GDPR compliance

GDPR compliance

ESPO is committed to delivering excellent services whilst protecting our service users’ personal information and data. Like all organisations we are bound by the General Data Protection Regulation (GDPR). We have policies and processes in place that are in line with the legislation.

All staff are subject to ESPO’s “Information Security and Acceptable Use Policy” and must complete an on-line “Data Protection and Information Security” training course (or refresher course) on an annual basis.

ESPO’s IT department is responsible for processing data in a manner that ensures appropriate security, including protection against unauthorised or unlawful access and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

We take any concerns about our services seriously and wish to resolve any issues as they arise. Any concerns or issues should initially be raised with the relevant Service Delivery Manager.

Alternatively you can contact our Data Protection Officer - please email or phone 0116 305 8257.

For further information please visit