Against COVID-19 Together Your Personal Digital Access Card
HOME HOW IT WORKS ABOUT COGA WHERE TO USE IT FOR BUSINESS DATA PROTECTION Q&A FRANÇAIS DEUTSCH ITALIANO

Privacy policy

1. This Policy explains how your personal data is processed when you register on the Coga.App website, create a CoGa QR (Quick Response) code and use it to check in and out of venues that have registered with CoGa ("Registered Venues").

Data protection by design and default

2. The CoGa Platform ("CoGa App") has been designed to facilitate entry-exit recording by Registered Venues while protecting privacy and personal data, meaning that:

  1. CoGa App processes the minimum amount of personal data possible;
  2. personal data is encrypted to the fullest extent possible, and may only be decrypted by the "Service du médecin cantonal" ("SMC") of Geneva;
  3. SMC only receives the data necessary to trace specific individuals present at specific venue in a specific timeframe where a risk of COVID-19 transmission has been identified;
  4. all entry-exit data is deleted as soon as it no longer relevant for contact tracing purposes, after 14 days.

Data Controllers

3. CoGa App is operated by 2GIK Sàrl (“2GIK”), a registered legal entity in Switzerland. 2GIK facilitates the registration of individuals and venues and the transfer of data to the SMC. 2GIK cannot access any personal data collected from the individual, processed by registered venues, or transferred to the SMC.

4. Registered Venues that use the CoGa App to record the entry and exit of individuals using the Coga App have strictly limited access to personal data, which is only visible at the point of entry, to facilitate identity checks where needed. Only authorized personnel within Registered Venues have access to this data.

5. SMC, which is authorized to receive data about individuals who have visited a registered venue at the same time as someone with a SARS-CoV-2 (COVID-19) diagnosis for the purposes of contacting them.

Legal basis

6. Use of the CoGa App is optional. Registration via the CoGa App website and QR code creation is on the basis of your consent.

7. The website deploys two functional “cookies” (see further below) on the basis of our agreement to provide you with a QR code and our legitimate interest in maintaining the security of the processing.

8. The registration of venues, collection of data about the entry and exit of individuals using the CoGa App, and the transfer of relevant data to SMC takes place in accordance with the legal obligation on venues to collect data about those present and the public interest in preventing the spread of COVID-19.

Specified purpose

9. Personal data is processed for the purposes of

  1. providing individuals with a QR code;
  2. providing Registered Venues with a secure means of collecting data about those present; and
  3. providing SMC with the data it needs to identify and contact individuals who may have been in the proximity of persons with COVID-19.

Data processed

10. On individuals using the CoGa App:

  1. First and last names and year of birth, used for identification and contact tracing purposes;
  2. Mobile phone number, used for receipt of the CoGa App QR code and contact by SMC, if necessary;
  3. QR code-based entry and exit stamps at Registered Venues, stored on an individual’s device and CoGa App servers, decrypted and used for tracing purposes in the event of disclosure by a Registered Venue following a request from SMC.

11. Registered Venues

  1. Email, username, password of account holder, used for the purposes of account creation and management;
  2. Name, email and phone number of three venue contact points, used by SMC to communicate disclosure requests for contact tracing purposes.

12. SMC

  1. First and second names, year of birth and mobile phone number of persons present in a specific registered venue in a specified timeframe, for the purposes of identifying and contacting those persons to prevent the spread of COVID-19.

Data retention and deletion

13. Registered individuals and QR codes:

  1. The personal data provided for the purposes of registration and receipt of the QR code is deleted as soon as the individual has received the link to the QR code.
  2. The QR code containing the encrypted personal data about the individual is retained in two places:
    1. on the individual’s device, to enable scanning by Registered Venues;
    2. on the 2GIK server, to enable individuals to download the image via the SMS link;
  3. Users can delete the encrypted data of their QR code from our server at any time, though any entry-exit recordings of that QR code will still be retained 14 days for contact tracing purposes.
  4. All QR codes and the means to decrypt them will be deleted when the SMC rescinds the legal requirement for venues to collect entry-exit data.

14. Data on Registered Venues and their visitors:

  1. The Personal data related to a Registered Venue will be retained until:
    1. the Registered Venue deactivates their account (in which case the data about the Registered Venue and the associated entry-exit data will be retained for 14 days for the purposes of contact tracing prior to deletion); or
    2. the SMC rescinds the legal requirement for venues to collect entry-exit data and all accounts are deleted.
  2. Registered Venue entry-exit data is automatically deleted after 14 days.
  3. Data disclosed to SMC for contract tracing persons is processed in accordance with Federal regulations, policies and procedures.

15. SMS data is deleted by CoGa App and the processors it uses to send the messages delete the data from their servers as soon as they have been delivered. The telecommunications networks which carry the messages may, however, retain the traffic and content data related to the SMS for up to six months in accordance with their data retention obligations under Swiss law. This is outside the control of CoGa.

Disclosure of data to SMC

16. Your data is encrypted in your QR code which is a two-dimensional barcode with the ability to encode data. The data is linked to the Registered Venues that you have visited when they scan your QR code. It is only decrypted and accessible by SMC if it is necessary for the purposes of contact tracing.

17. In the event that someone with a COVID-19 diagnosis is traced to a Registered Venue, SMC may request the disclosure of information from that Registered Venue concerning persons present at the same time. The Registered Venue may authorize the transfer of data concerning the relevant individuals, or request further information from the SMC if this is needed to validate the request.

18. Disclosure authorization allows SMC to access data on relevant individuals only: those present at the venue during the specified timeframe.

Sécurité informatique

19. Information security is achieved through data segregation, robust access controls and encryption. The information security features, architecture and code base have been audited and verified by computer scientists at the University of Geneva.

Third party processors

20. Personal data is processed by the following entities, pursuant to the Data Controllers’ instructions:

  1. sentry.io is used to protect data on the application servers and report server errors affecting the CoGa App;
  2. sunrise.ch is used to send SMS messages to CoGa App users with Swiss mobile phone numbers;
  3. twilio.com is used to send SMS messages to CoGa App users with non-Swiss mobile phone numbers.

Cookies

21. The CoGa App website deploys the following strictly necessary cookies for the purposes of facilitating account creation and ensuring data security:

  1. "csrftoken" is used to protect the service against cross-site request forgery;
  2. "sessionid" is used for the correct attribution of the sessions by the server to authenticated users with access to the dashboard.

Camera usage in the CoGa.app iOS and Android app

22. The camera in the app for establishments for iOS and Android is only used to read the QR codes of customers and to activate the app. The content of the scanned QR codes is transmitted to CoGa.app servers for processing. No photos or videos are transmitted to CoGa.app or any third party.

Rights of the data subject

23. Pursuant to the Swiss Federal Data Protection Act (revised September 2020), individuals may have the following rights:

  1. to be informed as to what data is held about you;
  2. to access that data;
  3. to have inaccurate data corrected;
  4. to have data deleted;
  5. to opt-out of particular data processing operations;
  6. to receive your data in a form that makes it "portable";
  7. to object to data processing;
  8. to receive an explanation about any automated decision making and/or profiling, and to challenge those decisions where appropriate.

24. The design of the CoGa App imposes some practical limitations on the exercise of these rights. As noted above, for example, 2GIK and Registered Venues do not have access to entry-exit data, which is automatically deleted after 14 days. For further information, or to make data subject rights related requests or complaints contact:

  1. 2GIK by post (Rue du Conseil-Général 14, 1205 Genève, Switzerland), telephone (+41 22 518 16 16) or email (contact@2gik.ch);
  2. SMC by post (Rue Adrien-Lachenal 8, 1207 Geneva, Switzerland).

25. You also have the right to lodge concerns or complaints with the relevant cantonal and municipal data protection authorities in Switzerland. Data subjects covered by EU law may also be entitled to lodge complaints with the data protection supervisory authority in their country of residence.

Changes and revisions

This Policy was published on 11 March 2021. It may be updated in future. We will maintain an accessible record of any such changes.

The data protection by design and default features of CoGa App were reviewed by AWO.agency, which also assisted in the drafting of the Privacy Policy.

Changes made