SAP PRIVACY STATEMENT
SAP LEARNING HUB AND SAP CERTIFICATION
A. General Information
When does this Privacy Statement apply? This Privacy Statement applies where SAP (as defined below) acts as controller of any Personal Data in connection with its SAP Learning Hub and SAP Learning System Access offerings. This is the case, where:
- You use an activation code (e.g. provided by your employer) to register yourself with SAP Learning Hub or SAP Learning System Access;
- You buy a SAP Learning Hub or SAP Learning System Access subscription for yourself;
- You register for an offering of SAP Enterprise Support on SAP Learning Hub;
- You use the SAP Learning Hub mobile app;
- SAP uses Personal Data for the purposes of (i) conducting license audits or ensuring compliance with export laws, (ii) tracking users or anonymizing Personal Data for the purposes of improving SAP Learning Hub and SAP Learning System Access or (iii) displaying questionnaires to users notwithstanding it is acting in the provisioning of SAP Learning Hub or SAP Learning System Access otherwise as a data processor (see next paragraph).
Controller. The controller in the cases described above of SAP Learning Hub, SAP Learning System Access and the SAP Learning Hub mobile app is SAP SE, Dietmar-Hopp-Allee 16, 69190 Walldorf ('SAP'). The SAP Group’s data protection officer can be reached at privacy[@]sap.com.
What does SAP do with my Personal Data? SAP will process the Personal Data provided hereunder only as set out in this Privacy Statement. Further information can be found in Sections B. and C. below. Where the processing of your Personal Data is based on a statutory permission, you can find information on which Personal Data SAP is processing or using for which purposes in Section B below. Where consent for the processing of your Personal Data is required you can find further information in Section C. below.
Duration of processing of Personal Data. SAP will retain your Personal Data only (i) for as long as is required to fulfil the purposes set out below or (ii) until you object to SAP's use of your Personal Data (where SAP has a legitimate interest in using your Personal Data), or (iii) until you withdraw your consent (where you consented to SAP using your Personal Data). However, where SAP is required by mandatory law to retain your Personal Data longer or where your Personal Data is required for SAP to assert or defend against legal claims, SAP will retain your Personal Data until the end of the relevant retention period or until the claims in question have been settled.
Am I required to provide Personal Data? As a general principle, your granting of any consent and your provision of any Personal Data hereunder is entirely voluntary. However, where SAP requires your Personal Data in order to be able to provide you with access to SAP Learning Hub, SAP Learning System Access, the SAP Learning Hub mobile app or any offering of SAP Enterprise Support on Learning Hub or in order to ensure export law compliance, you cannot use SAP Learning Hub, SAP Learning System Access and the SAP Learning Hub mobile app until you have provided the required Personal Data to SAP.
Where and by who will my Personal Data be processed? Your Personal Data will be passed on to the following categories of third parties to process your Personal Data for the purposes set out herein:
- Companies within the SAP Group;
- Third party service providers.
Data subjects' rights. You can request from SAP at any time information about which Personal Data SAP processes about you and the correction or deletion of such Personal Data. Please note, however, that SAP will delete your Personal Data only if there is no statutory obligation or prevailing right of SAP to retain it. Kindly note that if you request that SAP deletes your Personal Data and this Personal Data is required to provide you with access to SAP Learning Hub, SAP Learning System Access, the SAP Learning Hub mobile app or an offering of SAP Enterprise Support on SAP Learning Hub, you will not be able to continue to use SAP Learning Hub, SAP Learning System Access, the SAP Learning Hub mobile app or an offering of SAP Enterprise Support on SAP Learning Hub.
If SAP uses your Personal Data based on your consent or to perform a contract with you, you may further request from SAP a copy of the Personal Data that you have provided to SAP. In this case, please contact the email address below and specify the information or processing activities to which your request relates, the format in which you would like this information, and whether the Personal Data is to be sent to you or another recipient. SAP will carefully consider your request and discuss with you how it can best fulfill it.
Furthermore, you can request from SAP that SAP restricts your Personal Data from any further processing in any of the following events: (i) you state that the Personal Data SAP has about you is incorrect, (but only for as long as SAP requires to check the accuracy of the relevant Personal Data), (ii) there is no legal basis for SAP processing your Personal Data and you demand that SAP restricts your Personal Data from further processing, (iii) SAP no longer requires your Personal Data but you claim that you require SAP to retain such data in order to claim or exercise legal rights or to defend against third party claims or (iv) in case you object to the processing of your Personal Data by SAP (based on SAP's legitimate interest as further set out in B. below) for as long as it is required to review as to whether SAP has a prevailing interest or legal obligation in processing your Personal Data.
Please direct any such request to education-privacy@sap.com.
SAP will take steps to ensure that it verifies your identity to a reasonable degree of certainty before it will process the data protection right you want to exercise. When feasible, SAP will match Personal Data provided by you in submitting a request to exercise your rights with information already maintained by SAP. This could include matching two or more data points you provide when you submit a request with two or more data points that are already maintained by SAP.
SAP will decline to process requests that are manifestly unfounded, excessive, fraudulent, or are not otherwise required by local law.
Right to lodge a complaint. If you believe that SAP is not processing your Personal Data in accordance with the requirements set out herein or applicable EU data protection laws, you can at any time lodge a complaint with the data protection authority of the EU country in which you live or with the data protection authority of the country or state in which SAP has its registered seat.
Use of SAP Learning Hub or SAP Learning System Access by minors SAP Learning Hub is not intended for anyone under the age of 16 years. If you are younger than 16, you may not register to or use Learning Hub.
Links to other websites. This website may contain links to foreign (meaning non-SAP Group companies) websites. SAP is not responsible for the privacy practices or the content of websites outside the SAP Group of companies. Therefore, we recommend that you carefully read the privacy statements of such foreign sites.
B. Where SAP processes My Personal Data based on the Law
In the following cases, SAP is permitted to process your Personal Data under the applicable data protection law.
Providing the requested goods or services (Article 6 para. 1 lit. f GDPR). If you register with SAP Learning Hub or SAP Learning System Access using an activation code, if you purchase a SAP Learning Hub or SAP Learning System Access subscription for yourself or if you register yourself for an offering of SAP Enterprise Support on SAP Learning Hub, SAP will use the Personal Data that you enter into the registration form (your name, email and postal address, telephone number, company or institution name, department name, country, city, region, your job title, role) and your then created username and password, to provide you with access to SAP Learning Hub or SAP Learning System Access. This may include taking the necessary steps prior to entering into the contract, responding to your related inquiries, and providing you with shipping and billing information and to process or provide customer feedback and support. This may also include conversation data that you may trigger via the chat functionalities on https://training.sap.com/, SAP Learning System Chat, contact forms, emails, or telephone. In the case where an SAP product or service specifically for students is purchased, this may include verifying current student status by means of reviewing matriculation status documentation, which must be provided via upload at the time of purchase.
If you participate in tutorials or trainings, SAP may also track your learning progress in order to make this information available to you and the person or entity who or that enabled your usage of SAP Learning Hub (which in particular includes your employer).
If you use the SAP Learning Hub mobile app, this app will use your username and password in order to create a connection to SAP Learning Hub and thereby provide you the ability to participate in learnings and tests via the SAP Learning Hub mobile app.
In case you register for an event or training hosted by a member of SAP University Alliances, SAP may provide your registration data (your name, email address, company or institution, and other data you provide during registration) or a subset of it to the respective SAP University Alliances member in order to enable you to attend the respective event or training. A list of these SAP University Alliances members can be found here.
If you register with SAP Learning Hub as described above in the first paragraph of this Sub-section (providing the requested goods and services), SAP may check whether the company you work for or belong to is an SAP University Alliances member. If you work for or belong to an SAP University Alliances member, SAP Learning Hub will display courses and other SAP Learning Hub related offerings to you that are only available for SAP University Alliances members.
Furthermore, we communicate on a regular basis by email with users who subscribe to our services, and we may also communicate by phone to resolve customer complaints or investigate suspicious transactions. We may use your email address to confirm your opening of an account, to send you notice of payments, to send you information about changes to our products and services, and to send notices and other disclosures as required by law. Generally, users cannot opt out of these communications, which are not marketing-related but merely required for the relevant business relationship. With regard to marketing-related types of communication (i.e. emails and phone calls), SAP will (i) where legally required only provide you with such information after you have opted in and (ii) provide you the opportunity to opt out if you do not want to receive further marketing-related types of communication from us. You can opt out of these at any time at https://learninghub.sap.com/consent-management.
Compliance with export laws. SAP and its products, technologies, and services are subject to the export laws, trade sanctions, and embargoes (“Export Laws”) of various countries including, without limitation, those of Germany, the European Union (“EU”) and its member states, and of the United States of America. Therefore, you acknowledge that, pursuant to the applicable Export Laws issued by these countries, SAP is required to:
- take measures to prevent persons, entities, organizations, and parties listed on government-issued sanctioned party lists from accessing certain products, technologies, and services through SAP’s websites or other delivery channels controlled by SAP. This may include (i) automated checks of any user registration data as set out herein and other information a user provides about his or her identity against applicable sanctioned-party lists; (ii) regular repetition of such checks whenever a sanctioned-party list is updated or when a user updates his or her information; (iii) blocking of access to SAP’s services and systems in case of a potential match; and (iv) contacting a user to confirm his or her identity in case of a potential match;
- ensure that no individuals from embargoed countries access its services. Therefore, when an existing user logs into a website, app or cloud service of an entity of the SAP Group from an embargoed country, the user’s registration data and IP address may be used by SAP to block the user’s access and to log access attempts from embargoed countries.
SAP's legitimate interest. Each of the use cases below constitutes a legitimate interest of SAP (Article 6 para. 1 lit. f GDPR) to process your Personal Data. If you do not agree with this approach, you may object against SAP's processing or use of your Personal Data as set out below.
Questionnaires and surveys. SAP may invite you to participate in questionnaires and surveys. These questionnaires and surveys will be generally designed in a way that they can be answered without any Personal Data. If you nonetheless enter Personal Data in a questionnaire or survey, SAP may use such Personal Data to improve its products and services.
Creation of anonymized data sets. SAP may (i) anonymize Personal Data provided under this Privacy Statement in order to create anonymized data sets, (ii) use your name, (email) address, telephone number, company name and address, your job title and role, or other personal identifiers to track your access and content usage of SAP Learning Hub, SAP Learning Room and SAP Learning System Access, satisfaction ratings, user post data (excluding the content of these posts) and user learning activity in order to create anonymized reporting for internal SAP use for the purposes of supporting user enablement, improving the quality of the learning product offering and for account management purposes. In the case of private cloud version of SAP Learning Hub or bulk sales licenses, this information may be provided to your organization’s reporting user(s) for reporting purposes.
Recording of chats for quality improvement. In case of chat sessions, SAP may record such chat sessions in order to improve the quality of SAP's services.
In order to keep you up-to-date / request feedback. Within an existing business relationship between you and SAP (i.e. if you used an activation code to register with SAP Learning Hub or SAP Learning System Access, purchased a SAP Learning Hub or SAP Learning System Access subscription for yourself or if you register yourself for an offering of SAP Enterprise Support), SAP may inform you, where permitted in accordance with local laws, about its products or services (including webinars, seminars or events) which are similar or relate to SAP Learning Hub or SAP Learning System Access. Furthermore, where you have attended a webinar, seminar or event of SAP or purchased products or services from SAP, SAP may contact you for feedback regarding the improvement of the relevant webinar, seminar, event, product or service.
In order to conduct license audits. SAP may use your registration data to review whether SAP Learning Hub is used in accordance with the license terms between the person or entity that enabled your usage of SAP Learning Hub or SAP Learning System Access and SAP.
Right to object. You may object to SAP processing Personal Data for the above purposes at any time by unsubscribing at education-privacy@sap.com. If you do so, SAP will cease using your Personal Data for the above purposes (that is to say, under a legitimate interest set out above) and remove it from its systems unless SAP is permitted to use such Personal Data for another purpose set out in this Privacy Statement or SAP determines and demonstrates a compelling legitimate interest to continue processing your Personal Data.
C. Where SAP uses My Personal Data based on My Consent
In the following cases SAP will only process your Personal Data as further detailed below after you have granted your prior consent into the relevant processing operations.
News about SAP's Products and Services. Subject to a respective provision and your consent, SAP may use your name, email and postal address, telephone number, job title and basic information about your employer (name, address, and industry) as well as an interaction profile based on prior interactions with SAP (prior purchases, participation in webinars, seminars, or events or the use of (web) services) in order to keep you up to date on the latest product announcements, software updates, software upgrades, special offers, and other information about SAP's software and services (including marketing-related newsletters) as well as events of SAP and in order to display relevant content on SAP's websites. In connection with these marketing-related activities, SAP may provide a hashed user ID to third party operated social networks or other web offerings (such as Twitter, LinkedIn, Facebook, Instagram or Google) where this information is then matched against the social networks' data or the web offerings' own data bases in order to display to you more relevant information.
Forwarding your Personal Data to other SAP companies. SAP may transfer your Personal Data to other entities in the SAP Group. The current list of SAP Group entities can be found here. In such cases, these entities will then use the Personal Data for the same purposes and under the same conditions as outlined in this Section C. above.
Revocation of a consent granted hereunder. You may at any time withdraw a consent granted hereunder by unsubscribing at https://learninghub.sap.com/consent-management. In case of withdrawal, SAP will not process Personal Data subject to this consent any longer unless legally required to do so. In case SAP is required to retain your Personal Data for legal reasons your Personal Data will be restricted from further processing and only retained for the term required by law. However, any withdrawal has no effect on past processing of personal data by SAP up to the point in time of your withdrawal.
