diff --git a/app/main/views/user_profile.py b/app/main/views/user_profile.py
index 84c13bd81..cc71fc758 100644
--- a/app/main/views/user_profile.py
+++ b/app/main/views/user_profile.py
@@ -1,6 +1,7 @@
 import json
 
 from flask import (
+    abort,
     render_template,
     redirect,
     url_for,
@@ -21,6 +22,8 @@ from app.main.forms import (
     ConfirmPasswordForm
 )
 
+from app.utils import is_gov_user
+
 from app import user_api_client
 
 NEW_EMAIL = 'new-email'
@@ -31,7 +34,10 @@ NEW_MOBILE_PASSWORD_CONFIRMED = 'new-mob-password-confirmed'
 @main.route("/user-profile")
 @login_required
 def user_profile():
-    return render_template('views/user-profile.html')
+    return render_template(
+        'views/user-profile.html',
+        can_see_edit=is_gov_user(current_user.email_address)
+    )
 
 
 @main.route("/user-profile/name", methods=['GET', 'POST'])
@@ -56,6 +62,9 @@ def user_profile_name():
 @login_required
 def user_profile_email():
 
+    if not is_gov_user(current_user.email_address):
+        abort(403)
+
     def _is_email_unique(email):
         return user_api_client.is_email_unique(email)
     form = ChangeEmailForm(_is_email_unique,
diff --git a/app/templates/views/user-profile.html b/app/templates/views/user-profile.html
index 5b5c436af..d1e3da880 100644
--- a/app/templates/views/user-profile.html
+++ b/app/templates/views/user-profile.html
@@ -28,7 +28,13 @@
       {{ item.value }}
     {% endcall %}
     {% call field(align='right') %}
-      <a href="{{ item.url }}">Change</a>
+      {% if item.label == 'Email address' %}
+        {% if can_see_edit %}
+          <a href="{{ item.url }}">Change</a>
+        {% endif %}
+      {% else %}
+          <a href="{{ item.url }}">Change</a>
+      {% endif %}
     {% endcall %}
   {% endcall %}
 
diff --git a/tests/app/main/views/test_user_profile.py b/tests/app/main/views/test_user_profile.py
index cf0047108..c2711ae05 100644
--- a/tests/app/main/views/test_user_profile.py
+++ b/tests/app/main/views/test_user_profile.py
@@ -266,3 +266,23 @@ def test_should_redirect_after_password_change(app_,
         assert response.status_code == 302
         assert response.location == url_for(
             'main.user_profile', _external=True)
+
+
+def test_non_gov_user_cannot_see_change_email_link(client,
+                                                   api_nongov_user_active,
+                                                   mock_login,
+                                                   mock_get_non_govuser):
+    client.login(api_nongov_user_active)
+    response = client.get(url_for('main.user_profile'))
+    assert '<a href="/user-profile/email">' not in response.get_data(as_text=True)
+    assert 'Your profile' in response.get_data(as_text=True)
+    assert response.status_code == 200
+
+
+def test_non_gov_user_cannot_access_change_email_page(client,
+                                                      api_nongov_user_active,
+                                                      mock_login,
+                                                      mock_get_non_govuser):
+    client.login(api_nongov_user_active)
+    response = client.get(url_for('main.user_profile_email'))
+    assert response.status_code == 403