Both talk in the soft language of help, hope, joining-up and civic renewal. But behind the bunting, the newsletters and the “we’re all in this together” patter, there’s a hard question that won’t go away: where are the public safeguards?
Because on the visible websites for Sunflower House and One Folkestone, the basics appear either missing, buried, or nowhere near clear enough for organisations collecting personal data, working with vulnerable people, handling volunteers, taking public money and sitting inside local civic structures. Searches of Sunflower House’s homepage found no matching text for “privacy”, “Privacy” or“accessibility”; searches of the Get Involved page also found no matching text for “privacy” or “accessibility”.
That isn’t a bit of web housekeeping.
It’s the front door.
Sunflower House says it helps people “going through a tough time”. It lists project partners including Folkestone & Hythe District Council, Folkestone Town Council, Forward Trust, Headway, Kent and Medway NHS & Social Care Partnership Trust, the Mental Health Foundation and the Refugee Council. It also tells people to keep in touch by signing up for its monthly newsletter through the Get Involved page, and says that page includes a contact form for enquiries.
So personal data is being invited in.
Names. Emails. Reasons for contact. Volunteer offers. Notes. Probably far more.
The Get Involved page asks for “Your name”, “Your email”, “Your reason for getting in touch”, and “Extra information”. The options include “SFH Volunteer offer”, “Project idea” and “Other”. There’s no visible privacy wording in the lines around the form, no obvious explanation of who controls the data, who sees it, how long it’s kept, whether it’s shared with partners, or what rights the person filling in the form has.
That’s not a small thing.
People don’t always write neat, harmless little notes into boxes marked “extra information”. They may mention homelessness, food poverty, fuel poverty, disability, mental health, addiction, family breakdown, immigration status, abuse, safeguarding fears or a need for urgent help. A charity working around vulnerable people should know that. A trustee chair should know that. A council funding or recognising that work should know that too.
The ICO is clear: people have the right to be informed about the collection and use of their personal data. Organisations must tell people the purposes of processing, retention periods and who data will be shared with, and must provide privacy information at the time they collect personal data from the individual. The information must be concise, transparent, intelligible, easily accessible and written in clear, plain language.
This isn’t gold-plated compliance for large corporations.
It’s the lock on the medicine cabinet.
The Charity Commission register gives the Sunflower House picture sharper edges. Sunflower House is registered charity 1158558. Its 2024 income was £88,803, including £19,220 from four government grants. The register records four trustees, 50 volunteers, and says the charity supports vulnerable or homeless people through community programmes in the Folkestone area. It also records Jon O’Connor (pictured) as a trustee appointed on 19 November 2021.
Sunflower House’s own About Us page names Jon O’Connor as Trustee Chair. It says the charity has a small part-time community support team and “around 50 amazing volunteers”, even though the Charity Commission page says 40. It describes volunteers supporting Warm Welcome, Folkestone Pantry, Cheriton Larder, community meals, IT support and the Repair Café. That’s not two people with a trestle table and a kettle. That’s an operation.
On the ICO point, the wording matters. Absence from the ICO register is not, by itself, automatic proof of unlawfulness, because some controllers can rely on exemptions. But the ICO says that, generally, controllers processing personal data have to pay a fee unless exempt; it also says that even where an organisation is exempt from paying the fee, it still has to comply with its other data protection obligations. Searches under the obvious names raise a fair question, not a verdict: if Sunflower House or One Folkestone relies on an exemption, which exemption is it?
That question matters because the work doesn’t look like a harmless private mailing list.
It looks like public-facing hardship support, volunteer coordination, partnership work, food and warm-space activity, community networking, newsletters, donations, public meetings and council-linked projects.
The Charity Commission register also says Sunflower House has a thick bundle of governance policies: bullying and harassment, campaigns and political activity, complaints handling, complaints policy and procedures, conflicts of interest, internal financial controls, risk management, safeguarding, safeguarding vulnerable beneficiaries, serious incident reporting, social media, trustee conflicts, trustee expenses and volunteer management.
Lovely.
But where are they?
No one sensible says every internal control document must be published in full. Some safeguarding and financial-control details may properly stay internal. But a charity dealing with vulnerable people, volunteers, food support, public grants, civic partners and donations should at least show the public routes: how to complain, how to raise a safeguarding concern, how volunteers are protected, how data is handled, how conflicts are managed, and how disabled users get information in an accessible format.
Otherwise it’s policy theatre.
A cupboard full of policies means very little to a hungry resident, a worried volunteer or a disabled user if they can’t find the door to the cupboard.
The safeguarding point is particularly stark. Charity Commission guidance says all charities have a responsibility to ensure they don’t cause harm to anyone who has contact with them, including volunteers, staff and beneficiaries, and that charities working with adults at risk have extra responsibilities. It says trustees retain overall responsibility, even where safeguarding is delegated.
The same guidance says charities must identify safeguarding risks linked to who they work with, where they operate and what they do, including operating online and working with other bodies. It says charities must have robust safeguarding policies that everyone understands and uses, including making sure people know how to identify and report a concern or incident.
That’s the point.
A policy that exists somewhere but isn’t visible to the people who may need it is like a lifebuoy locked in a cupboard.
And this is where One Folkestone walks into the same sea mist.
One Folkestone’s homepage says it’s “a project designed to be taken into public ownership during the next year”. It says it’s currently supported by Sunflower House, with advice and input from New Folkestone Society, Folkestone & Hythe District Council, Creative Folkestone and others. It says its aim is to bring together the Folkestone community as the voice behind long-term regeneration plans.
That’s not a private blog.
That’s civic machinery.
Yet searches of the One Folkestone homepage found no matching text for “privacy”, “cookie” or “accessibility”. A search of the One Folkestone June 2026 update found no matching text for “privacy”.
The One Folkestone Launches page invited people to affiliate as an individual or group by emailing back “YES”. It described plans to build membership, create steering groups, expand a Community Building Network, develop a bulletin board for ideas and projects, run health and wellbeing workshops with Folkestone & Hythe District Council and others, and run themed seminars linked to One Folkestone steering groups.
That’s data collection wearing a community badge.
The same page says One Folkestone is recognised by Folkestone & Hythe District Council, Folkestone Town Council, Tony Vaughan MP, Creative Folkestone and Folkestone Community Forum. It also says One Folkestone is “strictly non-party political”. Fine. Then the governance bar rises. Recognition from public and civic bodies should come with questions, not just applause.
Who owns One Folkestone?
Who is its data controller?
Is it Sunflower House?
Is it New Folkestone Society?
Is it Jon O’Connor personally?
Is it an unincorporated association?
Who holds the mailing list?
Who holds the “over 100 community contacts”?
Who is responsible if someone asks for their data to be deleted?
Who is responsible if a safeguarding concern is sent through the wrong channel?
The One Folkestone June 2026 update is even more revealing. It includes a Subscribe link, Past Issues, RSS, Google Translate links, event listings, booking instructions and an email address for further information. It says One Folkestone’s events are open to all community partners. This is not just static information sitting on a dusty page. It’s an active organising platform.
Then there’s the public-money trail.
Folkestone & Hythe District Council said in April 2026 that councillors had backed a £567,000 package to help residents facing hardship, support the voluntary sector and improve physical health. The council said funding would go to key community spaces including Sunflower House, Folkestone Rainbow Centre and Folkestone Nepalese Community Centre, to continue low-cost meals, food and fuel vouchers, digital support, warm spaces and signposting.
One Folkestone’s June 2026 update says Folkestone & Hythe District Council commissioned Sunflower House to lead a VCSE sustainability project ahead of local government reorganisation. It quotes Cllr Mike Blakemore saying FHDC commissioned Sunflower House to deliver the project on its behalf, with research, training and support for collaboration, cooperation and community partnership.
So this isn’t merely “the website could do with a tweak”.
It’s public money, vulnerable residents, volunteers, food support, warm spaces, newsletters, partnerships, civic recognition and data collection — all wrapped around websites where the ordinary person cannot readily see the privacy architecture, the complaints route, the safeguarding route, the accessibility position or the One Folkestone controller structure.
Accessibility is another poor look. GOV.UK says accessibility means making a website usable by as many people as possible, including people with impaired vision, motor difficulties, cognitive impairments, learning disabilities, deafness or impaired hearing. It also says the people who need public-sector websites most are often the people who find them hardest to use.
GOV.UK says public-sector website compliance includes meeting WCAG 2.2 AA and publishing an accessibility statement. It also says all UK service providers have a legal obligation to make reasonable adjustments under the Equality Act 2010, and that charities may be exempt from the specific public-sector accessibility regulations unless they are mostly publicly funded, provide services essential to the public or are aimed at disabled people.
So even if Sunflower House isn’t “mostly publicly funded” on the latest Charity Commission figures, the wider reasonable-adjustments issue doesn’t vanish into thin air.
It still works with people who may need accessible information.
It still runs public-facing support.
It still uses a website to collect enquiries.
It still has around 50 volunteers.
It still names public bodies and health-related partners.
It still receives public money.
It still sits inside a local ecosystem that claims to help those having the hardest time.
And that brings us, finally, to Grace Hill.
This isn’t the beginning of the story. It’s where the story becomes a public-asset problem.
Folkestone Town Council’s 11 June 2026 says that, during acquisition of the Grace Hill site, a steering group was established comprising key community partners involved in early discussions and supporting the project’s development. The listed group included One Folkestone, Creative Folkestone, the Leader of Folkestone & Hythe District Council and the local MP. The purpose was to support the next phase of the project, provide strategic oversight for future use and development, support collaboration, and ensure community interests remain central to decision-making.
The Terms of Reference go further. They name “One Folkestone Partnership Lead – Jon O’Connor” among the Grace Hill Steering Group membership. The document says the group will support refurbishment of 2 Grace Hill, pursuit of grant funding and development of proposals for future community use. It says the group is advisory and has no decision-making authority, but it will draft a Memorandum of Understanding, share information and expertise, support a shared community vision, assist with grant research and make recommendations to the Town Council.
Advisory doesn’t mean irrelevant.
It means influence.
Grace Hill is a public building, bought by the Town Council, for £1, after years of public concern. Report C/26/420 says the Town Council approved progression of the purchase of the former library building on 21 April 2026, and estimated the 2026/27 budget requirement at £63,650. That included £12,150 initial capital costs and £51,500 estimated annual holding costs, with ongoing maintenance to minimise further deterioration marked as “Unknown”.
So here’s the question.
Before Jon O’Connor was named as One Folkestone Partnership Lead on the Grace Hill Steering Group, what due diligence did Folkestone Town Council carry out?
Did it ask for One Folkestone’s privacy notice?
Did it ask who the One Folkestone data controller is?
Did it ask for Sunflower House’s privacy notice?
Did it ask about ICO fee registration or exemption?
Did it ask for the volunteer data notice?
Did it ask where the safeguarding route is published?
Did it ask where the complaints route is published?
Did it check accessibility?
Did it ask how public data, community contacts, email lists and partner communications are managed?
Did it ask whether the policies listed at the Charity Commission are available to the people who might need them?
If the answers exist, publish them.
If they don’t, why not?
Because this isn’t a missing hyphen in a newsletter. It’s the basic machinery of trust: data protection, individual rights, safeguarding, accessibility, complaints, volunteer governance, public funding and public-asset influence.
There’s also the uncomfortable political and governance backdrop. We understand questions exist locally about Jon O’Connor’s previous local Labour Party position, including claims that he was removed from a local role for reasons not publicly known. We’re not making a finding on that here, and we’re not speculating about unknown reasons. But that uncertainty makes proper due diligence more important, not less.
Public bodies shouldn’t shrug.
Trustees shouldn’t shrug.
Councillors shouldn’t shrug.
And the public shouldn’t be told, in effect, “don’t worry, they’re good people”.
Good people still need good governance.
Sunflower House may well do good work. Its volunteers may well be doing vital work. People may be fed, welcomed, helped, warmed and listened to. None of that is being dismissed.
But good work doesn’t cancel out bad safeguards.
Warm intentions don’t give anyone a free pass on people’s rights.
A sunflower painted on the wall doesn’t make a privacy notice appear.
The proper course now is obvious. Jon O’Connor should step aside as Chair of Sunflower House while the trustees commission an independent review of the charity’s data protection, safeguarding, complaints, accessibility, volunteer management, policy visibility and website compliance. Folkestone Town Council should also remove or suspend him from the Grace Hill Steering Group unless and until it can show what due diligence was undertaken before he was placed there, what risks were considered, and why it was satisfied he was a suitable person to help shape the future of a public building.
That isn’t personal.
It’s governance.
No doubt, now these failures have been dragged into daylight, the tidy-up will begin. A privacy notice may appear. A cookie page may be bolted on. An accessibility statement may be written. A complaints link may be added. A safeguarding page may finally find its way onto the menu. Someone may call it “ongoing improvement”.
That won’t wash.
These safeguards should’ve been there before residents handed over their names, emails, volunteer details, contact-form messages or potentially sensitive personal information. They should’ve been there before public money flowed. They should’ve been there before One Folkestone was given civic recognition. And they certainly should’ve been there before Jon O’Connor was named as One Folkestone Partnership Lead inside the Grace Hill Steering Group.
It should never have come to this.
Because public trust isn’t built on slogans, soft lighting and a missing footer.
It’s built by doing the dull, essential things properly — before someone has to point out that the safeguards aren’t where the public can see them.
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
Discover more from ShepwayVox Dissent is not a Crime
Subscribe now to keep reading and get access to the full archive.
Leave a Reply