Skip to main content

National Booking Service – Privacy policy

1. About this privacy notice

This privacy policy relates to the National Booking Service, which NHS England provides. It enables members of the public in England to book online appointments for COVID-19 and flu vaccinations.

The booking service offers the following services:

  • Book or manage a COVID-19 vaccination appointment
  • Book or manage a free NHS flu vaccine at a pharmacy service.
  • Book or manage a combined COVID-19 and flu vaccination appointment

The National Booking Service is referred to in this document as the 'Service'.

In this privacy policy, 'we' or 'us' means NHS England.[AX1] 'You' or 'your' means you, a member of the public who is using the Service.

This privacy policy tells you what information NHS England collects and how it is used to provide the Service, including your rights and how to contact us.

2. The Service and who we are

The Service allows you to:

  • Book and manage COVID-19 vaccination appointments at vaccination, primary care, community pharmacy or hospital hub vaccination sites.
  • Book and manage co-administration (Covid-19 and Flu given at the same time) appointments.
  • Book and manage flu vaccination appointments at pharmacies.
  • Receive booking, reminder, and cancellation notifications via email or text.

You can take your booking confirmation message to the relevant vaccination site or pharmacy.

The Health and Social Care Information Centre, known as NHS England, operates the Service. NHS England was set up under the Health and Social Care Act 2012 (2012 Act) and is part of the NHS in England. We securely collect, analyse, and share information to improve health and social care services.

3. Our legal basis for collecting and processing your personal information

A work package was commissioned between NHS England and NHS Digital – both separate organisations at the time – to deliver the National Booking Service (NBS).

From 17 March 2020 to 30 June 2022, the COVID-19 Public Health Directions established the legal basis of the necessary data processing required to run the National Booking Service, which included special category health data.

Within the Service, data processing in both the COVID-19 and Flu services includes both personal data and special category health data, such as:

  • NHS Number, to identify the individual and support the management of appointments.
  • Vaccination eligibility by self-referral reason.

The Service undertakes lawful, fair and transparent processing of this data under the following legal basis:

Under Article 6 of the UK GDPR:

(b) Contract: it is necessary to process this data to provide a vaccinations booking service for the general public, and without it we cannot meet the needs of citizen users by enabling them to book and manage their appointments to receive vaccinations. The Privacy Policy confirms that the processing is proportionate to the purpose and that we adhere to the principles of data protection, even where relying on the contractual necessity as a legal basis.

(e) Public task: the processing is necessary to deliver the Service, which is in the public interest as it delivers access to free vaccination appointments as part of a national approach to safeguarding the health and well-being of citizens and providing value for money through public services.

Under Article 9 of the UK GDPR:

  • (2)(i) Public Health (via reasons of public interest), the Service is a supporting element of the national vaccination approach. It was established as part of the response to a new threat to public health (i.e. the COVID-19 pandemic).

We have a policy document in place for this Service. This provides information on how we comply with the data protection principles under UK GDPR,

Separately, special permission from the Secretary of State for Health and Social Care is in place to use confidential patient information without people’s explicit consent. To diagnose, recognise trends, control, prevent, monitor and manage communicable diseases and other risks to public health.

Please note that if you access our service using your NHS login details, the identity verification and authentication service provided is managed by NHS England. NHS England is the controller for the personal information provided to NHS login. Read the NHS login’s Privacy Policy and Terms and Conditions for more details.

4. How we use your personal information and why

4.1 Checking your identity

To create your appointments, we must create a customer record using information from the Personal Demographics Service (PDS) and data you entered into the Service. The Personal Demographics Service (PDS) is the national electronic database of NHS patient details such as name, address, date of birth and NHS Number (known as demographic information).

We use the following information to check your identity against PDS:

  • Your NHS number
  • Your first name
  • Your surname
  • Your date of birth
  • Your home postcode

If the information you enter matches PDS, we will create a ‘customer’ record, allowing you to book and manage appointments using the Service.

4.2 Accessing our NHS vaccination record

We access your NHS vaccination record for coronavirus and flu vaccination appointments to offer suitable vaccinations that meet clinical guidelines. This allows us to check the following:

  • Your eligibility to book vaccination appointments. The Joint Committee for Vaccinations and Immunisations (JCVI) advises the Department of Health and Social Care on what groups of people should be prioritised for vaccinations. This is based on clinical risk factors and determines who and in what order people are invited to book a vaccination.
  • Your flu vaccination status – whether you have received a vaccination and when this happened,
  • Your COVID-19 vaccination status – whether you have received a vaccination, the type, and when this happened.

4.3 How we decide if you are a health and social care worker or an unpaid carer

We may ask whether you are a health and social care worker or a carer for vaccination appointments, as these individuals may be eligible for vaccination.

This information may be stored in your ‘customer’ record if you identify as a health or social care worker. The vaccination centre check-in staff may use this information to ask you, where appropriate, for your workplace identification.

We may also ask you if you are a carer, along with some additional questions to determine your eligibility for vaccination in line with JCVI guidance.

4.4 How we decide if you are, or think you might be pregnant

For vaccination appointments, we may ask you if you are or think you might be pregnant. We will use this information to determine your eligibility for a vaccination.

Your answer to this question may be stored in your ‘customer’ record.


4.5 How we decide if you, or people living in your home, are or have been severely immunosuppressed or are clinically at-risk

For vaccination appointments, we may ask you if you, or your household contacts, are severely immune suppressed or clinically at-risk so that we only offer you appointments for recommended vaccines. We will also use this information to decide if you are eligible for vaccination.

This information may be stored in your ‘customer’ record. This information may be used by the vaccination centre check-in staff so that they can ask you, where appropriate, for proof of status, such as a letter from your GP.

4.6 Booking appointments

For vaccination appointments, we link the vaccination appointments that you select to your ‘customer’ record.

4.7 Contacting you

The Service will ask you to enter your mobile telephone or email address to receive booking confirmations and reminders.

If you choose not to do this, the Service will ask you to enter a landline or home phone number and ask again for your mobile number or email address. This is so that a vaccination centre or pharmacy can contact you if your appointment(s) have to be rearranged or cancelled.

Providing this information is optional, but if you do not enter this information, the service will not be able to contact you if your appointment(s) is/are rearranged or cancelled. Your contact information is stored in your ‘customer’ record.

4.8 Retrieving your booking information at the vaccination centre or pharmacy

The vaccination centre or pharmacy staff can check that you have an appointment by retrieving your ‘customer’ record using your booking reference number, name, mobile phone number or email address.

They can view details of all appointments (past and future) at their vaccination centre or pharmacy. These details include your name, booking reference number, NHS number, vaccine type, appointment type and appointment time.

4.9 The NHS England Research Panel

At the end of the booking service, we will invite you to give feedback on your experience with the Service. This feedback helps us make improvements in the future.

The feedback form will allow you to join the NHS England Research Panel. As a panel member, you can participate in online surveys, one-to-one interviews, web usability tests and discussion groups. We may follow up to ask about your experience at your appointment(s).

If you opt in to the NHS England Research Panel, we will ask you to enter your name, email address and mobile telephone number. This is entirely optional, and you do not have to participate if you do not wish to. By giving us this information and clicking submit, you provide us with consent to contact you for research purposes.

4.10 Enabling pseudonymised reports to be produced

Pseudonymisation is a technique that replaces or removes information in a data set that identifies an individual. The Service will use summarised and pseudonymised data to produce operational and strategic reporting. This will enable us to understand how the Service is performing, measure the take up of the service and identify the number of users that do not attend their appointments.

5. Who do we share your personal information with

When disclosing and sharing personal data with other organisations, NHS Digital complies with the UK GDPR and the DPA 2018. Additionally, sharing identifiable health data complies with the common law duty of confidentiality.

Personal data is shared with the following:

  • Information regarding your appointment is shared with the vaccination centre so that they can manage the appointment.
  • Information regarding your coronavirus vaccination appointments is shared with the Immunisation Event Data Store (IEDS) so that the mechanism for invitations and reminders to citizens can operate correctly. NHS England commissions the IEDS and is a centralised service in England to manage invitations for vaccination.
  • Appointment information is sent to NHS Arden and the Greater East Midlands Commissioning Support Unit for anonymising and reporting purposes at the national level.

6. How long do we keep your personal information for

Your customer record includes the following personal information:

  • First name
  • Surname
  • Date of birth
  • NHS number
  • Whether you are a health worker, a social care worker, an unpaid carer, pregnant, severely immune suppressed or clinically at-risk or a household contact of someone who is severely immune suppressed or clinically at-risk.
  • Your appointment information: name of the vaccination centre or pharmacy and the type, date and time of your appointment(s).

We will keep your customer record and appointment information for as long as necessary for the purposes for which the data was collected and as long as the law allows. We will, therefore, regularly review whether we need to keep your personal information at least every six months.

The review will look at:

  1. Whether it is necessary to keep your information for future vaccinations.
  2. Whether it is necessary to keep your information for clinical safety and inquest purposes.
  3. Whether it is necessary to keep your information for any other important or legal reasons.

Once the Service no longer requires your customer record, it will be permanently deleted.

If you opt-in to the NHS Digital Research Panel, we will keep your name and the contact information you have entered for 3 years. It will then be permanently deleted.

7. Where we store your personal information

Your personal information will be processed and stored in the United Kingdom by NHS England and ACF Technologies UK Ltd, who supply parts of the booking system.

All data held within the Service is within the UK jurisdiction as it is hosted in Microsoft cloud computing services within the UK.

If you opt in to the NHS England Research Panel, your personal information will be processed and stored in the EU by Qualtrics UK, which supplies the survey tool for the Service.

8. Your rights over your personal information

You have the following rights about your personal information under data protection law:

  • The right to be informed about how your personal information is being used (be informed).
  • The right to access personal information (get access).
  • The right to request the correction of inaccurate personal data (rectify or change).
  • The right to request the erasure of your personal information in certain limited circumstances (erase or remove).
  • The right to restrict the processing of your data where certain requirements are met (limit or stop processing).
  • The right to object to processing your personal information in certain circumstances (object to processing or use).
  • The right to request that elements of your data be transferred to you or another service provider in certain circumstances (move, copy or transfer).
  • The right to object to specific automated decision-making processes using your personal information (know if a computer rather than a person made a decision).
  • The right to raise a concern with NHS Digital and the Information Commissioner's Office at any time (raise a problem).

More information about your legal rights can be found on the Information Commissioner's website.

Please note that some of these rights do not apply to the processing of your personal information by us through this Service. This is because there are certain circumstances where your rights will not apply. The rights that apply to the personal information we process as part of this Service are in the summary form below.

9. Summary of your rights

Summary of your rights over your personal information processed by the Service:

  • The right to be informed. This privacy statement describes what personal data we collect for the Service and how it is used.
  • The right of access. You can contact the NHS England service centre to request access to your personal information. They can be reached at 0300 311 22 33 or by email (england.contactus@nhs.net ). Our customer service centre is open from 9am to 5pm, Monday to Friday, except on public holidays.
  • The right to rectification. Contact the NHS England service centre for corrections to your personal information.
  • The right to erasure (“right to be forgotten”). Your ‘customer’ record and booking details will be deleted as per section 6. You can contact the NHS England service centre to request the deletion of your personal information.
  • The right to restriction of the processing. Requests to restrict processing need to be made to the customer service centre. Any requests to restrict processing by the Personal Demographics Service would be passed to the relevant team in NHS England.
  • The right to data portability. This does not apply to this Service.
  • The right to object. Please contact the NHS England service centre to object to your data being collected and processed. The Service will analyse the request and respond as required by law.
  • The right not to be subject to automated decision-making. This does not apply to this Service.
  • The right to withdraw consent. You have the right to withdraw the permission to be contacted by the Service for booking confirmations and if your appointments have to be cancelled. Changes to consent should be directed to the NHS England service centre.
  • The right to complain. You can make a complaint to the NHS England service centre. Any complaints about any related services will be passed to the relevant teams. The Service will analyse the request responded to as required by law. You can complain to NHS England and the Information Commissioners Office (ICO) using the contact information below.

10. Contact us

If you have any queries about using your personal information in connection with the Service or want to exercise any of your rights above, please get in touch by emailing england.contactus@nhs.net

Our Data Protection Officer is Jon Moore, whose duties include monitoring internal compliance and advising the organisation on its data protection obligations. You can contact him at england.contactus@nhs.net

11. Contact the Information Commissioner

If we are unable to resolve any queries or concerns about the use of your personal information in connection with the Service, you can raise your concern with the Information Commissioner. You can contact the Information Commissioner’s Office:

  • using the online Contact Us service
  • by calling 0303 123 1113
  • by writing to the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

11.1 Changes to this notice

The terms of our privacy policy may change from time to time. Any updates to the privacy policy will be published on www.nhs.uk

Page last reviewed: 28 November 2022
Next review due: 28 November 2025