This Cookie Statement was update on 20.02.2023

This Cookie Statement describes how SAP (hereinafter also “We”, “Our”) uses cookies and similar technologies to collect and store information when you visit cla-assistant.io. SAP’s Privacy Statement applies in addition to this Cookie Statement. SAP’s Privacy Statement informs you about the way SAP uses, stores and protects personal data collected. It also informs you of your data protection rights and how to exercise them. We recommend that you read SAP’s Privacy Statement here.

Cookies are small files placed on your device (computer, tablet or smartphone). When you access a website, a cookie is placed on your device and it will send information to the party that placed the cookie. There are other technologies at perform a similar function to cookies. These include inter alia web beacons, clear gifs, and social plug-ins. These are often used in conjunction with cookies to help a website owner understand its users better.

SAP’s websites contain first party Cookies. First party cookies are cookies that are specific to the website that created them. These cookies enable SAP to operate an efficient service and to track patterns of user behavior to SAP’s website.

Our websites may place session and persistent cookies on your device. Whereas the difference between a first party and third-party cookie relates to the party controlling the initial placement of the cookie on your device, the difference between a session and a persistent cookie relates to the length of time the cookie lasts. Session cookies are cookies that typically last for as long as you are using your browser, or browser session. When you end your browser session, the cookie expires. Persistent cookies, as the name implies, are persistent and will last after you close your browser. This allows for quicker and often more convenient access to Our website.

SAP wants you to be in a position to make an informed decision for or against the use of cookies which are not strictly necessary for technical features on cla-assistant.io. If you elect to reject cookies used for advertising, you will be shown advertising that is less targeted to your interests. This will still allow you to use all of the functionality of cla-assistant.io.

When tracking and evaluating the usage behavior of users of the Web Presence by means of cookies or similar technologies includes the processing of your personal data, SAP is conducting the processing based on the following legal permissions:

• GDPR Article 6.I (a) if it is necessary that We ask you for your consent to process your personal data,
• GDPR Article 6.I (b) if necessary to fulfill (pre-)contractual obligations with you,
• GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage SAP’s business operation),
• or equivalent legal permissions under other relevant national laws, when applicable. SAP differentiates between Required Cookies that are absolutely necessary to enable technical core functionalities, Functional Cookies that allow SAP to analyze the site usage, and Advertising Cookies that are used to serve ads relevant to your interests.

None

None

SAP provides you with the option to adjust your preferences for Functional and Advertising Cookies when such cookies are placed on your device. In such a case, you can access preferences at any time by clicking on the “Cookie Preferences” link in the footer of cla-assistant.io.

You can also block and delete cookies by changing your browser settings. To manage cookies using your browser settings, most browsers allow you to refuse or accept all cookies or only to accept certain types of cookies. The process for the management and deletion of cookies can be found in the help function integrated in your browser. If you wish to limit the use of cookies, you may not be able to use all the interactive functions.

Contributor License Agreement Assistant Terms of Use

1 SCOPE

SAP SE, together with its directly and indirectly wholly owned subsidiaries and affiliates (collectively, "SAP") created the Contributor License Agreement assistant (CLA assistant) website at https://cla-assistant.io ("Website") as a deployment of the CLA assistant open source tool ("Tool") which is available on GitHub at https://github.com/cla-assistant/cla-assistant.

2 ACCEPTANCE OF TERMS

Your access and use of the Website is subject to this Contributor License Agreement Assistant Terms of Use (“TOU”). This TOU forms a legally binding agreement between You and SAP regarding Your access and use of the Website. If You are accessing and/or using the Website on behalf of Your employer or as a consultant or agent of a third party (either refer to as "Your Company"), You represent and warrant that You have the authority to act on behalf of and bind Your Company to this TOU and everywhere in this TOU that refers to "You" or "Your" shall also include and bind Your Company. By accessing or using the Website, You accept and agree to abide by this TOU. If You do not agree to this TOU, You must not access or use the Website.

3 CONDITIONS OF USE

Eligibility. On the condition that You comply with the terms and conditions of this TOU, and that You have current, valid and active account with GitHub (https://github.com/), SAP grants to You a personal, non-exclusive, non-transferable, non-sublicensable, revocable, and limited license to access and use the Website solely for the purpose of using the Tool with your GitHub projects. Your access and use of the Website is based on the authentication of Your account with GitHub. You agree that You will only use Your GitHub authentication credentials to access and use the Website.

Email Notifications. The Website provides functionality that enables You to setup email notifications that will be sent to the email address associated with Your GitHub account.

Dos and Don'ts. You must not use the Website to: a. publish, upload, post, email, transmit or otherwise make available any Content (defined below) that (a) You do not have the right to make available; (b) involves / solicits money or financial data; (c) is unlawful, harmful, tortuous, vulgar, obscene, hateful, or racially, ethnically or otherwise objectionable; (d) infringes any Intellectual Property Rights (defined below) of any party; (e) includes any unsolicited or unauthorized advertising, promotional materials, surveys, junk mail, spamming, chain letters, or any other form of solicitation, commercial or otherwise; or (f) contains a software virus, Trojan horse, worm, time bomb, cancelbot, corrupted file, or any other computer file or software designed to interrupt, destroy, damage or limit the functionality of any computer hardware, software or other property; b. defame, harass, abuse, stalk, threaten or violate the legal rights of others such as rights of privacy and publicity; c. impersonate any person or entity, including, but not limited to, an SAP official, SAP employee, or any other third party, or falsely state or otherwise misrepresent Your affiliation with a person or entity; d. forge email headers or otherwise manipulate identifiers in order to disguise the origin of any Content transmitted through the Website; e. circumvent the user authentication or security of the Website or any host, network, or account related thereto; f. interfere with or disrupt the Website, servers, or networks which support the Website, or disobey any requirements, procedures, policies or regulations of networks connected to the Website; g. violate any applicable local, state, national or international law and any regulations; h. harvest, collect, or store personal information or data of other users; i. provide, or make available, any links, hypertext (Universal Resource Locator (URL) address) or otherwise (other than a "bookmark" from a Web browser), to the Website, or any part thereof; j. except for licenses provided to You as permitted in this TOU, allow any third party to use any user identification(s), code(s), password(s), and procedure(s) issued to, or selected by, You for access to the Website; or k. publicly post personally identifying information to the Website (other than for registration purposes).

SAP is entitled (but not obligated) to monitor and enforce Your compliance with this TOU (including removing any non-complying Content).

4 YOUR CONTENT

By transmitting or uploading any Content (defined below) to the Website, You grant to SAP a perpetual, irrevocable, nonexclusive, worldwide, fully paid up and royalty free license to use such Content for purposes of operating and improving the Website and Tool and without any payment or other consideration of any kind, or permission or notification to You or any third party. As used herein, "Content" means any information, data, code, text, software, documentation, graphics, image, audio, video, photograph, message, rating, suggestions, feedback, recommendation, review, compliments, invitations, ideas, expression of ideas, other materials, or any posting.

5 NO SUPPORT BY SAP

SAP does not provide any support, training, maintenance, or related services for the Website whatsoever. SAP may, in its sole discretion, provide updates or answers to user queries.

6 YOUR FEEDBACK; SAP MAY CONTACT YOU

SAP is happy to receive Your suggestions, comments and feedback (collectively, "Feedback") respecting the Website, the Tool or other SAP products and services. By providing Feedback to SAP, You grant SAP a perpetual, irrevocable, nonexclusive, worldwide, fully paid up and royalty free, unlimited license to use such Feedback without restrictions of any kind and without any payment or other consideration of any kind, or permission or notification to You or any third party. The license includes, without limitation, the irrevocable right to reproduce, prepare derivative works, combine with other works, alter, translate, distribute copies, display, perform, license the Feedback, and all rights therein; to make, have made, offer to sell, sell, lease, or otherwise distribute any Feedback or product; and to practice any method, embodying such Feedback (including the right to sublicense any of the foregoing). To the extent permitted by applicable laws, You hereby waive any moral rights You may have in Feedback. You further represent and warrant to SAP that You have the right, title, and/or authority to grant such license to SAP.

SAP is not obligated to evaluate or provide any comments to You regarding Feedback You submit. At SAP's sole discretion, SAP may contact You with critiques, updates, feedback, replies, or questions regarding Your Feedback, including the status of SAP's evaluation of Your Feedback. In no event will any such contact or communication from SAP obligate SAP to adopt, use, post, provide a timeframe for evaluation, or even provide any additional communication regarding Your Feedback. Nothing in this TOU prohibits or restricts SAP's right to create or obtain other Feedback or submissions similar to or competitive with those submitted by You.

SAP may also send You service announcements and administrative messages related to the operation and administration of the Website and Tool.

7 CHANGE AND NOTICES

SAP reserves the right to make changes to this TOU and to modify, change or discontinue any part or all of the Website at any time. SAP will notify You of any changes to this TOU when You visit the Website and require You to accept such changes before continuing.

THE MOST CURRENT VERSION OF THIS TOU CAN BE ACCESSED BY CLICKING THE "TERMS OF USE" LINK AT THE BOTTOM OF EACH WEB PAGE COMPRISING THE WEBSITE.

8 PRIVACY AND DATA PROTECTION

You understand and agree that SAP collects, uses, stores and otherwise processes Your personal information and utilization data for the operation of this Website in accordance with the Privacy Policy. By using the Website, You consent to our collection and use of personal data as outlined in the Privacy Policy which is incorporated into this TOU by reference.

9 COPYRIGHT POLICY

The Website and Content accessed through the Website are the copyrighted works of SAP or its licensors. Unauthorized copying, distribution, modification, public display, or public performance of copyrighted works is an infringement of the copyright holders rights. You agree that You will not use the Website or Content accessed through the Website to infringe the Intellectual Property Rights (defined below) of SAP or others in any way. You must not remove, overprint or deface any notice of copyright, trademark, logo, legend, or other notice of ownership from any originals or copies of the Website or any Content accessed through the Website. As used herein, "Intellectual Property Rights" means patents of any type, design rights, utility models or other similar invention rights, copyrights, trademarks, service marks, trade secret or confidentiality rights, and any other intangible property rights including applications for any of the foregoing, in any country, arising under statutory or common law or by contract and whether or not perfected, now existing or hereafter filed, issued, or acquired.

10 RESPONSIBILITY FOR LINKS AND CONTENT

SAP IS ONLY RESPONSIBLE OR LIABLE FOR THE CONTENT ACCESSED THROUGH THE WEBSITE TO THE EXTENT REQUIRED BY THE GERMAN TELEMEDIA ACT (TELEMEDIENGESETZ, TMG) AND TO THE FULLEST EXTENT OF APPLICABLE LAW. YOUR USE OF CONTENT IS AT YOUR OWN RISK. The Website may contain links to external websites and information provided on such external websites by SAP partners and third-party service providers. SAP is not responsible for the Contents of any linked website, or any changes or updates to such websites. You further agree that SAP is not directly or indirectly responsible or liable for any damage or loss caused or alleged to be caused by or in connection with Your use of or reliance on any Content, goods or services available on or through any such linked website. Any Content, whether publicly posted or privately transmitted, is the sole responsibility of the person or entity providing the Content.

11 INTELLECTUAL PROPERTY RIGHTS

Subject to any licenses You grant to SAP pursuant to this TOU, You retain ownership of all Intellectual Property Rights in and to the Content provided by You on the Website to the extent You are the owner or holder of the Intellectual Property Rights. Nothing in this TOU prohibits You from selling or licensing Your Content to any other party under a separate agreement, provided that, no such separate agreement may impact SAP's rights to such Content as set forth under Section 4 above or elsewhere in this TOU.

You acknowledge and agree that the Website may contain Content that is protected by copyright, patent, trademark, trade secret or other proprietary rights and laws. All Intellectual Proprietary Rights to the Website and any SAP products belong to SAP. Nothing in this TOU is deemed to give You the right to modify, copy, distribute, transmit, display, perform, reproduce, publish, license, create derivative words from, transfer, or sell the Website or any SAP products for any reason unless otherwise permitted by law. You agree to assign and do assign to SAP any modifications or derivative works of the Website or any SAP products made by You in contravention of this limitation.

12 TERM, TERMINATION AND ACCOUNTABILITY

This TOU is effective when You accept this TOU electronically by clicking "Accept" or "Agree" and remains effective unless terminated by either party. You may terminate this TOU at any time by deleting Your account. SAP may terminate this TOU for convenience at any time, without prior written notice to You.

If SAP believes that You have violated either this TOU, SAP may, at its sole discretion, suspend or terminate Your account and refuse You any current or future use of the Website. SAP may remove any Content posted on the Website at SAP's sole discretion. SAP is not liable to You or any third party for any termination or change to the Website. If You send or upload Content that is confidential or proprietary of a third party without that third party's permission, or, if You transmit or upload Content that is intended to infect, corrupt or otherwise disrupt the operation of the Website or any other user's computer system, SAP may report You to the relevant authorities to ensure You are held accountable to the fullest extent of applicable laws. Upon termination of this TOU, You must immediately cease use and access to the Website.

13 INDEMNITY

You agree to indemnify, defend, and hold SAP, its affiliates, subsidiaries, officers, agents, partners, employees, and licensors harmless from any claim or demand, including reasonable attorneys fees, made by any third party due to or arising out of: Your Content; Your usage of the Website; Your breach of this TOU or the Privacy Policy; Your violation of any terms, conditions or policies of GitHub; or Your violation of any other rights of a third party. The foregoing applies regardless of whether such damage is caused by Your conduct or by the conduct of a third party using Your access credentials.

14 EXCLUSION OF WARRANTIES

THIS WEBSITE IS NOT INTENDED FOR PRODUCTIVE USE. Use of this Website is at your sole risk. The Website is provided to You AS IS. To the fullest extent allowable by law, SAP does not guarantee or warrant any features or qualities of the Website, or give any undertaking with regard to any other quality. Statements and explanations to the Website in promotional material or on the Website and in the documentation are made for explanatory purposes only; they are not meant to constitute any guarantee or warranty of certain features. No warranty or undertaking is implied by a user from any published SAP description of or advertisement except to the extent SAP has expressly confirmed such warranty or undertaking in writing. Warranties are validly given only with the express written confirmation of SAP's management.

SAP does not represent or endorse the accuracy, reliability, completeness, usefulness, non-infringement of intellectual property rights, or quality of any (i) links to web-pages of third parties contained on the Website, or the Content obtainable on such web-pages or (ii) information provided by third parties on the Website. SAP will not and does not permanently control and/or review the linked web-pages and the information provided by third parties but upon sufficiently proven indication will remove the respective link and/or information. SAP is not liable for damages caused by the use of the Content on the linked web-pages and/or information, unless such damages have been caused by SAPs willful misconduct, gross negligence or SAPs failure to fulfill its duty to review as stipulated herein.

15 LIMITATION OF LIABILITY

TO THE FULLEST EXTENT PERMITTED UNDER APPLICABLE LAW, SAP AND ITS AFFILIATES, SUBSIDIARIES, OFFICERS, EMPLOYEES, AGENTS, PARTNERS, AND LICENSORS ARE NOT LIABLE TO YOU OR ANY USER FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS, REVENUE, GOODWILL, USE, DATA, OR OTHER INTANGIBLE LOSSES (EVEN IF SAP HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES), HOWEVER CAUSED, WHETHER IN CONTRACT, TORT, OR OTHERWISE, ARISING OUT OF OR RESULTING FROM: (i) THE USE OR THE INABILITY TO USE THE WEBSITE; (ii) THE COST OF PROCUREMENT OF SUBSTITUTE GOODS AND SERVICES ARISING OUT OF YOUR USE OR INABILITY TO USE THE WEBSITE; (iii) UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR TRANSMISSIONS OR DATA; (iv) STATEMENTS, MESSAGES, OR CONDUCT OF ANY THIRD PARTY ON THE WEBSITE; OR (v) ANY OTHER MATTER RELATING TO THE WEBSITE OR RELATED SERVICES. NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN, THESE LIMITATIONS DO NOT APPLY IN CASE OF INTENT OR GROSS NEGLIGENCE BY SAP AND IN CASE OF SAP'S STATUTORY LIABILITY FOR PERSONAL INJURY AND DEFECTIVE PRODUCTS.

16 COPYRIGHT DISPUTE POLICY

SAP respects the Intellectual Property Rights of others, and we ask our users to do the same. SAP may, in appropriate circumstances and at its discretion, terminate the access/accounts of users who infringe the Intellectual Property Rights of others. If you believe that your work has been copied in a way that constitutes copyright infringement or any other violation of your rights, please provide SAP's Copyright Agent the following information:

• an electronic or physical signature of the person authorized to act on behalf of the owner of the copyright interest;
• a description of the copyrighted work that you claim has been infringed or material which otherwise violates your rights;
• a description of where the material that you claim is infringing/violating is located on the site;
• your address, telephone number, and e-mail address;
• a statement by you that you have a good faith belief that the disputed use is not authorized by the copyright owner, its agent, or the law;
• a statement by you, made under penalty of perjury, that the above information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner's behalf.

SAP's Copyright Agent for notice of claims of copyright infringement can be reached as follows:

Valentina A. Boyet IP Counsel SAP 3999 West Chester Pike Newtown Square, PA 19073 USA (610) 661-5221 copyrights@sap.com

Ulrike Brunner Head of Trademark Affairs Global Legal Department SAP AG Dietmar-Hopp-Allee 16 69190 Walldorf, Germany +49 6227 7-42570 copyrights@sap.com

17 APPLICABLE LAW

The Website is created and controlled by SAP in Germany. Therefore, the laws of Germany will govern this TOU without giving effect to any principles of conflicts of laws. You also agree to comply with all laws from the country in which You reside that are applicable to the transmission of data on the Internet, including, but, not limited to laws governing the use of encryption and laws governing the transmission of data across international boundaries, into prohibited countries, and containing personally identifiable information.

18 WAIVER AND SEVERABILITY

The failure of SAP to exercise or enforce any right or provision of this TOU does not constitute a waiver of such right or provision. To the extent that any provision in this TOU is found to be unenforceable, such provision must be modified in such a manner so as to make this TOU as modified, legal and enforceable under applicable laws and the balance of the provisions of this TOU must not be affected thereby.

19 EXPORT CONTROL

You agree that Your use of the Website will be in compliance with all applicable export control laws and executive orders, including those of the United States and European Union. No software may be downloaded from the Website or otherwise exported or re-exported in violation of applicable export laws.

20 GENERAL

This TOU constitutes the complete and exclusive statement of the agreement between SAP and You related to the subject matter hereof, and supersedes all prior written and oral contracts, proposals and other communications between the parties relating to the subject matter. Oral agreements do not exist.

• You may not assign or otherwise transfer any of its rights under this TOU without SAP's prior written consent.

• If any provision of this TOU proves to be invalid, this will not affect any other provision of this TOU.

Last Updated: August 12, 2016

This Privacy Statement was updated on 20.02.2023

Protecting the individual's privacy is crucial to the future of business. We have created this Privacy Statement to demonstrate the firm commitment of SAP (hereinafter "We", "SAP", "Us" or "Our") to the individual`s right to data protection and privacy. It outlines how We handle information that can be used to directly or indirectly identify an individual (hereinafter “Personal Data”).

The controller of cla-assistant.io is
SAP SE
Dietmar-Hopp-Allee 16
69190 Walldorf
Phone: +49 (0)6227 / 7-47474
Fax: +49 (0)6227 / 7-57575
https://sap.com

You can reach SAP Group’s data protection officer any time at privacy@sap.com.

To provide you with access to cla-assistant.io. We require your Personal Data to grant you access to cla-assistant.io, validate your (GitHub) identity and keep the information of a signed Contributor Agreement available to the project owners leveraging cla-assistant.io.

SAP processes the following categories of Personal Data as contact data:

• Your GitHub identity
• Your email address associated with your GitHub identity
• Other information and personal data you enter into the free-text fields

SAP generally aims to collect Personal Data directly from the data subjects. If you or applicable law allows SAP to do so, SAP may obtain Personal Data also from third party sources. These third- party sources may include:

• third parties you directed to share your Personal Data with SAP

When We collect Personal Data from third party sources, established internal controls aim to ensure that the third-party source was permitted to provide this information to SAP and that We may use it for this purpose. SAP will treat this Personal Data according to this Privacy Statement, plus any additional restrictions imposed by the third party that provided the Personal Data to SAP or by applicable national law.

In most cases, SAP collects Personal Data from you. SAP might also obtain Personal Data from a third party if the applicable national law allows SAP to do so. SAP will treat this Personal Data according to this Privacy Statement, plus any additional restrictions imposed by the third party that provided SAP with it or the applicable national law. These third-party sources include:

• GitHub, Inc., 88 Colin P Kelly Jr St, San Francisco, CA 94107, USA, privacy@github.com, https://github.com

SAP does only store your Personal Data for as long as it is required:

• for the performance of showing your agreement to contribution agreement of a project on github.com.
• to make cla-assistant.io available to you.

SAP may retain your Personal Data for additional periods if necessary for compliance with legal obligations to process your Personal Data or if the Personal Data is needed by SAP to assert or defend itself against legal claims. SAP will retain your Personal Data until the end of the relevant retention period or until the claims in question have been settled.

Your Personal Data will be passed on to the following categories of third parties to process your Personal Data:

• companies within the SAP Group,
• third party service providers; for e.g., for consulting or other services, the provision of the website, the fulfillment and provisioning of offers from SAP or newsletter dispatch.

You can request from SAP at any time access to information about which Personal Data SAP processes about you and, if necessary, the correction or deletion of such Personal Data. Please note, however, that SAP can or will delete your Personal Data only if there is no statutory obligation or prevailing right of SAP to retain it. If you request from SAP to delete your Personal Data, you may not be able to continue to use any SAP service that requires SAP’s use of your Personal Data.

If SAP uses your Personal Data based on your consent or to perform a contract with you, you can further request from SAP a copy of the Personal Data you provided to SAP. In this case, please contact cla_assistant@sap.com and specify the information or processing activities to which your request relates, the format in which you would like to receive the Personal Data, and whether it should be sent to you or another recipient. SAP will carefully consider your request and discuss with you how it can best be fulfilled.

You can request from SAP to restrict your Personal Data from further processing in any of the following events:

• you state the Personal Data about you is incorrect, subject to the time SAP requires to check the accuracy of the relevant Personal Data,
• there is no legal basis for SAP to process your Personal Data and you demand SAP to restrict your Personal Data from further processing,
• SAP no longer requires your Personal Data, but you state you require SAP to retain such data to claim or exercise legal rights or to defend against third party claims, or
• in case you object to the processing of your Personal Data by SAP based on SAP’s legitimate interest (as further set out below), subject to the time required for SAP to determine whether it has a prevailing interest or legal obligation in processing your Personal Data.

Wherever SAP is processing your Personal Data based on your consent, you may at any time withdraw your consent by unsubscribing or giving Us respective notice of withdrawal. In case of withdrawal, SAP will not process Personal Data subject to this consent any longer unless legally required to do so. In case SAP is required to retain your Personal Data for legal reasons your Personal Data will be restricted from further processing and only retained for the term required by law. However, any withdrawal has no effect on past processing of Personal Data by SAP up to the point in time of your withdrawal.

If you take the view that SAP is not processing your Personal Data in accordance with the requirements in this Privacy Statement or under applicable data protection laws, you can at any time, to the extent required by applicable law, lodge a complaint with your locally relevant data protection authority, specifically when you are located in an EEA country, or with the data protection authority of the country or state where SAP has its registered seat.

Please direct any requests to exercise your rights to cla_assistant@sap.com.

SAP will take steps to ensure it verifies your identity to a reasonable degree of certainty before it will process the data protection right you want to exercise. When feasible, SAP will match Personal Data provided by you in submitting a request to exercise your rights with information already maintained by SAP. This could include matching two or more data points you provide when you submit a request with two or more data points that are already maintained by SAP. SAP will decline to process requests that are manifestly unfounded, excessive, fraudulent, represented by third parties without duly representing respective authority or are otherwise not required by local law.

In general, cla-assistant.io is not directed to users below the age of 16 years, or equivalent minimum age in the relevant jurisdiction. If you are younger than 16 or the equivalent minimum age in the relevant jurisdiction, you cannot register with and use cla-assistant.io.

You may find the contact details of your competent data protection supervisory authority here. SAP’s lead data protection supervisory authority is in Germany, the Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg and can be reached at Lautenschlagerstraße 20, 70173 Stuttgart.

SAP is processing your Personal Data for the business purposes set out above based on the following legal permissions: Where We refer to GDPR Article 6.I (f), consequently SAP’s legitimate business interest as Our legal permission to process your Personal Data, SAP is pursuing its legitimate business interests:

• to efficiently manage and perform its business operations,
• to maintain and operate intelligent and sustainable business processes in a group structure optimized for the division of labor and in the best interest of Our employees, customers, partners, and shareholders,
• to operate sustainable business relationships with SAP customers and partners including you (each of which as further set out below),
• serve you with the best possible user experience when using cla-assistant.io,
• comply with extraterritorial laws and regulations, or
• assert or defend itself against legal claims.

We believe that Our interest in pursuing these business purposes is legitimate and thereby not outweighed by your personal rights and interest to refrain processing for such purpose. In any of these cases, We duly factor into Our balancing test:

• the business purpose reasonably pursued by SAP in the given case,
• the categories, amount and sensitivity of Personal Data that is necessarily being processed,
• the level of protection of your Personal Data which is ensured by means of Our general data protection policies, guidelines, and processes, and
• the rights you have in relation to the processing activity.

If you wish to obtain further information on this approach, please contact cla_assistant@sap.com.

When SAP grants you access to cla-assistant.io, validates your (GitHub) identity and keeps the information of a signed Contributor Agreement available to the project owners leveraging cla-assistant.io, SAP is processing your Personal Data on the basis of the following legal permissions:

• GDPR Article 6.I (a) if your consent is required by law for SAP to process your data for this purpose,
• GDPR Article 6.I (b) if necessary, to fulfill (pre- )contractual obligations with you,
• GDPR Article 6.I (f) if necessary, to maintain Our business relationships, to efficiently manage and perform its business operations, to maintain and operate intelligent and sustainable business processes in a group structure optimized for the division of labor and in the best interest of Our employees,
• a legal permission under other national laws equivalent to any of the above, when applicable.

As a global group of companies, SAP has group affiliates and uses third party service providers also in countries outside the European Economic Area (the “EEA”). SAP may transfer your Personal Data to countries outside the EEA as part of SAP’s international business operations. If We transfer Personal Data from a country in the EU or the EEA to a country outside the EEA and for which the EU Commission has not issued an adequacy decision, SAP uses the EU standard contractual clauses to contractually require the data importer to ensure a level of data protection consistent with the one in the EEA to protect your Personal Data. You may obtain a copy (redacted to remove commercial or irrelevant information) of such standard contractual clauses by sending a request to privacy@sap.com. You may also obtain more information from the European Commission on the international dimension of data protection here.

Colombia-Specific Provisions apply to citizens of the Republic of Colombia.

SAP has appointed a Data Protection Officer for Brazil. Written inquiries, requests or complaints to our Data Protection Officer may be addressed to:
Paulo Nittolo Costa
Email: privacy@sap.com
Address: Avenida das Nações Unidas 14171 - Marble Tower – 7th Floor - São Paulo-SP, Brazil 04794-000

Where SAP is subject to certain privacy requirements in the Philippines, the following also applies: For individuals within the Philippines, you may exercise your rights as follows: You can call or write to SAP to submit a request at: cla_assistant@sap.com
Phone: +632-8705-2500
Address: SAP Philippines, Inc.
Attn: Data Protection Officer
27F Nac Tower, Taguig City 1632, Philippines
The following provisions apply to residents and citizens of the Philippines:

• You may claim compensation as finally awarded by the National Privacy Commission or the courts if you suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of Personal Data, considering any violation of your rights and freedoms.
• If you are the subject of a privacy violation or Personal Data breach, or are otherwise personally affected by a violation of the Data Privacy Act, you may file a complaint with the National Privacy Commission.
• Your Transmissibility Rights. Your lawful heirs and assigns may invoke your rights at any time after your death or when you are incapacitated or incapable of exercising your rights.

Where SAP is subject to certain privacy requirements in the United States, the following also applies: U.S. Children’s Privacy. SAP does not knowingly collect the Personal Data of children under the age of 13. If you are a parent or guardian and believe SAP collected information about a child, please contact SAP as described in this Privacy Statement. SAP will take steps to delete the information as soon as possible. Given that cla-assistant.io is not directed to users under 16 years of age and in accordance with the disclosure requirements of the CCPA, SAP does not sell the Personal Data of any minors under 16 years of age.

Where SAP is subject to certain privacy requirements in the United States in the State of California, the following also applies:

You have the right:

• to request from SAP access to your Personal Data that SAP collects, uses, or discloses about you;
• to request that SAP delete Personal Data about you;
• to opt-out of the use or disclosure of your sensitive personal information;
• to non-discriminatory treatment for exercise of any of your data protection rights; and
• if you request access to your Personal Data, for such information to be portable, if possible, in a readily usable format that allows you to transmit this information to another recipient without hindrance. In accordance with the disclosure requirements under the California Consumer Privacy Act (“CCPA”), SAP does not sell or share your Personal Data. In the course of our business activities we may share Personal Data with third parties, or permit third parties to collect data across various SAP websites. Data Subject Access Requests: SAP receives Data Subject Access Requests from across the globe and works to ensure all valid requests where SAP is the Controller are responded to within the appropriate timeframe. In accordance with the verification process set forth in the CCPA, SAP will require a more stringent verification process for deletion requests, or for Personal Data that is considered sensitive or valuable, to minimize the harm that might be posed to you by unauthorized access or deletion of your Personal Data. If SAP must request additional information from you outside of information that is already maintained by SAP, SAP will only use it to verify your identity so you can exercise your data protection rights, or for security and fraud- prevention purposes.

In addition to contacting SAP at cla_assistant@sap.com you may also exercise your rights as follows: You can call toll-free to submit a request using the numbers provided here. You can also designate an authorized agent to submit requests to exercise your data protection rights to SAP. Such authorized agent must be registered with the California Secretary of State and submit proof that you have given authorization for the agent to act on your behalf.

Where SAP is subject to the requirements of the Singapore’s Personal Data Protection Act (“PDPA”), the following also applies: SAP has appointed a Data Protection Officer for Singapore. Written inquiries, requests or complaints to our Data Protection Officer may be addressed to: Subject: Data Protection Officer
Email: privacy@sap.com
Address: Mapletree Business City, 30 Pasir Panjang Rd, Singapore 117440
Contact: +65 6664 6868