Cookie Statement
This Cookie Statement was updated on 05/25/2023.
This Cookie Statement describes how SAP Ariba (hereinafter also “We”, “Our”) uses cookies
and similar technologies to collect and store information when you visit Buyer and Sourcing.
SAP Ariba’s Privacy Disclosure applies in addition to this Cookie Statement. SAP Ariba’s Privacy Disclosure informs you about the way SAP Ariba uses, stores, and protects personal data collected. It also informs you of your data protection rights and how to exercise them.
We recommend that you read the Privacy Disclosure:
What are cookies and similar technologies?
Cookies are small files placed on your device (computer, tablet, or smartphone). When you access a website, a cookie is placed on your device, and it will send information to the party that placed the cookie.
There are other technologies that perform a similar function to cookies. These include inter alia web beacons and clear gifs. These are often used in conjunction with cookies to help a website owner understand its users better.
What are first party cookies?
SAP Ariba’s websites contain first party cookies. These cookies enable SAP Ariba to operate an efficient service and to track patterns of user behaviour to SAP Ariba’s website.
What are third party cookies?
The difference between a first party cookie and a third-party cookie relates to who places the cookie on your device. SAP Ariba sometimes allows third parties to place Cookies on your device. Third party cookies are placed on your device by a third party (i.e., not by SAP Ariba). While SAP Ariba allows third parties to access SAP Ariba’s website to place a third-party cookie on your device, SAP Ariba does not retain control over the information supplied by the cookies, nor does SAP Ariba retain access to this information. This information is controlled wholly by that third party according to the respective privacy policy of the third party. For more information about these cookies, please click the “Cookie Preferences” link in the footer of the webpage.
What is a session and what is a persistent cookie?
Our websites may place session and persistent cookies on your device. Whereas the difference between a first party and third-party cookie relates to the party controlling the initial placement of the cookie on your device, the difference between a session and a persistent cookie relates to the length of time the cookie lasts. Session cookies are cookies that typically last for as long as you are using your browser, or browser session. When you end your browser session, the cookie expires. Persistent cookies, as the name implies, are persistent and will last after you close your browser. This allows for quicker and often more convenient access to our website.
What cookies are used on SAP Ariba web presence?
SAP Ariba wants you to be in a position to make an informed decision for or against the use of cookies which are not strictly necessary for technical features on the Solution. If you elect to reject cookies used for advertising, you will be shown advertising that is less targeted to your interests. This will still allow you to use all the functionality of our website.
When tracking and evaluating the usage behaviour of users of the Web Presence by means of cookies or similar technologies includes the processing of your personal data, SAP Ariba is conducting the processing based on the following legal permissions:
-
GDPR Article 6.I (a) if it is necessary that We ask you for your consent to process your personal data,
-
GDPR Article 6.I (b) if necessary to fulfil (pre-)contractual obligations with you,
-
GDPR Article 6.I (f) if necessary to fulfil (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage SAP Ariba?s business operation),
-
or equivalent legal permissions under other relevant national laws, when applicable.
SAP Ariba differentiates between Required Cookies that are necessary to enable technical core functionalities, Functional Cookies that allow SAP to analyse the site usage.
Required Cookies
| Name |
Purpose |
Persistent |
Lifespan |
| auc_user_search_query_meta |
User search query operation info management |
Y |
Session |
| auc_ctxt_tag_list |
Community sensitive context tags management |
Y |
Session |
| spotlightKeys |
Spotlight items management. |
Y |
Max-Age: 4 hours |
| insituUserStatus |
Logged in user status management for insitu |
Y |
Max-Age: 10 mins |
| SSESS* |
User login process management. |
Y |
Max-Age: 30 mins |
| c_user_session |
User activity tracking management |
Y |
Max-Age: 30 mins |
| session_api_session |
Extend Drupal core sessions workings |
Y |
Max-Age: 1 month |
| insituPinnedState |
Pages path status management for user |
Y |
Max-Age: 30 mins |
| ROUTEID |
Connectivity tracking management between services (Solr, CWS, Community apps) |
Y |
Session |
| insituBaseContext |
Insitu app context status management. |
Y |
Max-Age: 30 mins |
| a_fenb |
User feature functionality management. |
Y |
Session |
| has_js |
Flag to check whether current clients is JavaScript-enabled or not |
Y |
Session |
| gbsioecv2 |
Not set by Community |
Y |
Session |
| gbslcv2 |
Not set by Community |
Y |
Session |
| HCenter |
Not set by Community |
Y |
Session |
| dmsToken |
Store oauth token |
Y |
Session |
| ariba_passwordadapter |
User during SSO workflow |
Y |
Session |
| ariba_realm |
User during SSO workflow |
Y |
Session |
| JSESSIONID |
Secure session management |
Y |
Session |
| AWSSOPT |
Path cookie for error handling. This will be set only if SSO.Debug is enabled. So may not be seen in production system often. |
Y |
Session |
| JSESSIONMARKID |
SAP Netweaver Web Application |
Y |
Secure Session Management |
| saplb_* |
SAP Netweaver Web Application |
Y |
Secure Session Management |
| sapextlb_JSP |
SAP Netweaver Web Application |
Y |
Secure Session Management |
| SESSIONID |
Secure session management |
Y |
Session |
| X-Auth-Token |
Authentication and Authorization |
Y |
Session |
| awscreenstats |
Ariba Services Cookies; used to collect end user’s browser screen resolution using which they access Ariba for application performance monitoring |
N |
Session |
| ariba_passwordadapter |
Ariba Password Cookies |
Y |
Session |
| ariba_realm |
Ariba Services Cookies; used by application’s SSO workflow. The information in it is being used to construct application URLs as well |
Y |
Session |
| AWSSOAI |
Authentication and Authorization ; used in application SSO flow |
Y |
Session |
| AWSSOAU |
Authentication and Authorization ; used in application SSO flow |
Y |
Session |
| AWSSOSL |
Authentication and Authorization ; used in application SSO flow |
Y |
Session |
| TS011fb94a |
Use in the Application Security Manager (ASM) to improve security and performance. |
Y |
Default=600 sec |
| TS017eb3bc |
Use in the Application Security Manager (ASM) to improve security and performance. |
Y |
Default=600 sec |
| TS01adf751 |
Use in the Application Security Manager (ASM) to improve security and performance. |
Y |
Default=600 sec |
| TS01d1b21c |
Use in the Application Security Manager (ASM) to improve security and performance. |
Y |
Default=600 sec |
Functional Cookie
| Name |
Purpose |
Persistent |
Lifespan |
| Awscreenstats |
Captures information about user’s screen resolution to improve user performance |
N |
Session |
| uetvid |
Bing.com Targeting/Advertising |
N/Functional (to store and track visits across websites.) |
Advertising |
| AMCVS_B68602BE5330943C0A490D4C@AdobeOrg |
Adobe Marketing Cloud: Analytics |
N/Functional (to Store and track interaction.) |
Marketing |
| s_cc |
Adobe Marketing Cloud: Analytics |
N/Functional |
Marketing |
| AMCV_#ID@AdobeOrg |
Adobe Marketing Cloud: Analytics |
N/Functional |
Advertising |
| mbox |
Adobe Target: Website Personization |
N/Functional |
Marketing |
| gb_userSearchHistoryQuery |
User Search History Query |
Y |
1 month |
How can you manage and delete cookies?
SAP Ariba provides you with the option to adjust your preferences for Functional and Advertising Cookies. In such a case, you can access preferences at any time by clicking on the Cookie Preferences in the footer of the Solution.
You can also block and delete cookies by changing your browser settings. To manage cookies using your browser settings, most browsers allow you to refuse or accept all cookies or only to accept certain types of cookies. The process for the management and deletion of cookies can be found in the help function integrated in your browser.
If you wish to limit the use of cookies, you may not be able to use all the interactive functions.
Are there any other tracking technologies used?
When SAP sends you newsletters or other messages, SAP uses these technologies so that SAP can track email open and click rates. In order to determine a user's ability to receive HTML e-mail in addition to whether or not an e-mail has been opened, SAP includes a "web beacon" in the majority of HTML e-mail messages SAP sends. A web beacon (a small .gif image) is activated when an HTML e-mail is opened via a request for the image on Our servers. This capability helps SAP send e-mail in a format that users can read and enables SAP to track the aggregate number of e-mails opened. The web beacon does not collect any personal data.