All information we get through cookies will be treated in confidence. NHS Scotland will never sell, trade or give your details to third parties, unless required to by law.
category 1 – strictly necessary (essential)
category 2 – performance
category 3 – functionality
What is a cookie?
Cookies are small data (text) files that are stored in your browser when you visit the app.
What cookies do and why they’re used
They allow us to understand things like your visit to the app and how you use and interact with us, together with which parts of the app are of most interest to you. This in turn helps us to understand what is actually working for you, the ‘user’ and what is not. This enables us to be proactive in enhancing the areas that are not working as effectively as you would like and to improve, where possible, your experience moving forward.
validate a user’s session – these are authentication cookies and have no embedded user information
identify a user’s active session on a specific application node
Cookies are also used to store the following on the device:
your chosen PIN code
the public key coming from our backend server to verify the QR codes generated
your certificate as long as it’s valid (so that you do not have to be connected to the internet to show it)
Are the cookies able to identify individuals (‘users’)?
No, any information on app usage is received in a way that we can’t identify individuals and is encrypted. For example, we never receive or collect your name or address and we do not make any attempts to find out the identities of our users who visit the app.
However, some indirect information collected may be defined under data protection legislation, as personal identifiable data (PII), such as your device information or IP address.
No device information or IP addresses will be stored on your device using cookies.
Persistent cookies stay on your device until they are either removed by the individual or your browser removes them once they expire. Session cookies are temporary, similar to when you shop online and put items in a basket. Once the goods have been paid and the transaction has completed the session or your close your browser the cookie is removed.
Can individuals manage cookies?
Yes, you’ll normally see a message on the app that enables you to manage your cookie consent. In addition, you can also manage your preferences such as opt-in or opt-out of cookies using your settings in your web browser.
The majority of these are initially set to ‘accept cookies’ as default. However, altering these settings will enable you to choose whether you wish to accept or reject any cookies, including those from a third party.
You can set the browser to refuse all cookies or to indicate when a cookie is being set, allowing you to decide whether to accept it. You can also delete cookies from the computer.
Category 1: strictly necessary (essential)
Information on how you use the app, using cookies and page tagging techniques to help us improve the app, enable authentication and security (these cookies aren’t used to identify you personally).
The following table lists these cookies.
Session / Persistent
Identify a user’s active session on a specific application node using ‘Should this fail, the load-balancer will re-route users’ traffic to an alternative node.’ This prevents the user from being disconnected and having to re-establish their session.
Valid until a user session ends
Keep your certificates stored for offline use, as long as they are valid.
Valid for 3 days
Use your chosen pin to log in to the app.
Valid until app is deleted or you sign out
Authentication token used for communicating with the backend.
Valid until app is deleted or user sign out
Save the public key used for verifying the QR codes.
Until next app start-up, where key is downloaded again
Anonymous user ID of the user created on B2C. Used to communicate with the backend.
Until app is deleted or user signs out
Category 2: performance
This cookie enables us to improve our website by monitoring how you use it, such as which pages you visit and whether you experience any errors when using the site.
The following table lists these cookies.
Session / Persistent
This cookie is used to distinguish users and expires after 2 years.
This cookie is used to throttle the request rate and expires after 10 minutes.
Communications Manager NHS National Services Scotland Gyle Square 1 South Gyle Crescent Edinburgh EH12 9EB
The resources contained on the app, including all files that are authorised for public and password-protected download or access, are provided on an ‘as is’ basis and without any warranties. Although files are virus-checked we cannot guarantee that files or downloads are free from computer viruses. No warranties are made as to fitness-for-purpose, quality or completeness of information.
Reliability of information
NHS National Services Scotland uses its best efforts to ensure the accuracy and reliability of information on its app. However, no guarantees are made that the information contained on the app, or associated or linked-to websites, is accurate, complete and current at any given time. Information presented on the app or associated sites may be changed at any time. The resources made available on the app are intended to assist users in Scotland in their use of the National Health Service and are for information only. The app is not intended in any way to replace the advice of your doctor. Nothing on the app is intended to constitute advice to you. Specific advice should be sought in specific situations from a properly qualified health worker.
Availability of the app
The app is provided by Netcompany. The user verification is provided by Jumio. Although the app has been tested and should work correctly under normal circumstances there are many factors both within and outside of the control of NHS National Services Scotland which may prevent the app from being available to users of the world wide web. No responsibility is accepted by NHS National Services Scotland for any losses that may arise from an inability to access resources. Where a user finds a specific error in the coding of an app page, or where he or she considers a page to be in breach of accessibility, it is a condition of use of the app that the NHS National Services Scotland’s web team be notified by email in order that appropriate action may be taken.
The terms and conditions of use of the app as provided by the Common Services Agency of the National Health Service in Scotland shall be governed by the laws of Scotland.
Links to third party internet sites
The provision on the app of a link to another website does not constitute any authorisation to access material held at that location. Links to sites are provided for informational purposes only and no responsibility is accepted for the quality of resources to be found on such websites. The contents and material made available on linked sites are completely out with our control and as such no liability is accepted for any damages resulting from accessing or failing to access these sites. No endorsement is expressed or implied by the presence of a link on the app. The contents of a linked-to website may change without our knowledge and, as a result, links may break or may terminate on pages which were not the original targets of a link. No responsibility or liability for the privacy of personal information is accepted for linked-to websites, as these are beyond our control.