Current timestamp: 23/06/2026 08:31:43
AgeAlertAnonymousAppealsApplicationsApply Or RegisterArea OutlineArrow DownArrow LeftArrow RightArrow UpAutomatic DoorsBack ArrowBusinessCalendarCashArrow DownArrow LeftArrow RightArrow Down[Missing text '/SvgIcons/Symbols/Titles/icon-chrome' for 'English (United Kingdom)']ClockCloseContactDirectionsDocumentDownloadDrawDrugExpandExternal LinkFacebookFb CommentFb LikeFiletype DefaultFiletype DocFiletype PdfFiletype PptFiletype XlsFinance[Missing text '/SvgIcons/Symbols/Titles/icon-firefox' for 'English (United Kingdom)']First AidFlickrFraudGive FeedbackGlobeGuide DogHealthHearing ImpairedInduction LoopInfoInstagramIntercom[Missing text '/SvgIcons/Symbols/Titles/icon-internet-explorer' for 'English (United Kingdom)']LaptopLiftLinkedinLocal Activity[Missing text '/SvgIcons/Symbols/Titles/icon-location' for 'English (United Kingdom)']LoudspeakerLow CounterMailMapMap PinMembershipMenuMenu 2[Missing text '/SvgIcons/Symbols/Titles/icon-microsoft-edge' for 'English (United Kingdom)']Missing PeopleMobility ImpairmentNationalityNorth PointerOne Mile RadiusOverviewPagesPaper PlaneParkingPdfPhonePinterestPlayPushchairRefreshReportRequestRestart[Missing text '/SvgIcons/Symbols/Titles/icon-rotate-clockwise' for 'English (United Kingdom)']Rss[Missing text '/SvgIcons/Symbols/Titles/icon-safari' for 'English (United Kingdom)']SearchShareSign LanguageSnapchatStart AgainStatsStats And Prevention AdviceStopSubscribeTargetTattosTell Us AboutTickTumblrTwenty Four HoursTwitter LikeTwitter ReplyTwitter RetweetUploadVisually ImpairedWhatsappWheelchairWheelchair AssistedWheelchair ParkingWheelchair RampWheelchair WcYoutubeZoom InZoom Out

Leave this site

Skip to main content

Skip to main navigation

Welcome

This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.

FOI 0083-2025/26 Data Protection Compliance

Request
Under the Freedom of Information Act 2000, please provide the following information about your procurement of any

(i) external Data Protection Officer (DPO),

(ii) Data protection GDPR compliance services for the period FY2022-23 to FY2024-25:   

1.⁠Current DPO arrangements
1.1 Is the organisation’s DPO and other staff that work on data protection compliance:

(a) An internal employee

(b) A DPO provided by an external service provider

(c) Hybrid (internal staff with external service provider support)

1.2 Where services are provided by external providers, please share the following information:
(a) The Company name(s)

(b) Annual spend by your organisation (FY2022/2023 through to

FY2024/2025)

(c) The highest day rate paid

(d) Contract dates (start/end/renewal terms)

(e) A brief description of the project or services provided (for instance, project title or internal reference)

(f) Services covered (e.g., audits, breach management, SAR management, delivery of DPIAs) •⁠  ⁠Please indicate what deliverables were produced •⁠  ⁠Procurement method (e.g., open competition, framework agreement, direct award) and name of the procurement framework, if applicable.

2.⁠Consultancy Spend
2.1 What is the organisation’s, total annual expenditure on data protection/GDPR consultancy services?

2.2 For SoW/projects which have a spend of more than £5k), please share the following information:

  • ⁠Supplier company name
  • ⁠The scope of the Project (e.g., "ICO investigation support", DPIA support, Internal Audit recommendation support)
  • ⁠Spend
  • ⁠Procurement method

3.⁠Data Protection Compliance staffing

3.1 The Number of in-house data protection staff in the organisation? (FTE)

3.2 Are there any vacant roles? (Yes/No)

3.3 Where there any ICO investigations, audits, or enforcement actions for the period from FY2022/2023 to FY 2024/2025?

4.⁠Future Plans

4.1 Is your organisation planning to put out to tender for any DPO/GDPR services in the current financial year?

4.2 If yes please provide the following: Expected timeline Budget range Key service requirements Procurement method

Extent and Result of Searches to Locate Information
To locate the information relevant to your request searches were conducted within North Yorkshire Police.

I can confirm that the information you have requested is held by North Yorkshire Police.  

Decision
I have today decided to disclose the following information to you.

1.1 An internal employee.

1.2 Not applicable as per our response to Q1.1.

2.1. Nil.

2.2. Not applicable as per our response to Q2.1.

3.1. 3 FTE (1 Data Protection Officer and 2 Deputy Data Protection Officers). However, there are other staff in the organisation that handle Data Protection Act matters as part of their role, such as Legal Officers.

3.2 There are no current vacant roles within the Data Protection Team.

3.3. Yes.

4.1 & 4.2. No information held. These questions cannot be answered by reference to recorded information held by North Yorkshire Police.

Please note that systems used for recording information are not generic, nor are the procedures used locally in capturing the data.  It should be noted therefore that this force’s response to your questions should not be used for comparison purposes with any other responses you may receive.