Last updated: June 2026
This Privacy Policy describes exactly what data BuddySAP collects, how it is used, and your rights. We have written this to be clear and accurate — not to hide behind legal boilerplate.
1. Who We Are
BuddySAP (buddysap.com) is an AI-powered SAP knowledge platform providing diagnostic tools for SAP consultants and professionals. The platform is operated from India.
Contact: buddysap.com/contact-us
2. The Most Important Thing — Your SAP Data Is Never Stored
✅ Zero SAP Data Storage — Guaranteed
When you upload EWA reports, ABAP dumps, SAP logs, or any other SAP files to our tools:
- Files are read and processed entirely inside your browser using client-side JavaScript
- Your SAP data never leaves your device to reach BuddySAP servers
- Nothing is uploaded to, stored on, or logged by our servers
- When you close the browser tab, all data is gone permanently
The only exception is text you type into the AI chat or analysis input fields — this is sent to the Anthropic API for AI processing (see Section 5). Even then, BuddySAP servers are not involved — your browser communicates directly with Anthropic.
3. What Personal Data We Collect
3.1 Account Registration
When you create a BuddySAP account, we collect and store in our WordPress database:
- Full name — for personalisation
- Email address — your account identifier and login
- Phone number — optional, for support purposes
- Subscription plan — Free, Pro, or Premium
- Account creation date and last login
We do not collect or store passwords in plain text. Passwords are hashed using WordPress’s bcrypt implementation. If you sign in via Google, we store only your name and email from the Google profile — no Google tokens are retained.
3.2 Usage Data (Browser Only)
The following data is stored only in your browser’s localStorage — not on our servers:
- Your session login state
- Daily/monthly usage count per tool
- Dark mode and display preferences
This data is cleared when you sign out, clear your browser data, or use incognito mode.
3.3 Contact Form Submissions
If you use the contact form at buddysap.com/contact-us, we receive your name, email, and message. This is stored in WordPress and used only to respond to your inquiry.
3.4 Blog Comments
If you leave a comment on a BuddySAP blog article, we collect your name, email, and IP address for spam detection. Comments are stored in WordPress indefinitely unless you request deletion.
4. Cookies and Browser Storage
4.1 Essential cookies (WordPress)
When you log in to a BuddySAP account, WordPress sets standard session cookies to maintain your login state. These expire when you log out or after 2 days.
4.2 localStorage (AI tools)
Our AI tool pages (ewa-analyzer.html, abap-dump-analyzer.html, etc.) use browser localStorage — not cookies — to store your session, usage quota, and preferences locally on your device.
4.3 Advertising cookies (third-party)
BuddySAP displays advertisements via Google AdSense and Infolinks. These ad networks set their own cookies to serve relevant ads and measure performance. We do not control these cookies. You can opt out of personalised advertising via:
5. Third-Party Services We Use
The following third-party services are integrated into BuddySAP. Each has its own privacy policy.
| Service | Purpose | Data sent to them |
|---|---|---|
| Anthropic (Claude API) | AI-powered analysis in all 5 tools | Text you enter or paste for analysis. SAP files are NOT sent — only extracted text content. |
| Google Analytics | Website usage analytics | Page views, session duration, browser type, approximate location (country/city). No personal identifiers. |
| Google AdSense | Display advertising | Browsing behaviour for ad targeting (via cookies). Governed by Google’s privacy policy. |
| Infolinks | In-text advertising | Page content and browsing data for contextual ads (via cookies). |
| Razorpay | Payment processing (Pro/Premium plans) | Payment details (card/UPI/bank). BuddySAP never sees or stores your payment information. |
| Google Sign-In | Optional OAuth login | If you choose “Continue with Google”, Google authenticates you and shares your name and email with us. |
| Bluehost | Web hosting (India) | Standard server logs (IP address, request timestamps) retained per Bluehost’s policy. |
6. How We Use Your Data
We use the personal data we collect only for the following purposes:
- To create and manage your BuddySAP account
- To track your usage quota (Free: 10/day, Pro: 50/month, Premium: 200/month)
- To process subscription payments via Razorpay
- To respond to your support or contact form requests
- To send transactional emails (account confirmation, password reset) — no marketing emails without consent
- To improve the platform based on aggregated, anonymised usage analytics
We do not sell your personal data. We do not use your data for profiling or automated decision-making.
7. Data Retention
- Account data — retained while your account is active. Deleted within 30 days of account deletion request.
- SAP analysis data — never retained (browser-only processing)
- Contact form submissions — retained for 12 months then deleted
- Payment records — retained for 7 years as required by Indian tax law (GST compliance)
- Server logs — retained by Bluehost per their standard policy (typically 30 days)
8. Your Rights
You have the following rights regarding your personal data:
- Access — request a copy of the data we hold about you
- Correction — update your name, email, or phone via Account Settings
- Deletion — request deletion of your account and all associated personal data
- Portability — request your data in a machine-readable format
- Objection — opt out of advertising cookies at any time (see Section 4.3)
To exercise any of these rights, contact us at: buddysap.com/contact-us
9. Children’s Privacy
BuddySAP is designed for SAP professionals and is not directed at children under 13. We do not knowingly collect personal data from anyone under 13. If you believe a child has provided us with personal information, please contact us and we will delete it immediately.
10. Security
We implement the following security measures:
- HTTPS encryption on all pages
- Passwords hashed with bcrypt (never stored in plain text)
- API keys stored server-side, never exposed in page source
- SAP data processed client-side only — eliminates server-side data exposure risk
No system is 100% secure. If you discover a security vulnerability, please report it via our contact page.
11. Changes to This Policy
We may update this Privacy Policy when our practices change. We will update the “Last updated” date at the top. For significant changes affecting how we use your personal data, we will notify registered users by email at least 14 days before the change takes effect.
12. Governing Law
This Privacy Policy is governed by the laws of India, including the Information Technology Act 2000 and the Digital Personal Data Protection Act 2023 (DPDPA). Any disputes shall be subject to the jurisdiction of the courts of India.
13. Contact Us
For any privacy-related questions, data requests, or concerns, please use our contact form:
Website: buddysap.com/contact-us