Understanding CoEpi’s privacy model
CoEpi takes a privacy-first approach: users are anonymous and opt-in to ANY sharing of data beyond their local device.
Data on your device
- By default, data is only stored on your device:
- If you enable Bluetooth, you will be able to track interactions with other Bluetooth devices.
- If you enable GPS permission, you will see location data.
- If you log symptoms, you can edit and review your symptoms locally.
- In future versions, you will also be able to add symptoms for family members (e.g. children).
Data shared to the CoEpi server
- Data is ONLY shared to the server when you opt in to do so:
- Data sent to the server, if you opt in, only includes the anonymized record of any Bluetooth devices your device saw, and the symptom list, if you reported any symptoms.
- You may choose to have the server alert your close interactions about the anonymized symptom list you are sharing.
- In the future, you can also opt in to have your anonymized symptom list shared in a database for public health officials to use.