SAP Privacy Statement

This Privacy Statement was updated on 16-Feb-2021.

Click here for a printable version of this Privacy Statement.


Protecting the individual’s privacy is crucial to the future of business. We have created this Privacy Statement to demonstrate our firm commitment to the individual’s right to data protection and privacy. This Privacy Statement outlines how we handle information that can be used to directly or indirectly identify an individual.


Who is the Data Controller?

The data controller of is SAP ASIA PTE LTD, 30 Pasir Panjang Road, #03-32, Singapore 117440, Singapore and its data protection officer can be reached at

What Personal Data does SAP collect?

SAP collects some information about you in the context of your professional activities, consisting of [your name, your email addresses, Mobile number, education transcripts and certificates, residential status in Singapore, diploma/ degree discipline, age group, salary status and interested course](“Personal Data”)

Why does SAP need your Personal Data?

SAP requires your Personal Data to, provide you with access to the SGUnited Mid-Career Pathways Programme−Company Training (SGUP−CT); deliver the ordered goods or services; comply with statutory obligations, including checks required by applicable export laws. SAP may reach out to you via the contact details provided by you in order to provide the relevant services related to SGUnited Mid-Career Pathways Programme−Company Training (SGUP−CT).

Although providing Personal Data is voluntary, without your Personal Data, SAP cannot provide you with access to the SGUnited Mid-Career Pathways Programme−Company Training (SGUP−CT). Kindly note that you can apply for SGUnited Mid-Career Pathways Programme−Company Training (SGUP−CT) even without providing a consent into SAP’s marketing operations.

From what types of Third Parties does SAP obtain Personal Data?

In most cases SAP collects Personal Data from you. SAP might also obtain Personal Data from a third party, if the applicable national law allows SAP to do so. SAP will treat this Personal Data according to this Privacy Statement, plus any additional restrictions imposed by the third party that provided SAP with it or the applicable national law. These third-party sources include:

  • SAP and/or SAP Group’s business dealings with your employer
  • Third parties you directed to share your Personal Data with SAP

How long will SAP store your Personal Data?

SAP will only store your Personal Data for as long as it is required to enrol in SGUnited Mid-Career Pathways Programme−Company Training (SGUP−CT), or until the programme has ended or until you object against such use by SAP if SAP’s use of your Personal Data is based on SAP’s legitimate business interest as further stated in this Privacy Statement

SAP will also retain your Personal Data for additional periods if it is required by mandatory law to retain your Personal Data longer or where your Personal Data is required for SAP to assert or defend against legal claims. SAP will retain your Personal Data until the end of the relevant retention period or until the claims in question have been settled.

Who are the recipients of your Personal Data and where will it be processed?

Your Personal Data will be passed on to the following categories of third parties to process your Personal Data, third party service providers; for e.g., for consulting services and other additional related services.

As part of a global group of companies operating internationally, SAP has affiliates (the “SAP Group”) and third-party service providers outside of the European Economic Area (the “EEA”) or from a region with a legal restriction on international data transfers and will transfer your Personal Data to countries outside of the EEA. If these transfers are to a country for which the EU Commission has not issued an adequacy decision, SAP uses the EU standard contractual clauses to contractually require that your Personal Data receives a level of data protection consistent with the EEA. You can obtain a copy (redacted to remove commercial or irrelevant) of such standard contractual clauses by sending a request to privacy at You can also obtain more information from the European Commission on the international dimension of data protection here: European Commission.

What are your data protection rights?

You can request from SAP: access at any time to information about which Personal Data SAP processes about you and the correction or deletion of such Personal Data. Please note, however, that SAP can or will delete your Personal Data only if there is no statutory obligation or prevailing right of SAP to retain it. Kindly note further that if you request that SAP deletes your Personal Data, you will not be able to continue to use any SAP service that requires SAP’s use of your Personal Data.

If SAP uses your Personal Data based on your consent or to perform a contract with you, you can further request from SAP a copy of the Personal Data that you have provided to SAP. In this case, please contact us at and specify the information or processing activities to which your request relates, the format in which you would like to receive this information, and whether the Personal Data should be sent to you or another recipient. SAP will carefully consider your request and discuss with you how it can best fulfill it.

Furthermore, you can request from SAP that SAP restricts your Personal Data from any further processing in any of the following events:

  1. You state that the Personal Data SAP has about you is incorrect, subject to the time SAP requires to check the accuracy of the relevant Personal Data.
  2. There is no legal basis for SAP processing your Personal Data and you demand that SAP restricts your Personal Data from further processing.
  3. SAP no longer requires your Personal Data but you state that you require SAP to retain such data in order to claim or exercise legal rights or to defend against third-party claims.
  4. In case you object to the processing of your Personal Data by SAP based on SAP’s legitimate interest (as further set out below), subject to the time required for SAP to determine whether it has a prevailing interest or legal obligation in processing your Personal Data.

How can you exercise your data protection rights?

Please direct any requests to exercise your rights to

How will SAP verify requests to exercise data protection rights?

SAP will take steps to ensure that it verifies your identity to a reasonable degree of certainty before it will process the data protection right you want to exercise. When feasible, SAP will match Personal Data provided by you in submitting a request to exercise your rights with information already maintained by SAP. This could include matching two or more data points you provide when you submit a request with two or more data points that are already maintained by SAP.

SAP will decline to process requests that are manifestly unfounded, excessive, fraudulent, or are not otherwise required by local law.

Right to lodge a complaint. If you take the view that SAP is not processing your Personal Data in accordance with the requirements in this Privacy Statement or under applicable data protection laws, you can at any time lodge a complaint with the data protection authority of the EEA country where you live or with the data protection authority of the country or state where SAP has its registered seat.

Can you use SAP’s services if you are a minor?

Children. In general, the SGUnited Mid-Career Pathways Programme−Company Training (SGUP−CT) is not directed to users below the age of 16 years, or equivalent minimum age in the relevant jurisdiction. If you are younger than 16 or the equivalent minimum age in the relevant jurisdiction, you cannot register with and use the SGUnited Mid-Career Pathways Programme−Company Training (SGUP−CT).

Why does SAP need to use your Personal Data and on what legal basis is SAP using it?

Processing to fulfill contractual obligation

SAP requires your Personal Data to deliver goods or services you order under a contract SAP has with you, to establish a contract for goods or services between you and SAP, and to send you invoices for ordered goods or services. SAP processes Personal Data to fulfill contractual obligations pursuant to Article 6(1) lit. b GDPR or the equivalent article under other national laws, when applicable.

Processing to ensure compliance

SAP and its products, technologies, and services are subject to the export laws of various countries including, without limitation, those of the European Union and its member states, and of the United States of America. You acknowledge that, pursuant to the applicable export laws, trade sanctions, and embargoes issued by these countries, SAP is required to take measures to prevent entities, organisations, and parties listed on government-issued sanctioned-party lists from accessing certain products, technologies, and services through SAP’s websites or other delivery channels controlled by SAP. This could include (i) automated checks of any user registration data as set out herein and other information a user provides about his or her identity against applicable sanctioned-party lists; (ii) regular repetition of such checks whenever a sanctioned-party list is updated or when a user updates his or her information; (iii) blocking of access to SAP’s services and systems in case of a potential match; and (iv) contacting a user to confirm his or her identity in case of a potential match. Any such use of your Personal Data is based on the permission to process Personal Data in order to comply with statutory obligations (Article 6 para. 1 lit. c GDPR or the equivalent articles under other national laws, when applicable) and SAP‘s legitimate interest (Article 6 para. 1 lit. f GDPR or the equivalent articles under other national laws, when applicable)

Processing based on SAP’s legitimate interest

SAP can use your Personal Data based on its legitimate interest (Article 6 para. 1 lit. f GDPR or the equivalent article under other national laws, when applicable) as follows:

  • Fraud and Legal Claims. If required, SAP will use your Personal Data for the purposes of preventing or prosecuting criminal activities such as fraud and to assert or defend against legal claims.
  • Questionnaires and survey. SAP could invite you to participate in questionnaires and surveys. These questionnaires and surveys will be generally designed in a way that they can be answered without any data that can be used to identify you. If you nonetheless enter such data in a questionnaire or survey, SAP will use this personal data to improve its offerings.
  • Contract Performance. If you purchase or intend to purchase goods or services from SAP on behalf of a corporate customer or otherwise be the nominated contact person for the business relationship between a corporate customer (a “Customer Contact”) and SAP, SAP will use your Personal Data for this purpose. This includes, for the avoidance of doubt, such steps which are required for establishing the relevant business relationship. In case that an existing Customer Contact informs SAP that you are his replacement, SAP will, from the point in time of such notification, consider you to be the relevant Customer Contact for the respective customer until you object as further set out below.
  • Creation of anonymised data sets. SAP will anonymise Personal Data provided under this Privacy Statement to create anonymised data sets, which will then be used to improve its and its affiliates’ products and services.
  • Personalised Newsletter.IIf you opt-in to receive marketing communications such as newsletters from SAP, SAP will collect and store details of how you interact with the newsletters to help create, develop, operate, deliver and improve our newsletter communications with you. This information is aggregated and used to help SAP provide more useful information and to understand what is of most interest.
  • Recordings for quality improvement purposes. In case of telephone calls or chat sessions, SAP will record such calls (after informing you accordingly during that call and before the recording starts) or chat sessions in order to improve the quality of SAP’s services.
  • To keep you up-to-date or request feedback. Within an existing business relationship between you and SAP, SAP might inform you, where permitted in accordance with local laws, about its products or services (including webinars, seminars or events) which are similar or relate to such products and services you have already purchased or used from SAP. Furthermore, where you have attended a webinar, seminar or event of SAP or purchased products or services from SAP, SAP might contact you for feedback regarding the improvement of the relevant webinar, seminar, event, product or service.

You can at any time object to SAP’s use of your Personal Data as set forth in this section by sending an email to In this case, SAP will carefully review your objection and cease further use of the relevant information, subject to SAP’s compelling legitimate grounds for continued use of the information, which override your interest in objecting, or if SAP requires the information for the establishment, exercise or defence of legal claims.

Processing under applicable national laws

If the applicable national law allows SAP to do so, SAP will use information about you for a businesspurpose, some of which is Personal Data.

  • To host online forums or webinars
  • For marketing purposes such as to keep you updated on SAP’s latest products and services and upcoming events
  • To contact you to discuss further your interest in SAP services and offerings
  • For loss prevention
  • For account and network security purposes
  • For internal purposes such as auditing, analysis, and research to improve SAP’s products or services
  • To assert or defend against legal claims
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
  • Debugging to identify and repair errors that impair existing intended functionality