Comment on page

Privacy Policy

This statement explains how the Centre for Genomic Pathogen Surveillance (CGPS) and the commercial arm Digital Epidemiology Services LTD (DES) use the personal information we collect from you when you visit the Epicollect5 website.
By visiting the Epicollect5 website you are consenting to our use of your information in this way.
We may make changes to this statement so please check from time to time for any updates.

User Accounts

Users can log in to Epicollect5 using:
  • Google Account
  • Apple Account
  • Email
The only piece of information kept in the system is the user email for basic project user management.
Whether you want to use your personal email or another email just for Epicollect5 is up to you.
The mobile application is verified by Exodus Privacy Project.

User Data

Project managers retain ownership of the data. We will never share or access your data unless granted permission by you, to provide you with technical assistance.
Technically speaking, each user owns all of the content added to Epicollect5; therefore, they could copyright it. However, by uploading data to Epicollect5 a user gives direct access to that material to whoever has access to that project.

Personal Data and Your Responsibilities

CGPS is based in the UK and operates under the UK General Data Protection Regulation (“UK GDPR”). You may be in a different legal jurisdiction so must ensure that you follow UK GDPR as well as your own local laws. For more information on UK GDPR please see Information Commissioner's Office (ICO).
When you use Epicollect5, CGPS is the Data Processor and you are the Data Controller, as you have control over the data you collect and CGPS only acts on your instructions.
Publication of Data
If you make a project public, ALL project data you have collected will be visible to anyone on the internet. Please ensure that you are not breaking any Data Protections laws that may apply. CGPS cannot be held responsible for data published by users.

Reasonable Use and Data Retention

The service is provided at no cost to you, however, we incur costs for managing and processing the data. We reserve the right to delete excessively large or dormant data sets after a period of time, however, we will attempt to contact you by email before doing so.

Protecting Your Data

Epicollect5 is part of the Big Data Institute at Oxford University ( and hosted on the world-class cloud hosting provider, Digital Ocean:, in their UK data centre.
You can read about Digital Ocean data security here:
Digital Ocean services fully comply with GDPR:
Epicollect5 embraces industry-standard best practices to protect against unauthorised access to your data.
Data are sent over HTTPS and its TLS certificate uses SHA-256 with RSA encryption as a signature algorithm.
Epicollect5 mobile app data stored on the device is not encrypted by default but if that extra level of security is needed, any recent Android and iOS device can be encrypted system-wide. Read how to do it.
Daily backups of the server are run in case of a system fault.

Account and Data Deletion

In accordance with Google and Apple account deletion policies, we have implemented a process for data deletion.
Users can initiate an account deletion request by clicking on the designated button available both in the app and on the web, specifically on the user profile page. It is important to note that personal data, which includes only email addresses, will always be deleted.
Regarding user contributions (entries) to projects, the deletion process varies depending on the project role.
For projects where the user has a CREATOR role, all projects (both private and public) created by the user will be deleted, along with all associated entries.
For contributions made to private projects using the roles of MANAGER, CURATOR, or COLLECTOR, the entries will not be deleted but will be anonymized instead. Additionally, the user's access to these projects will be revoked.
Contributions to public projects are already anonymized by default when using mobile apps, but entries added via the web will also undergo anonymization.
Furthermore, users with a VIEWER role will be removed from any project. Since VIEWER role users cannot add entries to private projects, there won't be any entries to delete.
Finally, users have the option to delete contributions to private projects before proceeding with their account deletion. However, it's important to note that this process is manual, and each entry must be deleted individually. This is a deliberate choice to prevent unintended data loss and mistakes. By taking this approach, users have better control over their data and can carefully manage their contributions before proceeding with the account deletion.

Contact Us

Our primary point of contact for all matters is the Epicollect5 Community at
If there is a need to discuss a particular request privately, we will provide users with a form link to facilitate this private conversation. Subsequently, the public topic related to the request will be closed to ensure the confidentiality of the discussion.