ME/CFS Support
Sign up now
Privacy Policy

How personal data is handled at ME/CFS Support.

ME/CFS Support is designed and operated with UK GDPR and Data Protection Act 2018 principles in mind. This policy explains what personal data we collect, how we use it, and the choices and rights available to you.

ME/CFS Support is a community platform and information service. It is not a medical service and content on the site is not medical advice.

Who we are

ME/CFS Support is an online community and support platform for people living with ME/CFS and Long COVID. In this policy, “ME/CFS Support”, “we”, “us”, and “our” refer to the operator of this website and related services.

If you have questions about this policy or about how your data is used, you can contact us at hello@mecfs.support.

What data we collect

We collect the information needed to run the service and provide support features. This can include:

  • your name and email address;
  • account and profile information you choose to add;
  • messages, suggestions, posts, and other content you choose to submit;
  • technical and usage information, such as browser, device, logs, and site activity needed to keep the service secure and working properly;
  • health-related or symptom-related information where you choose to provide it for support or personalisation features.

Why we collect data

We use personal data to provide and improve ME/CFS Support. This includes using data to:

  • create and manage accounts or registrations;
  • provide community, support, content, and personalisation features;
  • respond to questions, suggestions, and support requests;
  • improve safety, moderation, reliability, and user experience;
  • meet legal, regulatory, and safeguarding responsibilities where needed.

Lawful basis for processing

We only process personal data where we have a valid reason under UK data protection law. Depending on the service involved, this can include providing the service you have asked for, our legitimate interests in running and improving the platform, your consent, or compliance with a legal obligation.

Where we rely on consent, you can withdraw it at any time. This does not affect any use of data that took place before consent was withdrawn.

Health-related information and other special category data

Health-related information is treated as sensitive. If you choose to share it, we use it only for relevant support and personalisation features, such as helping show content, tools, or discussions that are more relevant to you.

We handle this type of information with extra care and only use it where we have a valid basis to do so under UK data protection law.

How we use data

In practice, we use personal data to:

  • operate the website and member features;
  • personalise support-related content where you have provided relevant information;
  • communicate about the service, updates, or support matters;
  • detect misuse, reduce spam, and maintain platform security;
  • improve the design and usefulness of the service over time.

Data storage and security

We use reasonable technical and organisational measures to protect personal data. This includes steps such as access controls, limited administrative access, secure hosting arrangements, and measures designed to reduce the risk of loss, misuse, unauthorised access, or disclosure.

Access to personal data is limited where reasonably possible.

Selling data and advertising

Personal data is not sold. Personal data is not shared with advertisers.

Service providers and sharing

We use service providers where needed to run the site, such as for hosting, infrastructure, communications, moderation tooling, analytics, or security support. They only receive the information needed for their role and are required to protect it appropriately.

International transfers

Where possible, personal data is kept within the UK or EEA. If data needs to be transferred outside the UK or EEA, we use appropriate safeguards to protect it.

Cookies and analytics

We use essential technical measures, such as session functionality, security controls, and limited cookies needed for the site to work properly.

If analytics are used, they will be used in a way that is consistent with applicable privacy and e-privacy requirements.

Data retention

We keep personal data only for as long as it is reasonably needed for the purpose it was collected. This can include providing the service, keeping the platform secure, handling moderation, maintaining records, and meeting legal obligations.

When data is no longer needed, we delete it, anonymise it, or securely dispose of it where practical.

Your rights

Under UK data protection law, you may have the right to:

  • access the personal data we hold about you;
  • ask for inaccurate or incomplete data to be corrected;
  • ask for data to be deleted in certain circumstances;
  • ask us to restrict how data is used in certain circumstances;
  • object to some types of processing;
  • request data portability where this applies;
  • withdraw consent where consent is the basis for processing.

You also have the right to complain to the UK Information Commissioner’s Office if you believe personal data has been handled unlawfully.

Contact

If you have a privacy question, a rights request, or a concern about how your data is handled, please contact hello@mecfs.support.

Last updated

21 May 2026