CoEpi Logo

Understanding CoEpi’s privacy model

CoEpi takes a privacy-first approach: users are anonymous and opt-in to ANY sharing of data beyond their local device.

  • Data on your device

  • By default, data is only stored on your device:
  • If you enable Bluetooth, you will be able to track interactions with other Bluetooth devices.
  • If you enable GPS permission, you will see location data.
  • If you log symptoms, you can edit and review your symptoms locally.
  • In future versions, you will also be able to add symptoms for family members (e.g. children).
  • Data shared to the CoEpi server

  • Data is ONLY shared to the server when you opt in to do so:
  • Data sent to the server, if you opt in, only includes the anonymized record of any Bluetooth devices your device saw, and the symptom list, if you reported any symptoms.
  • You may choose to have the server alert your close interactions about the anonymized symptom list you are sharing.
  • In the future, you can also opt in to have your anonymized symptom list shared in a database for public health officials to use.