TraceTogether Privacy Safeguards

The TraceTogether programme enhances Singapore’s contact tracing efforts in the fight against COVID-19. It comprises the TraceTogether App and the TraceTogether Token. The App was released on 20 March, while the Token was rolled out on 28 June.

Both the App and the Token can be used voluntarily and it facilitates the contact tracing process. With your consent, it exchanges encrypted and anonymised Bluetooth signals with nearby TraceTogether devices, and the Bluetooth data after 25 days is automatically deleted.

This allows you to be informed if you were in prolonged physical proximity with an infected person. We are committed to safeguarding your privacy and will only use your data for contact tracing purposes.

We store limited data

The only identity data we store is:

  • Your contact/mobile number
  • Your identification details
  • A random anonymised User ID e.g. 9I8VPeQeWDofj39c8dPySoUXLqh2

When you sign up, a random User ID is generated and associated with your contact/mobile number and identification details. Your contact/mobile number, identification details, and User ID are stored in a secure server, and never shown to the public.

We do not collect data about your GPS location

TraceTogether uses Bluetooth to Approximate your distance to other TraceTogether devices. We do not collect data about your GPS location. Neither do we collect data about your WiFi or mobile network.

Data about devices near you does not reveal personal identities

When you are close to another TraceTogether device, both devices use Bluetooth to exchange a Temporary ID. This Temporary ID is generated by encrypting the User ID with a private key held by the Ministry of Health (MOH). It can only be decrypted by MOH, and does not reveal your identity or the other person's identity.

Data about devices near you is stored on your device

Data about devices near you is stored securely on your device, and will only be shared with MOH if you test positive for COVID-19, for the sole purpose of contact tracing.

The anonymised Bluetooth data stored on your device after 25 days is automatically deleted.

Other third-party services will not be able to track your identity

The Temporary ID that your device exchanges with nearby devices is refreshed at regular intervals. The lack of a persistent identifier means it is impossible for third parties to identify or track you.

You may request for your identification data to be deleted on our servers

You may request for your identification data to be deleted on our servers, unless your proximity data has already been uploaded as a confirmed case.

For the App: You can do so by emailing support@tracetogether.gov.sg with the mobile number you registered in the app.

For the Token: You’d need to return the physical Token to us. Please email support@tracetogether.gov.sg with the last 4 characters of your NRIC/FIN/Passport number, and we’ll let you know how to return the Token.

We will then delete your contact/mobile number, identification details and User ID from our server. This renders meaningless all data that your device has exchanged with other devices, because that data will no longer be associated with you.

Your data will only be used for COVID-19 contact tracing

Any data shared with MOH will only be used solely for contact tracing of persons possibly exposed to COVID-19.

TraceTogether will only communicate with nearby devices for a limited time

We will only use TraceTogether for contact tracing. Once contact tracing ceases, you will be prompted to disable the functionality of the TraceTogether App or return/dispose of the Token.

For the App, you can also disable its functionality any time by turning the App's Bluetooth permissions off or deleting the App. If contact tracing is required for a future outbreak, you will be prompted to enable permissions, or you can reinstall the App.

We use anonymised data to improve TraceTogether

The TraceTogether App collects anonymised data about your phone and App (e.g. device model, App version) to help us improve the App and provide a better user experience.


Changelog

  • 3 Sep 2020 - Included the TraceTogether Token in the Privacy Safeguards
  • 1 April 2020 - Clarified the collection of anonymised analytics data
  • 1 June 2020 - Clarified the collection of identification details and usage of data for contact tracing.