Information about the CoronaCheck app with effect from July 1, 2023

With effect from July 1, 2023, the Ministry of Health, Welfare and Sport will no longer provide data for creating a scannable QR code in the CoronaCheck app. The reason for this is that the legal basis for the issuing of digital EU-COVID certificates (DCCs) by the Minister of Health, Welfare and Sport expired on that date. This also means the ministry will no longer retain any relevant data.

The CoronaCheck app does allow users to save and download all DCCs that were created in the application before July 1. However, the device will only store the data that has been recorded locally in the CoronaCheck app by June 30, 2023, at the latest.

With effect from July 1, 2023, the CoronaCheck app will therefore only serve as an archive of data which was processed before July 1. No new processing of personal data will take place. The application will only be able to show data that has been loaded in the app and converted into a DCC before July 1, 2023. It is no longer possible to create new DCCs. When the application is opened, the data will not be retrieved or processed again.

The available data will be retained on the device until December 31, 2023. Then the app will be disabled, and the data will no longer be accessible on the device. If the user deletes the data or the CoronaCheck app at any time, the locally stored data will also be deleted.

Warning: When showing a QR code, the inspector sees all data the QR code provides in the CoronaCheck app. This is the data that is stored locally on the device and that is linked to the CoronaCheck app. Click here for an overview of that data. Please note: if a QR code in the CoronaCheck app is scanned in a country outside the EU or the Schengen zone, different rules for protecting personal data may apply.

The CoronaCheck app offers the possibility to download DCCs as a PDF. You can save this PDF or share it with others at your own discretion.

You are solely responsible for deciding whether you provide your data for inspection via the CoronaCheck app or by sharing a PDF.

Overview of processed personal data

Personal data that is processed when issuing an EU DCC:

• An IP address used by the involved person when creating a certificate
• The social security number of the involved person
• The involved person’s first and last name
• Organisation from which vaccination or recovery data has been retrieved
• In case of a test or recovery certificate:
  • Unique test code
  • Type of test
  • Name of test
  • Date and time of test administration
  • Date and time of determination of test result
  • Pathogen that has been tested for
  • Test producer
  • Test center name
  • Result of the test (negative for test certificate, positive for statement of recovery)
• Only in case of a certificate of vaccination:
  • Date(s) of administration
  • Unique vaccination code
  • Pathogen against which the vaccine works
  • Type of vaccine
  • Name of vaccine
  • Marketing authorisation holder or manufacturer of the vaccine
  • Sequence number in series of vaccinations/doses

Personal data stored in the QR code you show to controllers:

EU DCC

Personal data included in the EU DCC (QR code) regardless of the type (test, vaccination or recovery certificate):

• Name: family name(s) and first name(s) and possibly suffix
• Date of birth
• Target disease or pathogen (for example: SARS-CoV-2 and/or variants thereof)
• Unique certificate identification code
• Member state where test/vaccination has been carried out or proof of recovery has been obtained
• Issuer of the EU DCC, which is VWS for the Netherlands

The QR-code for the EU DCC as test certificate contains, in addition to general data:

• Registered date and time of test administration
• Type of test
• Name of test (optional for NAAT (PCR) test)
• Name of test producer (optional for NAAT (PCR) test)
• Test result
• Test center or facility (optional for rapid antigen test)

The QR code for the EU DCC as proof of vaccination in addition to the general data:

• Vaccine/prophylaxis (type of vaccine, e.g. mRNA vaccine or antigenic vaccine)
• Vaccine name
• Marketing authorisation holder or vaccine producer
• Sequence number in a series of vaccinations/doses
• Date of vaccination, including date of last dose received

The QR code for the EU DCC as repair evidence contains, in addition to the general data, the following data:

• Date first positive test result
• Date from which date the certificate is valid
• Date until which certificate is valid