Privacy Policy

The following is in relation to and in compliance with General Data Protection Regulations (GDPR) 2018.

Who am I?

Cat Manasa – Holistic Therapist

MFHT Member of The Federation of Holistic Therapists.
ICHT International Council of Holistic Therapists.
ATC Member of The Abdominal Therapy Collective
AP Arvigo Practitioner

Contact Information

Email –

My website address is: 
Please email me for telephone number and postal address.

When entering into a contract of service with me you are declaring you have read and understood my Terms and Conditions and Privacy Policy. Your privacy and safety is important to me. If you are unsure of anything outlined in this policy, please email me for clarification. This privacy policy will be reviewed regularly and updated when necessary. Please check back regularly.

What personal data I collect and why I collect it

To enable me to answer requests for information, book my services via my contact form or by direct email, you must provide me with certain information to allow me to process your request. This includes your name, email address and mobile phone number. I’ll use your email address/mobile number to respond to enquiries and to arrange bookings. Any information shared with me in your initial enquiry will be kept confidential whether you decide to book a treatment or not. I’ll keep this information for 1 year unless requested sooner. After 1 year, I delete any email enquiries that didn’t result in a treatment. After initial contact has been made, if you choose not to book a treatment with me, any information that has been shared with me by email can be deleted immediately by request.

Enquiries through Facebook, either via my Facebook Page or my Personal Profile will be treated the same as outlined above.

If you enter into a contract of service with me (make and attend a booking) I’ll use your email address to respond to your enquiry and arrange bookings.  If you wish to discuss details of a personal or sensitive nature through email, I’m happy to respond, however, please be aware that no email provider is 100% secure.

Any information given will be kept confidential and only used to help provide you with the best treatment.

Your email address will not be added to any mailing list. If you would like to be on my mailing list, you will have to sign up separately.

I will never share your email address with anyone.

If you choose to enter into a contract of services with me (i.e. come for a treatment) you’ll need to provide me with more in-depth information to ensure a safe treatment and fulfil my insurance requirements. This will require you to have a full consultation with me prior to treatment.

The consultation form is an essential pre-requisite to treatment and will provide me with an overview of your medical history past and present. I am also required to ask for information about your lifestyle and any other health information relevant to your treatment. This is to enable me to offer the most effective and safe treatment I can in accordance with my training, the Federation of Holistic Therapy Code of Conduct and Professional Practice and insurance requirements. This is my lawful basis for collecting the information I need to perform my service.

How do I collect your information?

Google form, digital PDF or paper form.

When possible, I’ll post you the relevant paper consultation forms for you to fill in prior to our initial session. Your consultation will take place face to face during our initial session where I’ll discuss your consultation form and add any other information given. All forms and notes are handwritten. Alternatively, I may send you a PDF that can be filled out online or printed and written.

If you choose to share personal information in an email or Facebook message or via WhatsApp, I may include a printed copy to add to your notes if it’s relevant and helpful to your treatment. By request, I can delete my copy of any email or message you have sent to me.

If we speak on the phone to arrange our initial session, I’ll write down your name and I might take notes about your situation. I’ll ask for your address and phone number if you’re making a booking with me. I’ll use your address to send you your consultation form and phone number if I need to contact you quickly. If our call does not result in a booking, I will destroy any notes and details written down.

Why do I need this information and who might I share it with?

The information you provide will give me an overview of your health and lifestyle. As a holistic therapist, I work to understand the bigger picture of your health and well-being needs. The consultation process is an essential part of your treatment and has to be completed before treatments can take place. You will also be required to update me on any new relevant information at each session throughout our treatment sessions. Any new information will be added to your notes. You may request to see your consultation form and treatment notes at any time. If you would like a copy of these, please let me know in writing and allow up to 30 days for delivery.

If you’re already under the care of a specialist health professional, or are pregnant, I may need to seek a referral from your health specialist/GP/midwife. This will be done with your knowledge and permission. In these cases, treatment can only commence once permission has been granted. This is to ensure you are given the most appropriate and safest treatment possible. I will never share your details with anyone without your permission.

In the case of treating children and young people under the age of 18 or vulnerable adults, a parent or guardian’s signature is required on the consultation form. The parent or guardian must be present throughout the consultation and treatment. The child, teen or vulnerable adult must give consent for the treatment to be given. As before, all information given is confidential and will not be shared with anyone. The only exception to this is if the child or vulnerable adult is deemed to be in danger. In those cases the relevant authorities will be notified and if it is required to disclose personal details to safeguard a child then I will disclose them. This is in keeping with the Children Act 1989 and 2004, and the Safeguarding Vulnerable Groups Act 2006.

How do I use the information I collect?

I will use the information I collect during our consultation and subsequent treatments to provide you with the most suitable and safe treatments within my scope of practice. This is in accordance with my training, FHT codes of conduct and insurance requirements.

How long will I store your information?

If you have a treatment with me, all personal data and information gathered will be confidentially and securely stored for 7 years after your last treatment. All email enquiries that don’t result in a treatment will be held for one year before deletion. This is to ensure potential clients have plenty of time to decide if I’m the therapist for them and that all non-clients data is eventually deleted and forgotten.

Where will I store this information?

All consultation forms and notes will be kept in a securely locked box to which I am the only key holder. Emails are kept in my inbox which is password protected. The devices I use to access my emails are also all password protected. I don’t use any shared devices when accessing my emails.

How will I destroy this information?

If you have been a client, after 7 years, paper records will be shredded and burnt. All email correspondence and Facebook messages will be deleted. If you have made enquiries but not become a client, all emails and messages will be deleted one year after the last email received.
With regard to email and Facebook messages, both clients and non-clients can request that I delete any messages I’ve received from them at any time.


The lawful basis for requiring this information is as follows;

  • Consent: the clear consent for me to process your personal data for the specific purpose of giving safe and responsible holistic treatments.
  • Contract: the processing is necessary to uphold the contract you have with me as your holistic therapist. By signing the consultation form you are agreeing to my Terms of Service and will agree to abide by the necessary requirements for me to provide safe treatments, abide by my professional code of conduct and insurance obligations.
  • Legal obligation: the processing of your information is necessary for me to comply with the law.
  • Special category data: I hold health related special category data to enable me to work within the Federation of Holistic Therapists Code of Conduct and Professional Practice and validate my insurance. I adhere to client confidentiality rules as taught throughout my training and only use this information to ensure best practices as a holistic healthcare professional.

You have the right to:

  • Be informed – I will inform you of the reasons I need your information and how I will use it.
  • Access – You can have access to all information I hold about you. Please request copies of your notes verbally or in writing and allow up to 30 days for processing. I prefer to hand these notes over in person to avoid any identification issues.
  • Rectification – You can update and correct any information I hold about you if it is incorrect. Please inform me of any amendments you’d like to be made verbally or in writing and allow up to 30 days for processing.
  • Erasure/be forgotten – You can request that I delete any emails you have sent me if they’re no longer relevant, along with your email address from my address book. If you are, or have been a client, I am required to hold your treatment records for a period of seven years after the date of your last treatment to comply with legal obligations and to establish, exercise or defend any legal claims.
  • Restrict processing – If you choose not to return for treatment your information will be stored securely for seven years. That information will not be used or shared. After seven years it will be destroyed. If you have been a client, I am required to hold your treatment records for a period of seven years after the date of your last treatment to comply with legal obligations and to establish, exercise or defend any legal claims.
  • Data portability – if you would like copies of your consultation form and treatment notes sent to another holistic therapist, in particular, another Arvigo® therapist for continuity of care, please request this in writing and allow up to 30 days for processing. I don’t store your notes on a computer. Photocopies will be made, the envelope will be clearly marked Private and Confidential and they’ll be sent by registered post.
  • Object – I will never use your email address for direct marketing. I will only email you if you have emailed me asking for a reply. If you’ve signed up to my mailing list (which you’ll have to do separately) you’ll receive the occasional seasonal update from me containing offers and information about new blog posts. If you no longer wish to receive any newsletter style emails from me, please unsubscribe from my mailing list.
  • Not be subject to automated decision-making – I do not use any automated decision-making services on this website.

How my website collects information


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.

Contact forms

No information is collected or stored on my website if you use my contact form to contact me. This form simply sends your message direct to my email inbox.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.


If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

This site, like many others, uses small files called cookies to help me customise your experience. They help me to provide you with a good experience when you browse my website. By continuing to browse the site, you are agreeing to my use of cookies. All modern browsers allow you to change your cookie settings. You can usually find these settings in the ‘options’ or ‘preferences’ menu of your browser. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of my site. To understand these settings, use the ‘Help’ option in your browser.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website. Embedded content on my website may include content from Facebook and Instagram.


When you visit my website I use third party services, Exactmetrics and Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. I do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. I do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. I use Google Analytics so that I can continually improve my service to you – read the Google Analytics privacy notice.

Who I share your data with.

My website is built with WordPress. WordPress does not share data with anyone.

I use some third-party plugins. These plugins do not track or collect any personally identifiable information. The plugins I use are:

Smush (Image optimisation) – Smush sends images to the WPMU DEV servers to optimise them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers. Smush uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s Privacy Policy can be found here. Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator’s email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.

Akismet – collects information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

How long I retain your data.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data.

Visitor comments may be checked through an automated spam detection service. I use Akismet. Akismet collects information about visitors who comment on Sites that use our Akismet anti-spam service. The information collected depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

How we protect your data.

All devices I use to access and update my website are password protected and I am the only user.

What data breach procedures we have in place.

This website does not collect or retain any identifiable data therefore a data breach that affects users is highly unlikely. If a data breach does occur that puts any identifiable data at risk, users will be informed immediately.

What third parties we receive data from.

This website does not receive any data from third parties.

What automated decision making and/or profiling we do with user data.

This website does not use any automated decision making or profiling.

Last updated 27/08/2023

Cat Manasa

Happy to answer any questions. Email Me!