Purpose

This policy sets out our approach to receiving, handling, and resolving customer complaints in a manner that is:

  • Fair, timely, and transparent.
  • Consistent with our quality objectives and continual improvement process in line with our ISO 9001 Certification.
  • Protective of customer data and information assets in line with our Information Security Management System (ISMS) and ISO 27001 requirements.

 

Scope

This policy applies to:

  • All complaints received from customers, end users, or third parties about our products, services, processes, or conduct.
  • All employees, contractors, and service providers acting on behalf of Ambient People.

 

Policy Statement

We are committed to:

  • Responding to complaints promptly and courteously.
  • Recording, investigating, and resolving complaints in line with documented procedures.
  • Protecting personal data and sensitive information throughout the complaints process.
  • Using complaint data to identify trends, prevent recurrence, and drive continual improvement.

 

Definitions

  • Complaint: An expression of dissatisfaction relating to our products, services, or the way a complaint has been handled, where a response or resolution is expected.
  • Sensitive Information: Any personal data, confidential business data, or other information classified under our ISMS as requiring protection.

 

Responsibilities

  • All staff: Must report complaints promptly to the Operations Director using the documented process.
  • Complaint Owner: Assigned investigator responsible for managing the case to resolution.
  • Quality Manager: Oversees complaint handling process, monitors performance, and ensures corrective action is implemented.
  • Information Security Officer (ISO): Ensures information security controls are applied during complaint handling.

 

Complaint Handling Procedure

Receipt & Acknowledgement

  • Complaints may be received via email, telephone, letter, in-person, or through our website.
  • All complaints must be logged in the Complaints Register within 1 business day of receipt.
  • An acknowledgement will be sent to the complainant within 3 working days, confirming receipt and outlining the next steps.

Recording & Classification

  • Record key details: date, complainant details, nature of complaint, product/service affected, classification (minor/major).
  • Assign a unique reference number for traceability.
  • Identify any information security considerations (e.g., data breach elements).

Investigation

  • Assign a Complaint Owner to review evidence, liaise with relevant departments, and identify root cause.
  • If complaint involced personal or sensitive information, follow ISMS incident management procedures and apply need-to-know access controls.

Resolution

  • Propose corrective action and communicate resolution to the complaintant in clear terms.
  • Provide deatils of any remedial measures, timelines, and esclatation routes if the customer remains dissatisfied.
  • Implement containment and preventive measures to avoid recurrence.

Escalation

  • Unresolved or complex complaints are escalated to the Quality Manager or Senior Management. 
  • Where relevant, regulatory bodies or contractual partners are informed in line with legal or framework requirements. 

 

Information Security in Complaint Handling

  • All complaint records are classified as Confidential under our ISMS.
  • Complaint data is stored securely in approved systems with controlled access.
  • Personal data is processed in line with GDPR and our Data Protection Policy.
  • Complaint communications must avoid sharing sensitive information over insecure channels.

 

Monitoring & Continual Improvement

  • Complaints data will be analysed monthly to identify trends, recurring issues, and improvement opportunities.
  • Findings are reviewed in Management Review meetings (ISO 9001 requirement).
  • Lessons learned feed into process updates, staff training, and preventive measures.

 

Training & Awareness

  •  All employees handling complaints must receive training in:

o   Complaint handling procedure

o   Customer communication best practices

o   Information security awareness relevant to complaints

Review

This policy is reviewed at least annually or following significant changes to processes, regulations, or ISO requirements.

 

Approved by: Liam Farncombe (Chief Executive)

Date: 11/08/2025