We've updated our privacy policy to cover future services we have been asked to provide in the NHS App. This is to support the NHS App Amendment Directions 2026, and to meet the government's 10 Year Health Plan for England.
NHS England runs the NHS App. You can access it by downloading it onto your phone or tablet, or by logging in through the NHS website in a web browser. This privacy notice applies to both.
It does not cover digital services that are not part of the NHS App but which you can access through the NHS App, whether these are run by NHS England, or other providers.
Full NHS App privacy notices
NHS App privacy notice: online consultation services
What we do with your data
We use your data to allow you to many things which include:
- creating and managing your NHS App account
- managing your healthcare appointments and referrals
- seeing health information your GP stores about you
- receiving messages from your healthcare provider
- being able to make other choices, such as participating in research
We process different types of data to provide these services to you. There is a defined lawful basis for each service that allows us to use your data.
You can find out more about what data we process about you in the NHS App master data specification.
Our legal basis for processing your data
We are legally required to provide most services in the NHS App. This is set out in the NHS App Directions 2023.
We use the legal basis of consent only for user research, non-essential cookies and optional features.
Some information we process about you has more protection in law, such as health data. When we process this data, we are doing so in both the provision of health and social care and on occasion in the public interest.
Your rights
You have a right to ask to see the data we hold about you. You can ask us to:
- correct any inaccurate data we hold about you
- delete the data we hold about you
- stop using your data for certain activities
- object to public task processing
Where we rely on consent to use your data, you can withdraw it at any time. If we are using your data under the basis of consent, you have the right to ask us to send you a copy of that data in a format that’s easy for most computers and organisations to use.
You can contact the Information Commissioner’s Office if you want to make a complaint about how we have managed your data.
Protecting children who are using the app
The NHS App is for people aged 13 or over. We follow Age-appropriate design: a code of practice for online services (also known as the Children’s code) to protect children and their data when they are using the app.
Cookies
We ask for your consent before using non-essential cookies. You can read more about this in the NHS App cookies policy.
Where we store your data
We only store data in the UK. Some of your data may be processed outside of the UK. Where this happens, we comply with UK GDPR.
How to contact us
Contact our Data Protection Officer at england.dpo@nhs.net if you have any questions about how we use your data.
If you have any questions about or problems with using the NHS App, contact the NHS App support team.