Skip to main content

National Booking Service - Privacy policy

1. About this privacy notice

This privacy notice relates to the National Booking Service, which NHS Digital provides. It enables members of the public in England to book online appointments for coronavirus and flu vaccinations and book Overseas vaccination evidence check appointments.

This service includes the following online services:

  • ‘Book a coronavirus vaccination’ service,
  • ‘Book an overseas vaccine evidence check’ service,
  • ‘Book or manage a free NHS flu vaccine at a pharmacy service.

The National Booking Service is referred to in this document as the 'Service'.

In this privacy policy, 'we' or 'us' means NHS Digital. 'You' or 'your' means you, a member of the public who is using the Service.

This privacy policy tells you what information NHS Digital collects and how it is used to provide the Service, including your rights and how to contact us.

2. The Service and who we are

The Service allows you to:

  • Book, cancel and rebook coronavirus vaccination appointments at vaccination, primary care, community pharmacy or hospital hub vaccination sites.
  • Book, cancel and rebook overseas vaccine evidence check appointments at mass vaccination sites.
  • Book, cancel and rebook flu vaccination appointments at pharmacies.

Receive booking confirmation, cancellation and reminder notifications by email or text message, which you can take to the relevant vaccination site or pharmacy.

The Health and Social Care Information Centre, known as NHS Digital, operates the Service. NHS Digital was set up under the Health and Social Care Act 2012 (2012 Act) and is part of the NHS in England. We securely collect, analyse, and share information to improve health and social care services. Find out more about NHS Digital.

3. Our legal basis for processing your personal information

NHS England has directed NHS Digital under the COVID-19 Directions to:

  • Establish information systems to collect and analyse data in connection with COVID-19
  • Develop and operate IT systems to deliver services in connection with COVID-19

NHS Digital is the controller for the personal information collected and processed about you as part of this Service under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA18).

NHS Digital is the controller for the National Booking Service. NHS England is the controller with overall responsibility for the Covid-19 vaccination programme in England.

NHS England has commissioned NHS Digital to establish and operate the National Booking Service.

Our legal basis for processing your personal data to provide the Service is as follows:

  • UK GDPR Article 6(1)(c) - the processing is necessary to comply with a legal obligation to which the controller is subject
  • UK GDPR Article 6(1) (e) – the processing is necessary to perform its official tasks carried out in the public interest in providing and managing a health service
  • UK GDPR Article 9(2)(h) – the processing is necessary to manage health/social care systems or services
  • UK GDPR Article 9(2)(i) – the processing is necessary for reasons of public interest in the area of public health
  • Data Protection Act 2018 – Schedule 1, Part 1, (2) (2) (f) – health or social care purposes

Separately, special permission from the Secretary of State for Health and Social Care is in place to use confidential patient information without people’s explicit consent. To diagnose, recognise trends, control, prevent, monitor and manage communicable diseases and other risks to public health.

We have an appropriate policy document in place for this Service. This provides information about our procedures for complying with the data protection principles under UK GDPR and explains how long we will retain your information. This is also described in Section 6 - 'How long we keep your personal information for'.

Please note that if you access our service using your NHS login details, the identity verification and authentication service provided is managed by NHS Digital. NHS Digital is the controller for the personal information provided to NHS login. Please refer to NHS login’s Privacy Notice and Terms and Conditions.

4. How we use your personal information and why

4.1 Checking your identity

We use the following information to check your identity against our records.

  • Your NHS number
  • Your first name
  • Your surname
  • Your date of birth
  • Your home postcode

If the information you enter matches our records, we will create a ‘customer’ record for you, allowing you to book, cancel and rebook appointments using the Service.

4.2 Accessing our NHS vaccination record

We access your NHS vaccination record for coronavirus and flu vaccination appointments to offer suitable vaccination appointments that meet clinical guidelines. This allows us to check the following:

  • Your eligibility to book vaccination appointments. The Joint Committee for Vaccinations and Immunisations (JCVI) advises the Department of Health and Social Care on what groups of people should be prioritised for vaccinations. This is based on clinical risk factors and determines who and in what order people are invited to book a vaccination
  • Your flu vaccination status – whether you have received a vaccination and when this occurred
  • Your COVID-19 vaccination status – whether you have received a vaccination, the type of vaccination and when this occurred

4.3 How we decide if you are a health and social care worker or an unpaid carer

We may ask whether you are a health and social care worker or an unpaid carer for vaccination appointments, as these individuals may be eligible for a vaccination.

This information will be stored in your ‘customer’ record if you identify as a health or social care worker. The vaccination centre check-in staff may use this information to ask you, where appropriate, for your workplace identification.

We may also ask you if you are an unpaid carer, along with some additional questions to determine your eligibility for vaccination in line with JCVI guidance.

4.4 How we decide if you are, or think you might be pregnant

For vaccination appointments, we may ask you if you are or think you might be pregnant so that we only offer you appointments for vaccines recommended during pregnancy. We will also use this information to determine if you are eligible for a vaccination.

This information will be stored in your ‘customer’ record.


4.5 How we decide if you, or people living in your home, are or have been severely immunosuppressed or are clinically at-risk

For vaccination appointments, we may ask you if you, or your household contacts, are severely immune suppressed or clinically at-risk so that we only offer you appointments for recommended vaccines. We will also use this information to decide if you are eligible for vaccination.

This information will be stored in your ‘customer’ record. This information may be used by the vaccination centre check-in staff so that they can ask you, where appropriate, for proof of status, such as a letter from your GP.

4.6 Booking appointments

For vaccination appointments, we link the vaccination appointments that you select to your customer record. These details are then retrieved by the vaccination centre or pharmacy so that you can be checked in and vaccinated.

For Overseas vaccination evidence check appointments, we link the appointment that you select to your customer record. These details are then retrieved by the vaccination centre so that you can be checked in.

4.7 Contacting you

The Service will ask you to enter your mobile telephone or email address to receive booking confirmations and reminders.

If you choose not to do this, the Service will ask you to enter a landline or home phone number and ask again for your mobile number or email address. This is so that a vaccination centre or pharmacy can contact you if your appointment(s) have to be rearranged or cancelled.

Providing this information is optional, but if you do not enter this information, the service will not be able to contact you if your appointment(s) is/are rearranged or cancelled. Your contact information is stored in your ‘customer’ record.

4.8 Enabling pseudonymised reports to be produced on the take up of the service and the level of do not attend

The service will use summarised and pseudonymised data, which will be used to produce operational and strategic reporting. This will enable us to understand how the Service is performing, measure the take up of the service and identify the number of users that do not attend their appointments.

4.9 Retrieving your booking information at the vaccination centre or pharmacy

The vaccination centre or pharmacy staff can check that you have an appointment by retrieving your booking reference number, name, mobile phone number or email address.

They will be able to view details of all appointments (past and future) at their vaccination centre or pharmacy. These details will include your name, booking reference number, NHS number, appointment type (e.g., for an Overseas vaccine evidence check), vaccine type and appointment time.

4.10 The NHS Digital Research Panel

At the end of the booking service, we will invite you to give feedback on your experience of the Service. This feedback helps us make improvements in the future.

The feedback form will also allow you to join the NHS Digital Research Panel. As a panel member, you will have the opportunity to take part in online surveys, one-to-one interviews, web usability tests and discussion groups. We may follow up to ask about your experience at your appointment(s).

If you opt into the NHS Digital Research Panel, we will ask you to enter your name, email address and mobile telephone number. This is entirely optional, and you do not have to participate if you do not wish to. By giving us this information and clicking submit, you give us consent to contact you for research purposes.

5. Who do we share your personal information with

When disclosing and sharing personal data with other organisations, NHS Digital complies with the UK GDPR and the DPA 2018. Additionally, sharing identifiable health data complies with the common law duty of confidentiality.

Personal data is shared with the following:

  • Information regarding your appointment is shared with the vaccination centre so that they can manage the appointment.
  • Information regarding your coronavirus vaccination appointments is shared with the National Immunisation Service (NIMS) so that the mechanism for invitations and reminders to citizens can operate correctly. The National Immunisation Service (NIMS) is commissioned by NHS England and is a centralised service in England to manage invitations to vaccinate.
  • Appointment information is sent to NHS Arden and Greater East Midlands Commissioning Support Unit for anonymising and reporting purposes at a national level.

6. How long do we keep your personal information for

Your customer record includes the following personal information:

  • First name
  • Surname
  • Date of birth
  • NHS number
  • Whether you are a health worker, a social care worker, an unpaid carer, pregnant, severely immunosuppressed or clinically at-risk or a household contact of someone who is severely immunosuppressed or clinically at-risk.
  • Your appointment information: name of the vaccination centre or pharmacy and the date and time of your appointment(s).

We will keep your customer record and appointment information for as long as is necessary for the purposes for which the data was collected and for as long as the law allows. We will, therefore, regularly review whether we need to keep your personal information at least every 6 months.

The review will look at:

  1. Whether your personal information is required to facilitate appointments, you have booked for vaccinations or Overseas vaccination evidence checks.
  2. Whether it is necessary to keep your information for future vaccinations and booster vaccinations.
  3. Whether it is necessary to keep your information for clinical safety purposes.
  4. Whether it is necessary to keep your information for any other important reasons.

Once the Service no longer requires your customer record, it will be permanently deleted.

If you opt-in to the NHS Digital Research Panel, we will keep your name and the contact information you have entered for 3 years. It will then be permanently deleted.

7. Where we store your personal information

Your personal information will be processed and stored in the United Kingdom by NHS Digital and ACF Technologies UK Ltd, which supply the booking system.

All data held within the Service is within the UK as it is hosted in the Microsoft Azure cloud within the UK.

If you opt in to the NHS Digital Research Panel, your personal information will be processed and stored in the EU by Qualtrics UK, which supplies the survey tool for the Service.

8. Your rights over your personal information

You have the following rights about your personal information under data protection law:

  • The right to be informed about how your personal information is being used (be informed)
  • The right to access personal information (get access)
  • The right to request the correction of inaccurate personal data (rectify or change)
  • The right to request the erasure of your personal information in certain limited circumstances (erase or remove)
  • The right to restrict the processing of your data where certain requirements are met (limit or stop processing)
  • The right to object to processing your personal information in certain circumstances (object to processing or use)
  • The right to request that elements of your data be transferred to you or another service provider in certain circumstances (move, copy or transfer)
  • The right to object to specific automated decision-making processes using your personal information (know if a computer rather than a person made a decision)
  • The right to raise a concern with NHS Digital and the Information Commissioner's Office at any time (raise a problem)

More information about your legal rights can be found on the Information Commissioner's website.

Please note that some of these rights do not apply to the processing of your personal information by us through this Service. This is because there are certain circumstances where your rights will not apply. The rights that apply to the personal information we process as part of this Service are in the summary form below.

9. Summary of your rights

Summary of your rights over your personal information processed by the Service:

  • The right to be informed. This privacy statement describes what personal data we collect for the Service and how it is used.
  • The right of Access. You can contact the NHS Digital service centre to request access to your personal information. They can be reached at 0300 303 5678 or by email (enquiries@nhsdigital.nhs.uk). Our customer service centre is open from 9am to 5pm, Monday to Friday, except on public holidays.
  • The right to rectification. Contact the NHS Digital service centre for corrections to your personal information.
  • The right to erasure (“right to be forgotten”). Your ‘customer’ record and booking details will be deleted as per section 6. You can contact the NHS Digital service centre to request the deletion of your personal information.
  • The right to restriction of the processing. Requests to restrict processing need to be made to the customer service centre. Any requests to restrict processing by the Personal Demographics Service would be passed to the relevant team in NHS Digital. Any requests to restrict processing by the National Immunisation Management Service (NIMS) citizens will be given to System C, which operates the service.
  • The right to data portability. This does not apply to this Service.
  • The right to object. Please get in touch with the NHS Digital service centre to object to your data being collected and processed. The Service will analyse the request and respond as required by law.
  • The right not to be subject to automated decision-making. This does not apply to this Service.
  • The right to withdraw consent. You have the right to withdraw the permission to be contacted by the service for booking confirmations and if your appointments have to be cancelled. Changes to consent should be directed to the NHS Digital service centre.
  • The right to complain. You can make a complaint to the NHS Digital service centre. Any complaints about the NIMS or PDS services will be passed to the relevant teams. The Service will analyse the request responded to as required by law. You can complain to NHS Digital and the Information Commissioner's Office (ICO) using the contact information provided below.

10. Contact us

If you have any queries about using your personal information in connection with the Service or want to exercise any of your rights above, please get in touch with us.

Our Data Protection Officer is Jon Moore, whose duties include monitoring internal compliance and advising the organisation on its data protection obligations. You can contact him at enquiries@nhsdigital.nhs.uk

11. Contact the Information Commissioner

If we are unable to resolve any queries or concerns about the use of your personal information in connection with the Service, you can raise your concern with the Information Commissioner. You can contact the Information Commissioner’s Office:

  • using the online Contact Us service
  • by calling 0303 123 1113
  • by writing to the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

11.1 Changes to this notice

The terms of our privacy policy may change from time to time. Any updates to the privacy policy will be published on www.nhs.uk