Our policies

You can read our Data Protection Impact Assessment (DPIA) and privacy notice on GOV.UK.

NHS COVID-19 app: Terms of use

NHS COVID-19 app: Terms of use

By viewing and using this service, you agree to these Terms of Use.

Agreement to terms

Welcome to the NHS COVID-19 app (the ‘app’) and the supporting website (https://covid19.nhs.uk/) (together, the ‘service’), an ios and android application and website. The Department of Health and Social Care (‘DHSC’, ‘we’, ‘our’) is the legal manufacturer. The app supports the NHS Test, Trace, Protect service in Wales and the NHS Test and Trace service in England and will provide you with the appropriate advice.

We are now working with partner Health Services who provide digital contact tracing apps in Gibraltar, Jersey, Northern Ireland and Scotland. We all use the Apple and Google functionality to support digital contact.

These terms apply to the entire contents of the service, to any web feeds produced by the service, any interactions you may have with the service, and to any feedback or submissions provided back to the service. By downloading, viewing and / or using the service, you will be deemed to agree to these Terms of Use.


The app is designed to help the people of England and Wales (including visitors) stop the spread of coronavirus (COVID-19). It does this by enabling people to inform others, who they have been in close contact with,that they have tested positive.

Any notifications provided through the app are advisory only. If you have concerns about the app’s advice including whether to self-isolate or seek a test, you are advised to contact NHS 111, NHS 119 or an appropriate health care professional who will be able to provide you with the appropriate information.

Other guidance about coronavirus is available from the NHS in England and in Wales.

Users will be supporting the public health response to the pandemic, as well as ensuring the app is working as expected, by sharing information (on an anonymous basis) with both England and Wales' respective contact tracing programmes.

By using the app and sharing this information, you will be making an important contribution to helping your community stay healthy and save lives.

The app is UKCA marked as a Class I medical device in the United Kingdom and developed in compliance with the Medical Devices Regulations 2002 (SI 2002 No 618, as amended).

The service is only for the purposes as outlined in the Privacy Notice (https://www.gov.uk/government/publications/nhs-test-and-trace-app-privacy-information).

Your use of this app is governed by the laws of England and Wales.

Working with partner Health Services

If you test positive for coronavirus and give permission to alert other app users, we will work with partner health services to ensure all relevant app users receive an alert.

By using the Apple and Google functionality, we ensure that your identity is anonymous to other app users, partner Health Services, and the government.

Our partners are:

  • Gibraltar, Jersey, Northern Ireland and Scotland

Functions of the app

The app has the following functions:

  • an exposure alert, which lets you know if you have been near another app user who tests positive for COVID-19
  • the option to share information (anonymously) about any positive COVID-19 diagnosis you might receive, allowing other app users to know they may have been near another app user who tests positive for COVID-19
  • real time information about COVID-19 risk in your local area

      i. including signposting to services and information for your area. These services and information are outside of the scope of the Terms of Use for the NHS COVID-19 app and are subject to their own terms and conditions.

  • a symptom checker to see if you may have COVID-19, which is reviewed and updated in line with the latest public health advice
  • a link to the relevant website, to order a COVID-19 test if appropriate
  • a countdown to help you protect others by either self-isolating or being careful who you are in contact with
  • the ability to enter, if required: your vaccine status, age (if under 18), whether you are medically exempt from COVID-19 vaccination, or that you are a participant in a (COVID-19) vaccination trial - to update the advice you receive depending on your circumstances
  • a trigger to explore whether the user is eligible for financial support for app users in Wales via the Self-Isolation Support Scheme (SISS)
  • anonymised information sharing to help manage and respond to the public health emergency
  • the ability to set reminders for certain functions and to provide additional reminders, in the app, for key functions such as contact tracing.

Please Note: We do not take any steps to verify the age or vaccine status information you input into the app. You are responsible for the accuracy of the information you provide, and the advice provided by the app will be updated in line with your declaration.

The app should not impact on the normal operation of your phone.

The app provides links to external websites determined by the postcode district you enter. Links for both Welsh and English postcode districts are provided for by respective contact tracing programmes.


Please use the pause functionality, which pauses contact tracing, when:

  • you are fully protected from customers and colleagues by a physical barrier, such as a Perspex screen
  • all healthcare workers should pause the app whilst they are working in healthcare buildings, including hospitals and GP surgeries
  • you are a worker in health and social care and are wearing medical grade PPE such as a surgical mask
  • your phone is placed in a locker or equivalent

Remember to resume (un-pause) contact tracing when these no longer apply. The app allows you to set a timer and reminder. The app will provide an additional reminder on the following day.


This app may cause interference with Bluetooth-enabled medical devices.

Speak to a healthcare professional or seek advice from your device manufacturer for more information if you are concerned about the risk of interference with Bluetooth-enabled medical devices.

Details of the current version of the app can be found in the “About this app” section within the app.


Please refer to the Privacy Notice (https://www.gov.uk/government/publications/nhs-test-and-trace-app-privacy-information) for further information about how the App processes personal data and respects your rights of privacy and confidentiality under data protection laws.


We disclaim and exclude all liability to the maximum extent allowed by law for any claim, loss, demand or damages of any kind whatsoever (including for our negligence) arising out of or in connection with the use of either the service or the information, content or materials included on the service or on any website the service links to. Information held by the service is as provided by the user, and we take no responsibility for its accuracy.

Continuity of service

We make no warranty or representation, express or implied, as to continuity of service and to the fullest extent permitted by law, any implied warranties in respect of the service are hereby excluded. We reserve the right to suspend, terminate or otherwise alter access to some or all of the services at any time and without notice.

Revisions to these Terms of Use

We may revise these Terms of Use at any time and your continued use of the service will be deemed acceptance of such revised Terms of Use.

The venue check-In, venue alerts functions and link to claim Isolation Support Payment (for England) were decommissioned in February 2022.

Any such revisions take effect when this page is published.


If you discover a potential security vulnerability or suspect a security incident related to this service, please follow the vulnerability disclosure programme for the NHS COVID-19 app and infrastructure. You can read our Vulnerability Disclosure Policy on HackerOne (https://hackerone.com/nhscovid19app).

You can report a vulnerability in the app, backend infrastructure or on the website via (https://hackerone.com/03351cb3-53e3-4bb8-8fcc-a226e3b528fc/embedded_submissions/new).

The service has been and will continue to be subjected to security audits.

Published on 24/02/2022

The covid19.nhs.uk website: Terms of use

The covid19.nhs.uk website: Terms of use

1. Introduction

This website (http://www.covid19.nhs.uk) is owned by the Department for Health and Social Care and operated by NHS Business Services Authority. References in these terms of use to "we", "our" and "us" are references to the Department of Health and Social Care, NHS Digital and NHS Business Services Authority.

You may access and use this website if you agree to be legally bound by the terms set out here. If you do not agree to be legally bound by these terms of use, please do not access and/or use this website. In the event of breach of these terms of use, your rights of use shall cease immediately.

We may, at any time and in our sole discretion, amend these terms of use for any reason, for example, to comply with law or reflect changes to the services or content provided. You will be legally bound by the updated or amended terms from the first time that you use this website after we publish the changes on it.

You should also read:

  • our privacy policy, which may be updated from time to time. This sets out the terms on which we process any personal data we collect from you, or that you provide to us via this website
  • our cookies policy, which may be updated from time to time. This sets out information about the cookies we use and how we use them when you access and use this website

This website enables individuals to get help and information relating to the NHS COVID-19 app.

2. Licence

The Department of Health and Social Care owns or has the right to use all intellectual property rights in the contents of this website or used for the provision of this website. This includes rights in copyright, patents, database rights, trademarks and other intellectual property rights. Those works are subject to crown copyright protection and protected by intellectual property right laws and treaties around the world. All such rights are reserved.

You are allowed to use this website and any intellectual property rights in it for the purpose of getting or verifying an isolation note, but subject to these terms of use.

You can use copyright and database rights in this website under the current version of the Open Government Licence ("OGL") for any purpose, except where specified, provided you follow these terms of use and the terms of the OGL. The OGL terms do not apply to the following:

  • any logos, visuals, image rights, trademarks, trade names and design styles (except where these are integral to a document or data set) and any other intellectual property rights including, but not limited, to patents, design rights and trademarks
  • personal data
  • information owned by third parties, which we are not authorised to licence to you

3. Using this website

This website is only authorised for use by people who live in England, Wales, Scotland and Northern Ireland. References to "the NHS" mean "the NHS in England, Wales, Scotland and Northern Ireland" unless otherwise stated.

You are responsible for making all arrangements necessary for you to access this website, including but not limited to an internet connection. You should use your own virus protection software.

We have many measures in place to keep your data safe. But it is important that you also play your part and use a secure internet connection – visit the government's Cyber Aware website for advice.

You may stop using this website at any time.

This website has no functionality to create an account or save progress. This means that if you do not complete the data entry screens for the whole journey in one session you will need to start again when you return. Once you have completed your journey you will receive text updates if you have selected to receive notifications.

If you access this website to obtain an enter information for someone else:

  • these terms of use apply to your use
  • you are responsible for such access and use, including being responsible for compliance with these terms of use, and
  • you must, to the extent possible, make the person you are using this website on behalf of aware of: (i) your access and use and any steps you take on their behalf, and (ii) these terms of use

4. Usage terms

We do not guarantee that this website will always be available or that access to it will be error free or uninterrupted. We may suspend, withdraw, discontinue or change all or any part of this website without notice. We do not guarantee that this website will be secure or free from bugs or viruses.

This website may contain links to other sites. We are not responsible for the content of any third-party website and a link to another site in no way constitutes our endorsement of its contents.

You may link to our homepage, provided you do so in a way that is fair and legal and does not damage our reputation or take advantage of it. You must not establish a link in such a way as to suggest any form of association, approval or endorsement on our part. We reserve the right to withdraw linking permission without notice.

Any personal information you submit to us through this website will be used in accordance with our privacy policy.

You must not, in relation to your use of this website:

  • use our intellectual property rights other than as allowed in using this website section above
  • transmit any material that is defamatory, offensive or otherwise objectionable
  • collect any data from our systems or attempt to decipher any transmissions to or from our servers
  • use it in a way that could damage, disable, overburden, impair or compromise our systems or security or interfere with other users
  • use it in any unlawful manner, for any unlawful purpose, or in any manner inconsistent with these terms of use, or act fraudulently or maliciously, for example, by hacking into or inserting malicious code, such as viruses or harmful data
  • use it in any way that constitutes improper use or otherwise in a manner not reasonably contemplated by these terms of use
  • misuse it by knowingly introducing viruses, trojans, worms, logic bombs or other material that is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which this website is stored, or any server, computer or database connected to this website. You must not attack this website via a denial-of-service attack or a distributed denial-of-service attack. By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them
  • use it to knowingly transmit any data, send or upload any material that contains viruses, trojan horses, worms, spyware or any other harmful programmes or similar computer code designed to adversely affect the operation of any computer software or hardware

In the event of such a breach, your right to use this website will cease immediately.

5. Liability

Please read this clause carefully, as it sets out the limits of our liability to you (and any person you are using this website on behalf of).

Although we make reasonable efforts to update it, this website is provided "as is" and, to the extent permitted by law, we make no representations, warranties or guarantees, whether express or implied (including but not limited to the implied warranties of satisfactory quality and fitness for a particular purpose), that (a) this website is accurate, complete or up-to-date; (b) this website will meet your particular requirements or needs; or (c) access to, or use of, the same will be uninterrupted or completely secure.

You acknowledge and agree that we will not be responsible for any injury, loss, damage, costs or expenses (whether direct or indirect) arising out of, or relating to the use or misuse of this website, except to the extent that such liability cannot be excluded by law (i.e. our liability for death or personal injury arising from our negligence, or our fraud or fraudulent misrepresentation or any other liability that cannot be excluded or limited under English law).

This means that we have no liability to you (or anyone else you may use this website on behalf of) for:

  • any contractual or statutory sickness pay, or reclamation of statutory sickness pay
  • any business loss (including, but not limited to, loss of profits, revenue, contracts, anticipated savings, data, goodwill or wasted expenditure)
  • any loss or damage where this is not caused by our negligence
  • any loss or damage arising from an inability to access and/or use this website in whole or in part
  • any loss or damage caused by a virus, distributed denial-of-service attack, or other technologically harmful material that may infect your device, computer equipment, computer programs, data or other proprietary material due to your use of this website
  • any other loss or damage whether arising under tort (including negligence), breach of contract, breach of statutory duty or otherwise

6. General

For the latest health information and advice, read the NHS website pages on coronavirus. Learn about the government response to coronavirus.

We may transfer our rights and obligations under these terms of use to another organisation. You may only transfer your rights or your obligations under these terms of use to another person if we agree in writing.

These terms of use (together with the privacy policy and cookie policy referred to in these terms of use) set out the entire agreement between you and us in respect of this website.

These terms of use do not give rise to any rights for any third party to enforce any term of these terms of use.

Each of the clauses of these terms of use operates separately. If any part of these terms of use is determined to be invalid or unenforceable pursuant to applicable law including, but not limited to, the warranty disclaimers and exclusions and limits of liability, then the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision and the remainder of these terms of use shall continue in effect.

Even if we delay in enforcing these terms of use, we can still enforce them later. If we do not insist immediately that you do anything you are required to do under these terms of use, or if we delay in taking steps against you in respect of your breaking these terms of use, that will not mean that you do not have to do those things and it will not prevent us taking steps against you at a later date.

These terms of use shall be governed by and interpreted in accordance with the laws of England, and you agree to the exclusive jurisdiction of the courts of England in respect of any disputes that may arise in relation to this website.

7. Contact details

To find out more about who we are and our role, visit the contact us page.

The covid19.nhs.uk website: Privacy notice

The covid19.nhs.uk website: Privacy notice

This the privacy notice for the covid19.nhs.uk website.

This privacy policy tells you what information we collect when you use the NHS COVID-19 app support service. It also tells you:

  • how we use your information
  • who we share your information with
  • how we keep your data secure
  • about your rights to see or change information held about you

Information that can identify you

We only collect information about you when you report a technical problem with the NHS COVID-19 app through our feedback form. This information is only collected to help us contact you to resolve your problem.

We will always tell you when we are collecting this information.

We ask for your:

  • Email address
  • Device you were using when you encountered the problem. For example, iPhone 7

We will pass your details on to the technical team, who are supporting the NHS COVID-19 app. By agreeing to submit your feedback you consent to the sharing of your personal information in a way which respects the Common Law Duty of Confidentiality.

The feedback form is run by using a tool provided by a third party (Microsoft Dynamics).

Other information we may collect

You can leave feedback of your overall experience of using the NHS COVID-19 app.This feedback is collected anonymously. We don’t look at it all the time and are unable to give you a response. If you need someone to get back to you about a medical issue please call 111.

We also collect anonymous information about how you reached the website, for example details of your web browser and part of your IP address. This is so we can improve the service for future users.

Keeping your personal data secure

A partner organisation is providing hosting services but has no say in how the information is used. There are no legal ways for their employees to see the data, only approved people in the NHS COVID-19 app development team can see it.

If you shared your email with us as part of your feedback answers it will be deleted after 2 years. At that point you can't be identified in the feedback data.

Links to other websites

This privacy policy only applies to this website and doesn't cover other websites that we link to. If you go to another website from this one, read the privacy policy on that website to find out what it does with your information.

Data sharing

Other uses of your data

NHSX will also share:

  • anonymous information on how the service is used with the Department of Health and Social Care, NHSX and the National Cyber Security Centre.
  • results from user research, anonymous feedback comments and changes made to the service as a result of it with NHSX and the NHS COVID-19 app development team.

Legal powers

We may pass on your personal information if we’re legally obliged to do so.

If you make a claim against us, we, and other third parties such as our solicitors, may need to look at this information.

We won’t share your personal information with anyone else without your permission for any other reason.