Skip to Content

I always try to find new sources of information that provide new perspectives on SAP’s Cloud offerings. I’ve looked at SAP job offerings, archived websites from 10 years ago  and other strange bedfellows. Recently, I’ve been looking for new sources of inspiration.

I recently started paying more attention to the Terms of Services and Conditions (ToS) for SaaS applications. This interest was sparked by a site called “Terms of Services: Didn’t Read” which deals with the fact that most of us never read the “Terms of Services” of the applications we use.  This site attempts to crowd-source the analysis of such agreements so that the normal user can understand them.

The same categories are used for all sites.

Here are some examples:

Topic

Description

Anonymity and Tracking: Are you being spied on?

The terms sometimes describe the level of logging and the level of data collection and which kinds of data the service is processing.

Data portability: Can you get your data back?

It is essential that users who do not wish to continue using a service can get their data out of the service, and thus avoid lock-in.

Ownership: What happens with the content you generate on the service?

The content and the data you generate on services online is usually subject to copyright law. When your data are collected by services, they can be considered personal data. It means that it is your content, your data: you can decide.

Right to leave the service: To avoid lock-in and stay in control

Business Transfers: Can they sell your data?

With these categories, users can compare various services:

/wp-content/uploads/2012/08/image001_131542.jpg

Users can expand this summary to get more details based on excerpts from the actual document.

/wp-content/uploads/2012/08/image002_131597.jpg

I looked at the list of applications and services that the “Terms of Services: Didn’t Read” community had analyzed and noticed that the majority of those were in the consumer space and very few could be associated with enterprise offerings from vendors

I thought to myself – wouldn’t it be interesting to use a similar approach to look at the ToSs offered by SAP’s Cloud offerings.

SAP’s Cloud ToSs: Discovery

The first challenge was to find these agreements.  I decided to go to the applications themselves to find the ToSs or Terms of Use (ToU) as SAP calls them.

I was interested in information that is distinct to the application – a link to the corporate Privacy Policy really doesn’t help end-users or my desire to better understand these offerings.

Here are the ToUs that I found (I would have liked to have found more)

Application

Type

Comment

StreamWork

Privacy Statement

Very similar to corporate Privacy Policy

StreamWork

General Terms and Conditions for SAP On-Demand Services

Very general

NetWeaver Cloud

Terms of Use

BI OnDemand

Terms of Use

RecallsPlus

Terms of Use

Included, because it is based on the HANA AppCloud

SAP’s Cloud ToSs: Analysis

I’m not going to analyze every ToU based on all the categories that “Terms of Services: Didn’t Read” describes but I want to highlight a few points of interest.

Application: BI OnDemand

Category: Data portability Can you get your data back?

Quote:

7.4 Upon the effective date of termination, Customer’s access to the Service will be terminated. Following termination SAP shall make available to Customer the Customer Data in a format to be determined by SAP, unless such Customer Data has been removed in accordance with Article 7.3 or in case Customer was granted a free (no fee) license to the Service. Upon termination of the Agreement, SAP shall use commercially reasonable efforts to permanently and irrevocably remove all data still remaining on the servers, including but not limited to Customer Data, unless and to the extent applicable laws and regulations require further retention of such data.

Analysis: If you are paying customer, then SAP will try and give your data but if you are using the free offering, it appears that your data disappears.

Application: RecallsPlus

Category: Right to leave the service:  To avoid lock-in and stay in control

Quote:

Your User Content is stored by SAP. Removing the Software from Your Apple mobile device does not delete Your User Content. You may delete Your User Content stored by SAP by (1) deactivating Your account under settings tab in the Software or (2) You may contact SAP to delete Your User Content using the feedback option in settings tab.

Analysis:  This is important functionality in consumer-facing applications. The ability of RecallsPlus to easily provide this functionality may be associated with the characteristics of the application itself – it is a mobile application with restricted functionality. Try to provide the same feature in a complex SaaS application.

Application: StreamWork

Category: Cookies and related technologies

Quote:

SAP StreamWork uses session cookies to manage your connectivity to the website, e.g. to remember your personal preferences, but it does not use tracking cookies to gather information about you or your use of the site.

The table below explains the cookies that SAP StreamWork uses and why:


Keep Me Logged In

_user_id

This cookie is used to determine the current user logon status and is based on when a user activates the “Keep me logged in for 2 weeks” feature.

….

…..

…….

[Author’s note: I’ve not listed all cookies. If you want the full list then look at the ToU yourself]


Analysis: Although the detail might be too much for some users, I thought it was useful for end-users to see what exactly what was being tracked rather than just having the information that the application uses cookies.

Note: I tried to find the Terms of Use for other SAP Cloud Offerings but had great difficulty finding them. Indeed, I had trouble finding the SaaS platforms themselves.  Try and find the URL for Travel OnDemand without being a Travel OnDemand customer – good luck.


Conclusion

Obviously, I didn’t describe the complete contents of all available SAP Cloud ToUs – my goal was to select interesting paragraphs and surface them. 

As I read these ToUs, I became aware that the reason most users don’t read them is that they are largely impossible to understand.

Ideally, the community would examine the various ToUs from SAP and use the categories used by Terms of Services: Didn’t Read to assure that customers can better understand the Cloud offerings they are using / buying.

Recommendations for SAP

  • Use the same ToU categories to assure that the descriptions of Cloud offerings reflect the expectations of users regarding SaaS applications. 
  • Assure that ToUs for cloud applications are structured in a similar fashion and that critical information (data retention, data storage, privacy, etc) are included in every ToS or included in a general agreement
To report this post you need to login first.

4 Comments

You must be Logged on to comment or reply to a post.

  1. Tom Van Doorslaer

    Excellent!

    I didn’t know about this crowdsourced ToS analysis. It’s brilliant. SAP would do good to indeed revamp their ToU’s and make them digestible in the same way that tos-dr does.

    Makes me happy that I’m a google fan, but also worries me if I see the analysis of Facebook and Twitter.

    (0) 
    1. Richard Hirsch Post author

      I think it would be interesting not only to see SAP’s ToS/TOUs in there but also those of other competitors in the enterprise software arena (ie Salesforce and Workday). Then customers would be able to easily compare these vendors as well.

      D.

      (0) 
  2. Luke Marson

    Hi Richard,

    This ia good article and some important points for customers. Customers should be aware that the long-term cost of a failed SaaS project could be the loss of data or retrieval in a way that costs significantly to port into another application database/SaaS application. I’m sure there are other terms that are going to effect the long-term use of SaaS software by customers, so this blog is a good attempt at raising the issue with the community.

    Best regards,

    Luke

    (0) 
    1. Richard Hirsch Post author

      Luke,

      I agree completely.

      There are so many nuggets of information in these agreements that customers usually don’t read until something goes wrong. Such agreements are primarily there for situations in which disputes occur when vendors can refer to them. 

      As the enterprise software space slowly evolves and individual users sometimes purchase  mobile apps for their own devices to use for the work, it is critical for the awareness of such ToS to increase in the broader community.

      D.

      (0) 

Leave a Reply