Legal Services provided by the Council

The Legal team offer the following services:

  • Proof of Life
  • Release of Covenants on former Council houses
  • Discharge of Council Mortgages
  • Freedom of Information
  • Data Protection/Subject Access Requests

Proof of Life

Legal Services are able to complete a Proof of Life declaration for overseas pension purposes.  You must make an appointment to see one of the Council's solicitors, please contact the Legal team to arrange an appointment.  You need to bring (1) The form for completion, (2) Passport, (3) Proof of current address and (4) come in person.

No charge is made for this service.

Release of covenants on former council houses

A number of former Council houses have a number of covenants attached to them, if you require these to be released for any reason, please contact the Council's Head of Asset Management on 01784 446424.

Discharge of Council mortgages

If a property you are dealing with has a Council mortgage that has been discharged and you require confirmation of this and/or  the Mortgage: cancellation of entries for lenders form (DS1) please contact the Legal team.

Freedom of Information

Please refer to the Council's publication scheme and guidance notes.

Please note that the Council does not have Highways or Education or Social Services responsibilities and such requests should be forwarded to Surrey County Council.

Privacy and Data Protection

Under the Data Protection Act 1998 an individual is entitled to ask Spelthorne Borough Council ("Council") for copies of the personal information which the Council holds about him/her. Subject to certain exemptions under the Act, the Council is required to provide the individual access to his/her personal information as requested.

If you want to make a subject access request please email

To enable the Council to comply with your request to see your personal information, could you please print and complete the pdf icon Subject Access Request Form [103kb].

Data Protection Statement

1. Introduction

The Data Protection Act regulates the way in which personal information about individuals, whether held on a computer or in a manual filing system, is obtained, stored, used and disclosed. The legislation gives rights to individuals, to see the data stored about them and to require modification of the data if it is wrong. The Council is registered with the Information Commission for the purposes of the Act.

2. Principles

The Data Protection Act 1998 contains eight governing Principles relating to the collection, use, processing and disclosure of data, and the rights of access to personal data concerning themselves. These Principles are:

  • personal data shall be processed fairly and lawfully and, in particular shall not be processed unless one of the conditions in Schedule 2 is met. These can summarised a consent, contract, legal obligation, vital interests, public interest and balance of interest. In the case of a sensitive personal data at least one of the conditions in Schedule 3 must also be met, which can be summarised as explicit consent, employment law, vital interests, non-profit associations, manifestly made public, legal claims, justice/statute Crown, medical purposes, ethnic monitoring
  • personal data shall be obtained only for one or more specified and lawful purpose and shall not be further processed in any manner incompatible with that purpose or those purposes
  • personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed
  • personal data shall be accurate and, where necessary, kept up to date
  • personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or purposes
  • personal data shall be processed in accordance with the rights of the data subject under this act (this includes the rights of subjects to access the data and to correct it)
  • appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data against accidental loss or destruction of, or damage to, personal data (this relates to data security)
  • personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data

The Council will hold the minimum personal data necessary to enable it to perform its functions. The data will be erased when not needed. Every effort will be made to ensure that data is accurate and up-to-date, and that inaccuracies are corrected quickly. Details of what the Council does with personal data it holds is contained in its Personal Information Policy which is accessible on each page on the Council's website in paper format.

Subject Access

The Council will normally provide any individual who requests it, in a specified manner, a reply stating whether or not the Council holds personal data about that individual for which a fee is payable.


Disclosures of information must be in accordance with the provisions of the Act and the Council's registration/notification. Where the Council has a duty to disclose certain data to public authorities (such as Inland Revenue, HMRC, Benefits Agency), this will be done in accordance with statutory and other requirements.

Legal and internal rules limit disclosure within the authority either to council staff or councillors. When a request for information is made, the minimum of personal data will be made available on a need to know basis.


The Council intends that personal data must be treated as confidential. All staff must comply with the Council's Data Protection Policy, Confidentiality and Information Security and all new staff must sign a confidentiality agreement.


It is the aim of the Council's that all staff are fully informed of their obligations under the Data Protection Acts and aware of their personal liabilities, and where appropriate training is given.

Disciplinary Action

Disciplinary action may be taken against any employee who breaches the Data Protection Act principles.

3. Responsibilities

Overall responsibility for the efficient administration of the Data Protection legislation lies with the Information Lawyer assisted by the Data Protection and Freedom of Information Officer.

Day to day responsibility for administration and compliance with the Act is delegated to departmental information managers.

All staff and councillors have a duty to observe the Principles of the Act and the procedures referred to in this document.

Councillors are data controllers when they process personal data either manually or by computer, whether on their own equipment or on equipment provided to them by their local authority. Just as any other individual holding and processing personal information about others, councillors need to comply with the Data Protection Act, and need be individually registered with the Information Commissioner.

However, where holding and processing personal data about individuals in the course of undertaking Council business, the councillor will be covered by the authority's notification and have the same responsibilities in respect of data protection as a members of staff.