Meeting Minutes:
Complaints Committee
| Meeting Date: | Tuesday 9 Jun 2026 |
|---|---|
| Time: | 14:00 |
| Councillors | Jon Aldridge Vice-Chairman, Angela Baker Chairwoman, Margot McArthur, Stephen Sumner. |
| Committee: | Complaints Committee |
| Venue: | Rickards Hall. 72a High Street Edenbridge, TN8 5AR Kent |
| Notes: | |
| Summary: |
Agenda
Minutes
The Chair of the Council, chaired the meeting.
None.
In view of the confidential nature of agenda item 4 and 5 to be discussed, the Chairman noted that press and public be excluded from the chamber. Public Bodies (admissions to meetings) Act 1960 and the Local Government Act 1972 s100 and 102.
There were no members of the public present.
Committee members had received the full meeting pack, and noted that a full copy had been provided to the complainant on 27 May, excluding the confidential personnel and governance report which was for Committee only - as it related to confidential employment and internal management processes, and therefore did not form part of the external complaints documentation.
On 2 June, additional information received from the complainant was added to the complaints pack for committee, and the complainant was advised the email would be included in the pack, and that other than this there were no further changes to the documentation pack.
Members considered the complaint, supporting correspondence, investigation findings and reports, additional information provided by the complainant, and a confidential personnel and governance report. It also noted that the complaint related to the information concerning the outstanding debt owed to the Council, and that this was allegedly discussed verbally with a third party.
Members commented on the procedures followed so far with handling the complaint from the initial stages to date, and praised the way this had been handled to date, and the presentation of the committee complaints pack.
One member asked if external advice had been sought. The Town Clerk said that the Council’s complaint’s procedures had been reviewed and updated by the Council’s solicitor in 2021. In terms of understanding what constitute a data breach, the ICO’s website did provide some helpful advice and definition.
The Committee considered relevant Information Commissioner's Office (ICO) guidance regarding the definition of a personal data breach, including examples such as unauthorised access to personal data, disclosure to an incorrect recipient, alteration of data without permission, and loss of availability of personal data.
The Committee observed that, whilst the initial response addressed the outcome of the complaint, it did not clearly set out the reasoning by which the Council concluded that no personal data breach had occurred.
The Personnel review had concluded that no personal data breach had occurred. The matter related to a verbal discussion. No personal data, financial records, invoices, account details or other personal financial information were disclosed. While it was acknowledged that, with hindsight, the conversation should not have taken place, it was not considered to constitute a personal data breach.
Procedurally, the Committee was satisfied that it had appropriate reporting procedures in place for managing its processes, although the matter relating to this complainant had not been reported to the Finance Committee. The Personnel Committee investigated this omission and was satisfied with the explanation provided.
Members discussed whether they were satisfied with the handling of this complaint and whether they considered there to have been any legal breaches. The Committee remained satisfied that it had followed the appropriate procedures. It acknowledged that there were some enhancements to its internal financial administration procedures that should be reflected going forward; these had already been reported to Council at its May meeting, and additional clarity had been incorporated into Section 13 of the Financial Regulations.
Members also discussed the potential for any future investigation by the Information Commissioner's Office (ICO) should the complainant escalate the matter, and/or the possibility of a civil claim. Members remained satisfied that the Council had followed the appropriate procedures and that there had been no personal data breach. In reaching this conclusion, Members noted that the information concerned a limited company, as recorded at Companies House, and related to the company rather than the complainant in a personal capacity.
After much discussion, Committee concluded:
- The Committee noted that the information referred to a registered company.
- It supported the initial decision, that no personal data breach occurred.
- Both investigations, the initial complaint, and personnel, highlight some procedural areas which should be enhanced to provide clearer clarity to officers and public. These were now reflected in the Financial Regulation.
- Council Data Protection and GDPR policies, and Privacy Notices had recently been reviewed and update, as adopted by Council at its March meeting.
Members unanimously,
Resolved: To uphold the initial compliant decision, and in response to the three questions in the formal complaint:
1. Confirmation that the incident has been recorded in the Council’s personal data breach register.
The Committee concluded that no personal data breach had occurred. Accordingly, the matter has not been recorded as a personal data breach. However, the complaint itself has been formally considered through the Council’s Complaints Procedure, investigated internally and reviewed by the Complaints Committee. It has also been reported to Council inline with its own procedures.
2. The lawful basis relied upon for the disclosure.
The Committee concluded that the circumstances reviewed did not constitute the disclosure of personal financial information in a manner that amounted to a personal data breach. In reaching this conclusion, the Committee considered the relevant provisions of UK GDPR, the Data Protection Act 2018 and guidance published by the ICO.
3. Whether the officer was acting in accordance with Council policy or instruction.
The Committee reviewed the circumstances surrounding the complaint, including the actions of the officer concerned and the Council's relevant policies and procedures. The matter was also considered separately through the Council's internal personnel procedures.
The Committee was satisfied that there was no evidence of misconduct or of a personal data breach, and that the Complaints Procedure had appropriately investigated the circumstances. The Committee further concluded that no further action was required.
Whilst it was acknowledged that, with hindsight, the conversation giving rise to the complaint should not have taken place this did not alter the Committee's conclusion.
The Committee also noted the complainant's references to allegations of harassment. These matters were considered during the Council's internal reviews. No evidence was identified to support the allegation of harassment, and the Committee did not consider that these matters altered its conclusion in relation to the complaint under consideration.
Internal personnel matters are managed in accordance with the Council's employment procedures and do not form part of the external complaints process.
There were no further comments and the Chair closed the meeting.