Last updated: 2023-04-11

This Cookie Statement describes how the openSAP Microlearning website with URL https://microlearning.opensap.com uses cookies and similar technologies to collect and store information while you visit the website. openSAP Microlearning's Privacy Statement applies in addition to this Cookie Statement. openSAP Microlearning's Privacy Statement informs you about the way SAP uses, stores and protects personal data collected. It also informs you of your data protection rights and how to exercise them. We recommend that you read openSAP Microlearning's Privacy Statement.

What Are Cookies and Similar Technologies?

Cookies are small files placed on your device (computer, tablet or smartphone). When you access a website, a cookie is placed on your device and it will send information to the party that placed the cookie. 

There are other technologies that perform a similar function to cookies. These include among others things web beacons, clear gifs, and social plug-ins. These are often used in conjunction with cookies to help a website owner understand its users better. When SAP sends you newsletters or other messages, SAP uses these technologies so that SAP can track email opening and click rates. In order to determine a user's ability to receive HTML emails in addition to whether or not an email has been opened, SAP includes a "web beacon" in the majority of HTML email messages SAP sends. A web beacon (a small .gif image) is activated when an HTML email is opened via a request for the image on our servers. This capability helps SAP send emails in a format that users can read and enables SAP to track the aggregate number of emails opened. The web beacon does not collect any personal data. 

What Are First Party Cookies?

SAP's websites have first party cookies. First party cookies are cookies that are specific to the website that created them. These cookies enable SAP to operate an efficient service and to track patterns of user behavior to SAP's website. 

What Are Third Party Cookies?

The difference between a first party cookie and a third party cookie relates to who places the cookie on your device. SAP sometimes allows third parties to place cookies on your device. Third party cookies are placed on your device by a third party ( i.e. that is, not by SAP). These third parties include service providers acting on SAP's behalf. While SAP allows third parties to access SAP's website to place a third-party cookie on your device, SAP does not retain control over the information stored in or supplied by third party cookies. Third parties might use the information for their own purposes or provide it to SAP or possibly other parties. 

For more information about these Cookies, please click the "Cookie Preferences" link in the footer of the webpage. 

What Is a Session and What Is a Persistent Cookie?

Our websites may place session and persistent cookies on your device. The difference between a session and a persistent cookie relates to the length of time the cookie lasts. Session cookies are cookies that typically last for as long as you are using your browser, or browser session. When you end your browser session, the cookie expires. Persistent cookies, as the name implies, are persistent and will last after you close your browser. This allows for quicker and often more convenient access to our website. 

What Cookies and Similar Technologies Are Used on this SAP Website?

SAP wants you to be in a position to make an informed decision for or against the use of cookies or similar technologies, which are not strictly necessary for technical features on the openSAP Microlearning website. If you select to reject cookies used for advertising, you will be shown advertising that is less targeted to your interests. This will still allow you to use all of the functionality of the openSAP Microlearning website. 

When tracking and evaluating the usage behavior of users of the openSAP Microlearning website by means of cookies or similar technologies includes the processing of your personal data, SAP is conducting the processing based on the following legal permissions: 

  • GDPR Article 6.I (a) if it is necessary that we ask you for your consent to process your personal data, 
  • GDPR Article 6.I (b) if necessary to fulfill (pre-)contractual obligations with you, 
  • GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage SAP's business operation), 
  • or equivalent legal permissions under other relevant national laws, when applicable. 

SAP differentiates between Required Cookies or Similar Technologies that are absolutely necessary to enable technical core functionalities, Functional Cookies or Similar Technologies that allow SAP to analyze the site usage, and Advertising Cookies or Similar Technologies that are used to serve ads relevant to your interests. 

Required Cookies or Similar Technologies

Name

Description/Purpose

Domain

Persistent

LifeSpan

IDP_SESSION_MARKER_accounts

Stores login session in order to recognize a visitor who is already logged in at a connected SAP site (Single Sign-On).

.sap.com

N

Session

IDP_J_COOKIE

Stores login session in order to recognize a visitor during a session.

.accounts.sap.com

N

Session

IDP_USER

Stores login session in order to recognize a visitor during a session.

.accounts.sap.com

N

Session

authIdentifierData

Stores an identifier used to identify a visitor who has logged in before in order to evaluate rules for conditional authentication. Based on these rules, the visitor is sent to a matching identity provider for authentication.

.accounts.sap.com

Y

13 months

authIdentifierDataTemporary

Stores an identifier when entering an email address or user ID into the login dialog until the authentication on corporate identity provider is finalized. Afterwards the information is stored in the authIdentifierData cookie; see above.

.accounts.sap.com

Y

1 min

JSESSIONID

Stores a session ID so that server can identify the visitor during a session.

.accounts.sap.com

N

Session

XSRF_COOKIE

Prevents cross-site request forgery attacks.

.accounts.sap.com

N

Session

kms_ctamuls

Holds the session ID of Kaltura MediaSpace in order to provide functionality of the Kaltura video player, such as storing player volume choice and other viewer preferences.

microlearning.opensap.com

N

Session

__cf_bm

openSAP Microlearning uses a Cloudflare bot solution to identify and mitigate automated traffic to protect your domain from bad bots. To do so, the cookie stores information related to the calculation of a bot score and a session identifier. The information in the cookie is encrypted and can only be decrypted by Cloudflare. A separate __cf_bm cookie is generated for each site that an end user visits, as Cloudflare does not track users from site to site or from session to session. The __cf_bm cookie is generated independently by Cloudflare, and does not correspond to any user ID or other identifiers in a customer's web application.

microlearning.opensap.com

Y

30 min

country

Stores data associated with a country detected by Internet provider.

microlearning.opensap.com

N

Session

notice_behavior

Defines the scenery for user. Used by TrustArc cookie consent management function, which stores visitor’s cookie preference.

microlearning.opensap.com

N

Session

notice_gdpr_prefs

Stores selection a visitor has made on the TrustArc cookie consent management pop-up. It is used to submit the selected cookie categories (Required, Functional, Advertising).

microlearning.opensap.com

Y

13 months

notice_poptime

Stores the latest pop-up date and time of the Trust Arc cookie consent management function in Unix time format. It is used to determine if the TrustArc pop-up displays again.

microlearning.opensap.com

Y

13 months

notice_preferences

Stores selection a visitor has made on the TrustArc cookie consent management pop-up. It is used to manage the display of the TrustArc pop-up and to save the chosen settings.

microlearning.opensap.com

Y

13 months

cmapi_cookie_privacy

Makes it possible to set and save cookies according to the user's cookie settings via TrustArc cookie consent management function.

microlearning.opensap.com

Y

13 months

cmapi_gtm_bl

Used by TrustArc cookie consent management function to prevent the triggering of cookies that have not been selected.

microlearning.opensap.com

Y

13 months

Functional Cookies or Similar Technologies

Name

Description/Purpose

Domain

Persistent

LifeSpan

matomo.js

On behalf of SAP, the Hasso Plattner Institute hosts the Matomo On-Premise web analytics application for openSAP Microlearning. Matomo On-Premise uses JavaScript code for collecting anonymized website usage data.

open.hpi.de

_pk_id.<ID>

Stores an unique identifier generated by Matomo On-Premise web analytics application. It allows SAP to recognize returning visitors in order to aggregate anonymized data sets.

microlearning.opensap.com

Y

13 month

_pk_ses.<ID>

Helps Matomo On-Premise web analytics application to maintain sessions by temporarily store data for the visit.

microlearning.opensap.com

Y

30 min

_pk_ref.<ID>

Stores information about the referrer (that is the website the visitor came from) for Matomo On-Premise web analytics application in order to analyze where visitors are coming from.

microlearning.opensap.com

Y

7 days

Advertising Cookies or Similar Technologies

No entry.

How Can You Manage and Delete Cookies?

SAP provides you with the option to adjust your preferences for Functional and Advertising Cookies when such cookies are placed on your device by the website. In such a case, you can access preferences at any time by clicking on the "Cookie Preferences" link in the footer of the openSAP Microlearning website. 

You can also block and delete cookies by changing your browser settings. To manage cookies using your browser settings, most browsers allow you to refuse or accept all cookies or only to accept certain types of cookies. The process for the management and deletion of cookies can be found in the help function integrated in your browser. 

If you wish to limit the use of cookies, you may not be able to use all the interactive functions of the openSAP Microlearning website.

What Are Social Plug-Ins?

A social plug-in embedded on a website allows you to share content on a third party social media provider’s website. You can recognize social plug-ins as buttons displayed on website pages that feature the logo of the social media provider; e.g., for the Facebook page plug-in, you can recognize the button by a white "f" on a clickable button.

SAP does not have influence or control over the processing of personal data on the social media provider’s website, and the social plug-in remains active until you deactivate it or delete your cookies. Please refer to the privacy and cookie statement or policy of the respective social media provider for more information.

On Which Legal Basis Does SAP Makes Social Plug-Ins Available?

SAP uses social plug-ins on its websites on the basis of its legitimate interest to make SAP visible on social media pursuant to Article 6 (1) (f) GDPR or the applicable national law.

How Do Social Plug-Ins On SAP Websites Work?

If you see one of the social plug-ins and you want to use one of these social plug-ins, click on the respective social plug-in to establish a direct connection to the server of the respective social media provider and you will be redirected to that social media provider's website.

If you have a user account on the social media provider and are logged in at the time you activate the social plug-in, the social media provider can associate your visit to SAP’s websites with your user account. In this situation, data transmissions can also take place that are initiated and controlled by the respective social media provider. Your connection to a social media provider, the data transfers taking place between the network and your system, and your interactions on that platform are governed solely by the privacy and cookie statement or policy of that social media provider. Personal data may also reach providers in countries outside the European Economic Area that may not guarantee an "adequate level of protection" for the processing of personal data in accordance with EU standards. If you do not want to share any data with the social media provider in connection with an SAP website, do not click on the social media plug-in on SAP’s website.

What Is Email Tracking?

When SAP sends you newsletters or other messages, SAP uses these technologies so that SAP can track email open and click rates. In order to determine a user's ability to receive HTML email in addition to whether or not an email has been opened, SAP includes a "web beacon" in the majority of HTML email messages SAP sends. A web beacon (a small .gif image) is activated when an HTML email is opened via a request for the image on our servers. This capability helps SAP sending emails in a format that users can read and enables SAP to track the opening of emails.