inversa-logo inversa-logo-white logomark-white Slides Framework

Inversation by SAP Privacy Statement

Protecting the individual's privacy on the Internet is crucial to the future of Internet-based business and the move toward a true Internet economy. We have created this privacy statement to demonstrate our firm commitment to the individual's right to privacy. This Privacy Statement outlines our personal information handling practices for this service, Inversation by SAP (the “Service”).

This Privacy Statement explains how SAP uses personal data that you submit to the Service, but you may need to check other organization’s privacy practices depending on how you engage with the Service. Your data controller depends on how you engage with the Service.

You may be engaging with the Service as a user on your Company’s enterprise license (“Company User”), or a Company may be using the Service to communite with you and offer you information about that Company’s products (a “Lead”). The chart below explains the data controllers and uses of personal data applicable to you.

If you are using the Service as part of an entity or organization with an enterprise agreement with SAP, the term of your organization’s agreement with SAP may restrict our collection or use of your Personal Data. We refer to these types of users in this document as “enterprise users.” For enterprise users, the data controller is the organization that has an agreement with SAP. The Company configures the Service to capture the personal data it requires. For instance, the Company uses the Service to contact Leads and tailors the messages Leads recieve. This Privacy Statement does not address each Company’s own practices. Therefore, we encourage you to familiarize yourself with the Company’s privacy practices, including read the Company’s privacy statement, before engaging with the Service.


Your Data Controller

How Does SAP Use My Personal Data?

Company User

The Company

To provide the Service to the Company

As detailed for “enterprise users” in this Privacy Statement

Company User


If you consent, to send you news about the Service (see “Data We Use Based on Your Consent”)


The Company

To provide the Service to the Company

As detailed for “enterprise users” in this Privacy Statement

If you are an individual user, the data controller for the Service is SAP America Inc., 3999 West Chester Pike, Newtown Square, PA 19073, United States (“SAP”), with its data protection officer Mathias Cellarius (

General information

Global Privacy Fundamentals

Our privacy practices reflect current global principles and standards on handling personal information. These principles include notice of data use, choice of data use, data access, data integrity, security, onward transfer, and enforcement/oversight. We abide by the privacy laws in the countries where we do business.

When does this Privacy Statement apply?

This Privacy Statement covers this Service and other sites that reference this Privacy Statement. Some SAP entities, programs and/or sites may have their own, possibly different, privacy statements. We encourage you to read the privacy statements of each of the SAP websites or program information you visit or review. If you use the Service as part of an entity or organization with an enterprise agreement with SAP, the term of your organization’s agreement with SAP may restrict our collection or use of your Personal Data.

What does SAP do with my personal data?

SAP collects and uses your data to provide individual users the Service, to improve our products and services, to communicate with you about offers that may be of interest, and for other administrative purposes. You can find detailed information in the “Personal Data Collected and Purposes” below.

Why am I required to provide personal data?

Any provision of personal data is voluntary. However, without providing certain personal data (see “Data we process to provide you the Service”), you will not be able to use the Service.

Personal Data Collected and Purposes

SAP collects certain information which can directly or indirectly identify you (“Personal Data”) to deliver the service, to understand your needs and interests and to help SAP deliver a consistent and personalized experience. We will use such information only as described in this Privacy Statement and/or in the way we specify at the time of collection. We will not subsequently change the way your personal data is used without your consent, as required by applicable law.

Data we process to provide you the Service.

SAP requires your first name, last name and email address to deliver the Service to you, including allowing you to create personal profile areas, view protected content, provide customer feedback and receive support (including communicating with you via email). We will also collect Personal Data that you provide to us, such as when you fill in an optional field to let us know your job title.

Data we process to create a better experience and improve our product.

In addition to your Personal Data, we may collect other information about your use of our Service and certain details that your browser sends to our website such as your browser type and language, access times, and the address of the website from which you arrived at an SAP website. We use standard automated tools, which include Web beacons, cookies, embedded Web links, and other commonly used information-gathering tools to collect this information.

We use this information to:

  • Help diagnose and resolve problems with our Service

  • Transfer your Personal Data within SAP’s group of undertakings to the extent necessary for internal administrative purposes;

  • Prevent or prosecute criminal activities such as fraud, if required.

  • Analyze your individual usage patterns, interests and preferences in order to improve our products and make suggestions (manually or with use of machine learning techniques) that help you get the most value from our Service. For example, it allows us to provide you with specific information on features and services that may be of interest to you. We may occasionally provide related in-Service notifications or announcements.

  • Create aggregated and anonymized data sets in order to understand Service usage, adoption, and virality, which will then be used to improve the Service. This aggregated and anonymized data may also be used to improve SAP’s and its affiliates’ other products and services.

  • Invite you to participate in additional questionnaires and surveys. These questionnaires and surveys will be generally designed in a way that they can be answered without any Personal Data. If you nonetheless enter Personal Data in a questionnaire or survey, SAP may use such Personal Data to improve its products and services.

Data we process based on your consent.

In the following cases SAP will only use your Personal Data as further detailed below after you have granted your prior consent.

For enterprise users, please note that these activities constitute a separate controller activity of SAP.

  • News about the Service. SAP may use your name, email, postal address, telephone number, job title and basic information about your employer (name, address, and industry), your individual usage patterns, interests and preferences, as well as an interaction profile based on prior interactions with SAP (prior purchases, participation in webinars, seminars, or events or the use of (web) services - further details on this topic can be found in the displayed on the relevant SAP website) (together “Tailored Personal Data”) in order to communicate with you about the latest Service announcements, software updates, software upgrades, special offers, and other information about the Service.

Withdrawing Consent

For processing based on consent, you may at any time withdraw a consent granted hereunder. If you withdraw your consent, SAP will not process Personal Data subject to this consent any longer unless legally required to do so. In case SAP is required to retain your Personal Data for legal reasons your Personal Data will be restricted from further processing and only retained for the term required by law. However, any withdrawal has no effect on past processing of personal data by SAP up to the point in time of your withdrawal. Furthermore, if your use of an SAP offering requires your prior consent, SAP will not be (any longer) able to provide the relevant service (or services, if you revoke the consent for SAP to use your profile under the SAP Cloud Platform Identity Authentication Service for multiple SAP offerings), offer or event to you after your revocation. Please direct any such request for withdrawal to

Duration of Storge

For individual users, SAP will only store your Personal Data for the following periods as applicable:

  • for Personal Data required to deliver the Service, for as long as it is required to allow you to participate in the Service;

  • where SAP’s use of your Personal Data is based on SAP’s legitimate business interest as further stated herein, either until you delete your account or until you object to such use by SAP at the email address provided below; and

  • where the processing of your Personal Data is based on your consent either until your you delete your account or until you revoke your consent granted hereunder;

  • plus, in each case and where applicable, any additional periods under applicable laws during which SAP has to retain your Personal Data.

Please direct any such objections to Kindly note that in this case the use of certain services or offerings may either be limited or not possible any longer. In case there is a contradicting statutory obligation for SAP to retain your Personal Data, SAP will block it against further processing and then delete the relevant Personal Data when the requirement to retain it has ceased.

For enterprise users, please note that the applicable storage period depends on your Company’s instructions.

Sharing Your Personal Data

Recipients of Data

SAP will not send your personal data outside the SAP Group except to the recipients listed below, unless we are otherwise required to do so by applicable laws.

The following categories of recipients may receive personal data:

  • Service Providers, who help SAP provide the Service as described above;

  • Other SAP Group Companies

  • Country-Specific Disclosures

    European Economic Area.

    For persons in the European Economic Area, the following additional paragraphs apply:

    Legal Bases for Processing

    For individual users:

    • Personal data listed in the section “Data we process to provide you the Service” is processed in order to perform our contractual obligations to you (i.e., to provide you the service).

    • Personal data processed under “Data we process to create a better experience” is processed on the basis of SAP’s legitimate interest.

    • “Data we process based on your consent” is processed based on your voluntary consent, and you may withdraw consent based on the instructions in that paragraph.

    For enterprise users:

    SAP generally processes Personal Data based on the agreement that your organization has with SAP. In most cases, if you wish to exercise your European data protection rights, you will need to contact your organization. However, with your explicit consent, we additionally process the following data as a Controller:

    • “Data we process based on your consent” is processed based on your voluntary consent, and you may withdraw consent based on the instructions in that paragraph above.

    Transmission of Personal Data to a non-EEA Country

    As part of a global group of companies, SAP has affiliates and third-party service providers within as well as outside of the European Economic Area (the “EEA”). As a consequence, for individual users, whenever SAP is using or otherwise processing your Personal Data for the purposes set out in this Privacy Statement, SAP may transfer your Personal Data to countries outside of the EEA including to such countries in which a statutory level of data protection applies that is not comparable to the level of data protection within the EEA. Whenever such transfer occurs, it is based on the Standard Contractual Clauses (according to EU Commission Decision 87/2010/EC or any future replacement) in order to contractually provide that your Personal Data is subject to a level of data protection that applies within the EEA. You may obtain a redacted copy (from which commercial information and information that is not relevant has been removed) of such Standard Contractual Clauses by sending a request to For enterprise users, the transfer of data is governed by the agreement your organization has with SAP.

    European Data Protection Rights

    For individual users, you can request from SAP at any time information about which Personal Data SAP processes about you and the correction or deletion of such Personal Data. Please note, however, that SAP can or will delete your Personal Data only if there is no statutory obligation or prevailing right of SAP to retain it. Kindly note further that if you request that SAP deletes your Personal Data, you will not be able to continue to use any SAP service that requires SAP’s use of your Personal Data.

    If SAP uses your Personal Data based on your consent or to perform a contract with you, you may further request from SAP a copy of the Personal Data that you have provided to SAP. In this case, please contact the email address below and specify the information or processing activities to which your request relates, the format in which you would like this information, and whether the Personal Data is to be sent to you or another recipient. SAP will carefully consider your request and discuss with you how it can best fulfill it.

    Furthermore, you can request from SAP that SAP restricts your Personal Data from any further processing in any of the following events: (i) you state that the Personal Data SAP has about you is incorrect, (but only for as long as SAP requires to check the accuracy of the relevant Personal Data), (ii) there is no legal basis for SAP processing your Personal Data and you demand that SAP restricts your Personal Data from further processing, or (iii) SAP no longer requires your Personal Data but you claim that you require SAP to retain such data in order to claim or exercise legal rights or to defend against third party claims or (iv) in case you object to the processing of your Personal Data by SAP (based on SAP’s legitimate interest as further set out above) for as long as it is required to review as to whether SAP has a prevailing interest or legal obligation in processing your Personal Data.

    If you take the view that SAP is not processing Personal Data in accordance with the requirements set out herein or applicable EEA data protection laws, you can at any time lodge a complaint with the data protection authority of the EEA country where you live or with the data protection authority of the country or state where SAP has its registered seat.

    This Service is not directed to users of an age of below 16 years. If you are younger than 16, you may not register with and use this Service.

    For enterprise users, if you wish to exercise your European data protection rights, you will need to contact your organization.

    United States.

    For users in the United States of America, the following additional provisions apply:

    California Do Not Track Disclosure

    We use cookies to deliver personalized content, to save you having to re-enter your password repeatedly, to keep track of your shopping cart, and to tailor our information offerings to how you and others use the site. Cookies are identifiers that can be sent from a site via your browser to be placed on your computer's hard drive. Thereafter when you visit a site, a message is sent back to the web server by the browser accessing the site. Your browser may allow you to set a “Do not track” preference, which tells sites you visit that you do not want these messages to be submitted. Our site does not honor “Do not track” requests, but you may elect not to accept cookies by changing the designated settings on your web browser. However, not utilizing cookies may prevent you from using certain functions and features of our site. This site does not allow third parties to gather information about you over time and across sites.

    US Children's Privacy

    We do not intend for our websites or online services to be used by anyone under the age of 13. If you are a parent or guardian and believe we may have collected information about a child, please contact us as described in this Privacy Statement.

    Updated: 8th March 2019