Data protection is associated with numerous legal requirements and privacy concerns. In addition to compliance with general data protection and privacy acts, it is necessary to consider compliance with industry-specific legislation in different countries.
SAP provides specific features and functions to support compliance with regard to relevant legal requirements, including data protection. SAP does not give any advice on whether these features and functions are the best method to support company, industry, regional, or country-specific requirements. Furthermore, this information should not be taken as advice or a recommendation regarding additional features that would be required in specific IT environments. Decisions related to data protection must be made on a case-by-case basis, taking into consideration the given system landscape and the applicable legal requirements.
SAP does not provide legal advice in any form. SAP software supports data protection compliance by providing security features and specific data protection-relevant functions. In many cases, compliance with applicable data protection and privacy laws will not be covered by a product feature. Definitions and other terms used in this document are not taken from a particular legal source.
The extent to which data protection is supported by technical means depends on secure system operation. Network security, security note implementation, adequate logging of system changes, and appropriate usage of the system are the basic technical requirements for compliance with data privacy legislation and other legislation.
You also need to make sure that no personal data enters the system in an uncontrolled or non-purpose related way, for example, in free-text fields, or customer extensions.
Please don’t enter personal data in fields such as global and subaccount names, Cloud Foundry orgs and spaces names, database names, and tenant names. These fields aren’t intended to process personal data, so our EU Access commitment doesn’t apply to them. Personal data in such fields can be processed outside of the European Economic Area and Switzerland. The previous list of example fields is not complete.
This documentation covers personal data relating to SAP BTP accounts and data stored in databases by SAP BTP. SAP BTP offers a number of capabilities, that is, services, buildpacks, application, and so on. Here we cover the core platform. For more information about data protection and privacy for capabilities you have purchased, see the data protection and privacy documentation for those capabilities.
To view the services consumed by a global account:
-
Navigate to the global account to which you'd like to view members.
For more information, see Navigate to Orgs and Spaces.
-
In the navigation area, choose Entitlements.
This documentation is written with the data protection officer of a company in mind. The processes described here may be required for a data protection officer or an administrator of the user accounts for your tenants or even business users of the tenants. In particular the processes for business users are described here so that you in your role of data protection officer or account administrator can communicate them to your business users if required.
Users are stored in the platform identity provider.
- Global account users are stored in platform identity provider or a tenant of SAP Cloud Identity Services - Identity Authentication.
- Platform users are stored in platform identity provider, a tenant of SAP Cloud Identity Services - Identity Authentication, or your own identity provider.
- Business users are stored in a tenant of SAP Cloud Identity Services - Identity Authentication or your own identity provider.
Related Information
Glossary for Data Protection and Privacy