Data Security and Privacy

The SAP Engagement Cloud SDK provides mechanisms to support data security, along with guidance on handling user consent and data deletion requests.

Data Transport Security

Push token, application code, and language are stored in your app's sandbox.
The SQLDelight queue stores pending events until they are delivered to SAP Engagement Cloud.
The SDK does not add database-level encryption.

Possible Threat	Mitigation
Token replay	Rotate tokens on the server side and ensure they expire.
Unauthorized push token use	Bind tokens to the application code and contact context on the server side.
Deep link spoofing	Use HTTPS domains and validate that the host matches your expected list before acting.

Only call enable once the user has given their consent.
Allow users to revoke consent. When they do, call disable, which automatically unlinks the contact.
Your application is responsible for capturing and managing consent per applicable data protection regulations.

When a user requests data deletion:

Call unlink().
Clear the app's local storage, including your own caches. If needed, remove the SDK's stored data through the platform's storage settings.
Verify deletion on the server side by checking the contact profile in SAP Engagement Cloud.

You are responsible for complying with the following security requirements:

Item	Action
Data Transport	If required, confirm TLS with certificate pinning. Reject non-HTTPS image URLs for rich push.
Logging	Ensure that no OpenID tokens or PII is logged. Avoid sending tokens to third-party analytics tools unless required.
Permissions	Verify that push permission prompts for Android and iOS only occur when expected.
Consent Revocation	Verify your consent revocation process end‑to‑end.
OpenID Token Rotation	Rotate OpenID token and validate that the old token is rejected.