Skip to content

    Basics of Data Privacy with CAP

    This guide explains the basic annotations related to data privacy.



    Data protection is associated with numerous legal requirements and privacy concerns. In addition to compliance with general data protection and privacy acts, you need to consider compliance with industry-specific legislation in different countries.

    SAP provides specific features and functions to support compliance regarding the relevant legal requirements, including data protection. SAP does not give any advice on whether these features and functions are the best method to support company, industry, regional, or country-specific requirements. Furthermore, this information should not be taken as advice or a recommendation regarding additional features that would be required in specific IT environments. Decisions related to data protection must be made on a case-by-case basis, considering the given system landscape and the applicable legal requirements.

    CAP supports applications in their obligations to comply to data privacy regulations, by automating tedious tasks as much as possible based on annotated models. Using annotations and configurations, CAP supports you using SAP BTP services, which enable you to fulfill specific data privacy requirements in your application. This , means at first, personal data management, with the help of annotations and configurations and the SAP Personal Data Manager service.

    Indicate Personal Data in Your Domain Model

    Use @PersonalData annotations to indicate entities and elements in your domain model, which will contain personal data.

    The best practice is to do that in separate files.
    See also: Using Aspects for Separation of Concerns.

    Let’s have a look at our sample.

    Open the db/data-privacy.cds file, which contains our data privacy-related annotations.

    // Proxy for importing schema from bookshop sample
    using {sap.capire.bookshop} from './schema';
    // annotations for Data Privacy
    annotate bookshop.Customers with @PersonalData : {
      DataSubjectRole : 'Customer',
      EntitySemantics : 'DataSubject'
      ID           @PersonalData.FieldSemantics : 'DataSubjectID';
      emailAddress @PersonalData.IsPotentiallyPersonal;
      firstName    @PersonalData.IsPotentiallyPersonal;
      lastName     @PersonalData.IsPotentiallyPersonal;
      creditCardNo @PersonalData.IsPotentiallySensitive;
      dateOfBirth  @PersonalData.IsPotentiallyPersonal;
    annotate bookshop.CustomerPostalAddress with @PersonalData : {
      DataSubjectRole : 'Customer',
      EntitySemantics : 'DataSubjectDetails'
      Customer @PersonalData.FieldSemantics : 'DataSubjectID';
      street   @PersonalData.IsPotentiallyPersonal;
      town     @PersonalData.IsPotentiallyPersonal;
      country  @PersonalData.IsPotentiallyPersonal;

    It is important to annotate the data privacy-relevant entities as DataSubject, DataSubjectDetails, or Other.

    You can annotate different CDS artifacts, such as entities or fields. The data privacy annotations work on different levels - from the entity level to the field level, as described below.

    Entity-Level Annotations

    Entity-level annotations indicate which entities are relevant for data privacy. The most important annotations are:

    @PersonalData.EntitySemantics: 'DataSubject'
    @PersonalData.EntitySemantics: 'DataSubjectDetails'
    @PersonalData.EntitySemantics: 'Other'
    Annotation Description
    DataSubject The entities of this set describe a data subject (an identified or identifiable natural person), for example, Customer or Vendor.
    DataSubjectDetails The entities of this set contain details of a data subject (an identified or identifiable natural person) but do not by themselves identify/describe a data subject, for example, CustomerPostalAddress.
    Other Entities containing personal data or references to data subjects, but not representing data subjects or data subject details by themselves. For example, customer quote, customer order, or purchase order with involved business partners. These entities are relevant for audit logging. There are no restrictions on their structure. The properties should be annotated suitably with FieldSemantics.

    ❗ Data Subject and Data Object
    For each specific personal data operation on a data object (like a Sales Order) a valid data subject (like a Customer) is needed. The application has to clarify that this link between data object and data subject - which is typically induced by an annotation like Customer @PersonalData.FieldSemantics : 'DataSubjectID'; - is never broken. Thus, semantically correct personal data operation logs can only be written on top of a semantical correctly built application.

    Make sure that the data subject is a valid CAP entity, otherwise the metadata-driven automatism will not work.

    Key-Level Annotations

    Key-level annotations indicate the corresponding key information.

    @PersonalData.FieldSemantics: 'DataSubjectID'

    This key information consists of the DataSubject (= Person) and its identifiers and the corresponding personal documents (such as Order, Consent, …) and its identifiers. The latter is always captured implicitly, so we mainly have to specify the type and the key of the DataSubject.

    Field-Level Annotations

    Field-level annotations tag which fields are relevant for data privacy in detail.


    This allows you to manage the data privacy-related actions on a fine granular level only using metadata definitions with annotations and without any need of implementation.