Cookie Statement

This Cookie Statement was updated on September, 9th 2025

Cookie Statement

This Cookie Statement was update on 2025–07–28

This Cookie Statement describes how SAP (hereinafter also “We”, “Our”) uses cookies and similar technologies to collect and store information when you visit apphaus.sap.com. SAP’s Privacy Statement applies in addition to this Cookie Statement. SAP’s Privacy Statement informs you about the way SAP uses, stores and protects personal data collected. It also informs you of your data protection rights and how to exercise them. We recommend that you read SAP’s Privacy Statement: SAP’s Privacy Statement.

What are Cookies and similar technologies?

Cookies are small files placed on your device (computer, tablet or smartphone). When you access a website, a cookie is placed on your device and it will send information to the party that placed the cookie.

There are other technologies performing a similar function to cookies. These include inter alia web beacons, clear gifs, and social plug-ins. These are often used in conjunction with cookies to help a website owner understand its users better.

What are first party Cookies?

SAP’s websites contain first party Cookies. First party cookies are cookies that are specific to the website that created them. These cookies enable SAP to operate an efficient service and to track patterns of user behavior to SAP’s website.

What are third party Cookies?

The difference between a first party cookie and a third party cookie relates to who places the cookie on your device. SAP sometimes allows third parties to place Cookies on your device. __Third party cookies are placed on your device by a third party (i.e., not by SAP). While SAP allows third parties to access SAP’s website to place a third-party cookie on your device, SAP does not retain control over the information supplied by the cookies, nor does SAP retain access to this information. This information is controlled wholly by that third party according to the respective privacy policy of the third party. For more information about these Cookies, please click the “Cookie Preferences” link in the footer of the webpage.

Analytics and Digital Marketing in the United States of America

In the United States SAP routinely works with third party analytics and digital marketing providers who facilitate and support SAP (and partner) marketing activities including targeted communications. These activities may involve the sharing of limited Personal Information (personal identifiers and contact information, your interests and interactions with SAP, professional/employment information) for those specific business purposes. In addition to the above, SAP may also share your personal data with other third parties, or for other business purposes, with your explicit consent.

SAP endeavors to recognize common opt-out preference signals at a browser level, and frictionlessly exclude you from marketing cookies and associated tracking.

What cookies are used?

SAP wants you to be in a position to make an informed decision for or against the use of cookies which are not strictly necessary for technical features on apphaus.sap.com. If you elect to reject cookies used for advertising, you will be shown advertising that is less targeted to your interests. This will still allow you to use all of the functionality of apphaus.sap.com.

When tracking and evaluating the usage behavior of users of the Web Presence by means of cookies or similar technologies includes the processing of your personal data, SAP conducts the processing based on the following legal permissions:

  • GDPR Article 6.I (a) if it is necessary that We ask you for your consent to process your personal data,
  • GDPR Article 6.I (b) if necessary to fulfill (pre-)contractual obligations with you,
  • GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage SAP’s business operation),
  • or equivalent legal permissions under other relevant national laws, when applicable.

SAP differentiates between Required Cookies that are absolutely necessary to enable technical core functionalities, Functional Cookies that allow SAP to analyze the site usage, and Advertising Cookies that are used to serve ads relevant to your interests.

Required Cookies

Name Purpose Lifespan
__cf_bm Set by Cloudflare to support its Bot Management service Session
_cfuvid Set by Cloudflare to identify individual users on websites protected by its services Session
botinfo_sap Used by the system to recognize bots, ensuring a secure and efficient user experience 1 Year
cf_clearance A security cookie set by Cloudflare to confirm that a website visitor has successfully passed a security challenge Session
cmapi_cookie_privacy TrustArc sets this cookie to manage the display of the cookie consent pop-up and to retain the selected settings 1 Year
cmapi_gtm_bl TrustArc sets this cookie to manage the display of the cookie consent pop-up and to retain the selected settings 3 Months
country Stores the user’s geographical location, determined by IP address recognition Session
notice_behavior TrustArc sets this cookie to store the cookie preferences of visitors 1 Year
notice_gdpr_prefs TrustArc sets this cookie to capture the chosen cookie categories Session
notice_preferences TrustArc sets this cookie to store the cookie preferences of visitors 1 Year
PSESSION Contains a session ID for use by the TrustArc platform Session
TAsessionID Retains a TrustArc session ID to collect and record cookie consent decisions 2 Weeks

Functional Cookies

Name Purpose Lifespan
_an_uid 6sense uses this cookie for collecting information on users’ visits such as the total number of visits, average time spent on the website, and pages loaded 1 Week
_gd_session 6sense uses this cookie for collecting information on users’ visits such as the total number of visits, average time spent on the website, and pages loaded 1 Year
_gd_visitor 6sense uses this cookie for collecting information on the user’s visit such as the number of visits, average time spent on the website, and the pages loaded for displaying targeted ads 1 Day
_gd1757332447871 Set by the 6sense platform, serves to identify and track visitors across multiple websites for predictive analytics and personalized marketing Session
AMCV_ Adobe Experience Cloud uses this cookie to retain the Experience Cloud visitor ID, also known as MID Session
com.adobe.alloy.getTld Used by Adobe Experience Cloud to store the top-level domain (TLD), such as .com or .org, of the website a user is currently visiting. Session
kndctrcluster Used by the Adobe Experience Platform Web SDK to store the Edge Network region that is serving the user’s requests Session
kndctridentity Used by Adobe’s Experience Platform Web SDK to store the Experience Cloud ID (ECID) 1 Year

Advertising Cookies

Name Purpose Lifespan
__Secure–1PAPISID YouTube cookie used to profile users’ interests and deliver relevant, personalized ads on Google properties and websites that use Google services 13 Months
__Secure–1PSID A YouTube cookie used to build a profile of a user’s interests for personalized advertising across Google services 13 Months
__Secure–1PSIDCC A session cookie set by Google/YouTube to help secure your login session Session
__Secure–1PSIDTS A Google-owned security and personalization cookie used to maintain user sessions across Google services Session
__Secure–3PAPISID A Google cookie used on third-party websites (like YouTube) to personalize ads by tracking user preferences and behavior 13 Months
__Secure–3PSID Used to collect data about your browsing and interactions with YouTube videos and other Google services. 13 Months
__Secure–3PSIDCC Used to build a profile of a user’s interests for displaying relevant and personalized ads on Google. Session
__Secure–3PSIDTS Used for advertising and analytics to track user interests and activity for personalized ads on Google/YouTube Session
AEC A Google-placed security cookie that helps prevent spam, fraud, and abuse by ensuring requests come from a legitimate user, not a malicious site. 6 Month
anj Set by Xandr to help its partners identify and sync user data for targeted advertising and to measure ad performance 2 Months
APISID YouTube cookie used to profile users’ interests and deliver relevant, personalized ads on Google properties and websites that use Google services 13 Months
DV Helps personalize your experience by collecting data on your interests and behavior to deliver tailored ads and content Session
HSID Contains a digitally signed and encrypted record of your Google Account ID and your most recent sign-in time 13 Months
NID Remembers user preferences on Google services (language, number of search results, SafeSearch, etc.) 6 Months
NID Remembers user preferences on Google services (language, number of search results, SafeSearch, etc.) 13 Months
SAPISID YouTube cookie used to profile users’ interests and deliver relevant, personalized ads on Google properties and websites that use Google services 13 Months
SID Used to collect data about your browsing and interactions with YouTube videos and other Google services. 13 Months
SIDCC A session cookie set by Google/YouTube to help secure your login session Session
SSID A YouTube cookie used to build a profile of a user’s interests for personalized advertising across Google services 13 Months
uuid2 Contains a unique, randomly-generated value that enables the Platform to distinguish browsers and devices 3 Months
XANDR_PANID Stores a persistent user ID for ad tracking and targeting. (Xandr) 3 Months

How can you manage and delete Cookies?

SAP provides you with the option to adjust your preferences for Functional and Advertising Cookies when such cookies are placed on your device. In such a case, you can access preferences at any time by clicking on the “Cookie Preferences” link in the footer of the Web presence.

You can also block and delete cookies by changing your browser settings. To manage cookies using your browser settings, most browsers allow you to refuse or accept all cookies or only to accept certain types of cookies. The process for the management and deletion of cookies can be found in the help function integrated in your browser. If you wish to limit the use of cookies, you may not be able to use all the interactive functions.

What are Media Plug-ins?

A media plug-in embedded on a website allows you to watch remote content from a third-party media provider’s website. You can recognize media plug-ins as views displayed on website pages; e.g., for YouTube, you can recognize the media plug-in by a video showing the play button.

How do media plug-ins on SAP websites work?

If you want to access the content from one of these media plug-ins, click on the play symbol within the media plug-in to establish a direct connection to the server of the respective media provider. The stream of the media will be redirected from the media provider to your browser.

If you have a user account on the media provider and are logged in at the time you activate the media plug-in, the media provider can associate your visit to SAP’s websites with your user account. In this situation, data transmissions can also take place that are initiated and controlled by the respective media provider. Your connection to a media provider, the data transfers taking place between the network and your system, and your interactions on that platform are governed solely by the privacy and cookie statement or policy of that media provider. Personal Data may also reach providers in countries outside the European Economic Area that may not guarantee an “adequate level of protection” for the processing of Personal Data in accordance with EU standards. If you do not want to share any data with the media provider in connection with SAP’s website, do not click on the media plug-in on SAP’s website.

On which legal basis does SAP make media plug-ins available?

SAP uses media plug-ins on its websites on the basis of its legitimate interest to make remote content visible to the user according to Article 6 (1) lit. f GDPR or the applicable national law.

Use of third-party video players:

This website contains plugins from:

  • YouTube, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, US)
  • Vimeo, Vimeo.com, Inc., 330 West 34th Street, 5th Floor, New York, New York 10001

In some cases, SAP embeds the functionality of third-party video players into the web page to provide relevant content to the user. However, for SAP to maintain consistency in the way it both collects and protects your personal data, the page is designed to prevent cookies from being set before a user interacts with the video. When a user loads a page with such a player, SAP’s cookie preference options will be presented to the user where applicable to emphasize the need for explicit user consent before the video is played. Accepting the option presented will allow the video to be played, resulting in the setting of cookie(s) related to the video player and the transfer of data to the server of the video player’s developer (YouTube, Vimeo). Declining this option will prevent the loading of the related cookies and restrict the transfer of data related to the use of the player.

SAP does not have influence or control over the processing of personal data on the media provider’s website, and the media plug-in remains active until you deactivate it or delete your cookies.

What web beacons are used and how can you manage them?

When SAP sends you newsletters or other e-mail communication, SAP uses web beacons (a small .gif image) to determine a user’s ability to receive e-mail in an HTML format. A web beacon is activated when an HTML e-mail is opened. This capability enables SAP to track the aggregate number of e-mails opened and which individual interacted with the provided content.

The web beacon does not collect any Personal Data.

Each browser provides users or their admins with functionality in their respective technical settings that can be used to prevent the automated download of images, pixels, beacons or other tracking technologies. If you wish to prevent your browser from communicating directly with the sender of an e-mail, you can set your browser to do so.