TraceTogether Privacy Safeguards

TraceTogether is an app that can be downloaded voluntarily and facilitates the contact tracing process. With your consent, it exchanges Bluetooth signals with nearby phones running the same app.

This allows you to be informed if you were in prolonged physical proximity with an infected person. While this is an urgent public health emergency, we are committed to safeguarding your privacy and ensuring you have control over your data.

We store limited data

The only data we store is:

  • Your mobile number
  • A random anonymised User ID e.g. 9I8VPeQeWDofj39c8dPySoUXLqh2

When you sign up, a random User ID is generated and associated with your mobile number. Both the mobile number and User ID are stored in a secure server, and never shown to the public.

We do not collect data about your location

TraceTogether uses Bluetooth to approximate your distance to other phones running the same app. We do not collect data about your location.

Data about phones near you does not reveal personal identities

When you are close to another phone running TraceTogether, both phones use Bluetooth to exchange a Temporary ID. This Temporary ID is generated by encrypting the User ID with a private key held by the Ministry of Health (MOH). It can only be decrypted by MOH, and does not reveal your identity or the other person's identity.

Data about phones near you is stored on your phone

Data about phones near you is stored only on your phone. If a user gets infected with COVID-19, he/she has the option to give MOH access to his/her TraceTogether data.

Other third-party services will not be able to track your identity

The Temporary ID that your phone exchanges with nearby phones is refreshed at regular intervals. The lack of a persistent identifier means it is impossible for third parties to identify or track you.

You are in control of your data, and can revoke consent any time

You can revoke consent by emailing support@tracetogether.gov.sg with the mobile number you registered in the app.

We will then delete your mobile number and User ID from our server. This renders meaningless all data that your phone has exchanged with other phones, because that data will no longer be associated with you.

Your data will only be used for COVID-19 contact tracing

When you grant MOH access to your TraceTogether data, this data will be used solely for contact tracing of persons possibly exposed to COVID-19.

TraceTogether will only communicate with nearby phones for a limited time

We will only use TraceTogether for contact tracing. Once contact tracing ceases, you will be prompted to disable TraceTogether's functionality.

You can also disable TraceTogether's functionality any time by turning the app's Bluetooth permissions off or deleting the app. If contact tracing is required for a future outbreak, you will be prompted to enable permissions, or you can reinstall the app.