Cookie Statement

This Cookie Statement was updated on October 1st, 2024

This Cookie Statement describes how SAP Concur uses cookies and similar technologies to collect and store information when you use the Cloud Service at concursolutions.com.

What are cookies and similar technologies?

Cookies are small files placed on your device (computer, tablet or smartphone). When you access a website, a cookie is placed on your device and it will send information to the party that placed the cookie.

There are other technologies that perform a similar function to cookies. These include web beacons, clear gifs, and social plug-ins. These are often used in conjunction with cookies to help a website owner understand its users better. For more information about these other tracking technologies, please click the “Cookie Preferences” link in the footer of the webpage.

What are first party cookies?

SAP Concur’s websites have first party cookies. First party cookies are cookies that are specific to the website that created them. These cookies enable SAP Concur to operate an efficient service and to track patterns of user behavior to SAP Concur’s website.

What are third party cookies?

The difference between a first party cookie and a third party cookie relates to who places the cookie on your device. SAP uses certain third party cookies to provide basic site functionality, as well as to improve functionality and support product analysis, and manage business operations and may authorize certain third parties to place Cookies on your device.

What cookies are used on SAP Concur websites?

SAP Concur wants you to be in a position to make an informed decision for or against the use of cookies which are not strictly necessary for the website’s technical features.

When tracking and evaluating the usage behavior of users of the website by means of cookies or similar technologies includes the processing of your personal data, SAP Concur is conducting the processing based on the following legal permissions:

GDPR Article 6.I (a) if it is necessary that we ask you for your consent to process your personal data;
GDPR Article 6.I (b) if necessary to fulfill (pre-)contractual obligations with you;
GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage business operation of SAP Concur);
or equivalent legal permissions under other relevant national laws, when applicable.

SAP Concur differentiates between Required Cookies that are absolutely necessary for the website’s technical features and Functional Cookies that allow SAP Concur to analyze the site usage.

Required Cookies

Name	Purpose	Lifespan
_abck	Bot and fraud prevention, prevent automated traffic from IT system or human user.	365 days
_csrf	Prevent Cross Site Request Forgery attacks.	0
ak_bmsc	Bot and fraud prevention, prevent automated traffic from IT system or human user.	2 hours
akacd_*	Akamai Web Application Firewall. Allow phased release by managing access volume per version.	0
AWSALBTG	Amazon Web Services Elastic Load Balancing. Optimize network resource usage by assigning a sticky session to a target group via this cookie.	7 days
AWSALBTGCORS	Amazon Web Services Elastic Load Balancing, specifically used for cross-origin resource sharing (CORS), requires SameSite attribute to enable stickiness.	7 days
bm_sv	Bot and fraud prevention, prevent automated traffic from IT system or human user.	2 hours
bm_sz	Bot and fraud prevention, prevent automated traffic from IT system or human user.	4 hours
brandingid	Display customer logo on the page, if available.	0
cookie_3rdparty	Used by TrustArc to test if website visitor's browser allow third party cookies.
JWT	Authentication token generated upon successful login.	1 hour
notice_behavior	Consent behavior based on region of the website visitor's browser.	0
notice_gdpr_prefs	Store TrustArc cookie consent management setting.	13 months
notice_preferences	Store consent behaviour based on usage of legacy "Slider UI" version.	13 months
OTDefaultLang	Store current language as default language	13 months
OTLang	Stores the current language for the session.	0
OTSEC670817	Validates if user session from database belongs to currently logged in user.	0
OTSESSIONAABQRD	Stores the session id of user's current session in current form.	0
OTSESSIONAABQRN	Stores the session id of user's current session in legacy form.	0
ottcode	One time token code needed for legacy login flows.	0
s_cc	Determine whether cookies are enabled in user’s browser for Adobe Analytics.	0
s_fid	Determine if standard s_vi cookie is unavailable due to third-party cookie restrictions.	13 months
TAsessionID	TrustArc Cookie Consent Manager reporting.	30 minutes
token_test	Used by TrustArc to get notified if website visitor's browser allow third party cookies.
travelhome	Determine the user selected tab on /travelhome.asp	0

Functional Cookies

Name	Purpose	Lifespan
JSESSIONID	Used to store a session identifier so that New Relic can monitor session counts for an application.	0

How can you manage and delete Cookies?

SAP Concur provides you with the option to adjust your preferences for Functional cookies when such cookies are placed on your device by the website. In such a case, you can access preferences at any time by clicking on the “Cookie Preferences” link in the footer of the webpage.

You can also block and delete cookies by changing your browser settings. To manage cookies using your browser settings, most browsers allow you to refuse or accept all cookies or only to accept certain types of cookies. The process for the management and deletion of cookies can be found in the help function integrated in your browser.

If you wish to limit the use of cookies, you may not be able to use all the interactive functions of our website.