用于允许云服务实例向您进行信息推送。如果您不希望收到信息推送,请联系贵公司取消云服务实例中的相关功能。

Duration of retention of your Personal Information will be in accordance with the policy set by your Company who is the controller of the Cloud Service instance.  Should you have any questions about the retention period of your Personal Information and how your Personal Information is handled beyond the retention period, please contact your Company.

个人信息的保存期限将依据贵公司作为云服务实例控制方所制定的政策而定。  如对个人信息的保存期限或超出保存期限的个人信息处理有任何疑问,请联系贵公司。

 

II. How Do We Share, Transfer the Control of or Disclose Publicly Your Personal Information? 

我们如何共享、转让、公开披露您的个人信息 

(1) Sharing

共享

We use Esri ArcGIS runtime SDK, which is a third party code. We may share your geo-location with the Esri ArcGIS runtime SDK to show your current location on the map and for routing. This only applies if your Company  has purchased an Esri license. Your consent is required for sharing your geo-location with Esri ArcGIS runtime SDK.

我们使用 Esri ArcGIS 运行时 SDK,这是一个第三方代码。我们可能会 Esri ArcGIS 运行时 SDK 共享 地理位置信息,以显示在地图上的当前位置并进行传送。这仅适用于贵公司购买了 Esri 许可的 情况下。与 Esri ArcGIS 运行时 SDK 共享您的地理位置信息需要获得您的同意。

We will not share your Personal Information with any company, organization or individual beyond SAP and its affiliates, except for the following cases:  

我们不会与 SAP 及其关联公司以外的任何公司、组织和个人共享您的个人信息,但以下情况除外:  

1. Your Company. The App connects to the Cloud Service. The App uploads data to and downloads data from the Cloud Service.

贵公司。APP与云服务互联,支持向云服务上传数据和从云服务下载数据。

2. Suppliers, service providers and other partners. We may send your Personal Information to suppliers, service providers and other partners supporting our business, and the support includes providing technical and infrastructure services, analyzing the use pattern of our services, measuring the effectiveness of services, and providing customer services.

供应商、服务提供商和其他合作伙伴。我们可能会将您的个人信息发送给支持我们业务的供应商、服务提供商和其他合作伙伴,这些支持包括提供技术和基础设施服务、分析我们服务的使用方式、衡量服务的有效性、提供客户服务。

3. External organizations as required by applicable law. Applicable law and regulation or mandatory requirements of a competent authority may require that we share your Personal Information with certain external organizations. 

适用法律要求的外部组织。根据适用法律法规或主管部门的强制性要求,我们可能需要与某些外部组织共享您的个人信息。 

To the maximum extent permitted by applicable laws and regulations, we will enter into a strict non-disclosure agreement or data processing agreement with companies, organizations and individuals with which we share Personal Information, requiring them to process Personal Information in accordance with our instructions, this Privacy Statement and any other relevant non-disclosure and security measures.   

在适用法律法规允许的最大范围内,我们会与这些公司、组织和个人签署严格的保密协定或数据处理协议,要求他们按照我们的说明、本隐私政策以及其他任何相关的保密和安全措施来处理个人信息。

(2) Transfer of Control  

转让  

To the extent there is any user Personal Information under our control, we will not transfer the control of such Personal Information to any company, organization or individual outside of the SAP group of companies, except where:  

如果我们控制了您的任何个人信息,我们不会将此类个人信息转让给 SAP 集团公司之外的任何公司、组织和个人,但以下情况除外:  

1. User’s explicit consent is obtained. We will not transfer the control of your Personal Information to a third party unless we have first obtained your explicit consent.

获得您的明示同意。除非事先获得您的明示同意,否则我们不会向第三方转让您的个人信息。

2. Merger, acquisition or bankruptcy. In the event of a merger or acquisition case or bankruptcy or liquidation scenario, involving the transfer of Personal Information, we will require the new company or organization holding your Personal Information to observe this Privacy Statement, otherwise we will require such company or organization to seek your consent again.  

合并、收购或破产。在发生涉及个人信息转让的并购案或破产清算时,我们会要求新的持有您个人信息的公司或组织继续受本隐私政策的约束,否则我们将要求该公司或组织重新向您征求授权同意。  

 

(3) Public Disclosure  

公开披露  

We will not disclose your Personal Information publicly except:  

我们不会公开披露您的个人信息,但以下情况除外:   

1. Having obtained your explicit consent.  

获得您的明示同意。  

2. Law-based disclosure: if required by applicable law, legal process, legal orders or in accordance with mandatory requirements of a competent authority, we may disclose your Personal Information accordingly. 

基于法律的披露:在法律、法律程序、诉讼或政府主管部门强制性要求的情况下,我们可能会公开披露您的个人信息。 

 

III. How We Protect Your Personal Information?  

我们如何保护您的个人信息  

(1)   We have employed security measures complying with industry standards to protect the Personal Information we collect via the App, to prevent such Personal Information from unauthorized access, public disclosure, use, modifications, damage or loss. We will adopt reasonable measures to protect your Personal Information. For example, we use a trusted protection mechanism to protect such Personal Information from attacks and we deploy an access control mechanism to ensure only authorized persons can access such Personal Information.  

我们已使用符合业界标准的安全防护措施来保护我们通过APP收集的个人信息,防止此类个人信息遭到未经授权访问、公开披露、使用、修改、损坏或丢失。我们会采取一切合理的措施来保护您的个人信息。例如,我们会使用受信赖的保护机制防止此类个人信息遭到恶意攻击;我们会部署访问控制机制,确保只有授权人员才可访问此类个人信息。  

(2)   We may adopt reasonable measures to ensure irrelevant Personal Information is not collected. We only keep your Personal Information within the period required for fulfilling the purposes stated in this Privacy Statement, unless an extension is required or permitted by applicable law.  

我们会采取一切合理的措施,确保未收集无关的个人信息。我们只会在达成本隐私政策所述目的所需的期限内保留您的个人信息,除非根据适用法律的需要或允许延长保存期。  

(3)   We have put in place measures to protect your Personal Information from loss, misuse and unauthorized access. We will keep your Personal Information secure using reasonable security measures as appropriate, for example, encryption (e.g., SSL) and anonymization. We use the protection mechanisms offered by the mobile operating system inside the application's sandbox environment. Your Personal Information is also protected by application-level encryption based on 256-bit Advanced Encryption Standard (AES) or better method. Further, we may make available to your Company certain optional security measures for managing the App which your Company can deploy at its end, for example, single-sign-on, multi-factor authentication and other mobile device management security features. We will continue to improve the technical measures to protect your Personal Information collected by the App. SAP has achieved and maintains C5, ISO22301, ISO27001, ISO27017, ISO27018, SOC1/2 and similar other international technical standards.

我们已采取适当措施来防止您的个人信息遭丢失、滥用或未经授权的访问。我们将适当采用加密技术(例如 SSL)、匿名技术等合理的安全防护措施来确保您个人信息的安全。我们不仅在应用程序的运行环境中应用了移动端操作系统提供的保护机制,同时您的个人信息还将受到基于256位高级加密标准(AES)或更好方法的应用程序级加密保护。 此外,我们可能会向贵公司提供一些可自行选择部署的安全防护措施来帮助管理APP,例如单点登录、多重身份验证以及其他移动设备管理安全功能。我们将不断优化技术措施,保护APP收集的个人信息。SAP 已达到并持续符合 C5ISO22301ISO27001ISO27017ISO27018SOC1/2 及其他类似国际技术标准的要求。

 In the event of a Personal Information security breach, we will notify your Company as required by the applicable laws and regulations. We will cooperate with your Company to notify the affected users and handle the event.

如果出现个人信息安全漏洞,我们会根据适用法律法规的要求告知贵公司。我们将协助贵公司告知受影响的用户并处理该安全事件。

 

IV. Your Rights.  

您的权利  

In accordance with applicable laws and regulations, you are guaranteed certain rights to your Personal Information.  

按照适用的法律法规,我们保障您对自己的个人信息行使特定权利。  

Most of the Personal Information collected by the App is controlled by your Company. With respect to the Personal Information under our control, you may contact us at https://support.sap.com/en/contact-us.html should you have any questions or concerns regarding such Personal Information. To the extent we have retained such information with an identifier that can be connected to you, you have the following rights.

APP收集的大部分个人信息都由贵公司控制。对于由我们控制的个人信息,如有任何问题或疑虑,请通过 https://support.sap.com/en/contact-us.html 联系我们。如果我们保存的信息中包含与您关联的标识符,您可以行使以下权利:

(1) Accessing Your Personal Information    

访问您的个人信息   

You have the right to access your Personal Information under our control, except for the exceptions specified in applicable laws and regulations. If you wish to exercise the right to access your Personal Information, you may contact us at https://support.sap.com/en/contact-us.html.

您有权访问由我们控制的您的个人信息,但适用法律法规规定的例外情况除外。如果您想行使个人信息访问权,请通过 https://support.sap.com/en/contact-us.html 联系我们。

If it does not incur a significant cost or cause other significant difficulties for us, upon your written request, we can also provide you with a copy of your Personal Information under our control (if any) that is generated during your use of the App. If you wish to access such Personal Information, please contact us at https://support.sap.com/en/contact-us.html.

在不会产生较高成本或造成其他较大困难的情况下,应您的书面请求,我们可以提供您在使用APP期间所产生的、由我们控制的您的个人信息(如有)的副本。如果您想访问此类个人信息,请通过 https://support.sap.com/en/contact-us.html 联系我们。

 

(2) Correcting Your Personal Information   

更正您的个人信息   

As the types of Personal Information that we (as a data controller) collect is very limited, it is unlikely for you to wish to correct your Personal Information under our control.  However, if you discover errors in your Personal Information under our control, you have the right to require us to make the correction. You may request a correction by contacting us at https://support.sap.com/en/contact-us.html.

由于我们作为数据控制方收集的个人信息类别非常有限,您不太可能需要更正由我们控制的您的个人信息。  但是,如果您发现我们控制的您的个人信息有错误,您有权要求我们做出更正。您可以通过 https://support.sap.com/en/contact-us.html 联系我们来要求更正。

 

(3) Deleting Your Personal Information 

删除您的个人信息 

Locally stored username, device ID and local client logs will be deleted as soon as the App is uninstalled from your device. In the following cases, you may send a request to https://support.sap.com/en/contact-us.html to delete your Personal Information under our control:  

一旦APP从您的设备上卸载,本地存储的用户名、设备ID和本地客户端日志就会被删除。在以下情形,您可以通过 https://support.sap.com/en/contact-us.html 向我们提出删除由我们控制的您的个人信息的请求:  

1. If our behavior in processing your Personal Information violates applicable laws or regulations;  

如果我们处理您个人信息的行为违反了适用法律法规;  

2. If we collect and use your Personal Information, without obtaining your consent;  

如果我们收集、使用您的个人信息,却未征得您的同意;  

3. If our behavior in processing your Personal Information violates our agreement with you;  

如果我们处理您个人信息的行为违反了与您的约定;  

4. If you desist from the use of the App, or you cancel the account;  

如果您不再使用APP,或您注销了帐号;  

5. If we desist from providing the App to you.  

如果我们不再为您提供APP  

 

If we agree to your deletion request, we will also inform the entities which has obtained such Personal Information from us to delete such Personal Information without delay, unless otherwise specified in laws and regulations, or these entities have obtained your separate authorization.

如果我们同意了您的删除信息请求,我们也会通知从我们这里获取了此类个人信息的实体,要求其立即删除,除非法律法规另有规定,或这些实体已单独获得您的授权。

 

(4) Canceling Your Account

注销您的帐号

You can request your company admins to remove your account from SAP Cloud platform mobile services. Additionally, you can request your company admins to remove your account from SAP backend systems.

您可以请求您的公司管理员从 SAP Cloud Platform Mobile Services 中删除您的帐户。此外,您还可以请求您的公司管理员从 SAP 后端系统中删除您的帐户。

 (5) Responding to Your Above Requests  

响应您的上述请求  

Please submit your request in writing. To ensure security, we may need to verify your identity before processing your request. We will reply to your request within 15 working days after verification of your identity. If you have any concerns, you may contact us at https://support.sap.com/en/contact-us.html.

请以书面形式提出请求。为保障安全,我们可能会先要求您验证自己的身份,然后再处理您的请求。我们将在您完成身份验证后的 15 个工作日内做出答复。如有任何疑虑,请通过 https://support.sap.com/en/contact-us.html 联系我们。

 

Generally, we will not charge fees to process any reasonable request. But if you submit the same request frequently or your request exceeds a reasonable extent, we may charge a fee based on our processing costs as we may reasonably determine. Where the requests are repeated without good reasons, or require too many technical measures (e.g. a new system is needed or current practice will be changed fundamentally), or put others’ legitimate rights and interests at risk or are very impractical (e.g. require a backup of the Personal Information stored in the tape), we reserve the right reject such requests.  

对于合理的请求,我们一般不收取费用。但对多次重复、超出合理限度的请求,我们将根据处理成本酌情合理地收取一定费用。对于那些无端重复、需要过多技术手段(例如,需要开发新系统或从根本上改变现行惯例)、给他人合法权益带来风险或者非常不切实际(例如,要求用磁带备份存储个人信息)的请求,我们有权予以拒绝。  

 

In the following cases, in accordance with applicable laws and regulations, we are unable to accommodate your request:  

在下列情况下,按照适用法律法规要求,我们将无法响应您的请求:  

1. Directly related to national security and national defense security;  

与国家安全、国防安全直接相关的;  

2. Directly related to public security, public health, and major public interests;  

与公共安全、公共卫生、重大公共利益直接相关的;  

3. Directly related to criminal investigation, prosecution, trial, and enforcement of judgments;  

与犯罪侦查、起诉、审判和判决执行等直接相关的;  

4. There is sufficient evidence indicating that you have subjective malicious intentions or abuse your rights;  

有充分证据表明您存在主观恶意或滥用权利的;  

5. Responding to your request will cause serious damage to the legitimate rights and interests of the data subject or other individuals or organizations;  

响应您的请求将导致数据当事人或其他个人、组织的合法权益受到严重损害的;  

6. Involving trade secrets. 

涉及商业秘密的。 

 

V. Processing Personal Information of Children.  

儿童个人信息的处理。  

The App and any related websites, products and services are intended for adults. We consider anyone less than 14 years old a child. You represent and warrant that you are an adult and not a child and you will not transmit Personal Information of any child through the App without the explicit consent of the child’s parents or guardians. If we discover that we have collected Personal Information of children without verifiable consent of their parents or guardians, we will find ways to delete such data as soon as possible. 

APP及任何相关的网站、产品和服务主要面向成年人。我们将所有未满 14 周岁的人视为儿童。您声明并保证您不是儿童,您是一个成年人,您不会在未经儿童父母或监护人明示同意的情况下通过APP传输任何儿童的个人信息。如果我们发现自己在未获得可验证的儿童父母或监护人同意的情况下收集了儿童的个人信息,我们则会设法尽快删除相关数据。 

 

VI. How is Your Personal Information Transferred Cross-Border?  

您的个人信息如何在全球范围转移  

Username and device ID are stored in the mobile device’s secure storage.  All other data, such as business data, pictures and file attachments are stored in a database on device (for offline access) and synced to you Company’s SAP backend system.  Device log is stored on mobile device and can be uploaded to SAP Cloud platform mobile services.

As we may provide products or services via servers and resources located worldwide, you agree that your Personal Information may be transferred to jurisdictions beyond the country/region where you use the App. Such jurisdictions may have different data protection laws or have no such laws. However, for your Personal Information under our control, we will ensure such Personal Information will have no less protection than under the laws protecting Personal Information in China. By agreeing to this Privacy Statement, you consent that your Personal Information may be stored and processed outside of China as described above.

用户名及设备ID储存于移动装置里的安全存储设备。其他数据,例如业务数据、照片及文件附件则存于您设备的数据库里(供线下访问)并与您公司的SAP后台系统同步。设备日志存储于移动设备里,并能上载到SAP云平台的移动装置服务。

鉴于我们可能通过遍布全球的服务器和资源提供产品或服务,您同意您的个人信息可能会转移至您使用APP时所在的国家/地区之外的辖区。此类辖区可能设有不同的数据保护法,甚至未设立相关法律。但是,对于由我们控制的您的个人信息,我们会确保此类个人信息获得不少于中国境内的个人信息保护法所提供的保护。同意本隐私政策,即表示您同意上述在中国境外地区存储和处理您的个人信息。

 

VII. How Is This Privacy Statement Updated?  

本隐私政策如何更新  

Our Privacy Statement may be updated from time to time. Without your explicit consent, we will not diminish the rights you are entitled to under this Privacy Statement. The App will alert you through a pop-up notice or other prominent method of any update and obtain your explicit consent to the new version of the Privacy Statement.

我们可能会不时更新本隐私政策。未经您明示同意,我们不会削减您按照本隐私政策所应享有的权利。APP将通过弹出通知或其他有效方式提醒您相关内容的更新,并征求您对新版隐私政策的明示同意。 

 

VIII. How You May Contact Us?  

如何联系我们  

If you have any question, comment or suggestion relating to this Privacy Statement, you can contact us at https://support.sap.com/en/contact-us.html. Generally, we will strive to reply within 15 working days.  

如您对本隐私政策有任何疑问、意见或建议,请通过以下地址与我们联系:https://support.sap.com/en/contact-us.html一般情况下,我们将在 15 个工作日内回复。