Privacy
Statement – SAP SuccessFactors mobile app
隐私政策 — SAP SuccessFactors
mobile app
This Privacy Statement applies to the SAP SuccessFactors
mobile app (“App”) published by SAP (China) Co., Ltd. (“SAP”, “we”, “us”, “our”)
for the People’s Republic of China (China) market.
本隐私政策适用于 SAP (China)
Co., Ltd.(以下简称“SAP”或“我们”)面向中华人民共和国(中国)市场发布的 SAP SuccessFactors
移动APP(以下简称“APP”)。
Last updated: 05, 2020
更新日期:2020 年 5 月
This Privacy Statement will help you
understand the following:
本隐私政策将帮助您了解以下内容:
I. How we collect and use your personal
information?
我们如何收集和使用您的个人信息
II. How do we use Cookie?
我们如何使用 Cookie
III. How do we share, transfer the control
of or disclose publicly your personal information?
我们如何共享、转让、公开披露您的个人信息
IV. How do we protect your personal
information?
我们如何保护您的个人信息
V. Your rights.
您的权利
VI. Processing personal information of
children.
儿童个人信息的处理
VII. How is your personal information
transferred cross-border?
您的个人信息如何在全球范围转移
VIII. How is this Privacy Statement
updated?
本隐私政策如何更新
IX. How you may contact us?
如何联系我们
I.
How We Collect and Use
Your Personal Information?
我们如何收集和使用您的个人信息
This Privacy Statement outlines how we
handle the information that can be used to directly or indirectly identify an
individual ("Personal Information").
本隐私政策概述了我们如何处理可用于直接或间接识别个人的信息(“个人信息”)。
Your employer, client company, business, institution
or other providing entity (“your Company”) may have subscribed to the SAP SuccessFactors
on-demand services (“Cloud Service”) provisioned either by (for Cloud Service
hosted in China) China Datacom Corporation
Limited or (for Cloud Service hosted outside
China) a member of the SAP group of companies ( “Cloud Service Provider”). Consult
your Company for the location of the Cloud Service data center. This Privacy
Statement does not change any terms of the business agreement for Cloud Service
between your Company and the Cloud Service Provider.
您的雇主、客户公司、业务部门、机构或其他提供实体(“贵公司”)可能租用了由中数通信息有限公司(针对在中国境内托管的云服务)或 SAP 集团的成员公司(针对在中国境外托管的云服务)(“云服务提供商”)所提供的 SAP SuccessFactors
按需服务(“云服务”)。请咨询贵公司,了解云服务数据中心的位置。本隐私政策不会修改贵公司和云服务提供商之间就云服务达成的商业协议中的任何条款。
Your Company is the data controller of the
Personal Information hosted on the Cloud Service within the meaning of the applicable
data protection laws. The processing of such Personal Information by the Cloud
Service Provider is under the direction of your Company.
贵公司作为数据控制方,控制着根据适用的数据保护法在云服务中托管的个人信息。云服务提供商根据贵公司的指示处理此类个人信息。
The App may collect and process your Personal
Information for the following purposes:
APP会出于以下目的,收集和处理您的个人信息:
a. Provide
on the App functions and features similar to the Cloud Service. The App
connects to the Cloud Service. SAP provides this App so that you can access the
Cloud Service from your mobile device as long as you remain a user authorized
by your Company to access the Cloud Service. The categories of the Personal
Information about you collected or derived within the Cloud Service depends, in
part, on the Cloud Service to which your Company has subscribed and the manner
in which your Company has configured the Cloud Service. Should you have any
questions about how your Personal Information is processed by the Cloud
Service, please contact your Company.
在APP中提供与云服务类似的功能和特性。APP与云服务互联。只要您是贵公司授权访问云服务的用户,您就能通过 SAP 提供的这款APP在移动设备上访问云服务。在云服务中收集或获取的个人信息的类别,部分取决于贵公司租用了哪些云服务和如何配置云服务。如对云服务如何处理您的个人信息有任何疑问,请联系贵公司。
b. Authentication.
When you log in on the App, the App collects your unique device identifier,
username ID and related password information for user authentication purposes
before permitting you to access the App services. If you do not provide such
information, the App cannot authenticate you and without authentication you
cannot access the App services.
身份验证。当您登录APP时,APP会收集您的设备唯一标识符、用户名和相关密码信息,用于用户身份验证,然后再允许您访问APP服务。如果您不提供此类信息,APP就无法对您进行身份验证。不经过验证,您将无法访问APP服务。
c. Data
analyses. We may create analyses utilizing, in part, information derived from
your Personal Information and your use of the App as explained herein. Analyses
will anonymize such information. Analyses may be used for the following
purposes: (i) product improvement (in particular,
product features and functionality, workflows and user interfaces) and development
of new products and services, (ii) improving resource allocation and support,
(iii) internal demand planning, (iv) training and developing machine learning
algorithms, (v) improving product performance, (vi) verification of security
and data integrity, (vii) identification of industry trends, development
indices and anonymous benchmarking.
数据分析。我们在某种程度上可以利用您的个人信息以及所述的您使用APP所产生的信息创建分析报告。该分析报告将采用匿名的方式进行。分析报告可用于以下目的: (i) 产品改进(尤其是产品的功能特征,工作流程以及用户界面)及新产品服务的开发,(ii)资源分配及支持的优化,(iii)制定内部需求计划,(iv)培训开发机器学习算法,(v) 改善产品性能,(vi) 验证安全性及数据完整性,(vii) 识别行业趋势和发展成果、指标及匿名对标。
Please note that the Personal Information the
App collects will be uploaded to the Cloud Service instance controlled by your
Company. Your provision of the above Personal Information means you authorize us
and your Company to collect, store, use or otherwise process them on the Cloud
Service.
请注意,APP收集的个人信息将上传至由贵公司控制的云服务实例。您提供上述个人信息,即表示您授权贵公司和我们在云服务中收集、存储、使用或以其他方式处理这些个人信息。
个人信息的保存期限将依据贵公司作为云服务实例控制方所制定的政策而定。 如对个人信息的保存期限或超出保存期限的个人信息处理有任何疑问,请联系贵公司。
II. How Do We Use Cookie?
我们如何使用 Cookie
To
facilitate your access to the App, we will store a small data file call Cookie
on your mobile device. The Cookie usually contains an identifier and some
numbers and characters. By using the Cookie, the App can temporarily store your
Personal Information such as your log in information. We will not use the
Cookie for purposes other than those stated in this Privacy Statement. You may,
based on your preferences, manage or delete the Cookie. Please refer to
AboutCookies.org for more information. You may remove any or all the cookies
stored on your mobile device at any time.
为便于您访问APP,我们会在您的移动设备上存储名为 Cookie 的小数据文件。Cookie 通常包含标识符以及一些号码和字符。借助于 Cookie,APP能够临时存储您的个人信息(如登录信息)。我们不会将 Cookie 用于本隐私政策所述目的之外的任何用途。您可根据自己的偏好管理或删除 Cookie。有关详情,请参见
AboutCookies.org。您随时可以清除在您的移动设备上保存的任何或所有 Cookie。
III. How Do We Share, Transfer the
Control of or Disclose Publicly Your Personal Information?
我们如何共享、转让、公开披露您的个人信息
(1) Sharing
共享
We will not share your Personal
Information with any company, organization or individual beyond SAP and its
affiliates, except for the following cases:
我们不会与 SAP 及其关联公司以外的任何公司、组织和个人共享您的个人信息,但以下情况除外:
1. Your Company. The App connects to the
Cloud Service. The App uploads data to and downloads data from the Cloud
Service.
贵公司。APP与云服务互联,支持向云服务上传数据和从云服务下载数据。
2. Suppliers, service providers and other
partners. We may send your Personal Information to suppliers, service providers
and other partners supporting our business, and the support includes providing
technical and infrastructure services, analyzing the use pattern of our
services, measuring the effectiveness of services, and providing customer
services.
供应商、服务提供商和其他合作伙伴。我们可能会将您的个人信息发送给支持我们业务的供应商、服务提供商和其他合作伙伴,这些支持包括提供技术和基础设施服务、分析我们服务的使用方式、衡量服务的有效性、提供客户服务。
3. External organizations as required by
applicable law. Applicable law and regulation or mandatory requirements of a
competent authority may require that we share your Personal Information with certain
external organizations.
适用法律要求的外部组织。根据适用法律法规或主管部门的强制性要求,我们可能需要与某些外部组织共享您的个人信息。
To the maximum extent permitted by
applicable laws and regulations, we will enter into a strict non-disclosure agreement
or data processing agreement with companies, organizations and individuals with
which we share Personal Information, requiring them to process Personal
Information in accordance with our instructions, this Privacy Statement and any
other relevant non-disclosure and security measures.
在适用法律法规允许的最大范围内,我们会与这些公司、组织和个人签署严格的保密协定或数据处理协议,要求他们按照我们的说明、本隐私政策以及其他任何相关的保密和安全措施来处理个人信息。
(2) Transfer of Control
转让
To the extent there is any user Personal
Information under our control, we will not transfer the control of such Personal
Information to any company, organization or individual outside of the SAP group
of companies, except where:
如果我们控制了您的任何个人信息,我们不会将此类个人信息转让给 SAP 集团公司之外的任何公司、组织和个人,但以下情况除外:
1. User’s explicit consent is obtained. We
will not transfer the control of your Personal Information to a third party unless
we have first obtained your explicit consent.
获得您的明示同意。除非事先获得您的明示同意,否则我们不会向第三方转让您的个人信息。
2. Merger, acquisition or bankruptcy. In the
event of a merger or acquisition case or bankruptcy or liquidation scenario,
involving the transfer of Personal Information, we will require the new company
or organization holding your Personal Information to observe this Privacy
Statement, otherwise we will require such company or organization to seek your
consent again.
合并、收购或破产。在发生涉及个人信息转让的并购案或破产清算时,我们会要求新的持有您个人信息的公司或组织继续受本隐私政策的约束,否则我们将要求该公司或组织重新向您征求授权同意。
(3) Public Disclosure
公开披露
We will not disclose your Personal
Information publicly except:
我们不会公开披露您的个人信息,但以下情况除外:
1. Having obtained your explicit
consent.
获得您的明示同意。
2. Law-based disclosure: if required by
applicable law, legal process, legal orders or in accordance with mandatory
requirements of a competent authority, we may disclose your Personal
Information accordingly.
基于法律的披露:在法律、法律程序、诉讼或政府主管部门强制性要求的情况下,我们可能会公开披露您的个人信息。
IV. How We Protect Your
Personal Information?
我们如何保护您的个人信息
(1) We have employed security measures complying with industry standards
to
protect the Personal
Information we collect via the App, to prevent
such Personal Information from unauthorized access,
public disclosure, use, modifications, damage or loss. We will adopt reasonable measures to protect
your Personal Information. For example, we use a trusted protection mechanism
to protect such Personal Information from attacks and
we deploy an access control mechanism to ensure
only authorized persons can
access such Personal Information.
我们已使用符合业界标准的安全防护措施来保护我们通过APP收集的个人信息,防止此类个人信息遭到未经授权访问、公开披露、使用、修改、损坏或丢失。我们会采取一切合理的措施来保护您的个人信息。例如,我们会使用受信赖的保护机制防止此类个人信息遭到恶意攻击;我们会部署访问控制机制,确保只有授权人员才可访问此类个人信息。
(2) We
may adopt reasonable measures to ensure irrelevant Personal Information is not
collected. We only keep your Personal Information within the period required
for fulfilling the purposes stated in this Privacy Statement, unless an
extension is required or permitted by applicable law.
我们会采取一切合理的措施,确保未收集无关的个人信息。我们只会在达成本隐私政策所述目的所需的期限内保留您的个人信息,除非根据适用法律的需要或允许延长保存期。
(3) We
have put in place measures to protect your Personal Information from loss,
misuse and unauthorized access. We will keep your Personal Information secure using
reasonable security measures as appropriate, for example, encryption (e.g.,
SSL) and anonymization. We use the protection mechanisms offered by the mobile
operating system inside the application's sandbox environment. Your Personal
Information is also protected by application-level encryption based on 256-bit
Advanced Encryption Standard (AES) or better method. Further, we have performed
all remote connections over Transport Layer Security. For connections with iOS
mobile device, the Apple App Transport Security (ATS) is enforced to enhance
the security. In addition, we may make
available to your Company certain optional security measures for managing the
App which your Company can deploy at its end, for example, single-sign-on,
multi-factor authentication and other mobile device management security
features. We will continue to improve the technical measures to protect your Personal
Information collected by the App. SAP has achieved and maintains C5, ISO22301,
ISO27001, ISO27017, ISO27018, SOC1/2 and similar other international technical standards.
我们已采取适当措施来防止您的个人信息遭丢失、滥用或未经授权的访问。我们将适当采用加密技术(例如 SSL)、匿名技术等合理的安全防护措施来确保您个人信息的安全。我们不仅在应用程序的运行环境中应用了移动端操作系统提供的保护机制,同时您的个人信息还将受到基于256位高级加密标准(AES)或更好方法的应用程序级加密保护。 此外,我们所有远程连接都严格遵循传输层安全协议。 对于iOS移动设备使用的远程连接,还将执行Apple App
Transport Security(ATS)的网络安全机制以增强其安全性。
此外,我们可能会向贵公司提供一些可自行选择部署的安全防护措施来帮助管理APP,例如单点登录、多重身份验证以及其他移动设备管理安全功能。我们将不断优化技术措施,保护APP收集的个人信息。SAP 已达到并持续符合 C5、ISO22301、ISO27001、ISO27017、ISO27018、SOC1/2 及其他类似国际技术标准的要求。
In the event of a Personal Information security
breach, we will notify your Company as required by the applicable laws and
regulations. We will cooperate with your Company to notify the affected users
and handle the event.
如果出现个人信息安全漏洞,我们会根据适用法律法规的要求告知贵公司。我们将协助贵公司告知受影响的用户并处理该安全事件。
V. Your Rights.
您的权利
In accordance with applicable laws and
regulations, you are guaranteed certain rights to your Personal Information.
按照适用的法律法规,我们保障您对自己的个人信息行使特定权利。
Most of the Personal Information collected
by the App is controlled by your Company. With respect to the Personal
Information under our control, you may contact us at https://support.sap.com/en/contact-us.html
should you have any questions or concerns regarding such Personal Information.
To the extent we have retained such information with an identifier that can be
connected to you, you have the following rights.
APP收集的大部分个人信息都由贵公司控制。对于由我们控制的个人信息,如有任何问题或疑虑,请通过 https://support.sap.com/en/contact-us.html 联系我们。如果我们保存的信息中包含与您关联的标识符,您可以行使以下权利:
(1) Accessing Your Personal
Information
访问您的个人信息
You have the right to access your Personal
Information under our control, except for the exceptions specified in applicable
laws and regulations. If you wish to exercise the right to access your Personal
Information, you may contact us at https://support.sap.com/en/contact-us.html.
您有权访问由我们控制的您的个人信息,但适用法律法规规定的例外情况除外。如果您想行使个人信息访问权,请通过 https://support.sap.com/en/contact-us.html 联系我们。
If it does not incur a significant cost or
cause other significant difficulties for us, upon your written request, we can
also provide you with a copy of your Personal Information under our control (if
any) that is generated during your use of the App. If you wish to access such Personal
Information, please contact us at https://support.sap.com/en/contact-us.html.
在不会产生较高成本或造成其他较大困难的情况下,应您的书面请求,我们可以提供您在使用APP期间所产生的、由我们控制的您的个人信息(如有)的副本。如果您想访问此类个人信息,请通过 https://support.sap.com/en/contact-us.html 联系我们。
(2) Correcting Your Personal
Information
更正您的个人信息
As the types of Personal Information that
we (as a data controller) collect is very limited, it is unlikely for you to wish
to correct your Personal Information under our control. However, if you discover errors in your
Personal Information under our control, you have the right to require us to
make the correction. You may request a correction by contacting us at https://support.sap.com/en/contact-us.html.
由于我们作为数据控制方收集的个人信息类别非常有限,您不太可能需要更正由我们控制的您的个人信息。 但是,如果您发现我们控制的您的个人信息有错误,您有权要求我们做出更正。您可以通过 https://support.sap.com/en/contact-us.html 联系我们来要求更正。
(3) Deleting Your Personal
Information
删除您的个人信息
In the following cases, you may send a
request to https://support.sap.com/en/contact-us.html
to delete your Personal Information under our
control:
在以下情形,您可以通过 https://support.sap.com/en/contact-us.html 向我们提出删除由我们控制的您的个人信息的请求:
1. If our behavior in processing your Personal
Information violates applicable laws or regulations;
如果我们处理您个人信息的行为违反了适用法律法规;
2. If we collect and use your Personal
Information, without obtaining your consent;
如果我们收集、使用您的个人信息,却未征得您的同意;
3. If our behavior in processing your Personal
Information violates our agreement with you;
如果我们处理您个人信息的行为违反了与您的约定;
4. If you desist from the use of the App,
or you cancel the account;
如果您不再使用APP,或您注销了帐号;
5. If we desist from providing the App to
you.
如果我们不再为您提供APP。
If we agree to your deletion request, we
will also inform the entities which has obtained such Personal Information from
us to delete such Personal Information without delay, unless otherwise
specified in laws and regulations, or these entities have obtained your
separate authorization.
如果我们同意了您的删除信息请求,我们也会通知从我们这里获取了此类个人信息的实体,要求其立即删除,除非法律法规另有规定,或这些实体已单独获得您的授权。
When you delete your Personal Information on
the App, the deletion will be promptly synchronized and reflected in the production
instance of the Cloud Service. However, complete deletion from the backup
systems may take longer, as back-up processes run according to a periodic schedule.
在APP上删除您的个人信息时,该删除会及时同步并体现到云服务的生产实例中。不过,从备份系统中全部删除可能会需要较长时间,因为备份程序是按计划定期运行的。
(4) Canceling Your Account
注销您的帐号
You can log out of the App at any time. Upon
logging out of the App, the App will not store any of your Personal Information
on your mobile device. Your Company controls the Cloud Service. Should you have
any questions about how to cancel your account on the Cloud Service, please contact
your Company.
您随时可以登出APP。登出后,APP将不会在您的移动设备中存储任何您的个人信息。由于云服务由贵公司控制,因此,如果您对如何注销云服务帐号有任何疑问,请联系贵公司。
(5) Responding to Your Above Requests
响应您的上述请求
Please submit your request in writing. To
ensure security, we may need to verify your identity before processing your
request. We will reply to your request within 15 working days after
verification of your identity. If you have any concerns, you may contact us at https://support.sap.com/en/contact-us.html.
请以书面形式提出请求。为保障安全,我们可能会先要求您验证自己的身份,然后再处理您的请求。我们将在您完成身份验证后的 15 个工作日内做出答复。如有任何疑虑,请通过 https://support.sap.com/en/contact-us.html
联系我们。
Generally, we will not charge fees to
process any reasonable request. But if you submit the same request frequently or
your request exceeds a reasonable extent, we may charge a fee based on our processing
costs as we may reasonably determine. Where the requests are repeated without
good reasons, or require too many technical measures (e.g. a new system is
needed or current practice will be changed fundamentally), or put others’
legitimate rights and interests at risk or are very impractical (e.g. require a
backup of the Personal Information stored in the tape), we reserve the right reject
such requests.
对于合理的请求,我们一般不收取费用。但对多次重复、超出合理限度的请求,我们将根据处理成本酌情合理地收取一定费用。对于那些无端重复、需要过多技术手段(例如,需要开发新系统或从根本上改变现行惯例)、给他人合法权益带来风险或者非常不切实际(例如,要求用磁带备份存储个人信息)的请求,我们有权予以拒绝。
In the following cases, in accordance with
applicable laws and regulations, we are unable to accommodate your
request:
在下列情况下,按照适用法律法规要求,我们将无法响应您的请求:
1. Directly related to national security
and national defense security;
与国家安全、国防安全直接相关的;
2. Directly related to public security,
public health, and major public interests;
与公共安全、公共卫生、重大公共利益直接相关的;
3. Directly related to criminal
investigation, prosecution, trial, and enforcement of judgments;
与犯罪侦查、起诉、审判和判决执行等直接相关的;
4. There is sufficient evidence indicating
that you have subjective malicious intentions or abuse your rights;
有充分证据表明您存在主观恶意或滥用权利的;
5. Responding to your request will cause
serious damage to the legitimate rights and interests of the data subject or
other individuals or organizations;
响应您的请求将导致数据当事人或其他个人、组织的合法权益受到严重损害的;
6. Involving trade secrets.
涉及商业秘密的。
VI. Processing Personal Information
of Children.
儿童个人信息的处理。
The App and any related websites, products
and services are intended for adults. We consider anyone less than 14 years old
a child. You represent and warrant that you are an adult and not a child and
you will not transmit Personal Information of any child through the App without
the explicit consent of the child’s parents or guardians. If we discover that we
have collected Personal Information of children without verifiable consent of
their parents or guardians, we will find ways to delete such data as soon as
possible.
APP及任何相关的网站、产品和服务主要面向成年人。我们将所有未满 14 周岁的人视为儿童。您声明并保证您不是儿童,您是一个成年人,您不会在未经儿童父母或监护人明示同意的情况下通过APP传输任何儿童的个人信息。如果我们发现自己在未获得可验证的儿童父母或监护人同意的情况下收集了儿童的个人信息,我们则会设法尽快删除相关数据。
VII. How is Your Personal Information
Transferred Cross-Border?
您的个人信息如何在全球范围转移
The App connects to the Cloud Service,
which may or may not be hosted in China (See Section I above). As we may provide
products or services via servers and resources located worldwide, you agree
that your Personal Information may be transferred to jurisdictions beyond the
country/region where you use the App. Such jurisdictions may have different
data protection laws or have no such laws. However, for your Personal
Information under our control, we will ensure such Personal Information will
have no less protection than under the laws protecting Personal Information in
China. By agreeing to this Privacy Statement, you consent that your Personal Information
may be stored and processed outside of China as described above.
APP与可能在中国境内或境外托管的云服务互联。(请参见上述第 I 节。)鉴于我们可能通过遍布全球的服务器和资源提供产品或服务,您同意您的个人信息可能会转移至您使用APP时所在的国家/地区之外的辖区。此类辖区可能设有不同的数据保护法,甚至未设立相关法律。但是,对于由我们控制的您的个人信息,我们会确保此类个人信息获得不少于中国境内的个人信息保护法所提供的保护。同意本隐私政策,即表示您同意上述在中国境外地区存储和处理您的个人信息。
VIII. How Is This Privacy Statement
Updated?
本隐私政策如何更新
Our Privacy Statement may be updated from
time to time. Without your explicit consent, we will not diminish the rights
you are entitled to under this Privacy Statement. The App will alert you
through a pop-up notice or other prominent method of any update and obtain your
explicit consent to the new version of the Privacy Statement.
我们可能会不时更新本隐私政策。未经您明示同意,我们不会削减您按照本隐私政策所应享有的权利。APP将通过弹出通知或其他有效方式提醒您相关内容的更新,并征求您对新版隐私政策的明示同意。
IX. How You May Contact Us?
如何联系我们
If you have any question, comment or
suggestion relating to this Privacy Statement, you can contact us at https://support.sap.com/en/contact-us.html.
Generally, we will strive to reply within 15 working days.
如您对本隐私政策有任何疑问、意见或建议,请通过以下地址与我们联系:https://support.sap.com/en/contact-us.html。一般情况下,我们将在 15 个工作日内回复。