Privacy Statement – SAP Mobile Services Client mobile app
隐私政策 — SAP Mobile Services
Client mobile app
This Privacy
Statement applies to the SAP Mobile Services Client mobile app (“App”)
published by SAP SE, Dietmar-Hopp-Allee 16 Walldorf
69190, Germany (“SAP”, “we”, “us”, “our”) for the People’s Republic of China
(China) market.
本隐私政策适用于 SAP SE(地址为 Dietmar-Hopp-Allee 16, 69190 Walldorf,
Germany,以下简称“SAP”或“我们”)面向中华人民共和国(中国)市场发布的 SAP Mobile Services Client 移动APP(以下简称“APP”)。
Last updated: 07,
2020
更新日期:2020 年 07 月
This Privacy
Statement will help you understand the following:
本隐私政策将帮助您了解以下内容:
I. How we collect
and use your personal information?
我们如何收集和使用您的个人信息
II. How do we
share, transfer the control of or disclose publicly your personal information?
我们如何共享、转让、公开披露您的个人信息
III. How do we
protect your personal information?
我们如何保护您的个人信息
IV. Your
rights.
您的权利
V. Processing
personal information of children.
儿童个人信息的处理
VI. How is your
personal information transferred cross-border?
您的个人信息如何在全球范围转移
VII. How is this Privacy
Statement updated?
本隐私政策如何更新
VIII. How you may
contact us?
如何联系我们
I.
How We Collect and Use Your Personal Information?
我们如何收集和使用您的个人信息
This Privacy
Statement outlines how we handle the information that can be used to directly
or indirectly identify an individual ("Personal Information").
本隐私政策概述了我们如何处理可用于直接或间接识别个人的信息(“个人信息”)。
Your employer,
client company, business, institution or other providing entity (“your
Company”) may have subscribed to the SAP Mobile Services Client on-demand services
(“Cloud Service”) provisioned either by (for Cloud Service hosted in China) China Datacom Corporation Limited or (for Cloud
Service hosted outside China) a member of the SAP group of companies ( “Cloud
Service Provider”). Consult your Company for the location of the Cloud Service
data center. This Privacy Statement does not change any terms of the business
agreement for Cloud Service between your Company and the Cloud Service
Provider.
您的雇主、客户公司、业务部门、机构或其他提供实体(“贵公司”)可能租用了由中数通信息有限公司(针对在中国境内托管的云服务)或 SAP 集团的成员公司(针对在中国境外托管的云服务)(“云服务提供商”)所提供的 SAP Mobile Services Client 按需服务(“云服务”)。请咨询贵公司,了解云服务数据中心的位置。本隐私政策不会修改贵公司和云服务提供商之间就云服务达成的商业协议中的任何条款。
Your Company is
the data controller of the Personal Information hosted on the Cloud Service
within the meaning of the applicable data protection laws. The processing of
such Personal Information by the Cloud Service Provider is under the direction
of your Company.
贵公司作为数据控制方,控制着根据适用的数据保护法在云服务中托管的个人信息。云服务提供商根据贵公司的指示处理此类个人信息。
The App may collect
and process your Personal Information for the following purposes:
APP会出于以下目的,收集和处理您的个人信息:
a. Provide on the App
functions and features similar to the Cloud Service. The App connects to the
Cloud Service. SAP provides this App so that you can access the Cloud Service from
your mobile device as long as you remain a user authorized by your Company to
access the Cloud Service. The categories of the Personal Information about you
collected or derived within the Cloud Service depends, in part, on the Cloud
Service to which your Company has subscribed and the manner in which your
Company has configured the Cloud Service. Should you have any questions about
how your Personal Information is processed by the Cloud Service, please contact
your Company.
在APP中提供与云服务类似的功能和特性。APP与云服务互联。只要您是贵公司授权访问云服务的用户,您就能通过 SAP 提供的这款APP在移动设备上访问云服务。在云服务中收集或获取的个人信息的类别,部分取决于贵公司租用了哪些云服务和如何配置云服务。如对云服务如何处理您的个人信息有任何疑问,请联系贵公司。
b. Authentication. When
you log in on the App, the App will prompt you to login using OAuth through the
identity provider configured by your Company. The App collects your username information
from the identity provider and creates a local passcode for user authentication
purposes before permitting you to access the App services. If you do not
provide such information, the App cannot authenticate you and without
authentication you cannot access the App services.
身份验证。当您登录APP时,APP会提示您通过贵公司所配置的身份识别平台的OAuth开放授权进行登录。我们会从该身份识别平台获取您的用户名以及产生一个本地密码,用于用户身份验证,然后再允许您访问APP服务。如果您不提供此类信息,APP就无法对您进行身份验证。不经过验证,您将无法访问APP服务。
c. Push notification. The App collects
your unique device ID for the purpose to allow the Cloud Service instance to
send you push notification. If you do not wish to receive push
notification, please contact your Company to disable such function on the Cloud
Service instance.
信息推送。我们会收集您的设备唯一标识符,用于允许云服务实例向您进行信息推送。如果您不希望收到信息推送,请联系贵公司取消云服务实例中的相关功能。
Please note that the
Personal Information the App collects will be uploaded to the Cloud Service
instance controlled by your Company. Your provision of the above Personal Information
means you authorize us and your Company to collect, store, use or otherwise
process them on the Cloud Service.
请注意,APP收集的个人信息将上传至由贵公司控制的云服务实例。您提供上述个人信息,即表示您授权贵公司和我们在云服务中收集、存储、使用或以其他方式处理这些个人信息。
个人信息的保存期限将依据贵公司作为云服务实例控制方所制定的政策而定。 如对个人信息的保存期限或超出保存期限的个人信息处理有任何疑问,请联系贵公司。
II. How Do We
Share, Transfer the Control of or Disclose Publicly Your Personal Information?
我们如何共享、转让、公开披露您的个人信息
(1) Sharing
共享
We will not share
your Personal Information with any company, organization or individual beyond
SAP and its affiliates, except for the following cases:
我们不会与 SAP 及其关联公司以外的任何公司、组织和个人共享您的个人信息,但以下情况除外:
1. Your Company.
The App connects to the Cloud Service. The App uploads data to and downloads
data from the Cloud Service.
贵公司。APP与云服务互联,支持向云服务上传数据和从云服务下载数据。
2. Suppliers,
service providers and other partners. We may send your Personal Information to
suppliers, service providers and other partners supporting our business, and
the support includes providing technical and infrastructure services, analyzing
the use pattern of our services, measuring the effectiveness of services, and
providing customer services.
供应商、服务提供商和其他合作伙伴。我们可能会将您的个人信息发送给支持我们业务的供应商、服务提供商和其他合作伙伴,这些支持包括提供技术和基础设施服务、分析我们服务的使用方式、衡量服务的有效性、提供客户服务。
3. External
organizations as required by applicable law. Applicable law and regulation or
mandatory requirements of a competent authority may require that we share your Personal
Information with certain external organizations.
适用法律要求的外部组织。根据适用法律法规或主管部门的强制性要求,我们可能需要与某些外部组织共享您的个人信息。
To the maximum
extent permitted by applicable laws and regulations, we will enter into a
strict non-disclosure agreement or data processing agreement with companies,
organizations and individuals with which we share Personal Information,
requiring them to process Personal Information in accordance with our
instructions, this Privacy Statement and any other relevant non-disclosure and
security measures.
在适用法律法规允许的最大范围内,我们会与这些公司、组织和个人签署严格的保密协定或数据处理协议,要求他们按照我们的说明、本隐私政策以及其他任何相关的保密和安全措施来处理个人信息。
(2) Transfer of
Control
转让
To the extent
there is any user Personal Information under our control, we will not transfer
the control of such Personal Information to any company, organization or individual
outside of the SAP group of companies, except where:
如果我们控制了您的任何个人信息,我们不会将此类个人信息转让给 SAP 集团公司之外的任何公司、组织和个人,但以下情况除外:
1. User’s
explicit consent is obtained. We will not transfer the control of your Personal
Information to a third party unless we have first obtained your explicit
consent.
获得您的明示同意。除非事先获得您的明示同意,否则我们不会向第三方转让您的个人信息。
2. Merger,
acquisition or bankruptcy. In the event of a merger or acquisition case or
bankruptcy or liquidation scenario, involving the transfer of Personal
Information, we will require the new company or organization holding your Personal
Information to observe this Privacy Statement, otherwise we will require such
company or organization to seek your consent again.
合并、收购或破产。在发生涉及个人信息转让的并购案或破产清算时,我们会要求新的持有您个人信息的公司或组织继续受本隐私政策的约束,否则我们将要求该公司或组织重新向您征求授权同意。
(3) Public
Disclosure
公开披露
We will not disclose
your Personal Information publicly except:
我们不会公开披露您的个人信息,但以下情况除外:
1. Having
obtained your explicit consent.
获得您的明示同意。
2. Law-based
disclosure: if required by applicable law, legal process, legal orders or in
accordance with mandatory requirements of a competent authority, we may
disclose your Personal Information accordingly.
基于法律的披露:在法律、法律程序、诉讼或政府主管部门强制性要求的情况下,我们可能会公开披露您的个人信息。
III. How We
Protect Your Personal Information?
我们如何保护您的个人信息
(1) We have employed security measures complying with industry standards
to
protect the Personal
Information we collect via the App, to prevent
such Personal Information from unauthorized access, public
disclosure, use, modifications, damage or loss. We will adopt reasonable measures to protect
your Personal Information. For example, we use a trusted protection mechanism
to protect such Personal Information from attacks and
we deploy an access control mechanism to ensure
only authorized persons can
access such Personal Information.
我们已使用符合业界标准的安全防护措施来保护我们通过APP收集的个人信息,防止此类个人信息遭到未经授权访问、公开披露、使用、修改、损坏或丢失。我们会采取一切合理的措施来保护您的个人信息。例如,我们会使用受信赖的保护机制防止此类个人信息遭到恶意攻击;我们会部署访问控制机制,确保只有授权人员才可访问此类个人信息。
(2) We may adopt
reasonable measures to ensure irrelevant Personal Information is not collected.
We only keep your Personal Information within the period required for
fulfilling the purposes stated in this Privacy Statement, unless an extension
is required or permitted by applicable law.
我们会采取一切合理的措施,确保未收集无关的个人信息。我们只会在达成本隐私政策所述目的所需的期限内保留您的个人信息,除非根据适用法律的需要或允许延长保存期。
(3) We have put in
place measures to protect your Personal Information from loss, misuse and
unauthorized access. We will keep your Personal Information secure using reasonable
security measures as appropriate, for example, encryption (e.g., SSL) and anonymization.
We use the protection mechanisms offered by the mobile operating system inside
the application's sandbox environment. Your Personal Information is also
protected by application-level encryption based on 256-bit Advanced Encryption
Standard (AES) or better method. Further, we may make available to your Company
certain optional security measures for managing the App which your Company can
deploy at its end, for example, the OAuth2 for identity authentication and
other mobile device management security features. We will continue to improve
the technical measures to protect your Personal Information collected by the App.
SAP has achieved and maintains C5, ISO22301, ISO27001, ISO27017, ISO27018,
SOC1/2 and similar other international technical standards.
我们已采取适当措施来防止您的个人信息遭丢失、滥用或未经授权的访问。我们将适当采用加密技术(例如 SSL)、匿名技术等合理的安全防护措施来确保您个人信息的安全。我们不仅在应用程序的运行环境中应用了移动端操作系统提供的保护机制,同时您的个人信息还将受到基于256位高级加密标准(AES)或更好方法的应用程序级加密保护。 此外,我们可能会向贵公司提供一些可自行选择部署的安全防护措施来帮助管理APP,例如OAuth2身份验证以及其他移动设备管理安全功能。我们将不断优化技术措施,保护APP收集的个人信息。SAP 已达到并持续符合 C5、ISO22301、ISO27001、ISO27017、ISO27018、SOC1/2 及其他类似国际技术标准的要求。
In the event of a
Personal Information security breach, we will notify your Company as required
by the applicable laws and regulations. We will cooperate with your Company to notify
the affected users and handle the event.
如果出现个人信息安全漏洞,我们会根据适用法律法规的要求告知贵公司。我们将协助贵公司告知受影响的用户并处理该安全事件。
IV. Your Rights.
您的权利
In accordance
with applicable laws and regulations, you are guaranteed certain rights to your
Personal Information.
按照适用的法律法规,我们保障您对自己的个人信息行使特定权利。
Most of the Personal
Information collected by the App is controlled by your Company. With respect to
the Personal Information under our control, you may contact us at https://support.sap.com/en/contact-us.html should you have any
questions or concerns regarding such Personal Information. To the extent we
have retained such information with an identifier that can be connected to you,
you have the following rights.
APP收集的大部分个人信息都由贵公司控制。对于由我们控制的个人信息,如有任何问题或疑虑,请通过 https://support.sap.com/en/contact-us.html 联系我们。如果我们保存的信息中包含与您关联的标识符,您可以行使以下权利:
(1) Accessing Your Personal Information
访问您的个人信息
You have the
right to access your Personal Information under our control, except for the
exceptions specified in applicable laws and regulations. If you wish to
exercise the right to access your Personal Information, you may contact us at https://support.sap.com/en/contact-us.html.
您有权访问由我们控制的您的个人信息,但适用法律法规规定的例外情况除外。如果您想行使个人信息访问权,请通过 https://support.sap.com/en/contact-us.html 联系我们。
If it does not
incur a significant cost or cause other significant difficulties for us, upon
your written request, we can also provide you with a copy of your Personal
Information under our control (if any) that is generated during your use of the
App. If you wish to access such Personal Information, please contact us at https://support.sap.com/en/contact-us.html.
在不会产生较高成本或造成其他较大困难的情况下,应您的书面请求,我们可以提供您在使用APP期间所产生的、由我们控制的您的个人信息(如有)的副本。如果您想访问此类个人信息,请通过 https://support.sap.com/en/contact-us.html 联系我们。
(2) Correcting
Your Personal Information
更正您的个人信息
As the types of
Personal Information that we (as a data controller) collect is very limited, it
is unlikely for you to wish to correct your Personal Information under our
control. However, if you discover errors
in your Personal Information under our control, you have the right to require
us to make the correction. You may request a correction by contacting us at https://support.sap.com/en/contact-us.html.
由于我们作为数据控制方收集的个人信息类别非常有限,您不太可能需要更正由我们控制的您的个人信息。 但是,如果您发现我们控制的您的个人信息有错误,您有权要求我们做出更正。您可以通过 https://support.sap.com/en/contact-us.html 联系我们来要求更正。
(3) Deleting Your
Personal Information
删除您的个人信息
In the following
cases, you may send a request to https://support.sap.com/en/contact-us.html to delete your Personal
Information under our control:
在以下情形,您可以通过 https://support.sap.com/en/contact-us.html 向我们提出删除由我们控制的您的个人信息的请求:
1. If our
behavior in processing your Personal Information violates applicable laws or
regulations;
如果我们处理您个人信息的行为违反了适用法律法规;
2. If we collect
and use your Personal Information, without obtaining your consent;
如果我们收集、使用您的个人信息,却未征得您的同意;
3. If our
behavior in processing your Personal Information violates our agreement with
you;
如果我们处理您个人信息的行为违反了与您的约定;
4. If you desist
from the use of the App, or you cancel the account;
如果您不再使用APP,或您注销了帐号;
5. If we desist
from providing the App to you.
如果我们不再为您提供APP。
If we agree to
your deletion request, we will also inform the entities which has obtained such
Personal Information from us to delete such Personal Information without delay,
unless otherwise specified in laws and regulations, or these entities have
obtained your separate authorization.
如果我们同意了您的删除信息请求,我们也会通知从我们这里获取了此类个人信息的实体,要求其立即删除,除非法律法规另有规定,或这些实体已单独获得您的授权。
When you delete your
Personal Information on the App, the deletion will be promptly synchronized and
reflected in the production instance of the Cloud Service. However, complete deletion
from the backup systems may take longer, as back-up processes run according to a
periodic schedule.
在APP上删除您的个人信息时,该删除会及时同步并体现到云服务的生产实例中。不过,从备份系统中全部删除可能会需要较长时间,因为备份程序是按计划定期运行的。
(4) Canceling
Your Account
注销您的帐号
You can uninstall
the App at any time. Upon removal of the App, the App will not store any of
your Personal Information on your mobile device. Your Company controls the Cloud
Service. Should you have any questions about how to cancel your account on the
Cloud Service, please contact your Company.
您随时可以卸载APP。移除后,APP将不会在您的移动设备中存储任何您的个人信息。由于云服务由贵公司控制,因此,如果您对如何注销云服务帐号有任何疑问,请联系贵公司。
(5) Responding to
Your Above Requests
响应您的上述请求
Please submit
your request in writing. To ensure security, we may need to verify your
identity before processing your request. We will reply to your request within
15 working days after verification of your identity. If you have any concerns,
you may contact us at https://support.sap.com/en/contact-us.html.
请以书面形式提出请求。为保障安全,我们可能会先要求您验证自己的身份,然后再处理您的请求。我们将在您完成身份验证后的 15 个工作日内做出答复。如有任何疑虑,请通过 https://support.sap.com/en/contact-us.html 联系我们。
Generally, we
will not charge fees to process any reasonable request. But if you submit the same
request frequently or your request exceeds a reasonable extent, we may charge a
fee based on our processing costs as we may reasonably determine. Where the requests
are repeated without good reasons, or require too many technical measures (e.g.
a new system is needed or current practice will be changed fundamentally), or put
others’ legitimate rights and interests at risk or are very impractical (e.g.
require a backup of the Personal Information stored in the tape), we reserve
the right reject such requests.
对于合理的请求,我们一般不收取费用。但对多次重复、超出合理限度的请求,我们将根据处理成本酌情合理地收取一定费用。对于那些无端重复、需要过多技术手段(例如,需要开发新系统或从根本上改变现行惯例)、给他人合法权益带来风险或者非常不切实际(例如,要求用磁带备份存储个人信息)的请求,我们有权予以拒绝。
In the following
cases, in accordance with applicable laws and regulations, we are unable to accommodate
your request:
在下列情况下,按照适用法律法规要求,我们将无法响应您的请求:
1. Directly
related to national security and national defense security;
与国家安全、国防安全直接相关的;
2. Directly
related to public security, public health, and major public interests;
与公共安全、公共卫生、重大公共利益直接相关的;
3. Directly
related to criminal investigation, prosecution, trial, and enforcement of
judgments;
与犯罪侦查、起诉、审判和判决执行等直接相关的;
4. There is
sufficient evidence indicating that you have subjective malicious intentions or
abuse your rights;
有充分证据表明您存在主观恶意或滥用权利的;
5. Responding to
your request will cause serious damage to the legitimate rights and interests
of the data subject or other individuals or organizations;
响应您的请求将导致数据当事人或其他个人、组织的合法权益受到严重损害的;
6. Involving
trade secrets.
涉及商业秘密的。
V. Processing Personal
Information of Children.
儿童个人信息的处理。
The App and any related
websites, products and services are intended for adults. We consider anyone
less than 14 years old a child. You represent and warrant that you are an adult
and not a child and you will not transmit Personal Information of any child
through the App without the explicit consent of the child’s parents or
guardians. If we discover that we have collected Personal Information of
children without verifiable consent of their parents or guardians, we will find
ways to delete such data as soon as possible.
APP及任何相关的网站、产品和服务主要面向成年人。我们将所有未满 14 周岁的人视为儿童。您声明并保证您不是儿童,您是一个成年人,您不会在未经儿童父母或监护人明示同意的情况下通过APP传输任何儿童的个人信息。如果我们发现自己在未获得可验证的儿童父母或监护人同意的情况下收集了儿童的个人信息,我们则会设法尽快删除相关数据。
VI. How is Your
Personal Information Transferred Cross-Border?
您的个人信息如何在全球范围转移
The App connects
to the Cloud Service, which may or may not be hosted in China. (See section I
above.) As we may provide products or services via servers and resources
located worldwide, you agree that your Personal Information may be transferred
to jurisdictions beyond the country/region where you use the App. Such jurisdictions
may have different data protection laws or have no such laws. However, for your
Personal Information under our control, we will ensure such Personal
Information will have no less protection than under the laws protecting
Personal Information in China. By agreeing to this Privacy Statement, you
consent that your Personal Information may be stored and processed outside of
China as described above.
APP与可能在中国境内或境外托管的云服务互联。(请参见上述第 I 节。)鉴于我们可能通过遍布全球的服务器和资源提供产品或服务,您同意您的个人信息可能会转移至您使用APP时所在的国家/地区之外的辖区。此类辖区可能设有不同的数据保护法,甚至未设立相关法律。但是,对于由我们控制的您的个人信息,我们会确保此类个人信息获得不少于中国境内的个人信息保护法所提供的保护。同意本隐私政策,即表示您同意上述在中国境外地区存储和处理您的个人信息。
VII. How Is This
Privacy Statement Updated?
本隐私政策如何更新
Our Privacy
Statement may be updated from time to time. Without your explicit consent, we
will not diminish the rights you are entitled to under this Privacy Statement. The
App will alert you through a pop-up notice or other prominent method of any update
and obtain your explicit consent to the new version of the Privacy Statement.
我们可能会不时更新本隐私政策。未经您明示同意,我们不会削减您按照本隐私政策所应享有的权利。APP将通过弹出通知或其他有效方式提醒您相关内容的更新,并征求您对新版隐私政策的明示同意。
VIII. How You May
Contact Us?
如何联系我们
If you have any
question, comment or suggestion relating to this Privacy Statement, you can contact
us at https://support.sap.com/en/contact-us.html. Generally, we
will strive to reply within 15 working days.
如您对本隐私政策有任何疑问、意见或建议,请通过以下地址与我们联系:https://support.sap.com/en/contact-us.html。一般情况下,我们将在 15 个工作日内回复。