Choose Notice :

AOKpass Privacy Policy

Choose Language :

Privacy Notice

Last updated: 1 October 2021

We are AOKpass and here is how we protect your data and respect your privacy.

Our Commitment

We at AOKpass take your privacy very seriously.

  • We will process your data in a lawful, fair and transparent manner.
  • We will inform you about how your personal data is being used.
  • We do not share your personal data other than for specific necessary purposes.
  • We fully respect your privacy rights.
  • We embed ‘Privacy by design’ in all data processing carried out by us.

This Privacy Notice explains the data we collect about you, how we use, store and protect your personal data. We encourage you to read our Privacy Notice to understand how we keep up to our commitment.

Data we collect about you and the purposes

We collect minimum amount of your personal data when you register for our mobile application. These include:

  1. First name,
  2. Last name,
  3. Email address,
  4. Date of Birth, and
  5. Photograph.

The table below specifies the purposes for the data elements collected:

DataPurposeSourceStorage Location
First NameHash value creation and verificationData SubjectMobile Device
Last NameHash value creation and verificationData SubjectMobile Device
Date of BirthHash value creation, verification and fraud preventionData SubjectMobile Device
PhotographIdentification and fraud preventionData SubjectMobile Device

In summary, we will use your Personal Data only for the following purposes:

  1. The attestation of the digital copy of your COVID-19 compliance status certificate, as provided by your consulting medical professional.
  2. For efficient verification by employers, authorities or any other third parties of your COVID-19 compliance status certificate.

Personal Data and Minors

We do not knowingly collect any data on minors. If you are under the relevant age of consent in your jurisdiction, you will need your parent’s or legal guardian’s permission.

If you are providing us with Personal Data of individuals under the age of sixteen (16), you represent that you have the appropriate authority to do so, and that you can demonstrate such authority to AOKpass upon request.

Security of your Personal Data

We regularly test our applications (mobile and website) for vulnerabilities and aim to fix them as soon as possible. Inherently, we do not collect any personal data on our blockchain network, hence, reducing the risk to your data.

The security of the personal data on your mobile device is in your control. We ensure the default settings of the app are enabled with ‘Privacy by design and default’. We recommend you use a strong passcode to lock your mobile device and take appropriate care before clicking URL’s or downloading any software from the internet.

Transfer and Disclosure of your Personal Data

Your personal data lives on your device in your control. We do not share your personal data with anyone.

The ‘hash value’ of the certificate is stored on your device. When you display your AOKpass for the status verification, the hash value (in QR code) will be captured by the scan and compared with the stored hash value on the AOKpass server to confirm a match and provide a binary status to the verifying authority. We provide you with a capability to prove your health status. We do not store any data on the scanned location.

A ‘hash value’ is a numeric value of a fixed length that uniquely identifies data. For a better understanding you can refer this video here -

Storage and Destruction of your Personal Data

At any point in time, you can delete the data that is stored in the AOKpass mobile app. It includes your profile and all passes linked to it, by using the “Delete all data” function that is provided the application. Please note that once data is deleted, it cannot be recovered.

At the AOKpass server end, the hash is deleted once you have deleted the data using “Delete all data” function.

Your Rights

We respect your rights to Privacy.

  • We do not use any automated decision making.
  • You can amend or delete data collected in the mobile application by yourself. All data that you submit in the application remains on your device.

Use of Blockchain

We use blockchain technology to enable an immutable and secure source of truth. We only ever store a hash of the data on the blockchain. It is currently technically impossible to recreate the data from the hash itself. The hash is generated outside the blockchain and hence no personal data enters the blockchain network. We ensure appropriate ‘technical and organizational measures’ to secure our processes and data.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.


We like to keep it simple:

  • We do not target you with any digital technologies such as cookies, tags, pixels, etc.
  • We do not use any analytics on our website or mobile application.

Contact Us

If you have questions about this Privacy Notice, or if you would like to request to exercise any individual rights, please contact us at:

Mailing address:

1 Allée Pierre Burelle Batiment A,
92300 Levallois-Perret,

If you have any questions about this Privacy Notice, you can contact our Data Protection Officer by emailing to

You may lodge a complaint with a data protection authority competent for your country or region or place of alleged infringement. To contact the Personal Data Protection Commission in Singapore, please click here: