Logo for Kents Hill & Monkston Parish Council, with a tree in the center. Surrounding text includes "Kents Hill," "Monkston," "Monkston Park," "Kingston," and "Brinklow" in a circular design.

Public Statement: Personal Data Breach

/in /by

Kents Hill & Monkston Parish Council is committed to protecting residents’ personal information and complying fully with its responsibilities under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

The Council has identified that a personal data breach occurred as a direct result of the actions of Cllr Taimyr Boungou-Pouaty in connection with the administration of the Parish Council’s community fitness classes. This involved the unauthorised disclosure and retention of residents’ personal information outside of the Council’s approved systems and governance framework.

In line with its legal duties, the Council has reported the breach to the Information Commissioner’s Office (ICO) within the statutory timescale and has notified affected residents where appropriate. The Council has also put in place measures to contain the breach, protect residents’ information, and prevent a recurrence, including:

  • Issuing formal instructions requiring the return and deletion of the data.
  • Referring the matter to the ICO for regulatory oversight.
  • Suspending access to council email accounts where necessary to protect data security.
  • Commissioning external legal and data protection advice.
  • Strengthening councillor training and governance procedures.

The Council emphasises that it, as the corporate body and lawful data controller, has not sanctioned or condoned these breaches and is taking robust action to ensure full compliance with data protection law and to uphold the trust of residents.

Residents who have concerns about how their data may have been affected are invited to contact the Clerk at clerk@khm-pc.gov.uk