Skip to main content

Help us improve the Digital Marketplace - send your feedback

SAP UK Ltd

SAP Customer Data Cloud

SAP Customer Data Cloud builds trust with businesses, partners, and customers through seamless engagements and personalised digital experiences, turning anonymous visitors into loyal customers.

Features

  • Registration & Authentication
  • Social Login
  • Progressive and Conditional Profiling
  • Single Sign-On (SSO) & Federation
  • Communication Preferences & Opt-In Management
  • Consent Management
  • Self-Service Preference Centre
  • Data Transformation & Unification
  • Orchestration & Governance
  • Profile, Preference, & Consent data storage

Benefits

  • Increase e-commerce revenue
  • Standardize security best practices
  • Drive better outcomes from your connected systems
  • Build trust with customers by enabling more transparency
  • Centralize consent and preference management
  • Address evolving requirements of regulations
  • Integrate partners earlier through self-service onboarding
  • Reduce costs by minimizing administrative overhead
  • Provide seamless omnichannel experiences
  • Manage security and access requirements proactively

Pricing

£22,534 a unit a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UKPublicSector@sap.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

7 6 8 9 4 3 9 1 7 4 0 4 5 1 8

Contact

SAP UK Ltd Rich Gwyther
Telephone: +44 7557 605477
Email: UKPublicSector@sap.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
SAP Customer Data Cloud is a full SaaS solution with no planned maintenance arrangements or specific hardware requirements. Due to the service being API based SAP does have an Acceptable Usage policy - for more information please see:
https://developers.gigya.com/display/GD/Acceptable+Use+Policy
System requirements
Browser based client from supported list

User support

Email or online ticketing support
Email or online ticketing
Support response times
Different ticket priorities have different response times, but the maximum response time for a Priority 1 ticket is 4 hours.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Through the support.sap.com website
Web chat accessibility testing
Unknown
Onsite support
Yes, at extra cost
Support levels
1. Very High - A support message is priority one if the problem has very serious consequences for normal business transactions and prevents urgent, business-critical work from being performed. The message requires immediate processing because the malfunction can cause serious losses. 2. High - A support message is priority two if normal business transactions in a production system are seriously affected and prevent necessary tasks from being performed. 3. Medium 4. Low

Detailed information can be found here: https://www.sap.com/about/trust-center/agreements/cloud/cloud-services.html?sort=latest_desc&search=Support&tag=language:english&pdf-asset=54f6e6c2-3d7d-0010-87a3-c30de2ffd8ff&page=1
Support available to third parties
Yes

Onboarding and offboarding

Getting started
There is a wealth of online information, demos and product documentation to help you get started with SAP Customer Data Cloud.

https://www.sap.com/products/crm/customer-data-management.html

Onboarding guide & core documentation: https://developers.gigya.com/
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
The IdentitySync tool within SAP Customer Data Cloud enables you to export customer data to a location of your choice (SFTP, Azure, AWS S3, etc). The tool allows for SQL-like querying of the database to extract as many or as few profiles as required, as well as extracting subsets of each customer's profiles. The tool also allows scheduled batch jobs to be configured as well as the frequency (up to 5 minutes intervals), should delta extracts be required.
End-of-contract process
SAP work with you to ensure all required data is offloaded at the end of contract. Once this has been confirmed your data would be permanently removed from our system. There are no additional costs at the end of contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
The SAP Customer Data Cloud’s Admin Console is a complete GUI from which users can enable, configure, and manage virtually every aspect of their implementation of SAP Customer Data. The Admin Console was designed to facilitate SAP Customer Data’s functionality without the need for significant coding experience for most operations.

Admin Console capabilities include:
- Authorize & Provision Admin Accounts
- Build Registration, Login, and Account Management Flows
- Security Policy Setup
- Customize Email Templates
- Configure Integrations
- Query User Data & Perform Administrative Tasks
- Access Essential Reporting & Analytics Tools
- Monitor SAP Customer Data's Performance
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
SAP Customer Data Cloud's console meets WCAG 2.1 level AA accessibility standards throughout.

However, the accessibility design of customer-facing screens is the responsibility of the site’s content owner. The UI Builder supports creating forms and screens adjusted for the needs of disabled users (e.g. high-contrast colors).
API
Yes
What users can and can't do using the API
The SAP Customer Data solution is based on a robust and secure REST API that underlies most of SAP’s services. This API can be utilised directly for server-to-server operations (e.g. exporting batches of users’ data).

Full documentation of the REST API can be found here: http://developers.gigya.com/display/GD/REST+API

Some of the core 'account' level functionality for end-user self-service include:

• Register – accounts.register

• Get Account Info – accounts.getAccountInfo

• Set Account Info – accounts.setAccountInfo

• Delete Profile – accounts.deleteAccount

• Reset Password – accounts.resetPassword

As well as providing all profile management via the REST API, SAP developed a set of SDKs for most common programming languages (Java, .NET, JS, PHP, Python) and three SDKs for mobile development (iOS, Android, and Cordova). Thus, in most cases you will not need to use the REST API directly.

More information on SAP SAP Customer Data's server-side SDKs can be found here: https://developers.gigya.com/display/GD/Server+Side+SDKs

More information on SAP SAP Customer Data's mobile SDKs can be found here: https://developers.gigya.com/display/GD/Mobile+SDKs

SAP also offers a Web SDK (JavaScript), which enables client side interaction with our service: http://developers.gigya.com/display/GD/Web+SDK
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The solution is designed so that much of a typical implementation can be customised via configuration, utilising a variety of web-based tools offered through our Admin Console.

The security policies, for example, can be enabled and configured via the Admin Console’s Policies UI, allowing administrators to set up specific password management policies, two-factor authentication, email verification (along with email template management), CAPTCHA, and more, with no coding required. SAP also provides UIs for configuring SAML and OIDC integrations, Identity Sync (ETL) data flows, and more.

Additionally, our UI Builder offers users a way to customise out-of-the-box registration, login, and profile management screens using a simple drag-and-drop interface with no coding required. This includes such capabilities as adding CAPTCHA, text format verification, password strength meters, and more. Customising the appearance and style of the screens, as well as adding a client’s own branding, only requires knowledge of CSS, and the screens can be deployed to your websites or mobile apps with just a few lines of code (making use of our SDKs). Should more advanced customisation be required, the UI Builder also offers a JavaScript editor, injecting code directly into SAP’s screens.

Scaling

Independence of resources
SAP is responsible for the application and can scale horizontally and vertically, as appropriate. SAP guarantee's performance within the SLA.

Analytics

Service usage metrics
Yes
Metrics types
Server Time: Duration for the server tenant to process a request from the client. Includes the time to parse the request, execute business logic and provide a response.

Network Time: Duration for a client's request to reach the server tenant. Includes SSL time, TCP Connect time, Latency.

End to End Response Time: The time a page is rendered and available to the end user again. This includes the Server time, Network time and Rendering time.

Count: The number of interactions in a given group or window. For example, the number of interactions in a 10-minute window,

User Interactions: User-initiated Transactions
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
The IdentitySync tool within SAP Customer Data Cloud enables you to export customer data to a location of your choice (SFTP, Azure, AWS S3, etc). The tool allows for SQL-like querying of the database to extract as many or as few profiles as required, as well as extracting subsets of each customer's profiles. The tool also allows scheduled batch jobs be configured as well as the frequency (up to 5 minutes intervals), should delta extracts be required.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • GZIP
  • ZIP
  • LZO
  • PGP
  • GPG
  • AAM (text file formatted for the AAM platform)
  • Krux (text file formatted for the Krux platform)
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • GZIP
  • LZO
  • ZIP
  • PGP
  • GPG
  • Any text based file (using custom parsing script)

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
SAP Customer Data Cloud uses a secure channel (TLS) when transferring sensitive data to and from its servers. In addition, REST API calls that perform critical operations, such as deleting users, are only permitted as server-to-server signed requests.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
99.9% System Availability Percentage during each Month for the production version of the Cloud Service.

Service credit of 2% of Monthly Subscription Fees for each 1% below System Availability SLA, not to exceed 100% of Monthly Subscription Fees.

More info here: https://www.sap.com/uk/about/trust-center/agreements/cloud.html
Approach to resilience
SAP leverages Amazon Web Services Availability Zones which are unique physical locations with independent power, network and cooling. Each Availability Zone is comprised of one or more data centres and houses infrastructure to support highly available, mission-critical apps. Availability Zones are tolerant to data centre failures through redundancy and logical isolation of services.
We alsouse Azure segmented into two different availability zones, with geo-replication of data
Outage reporting
All three: a public dashboard,an API and email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
The Admin Console provides a robust Roles & Permissions functionality that controls which features users can access. An administrator can create user groups and assign access on a very granular level, including by site/app ID, specific service, API, and more. Roles & Permissions can be configured via an easy to use UI or via API and can even control access to specific data fields in the user profile. These permissions apply to any consumer of the APIs, including applications.

You can also maintain your existing security policies by federating your Admin users to the Console (using SAML 2.0).
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
DAkkS
ISO/IEC 27001 accreditation date
05/11/2021
What the ISO/IEC 27001 doesn’t cover
All components are covered.
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
25/03/2022
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
All components are covered
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • ISO/IEC 27018:2014
  • SOC 2 Type II

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISO 27001:2017, ISO 27018:2019 and SOC 2 Type II.
Information security policies and processes
SAP’s security framework focuses on the three cornerstones of secure products, operations, and the company. Secure products put the focus on delivering software to our customers that meets the highest levels of security standards with continuous vigilance regarding vulnerabilities and rapid action to remediate issues. Secure operations add another layer to protect data at the level of internal networks, infrastructure, and ecosystem and prevent security lapses within SAP’s internal operations. Secure company facilitates a culture of security at SAP, where employees and associates understand their role in helping secure SAP and its customers for success in the digital economy.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
SaaS Model so all configuration and updates are controlled by SAP.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
SAP’s security-patch management process mitigates threats and vulnerabilities. SAP’s security team rates security patches based on the Common Vulnerability Scoring System standard for operating systems, databases,and virtualization in cloud services. Critical security vulnerabilities that might endanger SAP’s service delivery capabilities. Platform are patched on a priority basis normally on a weekly basis during the weekend.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Securing Cloud services undertakes sophisticated monitoring for malware protection and monitoring. Therefore, SAP has defined and implemented a malware management process with which we consistently and continuously ensure secure service delivery free of viruses, spam, spyware, and other malicious software. It comprises antimalware agent deployment, regular scans, and malware reporting processes.
Incident management type
Supplier-defined controls
Incident management approach
Incident management process that is aligned with the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) 27035:2011 information security principles. Security incidents are monitored and tracked by security specialists in cooperation with defined communication channels until resolved. A security breach involves the accidental or unlawful destruction, loss, alteration, or disclosure of customer personal data or confidential data. Or it may refer to a similar incident involving personal data for which a data processor is required under applicable law to provide notice to the data controller.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

SAP is committed to a future sustainable world and acts as both an exemplar and enabler of sustainability. In 2021, for the 15th consecutive year, SAP was named the Software Industry Leader in the Dow Jones Sustainability Index - https://news.sap.com/2020/11/dow-jones-sustainability-indices-sap-again-leads/. SAP is committed to fighting climate change by reducing carbon and other emissions. SAP is on track to be Carbon Neutral by 2023 and Net Zero by 2030. In line with UK Public Sector guidance SAP has published a Carbon Reduction Plan at: https://www.sap.com/uk/documents/2021/12/561cff41-0a7e-0010-bca6-c68f7e60039b.html On any G-Cloud Contract, SAP will create a Social Value Action plan in collaboration with the buyer. Progress will be reviewed and the plan will be refreshed annually. For fighting climate change, we expect that this plan will include: • ensure renewable energy is used in the data centres providing the services and that all services will be 100% carbon neutral from the first day of service. • offer a workshop to the buyer’s team on the sustainability features of the product that has been purchased and / or the wider SAP suite of sustainability offerings such as the Sustainability Control Tower. • Work with the buyer’s team to promote the free, high-quality learning about sustainability that is available and free to any member of the public on the Open SAP learning portal at https://open.sap.com.
Covid-19 recovery

Covid-19 recovery

On any G-Cloud Contract, SAP will create a Social Value Action plan in collaboration with the buyer. Progress will be reviewed and the plan will be refreshed annually. To help local communities to manage and recover from the impact of COVID-19, SAP is able to support buyers in several areas. As part of the Social Value Action plan, SAP will: • To support re-training and other return to work opportunities for those left unemployed by COVID-19, particularly new opportunities in high growth sectors. SAP will offer a range of free on-demand and facilitated training to communities served by the buyer. This will be delivered free using the Open SAP learning portal at https://open.sap.com. Currently available courses include topics like Circular Economies, Opportunities from a Digitally Transformed Economy and New Work and Purpose. • SAP offers buyers support in key areas for social value relating to COVID 19 Recovery – new ways of working to deliver services; support for the physical and mental health of people affected by COVID-19 and improved workplace conditions such as remote working and sustainable travel solutions. As part of the Social Value Action plan we will offer a workshop to explain the support we can offer and add tasks to the plan where appropriate.
Tackling economic inequality

Tackling economic inequality

There are two themes outlined in the guidance relating to this area of social value - Create new businesses, new jobs and new skills; and increase supply chain resilience and capacity. With respect to skills, as part of the annual Social Value Action plan: • SAP will offer a range of free on-demand and facilitated training to communities served by the buyer. This will be delivered free using the Open SAP learning portal at https://open.sap.com. Currently courses cover a range of in demand skills in the IT industry such as Artificial Intelligence, Analytics and Application Development. For these courses, where relevant, SAP will also provide access to technical platforms at no charge so that students may complete the practical learning components of each course. With respect to increasing supply chain resilience and capacity, as part of the annual Social Value Action plan: • SAP will offer to brief the buyer’s procurement and finance teams on the opportunities relating to the SAP Ariba Procurement offering. This could include on-boarding the buyer’s suppliers to the Ariba Network, a €3.2TN marketplace for suppliers where they can grow their businesses. SAP Ariba Procurement also offers capabilities around supplier risk management to ensure that the buyer’s supply chain achieves the desired level of resilience. The guided buying capabilities of SAP Ariba Procurement also allow the buyer to make it easy for staff to support and comply with organisational social objectives, for example spending with sustainable enterprises or local small businesses. SAP will also share our learnings from 5 by 5 in ’25, an initiative designed to encourage organizations across industries to direct more of their addressable spend toward certified social-enterprise and diverse-business suppliers. https://news.sap.com/2020/10/sap-launches-55by25-purposeful-procurement/
Equal opportunity

Equal opportunity

SAP is committed to being one of the most diverse and inclusive software companies in the world. We proactively promote diversity, inclusion, and social justice and work to ensure that our workforce reflects the gender parity and demographics of all the regions where we have employees. We make every effort to ensure that all stages of the employee lifecycle are inclusive to enable employee success. As part of the Social Value Action plan, SAP will: • Propose a Social Innovation Workshop to explore areas of equal opportunity and look at how we approach diversity and inclusion to see how a shared approach with the buyer could help the buyer’s staff and communities that the buyer serves. For example SAP supports the following organisations and initiatives: • Pro-bono for economic equity – through this economic equity programme, SAP aims to support Black-owned businesses and social enterprises by leveraging corporate talent to help them to build capacity and address systemic and business challenges; • Generation Success - SAP partners with Generation Success, a Social Mobility focused Not for Profit to remove barriers to employment for individuals from diverse backgrounds; • Enactus UK – SAP is the Platinum technology partner for Enactus UK, giving access to one of the UK’s largest innovation and entrepreneur networks in the UK. Enactus allows teams of students all over the country to work together to find innovative solutions to social issues within their local and international communities; • SAP Autism at Work programme - launched in 2013, this programme leverages the unique abilities and perspectives of people with autism to foster innovation as we help customers become intelligent enterprises. The program taps into an underutilized talent source, reducing barriers of entry so qualified individuals can fully develop their potential.
Wellbeing

Wellbeing

As part of the Social Innovation Workshop described in the Equal Opportunity section, SAP will include the theme of ‘Wellbeing’ to review optional initiatives that can be added to the Social Value Action plan. For example: • Innovation – SAP offers clients the ability to run innovation workshops on themes that are important to clients. This is often in collaboration with users and communities who can codesign and create a proof of concept of solutions that would address specific challenges and opportunities. We will also offer free training on innovation topics via our Open SAP learning portal - https://open.sap.com. Current courses include Intrapreneurship – Employee-driven Innovation. • Employee and community pulse – SAP is a leading provider of solutions relating to personal wellbeing. We offer to share our learnings of what works well for different challenges and situations that clients wish to explore. We can share examples of how organisations have supported the physical and mental health of their workforce. A current example would be around working practices and return to work in a post COVID pandemic world. • Self-service and a great user experience are key principles of SAP services. We will share insights learned from working with many public service organisations and also the world’s most recognised brands on how digital services can bring people and communities together. These insights may then trigger actions that can be added to the Social Value Action plan.

Pricing

Price
£22,534 a unit a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
We are happy to offer a Proof of Concept

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UKPublicSector@sap.com. Tell them what format you need. It will help if you say what assistive technology you use.