Contact Us

Mobile App Privacy Policy

Effective Date: 01/01/2025
Company Name: White Castle Consulting, LLC
Product: Mobile app (SDS) Sell Deliver Service for SAP LMD
Distribution: Enterprise use only (not available to the general public)

  1. Overview

At White Castle Consulting, LLC, we value and respect the privacy of our enterprise customers and their end users. This privacy policy applies exclusively to our Mobile App (SDS) for SAP LMD, an enterprise mobile application developed and distributed for internal use by authorized business clients.

The Mobile App is not available for public download and is used solely within enterprise environments under strict access control. Importantly, the app is designed with privacy by default and does not collect, transmit, store, or process any personal data from its users.

  1. No Data Collection

Our Mobile App does not collect:

  • Personal information (e.g., names, emails, phone numbers)
  • Device or location data
  • Usage statistics or behavioral data
  • Cookies or tracking data

The app is purpose-built to operate entirely within the customer’s SAP environment without the need to gather or transmit any user-identifiable or device-level data.

  1. No Third-Party Services or Analytics

Mobile App does not integrate with any third-party services or SDKs for analytics, advertising, or data processing. All app functionality is self-contained and interacts solely with the authorized SAP backend systems, as configured by the enterprise IT team.

  1. Controlled Distribution and Access

Mobile App does not integrate with any third-party services or SDKs for analytics, advertising, or data processing. All app functionality is self-contained and interacts solely with the authorized SAP backend systems, as configured by the enterprise IT team.

  1. Security and Data Handling

As no user data is collected, Mobile App minimizes the attack surface related to privacy and data breaches. Any interactions with backend systems are handled via secure, enterprise-managed infrastructure. Data security and access control are governed entirely by the deploying organization.

  1. Compliance with Privacy Regulations

Although Mobile App does not collect, process, or store any personal data, we recognize the importance of privacy and data protection laws across different regions. The app has been intentionally designed to adhere to the principles of privacy by design and data minimization, and as such, is inherently compliant with the following international privacy regulations:

🇺🇸 United States – Federal and State Regulations

  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA): Mobile App does not collect personal information, share data with third parties, or engage in cross-context behavioral advertising.
  • Other applicable state laws (e.g., in Virginia, Colorado, Connecticut, and Utah) do not apply to Mobile App, as no personal data is processed or sold.
  • Children’s Online Privacy Protection Act (COPPA): The app is not directed at children and does not collect any data, thus complying by default.

🇪🇺 Europe – General Data Protection Regulation (GDPR)

  • Mobile App does not collect or process any personal data, thus eliminating the need for lawful processing bases (e.g., consent or legitimate interest).
  • No user profiling, behavioral tracking, or automated decision-making is performed.
  • No personal data is transferred in or out of the European Union or European Economic Area.
  • As a result, Mobile App operates in full alignment with GDPR requirements, including Articles 5 (data minimization) and 25 (data protection by design and by default).

🇨🇦 Canada – Personal Information Protection and Electronic Documents Act (PIPEDA)

  • Mobile App collects no identifiable information from users and does not engage in data transfers or commercial use of data.
  • The app supports compliance with PIPEDA’s core principles, including accountability, limiting collection, and safeguarding personal information—by eliminating collection entirely.

Other Americas – LATAM and Caribbean Privacy Laws

  • Mobile App aligns with key principles of emerging and established privacy laws in Latin America and the Caribbean, including:
    • Brazil’s General Data Protection Law (LGPD)
    • Mexico’s Federal Law on the Protection of Personal Data Held by Private Parties
    • Argentina’s Personal Data Protection Law
    • And other similar frameworks in Colombia, Chile, and Peru
  • As the app does not process any personal data, it meets or exceeds compliance expectations in these jurisdictions.

🇦🇪 United Arab Emirates (UAE) – Federal Decree-Law No. 45 of 2021

  • The UAE has implemented its Personal Data Protection Law (PDPL) which is modeled after GDPR.
  • Mobile App complies with PDPL principles by not collecting, storing, or processing personal data.

🇸🇦 Saudi Arabia – Personal Data Protection Law (PDPL)

  • Enforced by the Saudi Data & AI Authority (SDAIA), this law requires clear consent and data protection practices.
  • Since Mobile App collects no personal data, it adheres to PDPL requirements by default.

🇿🇦 South Africa – Protection of Personal Information Act (POPIA)

  • POPIA requires lawful, minimal, and secure data processing.
  • Mobile App is compliant as no personal information is collected or processed.

🇳🇬 Nigeria – NDPR (Nigeria Data Protection Regulation)

  • This regulation mandates lawful processing and user consent.
  • As Mobile App does not gather data, it meets NDPR standards.

🇸🇬 Singapore – Personal Data Protection Act (PDPA)

  • Requires consent and purpose limitation for personal data use.
  • Mobile App complies fully, as no personal data is collected.

🇮🇳 India – Digital Personal Data Protection Act (DPDP), 2023

  • Focuses on consent and data processing transparency.
  • Since Mobile App does not handle personal data, it aligns with DPDP by design.

🇯🇵 Japan – Act on the Protection of Personal Information (APPI)

  • One of the most mature privacy laws in Asia.
  • Mobile App is compliant as no user data is collected or processed.

🇰🇷 South Korea – Personal Information Protection Act (PIPA)

A comprehensive law requiring user rights and data minimization.

Mobile App, by avoiding data collection, aligns fully with PIPA.

  1. Children’s Privacy

Mobile App is intended for use only by authorized employees or contractors of enterprise customers. It is not marketed to, nor intended for use by, children or minors. As no personal data is collected, it meets the requirements of the Children’s Online Privacy Protection Act (COPPA) by default.

  1. Policy Updates

Although this app does not collect any data, we may occasionally update this policy to reflect product improvements, legal updates, or customer feedback. Any changes will be communicated directly to our enterprise clients and published in the appropriate documentation.

  1. Contact Us

For questions about privacy policy or the use of Mobile App within your organization.

Contact us today at: support@whitecastleconsulting.com