Skip to main content

@PersonalData

STABLE This annotation can be used productively.

Introduction

The processing of personal data is key in business processes. SAP's products must enable our customers to operate their applications in compliance with data protection laws. One way of enabling is applying DPP-related annotations. Via those annotations the specific DPP-related behavior can be enabled by the consumers. The annotations are derived from existing personal data annotations in OData and OpenAPI.

Notational Conventions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

Schema Definitions

Annotations Overview

AnnotationScopeDescription
@PersonalData.entitySemanticsEntityPrimary meaning of the entities in the annotated entity set. Entities annotated with @PersonalData.entitySemantics are synonymous to @PersonalData.isPotentiallyPersonal.
@PersonalData.dataSubjectRoleEntityRole of the data subjects in this set (e.g. employee, customer). Values are application-specific.
@PersonalData.dataSubjectRoleDescriptionEntityLanguage-dependent description of the role of the data subjects in this set (e.g. employee, customer). Values are application-specific.
@PersonalData.fieldSemanticsTypePrimary meaning of the personal data contained in the annotated property. Changes to values of annotated properties are tracked in the audit log. Use this annotation also on fields that are already marked as contact or address data. Properties annotated with fieldSemantics need not be additionally annotated with @PersonalData.isPotentiallyPersonal.
@PersonalData.isPotentiallyPersonalTypeProperty contains potentially personal data. Properties annotated with @PersonalData.fieldSemantics need not be additionally annotated with this annotation. Personal data describes any information which is related to an identified or identifiable natural person (data subject). An identifiable person is one who can be identified, directly or indirectly, in particular by a reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
@PersonalData.isPotentiallySensitiveTypeProperty contains potentially sensitive personal data. Sensitive personal data is a category of personal data that needs special handling. The determination which personal data is sensitive may differ for different legal areas or industries.
Examples of sensitive personal data:
- Special categories of personal data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or sex life or sexual orientation.
- Personal data subject to professional secrecy
- Personal data relating to criminal or administrative offenses
- Personal data concerning insurances and bank or credit card accounts

@PersonalData.entitySemantics

Primary meaning of the entities in the annotated entity set. Entities annotated with @PersonalData.entitySemantics are synonymous to @PersonalData.isPotentiallyPersonal.

Scope: Entity
Extending: EntityDefinition
Type: Object(#)

PropertyTypeDescription
#
MANDATORY
string
Provide the value in { "#": "<value>" } enum notation.
Allowed Values:

  • "DATA_SUBJECT": Describes a data subject, for example, a customer or vendor.

  • "DATA_SUBJECT_DETAILS": Describes entities that contain details for a data subject, for example an address.

  • "OTHER": Entities that contain personal data or references to data subjects but do not represent data subjects or details itself. For example: customer quote, customer order, or purchase order.

Example Values:
{
  "#": "DATA_SUBJECT"
}

@PersonalData.dataSubjectRole

Role of the data subjects in this set (e.g. employee, customer). Values are application-specific.

Scope: Entity
Extending: EntityDefinition
Type: string

@PersonalData.dataSubjectRoleDescription

Language-dependent description of the role of the data subjects in this set (e.g. employee, customer). Values are application-specific.

Scope: Entity
Extending: EntityDefinition
Type: string

@PersonalData.fieldSemantics

Primary meaning of the personal data contained in the annotated property. Changes to values of annotated properties are tracked in the audit log. Use this annotation also on fields that are already marked as contact or address data. Properties annotated with fieldSemantics need not be additionally annotated with @PersonalData.isPotentiallyPersonal.

Scope: Type
Extending: BooleanType, StringType, LargeStringType, IntegerType, Int16Type, Integer64Type, UInt8Type, DecimalType, DoubleType, DateType, TimeType, DateTimeType, TimestampType, UUIDType, BinaryType, LargeBinaryType, AssociationType, CompositionType, CustomType, TypeDefinition, BooleanTypeDefinition, StringTypeDefinition, LargeStringTypeDefinition, IntegerTypeDefinition, Int16TypeDefinition, Integer64TypeDefinition, UInt8TypeDefinition, DecimalTypeDefinition, DoubleTypeDefinition, DateTypeDefinition, TimeTypeDefinition, DateTimeTypeDefinition, TimestampTypeDefinition, UUIDTypeDefinition, BinaryTypeDefinition, LargeBinaryTypeDefinition, AssociationTypeDefinition, CompositionTypeDefinition
Type: Object(#)

PropertyTypeDescription
#
MANDATORY
string
Provide the value in { "#": "<value>" } enum notation.
Allowed Values:

  • "DATA_SUBJECT_ID": Identifies the data subject unique key or references it.

  • "DATA_SUBJECT_ID_TYPE": The type describing the DataSubjectID identifying the data subject, e.g., an e-mail address, semantic of the ID or a customer.

  • "CONSENT_ID": The unique identifier for a consent. A consent is an action of data subjects confirming that the usage of their personal data shall be allowed for a given purpose. A consent functionality allows the storage of a consent record in relation to a specific purpose and shows if a data subject has granted, withdrawn, or denied consent.

  • "PURPOSE_ID": The unique identifier for the purpose of processing of personal data. Any processing of personal data is based on specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes. The purpose is defined by the data controller or joint data controllers.

  • "CONTRACT_RELATED_ID": The unique identifier for transactional data that is related to a contract that requires processing of personal data. For example, Sales Contract ID, Purchase Contract ID, or Service Contract ID.

  • "DATA_CONTROLLER_ID": The unique identifier of a legal entity which alone or jointly with others determines the purposes and means of the processing of personal data. The Data Controller is fully responsible (and accountable) that data protection and privacy principles (such as purpose limitation or data minimization), defined in the European General Data Protection Regulation (GDPR) or any other data protection legislation, are adhered to when processing personal data. The DataControllerID succeeds the LegalEntityID.

  • "USER_ID": The unique identifier of a user. A user is an individual who interacts with the services supplied by a system.

  • "END_OF_BUSINESS_DATE": Defines the end of active business and the start of residence time and retention period. End of business is the point in time when the processing of a set of personal data is no longer required for the active business, for example, when a contract is fulfilled. After it has been reached and a customer-defined residence period has passed, the data is blocked and can only be accessed by users with special authorizations (for example, tax auditors). All fields of type Edm.Date or Edm.DateTimeOffset on which the end of business determination depends should be annotated.

  • "BLOCKING_DATE": Defines a date that marks when the provider of the data will block these. This is the point in time when the processing of a set of personal data is no longer required for the active business, for example, when a contract is fulfilled. After it has been reached, the data is blocked in the source and can only be displayed by users with special authorizations (for example, tax auditors); however, it is not allowed to create/change/copy/follow-up blocked data. Consumers of the data should consider if there is an additional purpose to process the data beyond the defined blocking date

  • "END_OF_RETENTION_DATE": Defines a date that marks when the provider of the data can destroy these. Consumers of the data should consider if there is an additional purpose (or a legal hold) to process the data beyond the defined destruction date.

Example Values:
{
  "#": "DATA_SUBJECT_ID"
}

@PersonalData.isPotentiallyPersonal

Property contains potentially personal data. Properties annotated with @PersonalData.fieldSemantics need not be additionally annotated with this annotation. Personal data describes any information which is related to an identified or identifiable natural person (data subject). An identifiable person is one who can be identified, directly or indirectly, in particular by a reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Scope: Type
Extending: BooleanType, StringType, LargeStringType, IntegerType, Int16Type, Integer64Type, UInt8Type, DecimalType, DoubleType, DateType, TimeType, DateTimeType, TimestampType, UUIDType, BinaryType, LargeBinaryType, AssociationType, CompositionType, CustomType, TypeDefinition, BooleanTypeDefinition, StringTypeDefinition, LargeStringTypeDefinition, IntegerTypeDefinition, Int16TypeDefinition, Integer64TypeDefinition, UInt8TypeDefinition, DecimalTypeDefinition, DoubleTypeDefinition, DateTypeDefinition, TimeTypeDefinition, DateTimeTypeDefinition, TimestampTypeDefinition, UUIDTypeDefinition, BinaryTypeDefinition, LargeBinaryTypeDefinition, AssociationTypeDefinition, CompositionTypeDefinition
Type: boolean
Default Value: true

@PersonalData.isPotentiallySensitive

Property contains potentially sensitive personal data. Sensitive personal data is a category of personal data that needs special handling. The determination which personal data is sensitive may differ for different legal areas or industries. Examples of sensitive personal data:

  • Special categories of personal data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or sex life or sexual orientation.
  • Personal data subject to professional secrecy
  • Personal data relating to criminal or administrative offenses
  • Personal data concerning insurances and bank or credit card accounts

Scope: Type
Extending: BooleanType, StringType, LargeStringType, IntegerType, Int16Type, Integer64Type, UInt8Type, DecimalType, DoubleType, DateType, TimeType, DateTimeType, TimestampType, UUIDType, BinaryType, LargeBinaryType, AssociationType, CompositionType, CustomType, TypeDefinition, BooleanTypeDefinition, StringTypeDefinition, LargeStringTypeDefinition, IntegerTypeDefinition, Int16TypeDefinition, Integer64TypeDefinition, UInt8TypeDefinition, DecimalTypeDefinition, DoubleTypeDefinition, DateTypeDefinition, TimeTypeDefinition, DateTimeTypeDefinition, TimestampTypeDefinition, UUIDTypeDefinition, BinaryTypeDefinition, LargeBinaryTypeDefinition, AssociationTypeDefinition, CompositionTypeDefinition
Type: boolean
Default Value: true