Our Privacy Policy

Last Updated: 13 May 2026

This Privacy Policy explains how crohns-disease.org.uk collects, uses, and protects personal data when you visit our website, use our forum, contact us, or interact with our content. We are based in the UK and process personal data in line with the UK GDPR, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR), and other relevant privacy laws.

Crohn’s Disease UK provides information and lived-experience content about Crohn’s disease. It is not a medical service, does not provide medical diagnosis or treatment, and should not be used as a substitute for professional medical advice.

1. Who We Are

crohns-disease.org.uk is a website providing Crohn’s disease content, personal experience, community resources, and related information. This policy applies to visitors, forum users, and people who contact us through the website.

crohns-disease.org.uk is the data controller and is responsible for the personal data described in this policy.

You can contact us about privacy matters through our contact form.

2. What Data We Collect

2.1 Forum Registration and Use

When you register for or use our forum, we may collect:

  • Name or username
  • Email address
  • Login details and account settings
  • Forum posts, replies, profile information, and other content you choose to share
  • Moderation records, where needed to manage forum safety and rules

Please avoid sharing medical information, diagnosis details, treatment details, or other sensitive personal information in public forum posts unless you are comfortable with that information being visible to other users.

2.2 Contact Form Submissions

When you contact us through the website, we may collect:

  • Name
  • Email address
  • Message content
  • Any other information you choose to include in your message

If you choose to include information about your health, symptoms, diagnosis, medication, treatment, or personal circumstances, this may be special category data under UK data protection law.

2.3 Website Analytics and Security

When you visit the website, we may collect technical and usage information, including:

  • IP address
  • User agent
  • Browser type and version
  • Operating system
  • Browser language
  • Country code or approximate location derived from technical data
  • Pages visited
  • Visiting URL and referral URL
  • Timestamp of visit or event
  • Device and usage information

This may be collected through:

  • Google Analytics
  • Website hosting, security, and anti-spam tools
  • Cookie consent and website performance tools

2.4 Special Category Data

Because this website is about Crohn’s disease, you may choose to share health-related information with us through forum posts, comments, contact messages, or other submissions. Health information is special category data under UK GDPR and needs extra protection.

We do not require you to provide health information to browse the website. If you choose to share health information, you do so voluntarily. We will only use it for the purpose for which you provided it, such as displaying your forum post, responding to your message, moderating community content, or maintaining website safety.

3. How We Use Your Data

We use your information for:

  • Providing and managing the forum
  • Displaying forum posts, replies, and profile information you choose to share
  • Moderating forum activity, preventing abuse, and enforcing community rules
  • Responding to messages sent through our contact form
  • Improving our website, content, accessibility, and user experience
  • Understanding which pages and content are useful to visitors
  • Preventing spam, fraud, abuse, or unauthorised access
  • Maintaining the security and reliability of the website

We do not sell your personal information. We only share personal data with service providers where needed to run the website, manage the forum, measure performance, protect the site, or comply with legal requirements.

4. Cookies

We use cookies and similar technologies to:

  • Maintain site and forum functionality
  • Remember preferences
  • Understand how visitors use the website
  • Improve website performance and content
  • Help protect the website from spam, fraud, and abuse

We use Google Analytics to understand how visitors use the site. This may involve cookies or similar technologies, depending on your cookie choices. See our Cookie Policy for full details.

5. Legal Basis

We process personal data based on the following legal bases:

PurposeType of dataLawful basis
To create and manage forum accountsName or username, email address, login details, account settingsContract or steps taken at your request; legitimate interests
To display and manage forum contentForum posts, replies, profile information, moderation recordsLegitimate interests; explicit consent where you choose to share health information
To reply to enquiriesName, email address, message contentLegitimate interests or steps taken at your request; explicit consent where you choose to share health information
To run and protect the websiteTechnical and usage dataLegitimate interests
To understand website performanceTechnical and usage dataConsent where required by cookie rules, otherwise legitimate interests where applicable

Where we process health-related information that you choose to provide, we treat it as special category data. Our Article 9 condition is explicit consent where you voluntarily provide that information for a clear purpose, such as posting in the forum or contacting us about your own situation.

Where we rely on consent, you can withdraw it at any time. Withdrawing consent does not affect processing that took place before your withdrawal.

Where we rely on legitimate interests, we only do so where we consider that our interests are not overridden by your rights and freedoms.

6. Your Rights

Under the UK GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Object to certain types of processing
  • Request restriction of processing
  • Request a copy of your data in a portable format, where applicable
  • Withdraw consent at any time where we rely on consent
  • Complain to the Information Commissioner’s Office if you are unhappy with how we handle your data

To exercise any of your rights, send us a message through the contact form.

You can also contact the Information Commissioner’s Office through ico.org.uk.

7. Data Retention

We retain personal data only for as long as necessary for the purpose collected.

  • Forum account data is retained while your account remains active.
  • Forum posts and replies may remain visible unless removed by you or by us as part of moderation, account closure, or legal compliance.
  • Contact form messages are retained only as long as needed to respond to your enquiry and manage any related follow-up.
  • Analytics data is anonymised or aggregated where possible and retained according to the settings used in Google Analytics.
  • Security logs may be retained for a limited period where needed to protect the website and investigate abuse or technical issues.

8. Third-Party Services and International Data Transfers

We use third-party service providers to operate the website, manage the forum, measure website performance, and protect the site. These may include:

  • Google Analytics, for website analytics
  • Hostinger, for website hosting and related infrastructure
  • Cloudflare and QUIC.cloud, for website security, performance optimisation, and content delivery
  • Forum, cookie consent, anti-spam, and website performance providers

Some providers may process data outside the UK or European Economic Area. Where this happens, we rely on appropriate safeguards, such as adequacy regulations, International Data Transfer Agreements, Standard Contractual Clauses, or equivalent data protection measures.

9. Security

We use reasonable technical and organisational measures to protect your data, including HTTPS, access controls, security tools, and regular monitoring. No method of transmission online is completely secure, but we take reasonable steps to reduce the risk of unauthorised access, loss, misuse, or disclosure.

We limit access to personal data to people and service providers who need it for legitimate operational, technical, security, or legal reasons.

10. Third-Party Links

This website may include links to third-party websites, tools, plugins, applications, products, or other services. Clicking those links or using those services may allow third parties to collect or process data about you. We do not control these third-party websites and are not responsible for their privacy notices, policies, or practices.

We encourage you to read the privacy notices of any third-party websites you visit.

11. Medical Information and Emergencies

Information on this website is for general information and lived-experience support only. It is not medical advice. If you need medical advice, diagnosis, or treatment, speak to a qualified healthcare professional. If you think you may have a medical emergency, contact emergency services or seek urgent medical help immediately.

Please do not use the website, forum, or contact form to send urgent medical information or requests for emergency help. We may not see or respond to messages quickly.

12. Changes to This Policy

We may update this policy from time to time. The latest version will always be posted on this page with the effective date shown at the top.

13. Questions

If you have any privacy concerns or questions about how we handle your data, send us a message through the contact form.

Share this now