Privacy and security for NZ COVID Tracer

The app is designed to make it easy for you to keep a record of where you’ve been and to protect your privacy and keep your data safe. When you use NZ COVID Tracer, your digital diary and Bluetooth tracing data is kept on your phone. You will only be asked to share this data if you test positive for COVID-19.

How your personal information is managed

NZ COVID Tracer has been endorsed by the Privacy Commissioner because it’s been designed to protect the privacy of everyone who uses it. NZ COVID Tracer has also been through independent security testing.

Information stays on your phone unless you share it

The information you choose to record with NZ COVID Tracer is stored on your phone where only you can see it. This includes the QR codes you scan, your manual diary entries, your Bluetooth ‘keys’, and your NHI number.

Digital diary entries are automatically deleted from your phone after 60 days, while Bluetooth keys are deleted after 14 days. These timeframes are based on advice from contact tracers that information about contacts during these periods improves their ability to establish epidemiological links between people who have COVID-19.

If you are identified as a confirmed or probable case of COVID-19, it is entirely your choice whether to share your digital diary with the Ministry or upload your Bluetooth keys. You are in control of your data.

If you do choose to share your digital diary, it will never be used for enforcement purposes. It also won’t be shared with another government agency unless that agency is directly involved in the COVID-19 response and sharing the information is necessary for public health purposes during the pandemic.

Using anonymised statistical information for reporting

The app does not send any information to the Ministry of Health about which QR codes are scanned, who scanned them, or where they were scanned, but registers that a QR code was scanned. 

It also registers when a manual entry is added, when an alert is received, and when a few other key events happen in the app and sends this to the Ministry of Health as anonymised numbers, without any detail.

This helps us understand how New Zealanders are using the app so that we can keep making it better and easier to use.

In order to monitor the performance of the app, the Ministry uses a service (Amazon Pinpoint) to collect and analyse anonymised statistical information. It is not possible for this information to be linked to any individual or location. This means we can report the number of scans that have taken place, but we do not know the identity of who has scanned or where in NZ scans have occurred.

See the Privacy Impact Assessment.

Bluetooth alerts and location alerts

Both the Bluetooth alert process and the location alert process have been designed to protect your privacy.

The randomised ‘keys’ used in Bluetooth tracing don’t contain any information about who you are or where you were. This means when an app user receives a Bluetooth alert, they won’t know who sent the alert or where they were when they came into close contact with COVID-19.

Location alerts work through ‘push notifications’ that contain information about times and places where people may have been exposed to COVID-19. If any of these times and places have a match with the digital diary information stored on your phone, you’ll receive a location alert. This does not involve transmitting any information from your phone to the Ministry or anyone else.

Location of Interest visit form

The NZ COVID Tracer website also hosts a form for people to register their visit to a location of interest.

This information is passed directly to the National Contact Tracing Solution (NCTS).

This information will never be used for enforcement purposes. It also won’t be shared with another government agency unless that agency is directly involved in the COVID-19 response and sharing the information is necessary for public health purposes during the pandemic.

Privacy Impact Assessment

The Office of the Privacy Commissioner has been consulted throughout the development of NZ COVID Tracer and is satisfied that the privacy implications (and their mitigations) for the current release have been appropriately recorded in the Privacy Impact Assessment available below.

Use of Amazon Web Services

NZ COVID Tracer has been developed for the Ministry of Health by New Zealand company Rush Digital and relies in part on the Amazon Web Services (AWS) platform.

An All-of-Government cloud services agreement with AWS has been in place since 2017. AWS services and infrastructure were reviewed as part of the procurement process and are regularly tested against third-party assurance frameworks.

Any information recorded by NZ COVID Tracer that you choose to share for contact tracing is encrypted before it is sent to the Ministry via the AWS cloud services platform. The information you have chosen to share will be stored securely on the Ministry's servers on the Amazon Web Service hosted in Australia. The Ministry retains control of the decryption keys. 

NZ COVID Tracer has also been assessed by independent security experts to ensure your data is managed securely. 

Back to top