OstaraSoma

OstaraSoma

OstaraSoma

Privacy Policy

Tatiana Vera Ostara (trading as OstaraSoma)

Last updated: December 2025


1. Who I Am

I am Tatiana Vera Ostara, an independent practitioner operating under the trading name OstaraSoma. I am the data controller for all information collected via this website and through my services.

ICO Registration Number: ZC034831

Email: hello@ostarasoma.com


2. What Personal Data I Collect

Website Enquiries

  • Name

  • Email

  • Any details you choose to share in your message

Client Information (After Onboarding)

Once we begin working together, you will receive secure onboarding forms that may include:

  • Informed Consent

  • Practice Policies

  • Client Disclaimer

  • Client Intake Form

  • Session notes


This information is not collected publicly and is held securely.


Payment Information

Payments are processed securely through Square (Squareup).
I do not receive or store your full card details; these are handled exclusively by Square in accordance with their security standards and GDPR compliance.
You can view Square’s privacy policy on their website.


Website Analytics

Non-identifying data such as:

  • IP address

  • browser type

  • pages visited

Used only for site performance and security.


3. How Your Data Is Used

I use your information to:

  • respond to enquiries

  • schedule and deliver sessions

  • provide services you request

  • manage payments

  • maintain accurate records

  • meet insurance, ethical, and legal obligations

  • improve website performance

Your data is never sold or shared for marketing.


4. Confidentiality

Everything shared in sessions is confidential, with exceptions required by law (risk of harm, safeguarding, court orders, supervision where anonymised).


5. Legal Basis for Processing

Under UK GDPR, I rely on:

  • Legitimate interests (responding to enquiries, scheduling)

  • Contract (providing services)

  • Legal obligation (record-keeping, safeguarding)

  • Consent (optional information; marketing opt-ins)

You may withdraw consent at any time.


6. Data Storage & Security

All data is stored securely using encrypted or password-protected systems.
Retention periods are outlined in onboarding documents.


7. Sharing Your Data

I may share data with trusted providers such as:

  • secure payment processors

  • website hosting or scheduling tools (e.g., Calendly)

  • professional supervision (anonymous)

Data is not shared with third parties for advertising.


8. Your Rights

You may request:

  • access to your data

  • correction of inaccurate information

  • deletion (where appropriate)

  • restriction or objection

  • data portability

  • withdrawal of consent

To request this, email hello@ostarasoma.com.

If concerns remain, you may contact the ICO: www.ico.org.uk


9. Cookies

See the Cookies Policy for details on how cookies are used.


10. Updates to This Policy

This policy may be updated to reflect legal or operational changes. The most recent version will always appear on this page.


11. Contact

If you have any questions about this policy:
Email: hello@ostarasoma.com