First, geolocation data is not collected, i.e. the information retrieved will not be able to identify where the user had been e.g. Sengkang or Sentosa.
Second, the Bluetooth data collected is stored locally in the user’s phone in an encrypted form. The data will never be accessed, unless the user tests positive for COVID-19 and is contacted by the contact tracing team.
Third, user personal information, including their unique identification number and mobile number, is not revealed to other TraceTogether users. They are substituted by a random permanent ID. This information is stored in a secured server. As an added layer of protection, TraceTogether also creates temporary IDs that change regularly. Only these temporary IDs are exchanged between phones. These measures protect users from malicious actors who may seek to eavesdrop and track interactions over time.
Lastly, once contact tracing ceases, we will prompt users to disable TraceTogether's functionality.
Your privacy is important to us. You can see our Privacy Statement at www.tracetogether.gov.sg/common/privacystatement for more details on how we protect your privacy.