The Data Protection Statement explains what information is collected, why it is collected and how information is used. The Terms and Conditions of Use informs about the rules you agree to when using the SwissCovid App.
As of 13 May 2020
SwissCovid App : Data Protection Statement
Please read the following Data Protection Statement when using the SwissCovid App.
In this Data Protection Statement, the Federal Office of Public Health FOPH explains to what extent it will process personal data in connection with the use of the application SwissCovid during the pilot test. This account is not exhaustive; specific matters may be governed by other data protection statements, similar documents, terms and conditions of use, or applications.
The processing of personal data is governed by data protection legislation. The federal legislation on data protection is applicable to the data processing. In addition, the Data Protection Statement is in line with the Ordinance of 13 May 2020 on the Pilot Test of the Swiss Proximity Tracing System for the Notification of Persons Potentially Exposed to the Coronavirus (COVID-19) (COVID-19 Proximity Tracing Pilot Test Ordinance; SR 818.101.25).
“Personal data” means all information relating to an identified or identifiable person. “Processing” means any operation with personal data, irrespective of the means applied and the procedure, and in particular the collection, storage, use, revision, disclosure, archiving or destruction of data.
The controller responsible for the data processing described herein is the
Federal Office of Public Health FOPH
Tel. +41 58 462 69 98
The entire app system is designed to ensure that the app user is not identifiable. The processing of personal data is kept to a minimum. Data cannot be traced back by technical means to persons, locations or devices. What is collected is not location data, but merely encrypted data concerning proximity (contact) events. This is protected by technical means against misuse. The FOPH cannot draw any conclusions concerning app users. The app protects users’ data in such a way that it cannot, at a distance, be connected to specific persons. Connection to a specific person cannot, however, be ruled out altogether. There is a certain likelihood that, when someone is notified of a possible exposure, their recollection of social contacts over recent days may allow them to deduce the identity of the infected individual. The notification contains the information that the user may potentially have been exposed to the coronavirus, the date on which this was last the case, and the behavioral recommendations of the FOPH. As a result of using the app, persons may thus potentially be identified.
The app system has two components:
- a proximity data management system, comprising software installed by users on their mobile phones and a back end (VA back end);
- a code management system, comprising a web-based front end and a back end.
Both of the back ends, as central servers, are under the direct control of the FOPH and are operated technically by the Federal Office of Information Technology, Systems and Telecommunication (FOITT). The code management front ends run on the authorised experts’ systems.
After coming into proximity (2 metres or less) with another mobile phone, the app stores the following data for a total of 21 days:
- the identification codes broadcast by the other device
- the signal strength
- the date and the estimated duration of proximity.
In the event of an infection being confirmed in a user, the following data is recorded in the code management system:
- the release code
- the date on which the first symptoms appeared, or – if the infected individual is asymptomatic – the date of testing
- the time at which this data is to be destroyed.
The VA back end contains a list with the following data:
- the private keys of infected users which were current in the period during which infection of other persons is likely to have occurred
- the date of each key.
The app system operated by the FOPH is based on the Epidemics Act of 28 September 2012 (EpG; SR 818.101). The pilot test is designed to test and evaluate the app system with a view to its definitive introduction. To be tested and evaluated in particular are the newly developed approaches with regard to decentralised data processing and cryptographic methods, operational stability, protection against accidental or unauthorised manipulation, usability and the comprehensibility of information for users and for experts with access rights. The exclusive purposes of the app and the associated data processing are, in a privacy-preserving manner, to notify users potentially exposed to the coronavirus and to produce coronavirus-related statistics.
La liste des données du backend GR est mise à la disposition de l’application (ou frontend) dans la procédure d’appel. Si l’OFSP mandate des The VA back end data list is made available to the app (or front end) in the retrieval process. Insofar as the FOPH engages third parties in Switzerland or abroad to provide this service, they undertake to comply with the provisions of the COVID-19 Proximity Tracing Pilot Test Ordinance. The third parties engaged are not permitted to use non-core data arising in the execution of this task for their own purposes. This data will only be analysed by the FOPH or the FOITT (cf. Section 8).
The FOPH will periodically make available to the Federal Statistical Office (FSO), in an anonymised form, the data currently held in the two back end systems, for purposes of statistical analysis. The FOITT operates the entire software on behalf of the FOPH and provides the necessary technical support service. The FOITT has access to data only insofar as this is necessary for the purposes described and the activities of the employees concerned. They are bound by confidentiality in the management of the data.
The data will be destroyed as follows:
- data in the proximity data management system (both on mobile phones and in the VA back end): 21 days after capture
- data in the code management system: 24 hours after capture
To protect data against unauthorised access, loss, or misuse, the FOPH, in close collaboration with our internal and external hosting providers and other IT service providers, takes appropriate security measures of a technical (e.g. encryption, pseudonymisation, logging, access controls and restrictions, data backup, IT and network security solutions, etc.) and organisational nature (e.g. staff directives, confidentiality agreements, inspections, etc.) in accordance with the requirements of the Federal Administration and Swiss data protection legislation.
With regard to your data, you have the right to information, rectification, erasure or disclosure. You also have the right to restrict or object to data processing. In addition, you have the right to withdraw your consent, without this affecting the lawfulness of processing based on consent before its withdrawal. These rights are applicable insofar as personal data is present; this is prevented to the greatest possible extent by the technical anonymisation system underlying the app system. For this reason, it is not possible for the FOPH, for example, to provide information on the proximity events logged for a specific person or to correct this data in the system. The FOPH cannot connect this data to specific individuals.
The exercise of your rights generally requires that you provide clear evidence of your identity (e.g. a copy of identity documents). To assert your rights, you can contact the FOPH at the address given in Section 1.
In the event of infringements of data protection legislation, you can contact the data protection supervisory authority or take legal action in accordance with the data protection legislation.
VA back end and code management system access events are logged and analysed. The following provisions are applicable: Articles 57i–57q of the Government and Administration Organisation Act of 21 March 1997 (SR 172.010) and the Ordinance of 22 February 2012 on the Processing of Personal Data Linked to the Use of the Electronic Infrastructure of Federal Bodies (SR 172.010.442).
Log data will be destroyed as follows:
- Log data from the third parties engaged by the FOPH: 7 days after capture.
- Otherwise, the destruction of log data is governed by Article 4 paragraph 1 letter b of the Ordinance of 22 February 2012 on the Processing of Personal Data Linked to the Use of the Electronic Infrastructure of Federal Bodies (SR 172.010.442).
The FOPH may amend this Data Protection Statement at any time without prior notice. The current published version is applicable. This Data Protection Statement has been issued in several languages. In the event of discrepancies, the German version shall prevail. In the event of an update, the app user will be informed of the amendment in an appropriate manner.
SwissCovid App: Conditions of Use
1.1 These Terms and Conditions of Use govern the acquisition and use of the application (app) SwissCovid by users during the pilot test and form an integral part thereof.
1.2 The Federal Office of Public Health (FOPH) app is based on the Ordinance of 13 May 2020 on the Pilot Test of the Swiss Proximity Tracing System for the Notification of Persons Potentially Exposed to the Coronavirus (COVID-19) (COVID-19 Proximity Tracing Pilot Test Ordinance; SR 818.101.25). The Ordinance is in force until 30 June 2020.
1.3 The pilot test is designed to test and evaluate the app system with a view to its definitive introduction. To be tested and evaluated in particular are the newly developed approaches with regard to decentralised data processing and cryptographic methods, operational stability, protection against accidental or unauthorised manipulation, usability and the comprehensibility of information for users and for experts with access rights.
1.4 The purpose of the app is to notify users who have potentially been exposed to the coronavirus and to produce coronavirus-related statistics.
2.1 During the pilot test, the population of possible users will consist solely of members of the Swiss Armed Forces in training or on support or active duty; employees of higher education institutions, hospitals, clinics, cantonal administrations and the Federal Administration; and members of associations wishing to help improve the quality of the system.
The FOPH will make available to these institutions and associations, for users, the necessary information and the technical access enabling users to download the app.
2.2 The installation of the app on a mobile phone and the employment thereof is voluntary for users.
2.3 By accessing the app, the user declares that he or she has understood and accepted the following conditions and legal information relating to the app (and the elements contained therein). If the user does not agree to these conditions, then the app is not to be used.
3.1 Via the app, persons are informed if they have been in relevant contact with at least one user confirmed to have been infected. T4e app serves “only” to notify persons who may have been exposed to the virus.
3.2 The activation of Bluetooth is required for the operation of the app.
3.3 Each day, the app generates a new private key which cannot be connected to the app or to users. Via Bluetooth, the app continuously broadcasts an identification code, changing every 15 minutes, which is derived from the app’s current private key but cannot be traced back to this key and likewise cannot be connected to the app or users thereof.
The app continuously checks whether compatible signals transmitted by other mobile phones are being received. If the proximity to another mobile phone is 2 metres or less, the app stores the other device’s current identification code, the signal strength, the date and the estimated duration of proximity. Proximity is estimated on the basis of the strength of the signals received.
In addition, the app periodically retrieves a list of the private keys of users known to be infected and uses these to determine the associated identification codes. It compares these identification codes with those which it has stored locally.
If this matching process indicates proximity of 2 metres or less to at least one infected user’s mobile phone and if the sum of the duration of all such proximity events in one day is 15 minutes, then the app issues a notification.
3.4 In the event of a confirmed infection, experts (e.g. attending physicians) generate a unique release code, valid for a limited period, which they disclose to the infected user. This user can voluntarily enter the release code in the app. Notification, or entry of the release code, occurs only with the explicit consent of the infected user.
Other app users who came into proximity, as defined in Section 3.3, with the infected user during the infectious period are notified.
The users thus notified learn that a proximity event has occurred, i.e. that they have potentially been exposed to the coronavirus, and on what date this was last the case. They are not told which user has been infected and has triggered the notification.
After an infection has been reported, the app generates a new private key, which cannot be connected to earlier private keys.
3.5 The app also communicates behavioral recommendations.
3.6 The app does not track the user’s location or use geolocation services.
3.7 The app cannot perform a medical assessment or order any measures (e.g. quarantine).
4.1 Users are responsible for technical access to the app.
4.2 Users are required to take the necessary security measures to protect their own devices against unauthorised access by third parties and against malware.
Users’ attention is hereby drawn to the security risks associated with use of the internet and of internet technologies.
4.3 Users are required to keep the app updated. There is no entitlement to use a specific version of the software.
4.4 Users are required to check any data they enter for completeness and correctness.
4.5 When using the app, users are responsible for complying with applicable legal provisions and the Terms and Conditions of Use.
5.1 While the FOPH takes every care to ensure the correctness of the information, content and communications published in the app, it makes no warranty as to the correctness, accuracy, currency or reliability thereof.
The FOPH expressly reserves the right, at any time, without prior notice, to partly or completely alter, delete or temporarily not publish information and content.
5.2 To the extent permitted by law, any claims for liability against the FOPH due to material or immaterial damage, including consequential damage, arising for example from access to, use or non-use of the app and the associated information, content and communications, from misuse of the connection, from technical faults, or from infringement of the users’ duties of care, are hereby excluded.
The user is responsible for and assumes the risks of any action or behaviour undertaken on account of information, content or communications in the app, e.g. self‑isolation/quarantine. The FOPH will not be liable under any circumstances for any resultant damage.
5.3 To the extent permitted by law, liability for associates and third parties is excluded.
5.4 The FOPH assumes no responsibility and makes no warranty that the functions and use of the app will be permanently and continuously available and free of errors or faults, that errors will be rectified, or that the servers will be free of viruses or other harmful elements.
The FOPH is entitled to discontinue use of the app at any time.
5.5 The FOPH is not responsible for references and links to third‑party websites. The FOPH assumes no liability for the continued existence, content or correctness of such information. Access to and use of such websites is at the user’s own risk. The FOPH explicitly states that it has no influence on the design, content or offerings of linked-to pages. Responsibility for information and services provided by linked-to websites lies entirely with the third party in question.
No responsibility whatsoever is accepted for such websites.
On the basis of Article 13 of the Federal Constitution of the Swiss Confederation and the provisions of federal data protection legislation, every person has the right to privacy and to be protected against misuse of their personal data. The FOPH complies with these provisions. Personal data is treated in strict confidence and not sold to third parties.
In close collaboration with our service providers, the FOPH makes every effort to protect data against unauthorised access, loss, misuse or falsification.
The processing of personal data by the FOPH is governed by the Data Protection Statement.
7.1 Use of the app can be terminated by the user at any time by deleting/uninstalling it from the mobile phone.
7.2 When the pilot test has been completed, the institutions and associations will request users either to uninstall the app from their mobile phone themselves or, if the app is to remain in operation and they wish to continue using it, to install the definitive version of the app.
8.1 Copyright: Federal Office of Public Health FOPH.
8.2 The information and content is made accessible to the public. The content published in the app by the FOPH is for personal use only. Any further reproduction or passing-on of content to third parties is not permissible. The downloading or copying of content, images, photos or other files does not result in any transfer of rights as regards the content.
Copyright and any other rights relating to content, images, photos or other files in this app are held exclusively by the FOPH or the specially designated rights holders. For the reproduction of any elements whatsoever, written consent is to be obtained in advance from the copyright holders.
9.1 These provisions have been issued in several languages. In the event of discrepancies, the German version shall prevail.
9.2 Use of the app is free of charge for users. Any costs arising for network access to enable use of the app are borne by the user.
9.3 The FOPH reserves the right to amend or add to the Terms and Conditions of Use at any time. The new conditions will be communicated to users in advance in an appropriate manner and will be deemed to have been accepted if no objection is received within one month.
9.4 Should one provision of the Terms and Conditions of Use be invalid or inoperative, the other provisions thereof shall not be affected.
9.5 Swiss law shall apply, subject to any divergent mandatory provisions.
Last modification 23.05.2020