The governance gap
Generic AI tools were built for corporate knowledge workers. Not for your institution.
ChatGPT, Copilot, and their equivalents carry no UK data processing agreement, offer no binding no-training commitment, and cannot produce the governance evidence your OfS-registered institution needs when a regulator, governor, or student union asks.
The result is a gap that compounds every term: a governance gap when procurement looks for evidence, and a productivity gap when staff reach for personal accounts because the institutional answer is still "we are reviewing our policy."
- ✕Staff using personal ChatGPT accounts with no DPA
- ✕No audit trail for AI-generated content
- ✕Unable to evidence AI governance to OfS or Ofsted
- ✕Productivity gains accrue to individuals, not the institution
- ✓UK-sovereign infrastructure with signed DPA from day one
- ✓Full audit log of every generated artefact
- ✓Board-ready governance pack covering DUAA 2025 & UK GDPR
- ✓Institutional AI capability with L&D analytics
What LESSO delivers
Four pillars. One coherent platform.
UK Sovereignty by Default
Every byte — staff data, curriculum content, generated artefacts — stays in the UK on Civo Ltd (LON1). Microsoft Azure UK South is the configuration-pinned fallback. No CLOUD Act exposure by default. Controller can request the fallback be disabled entirely.
Faculty Personalisation
Mrs J learns your module catalogue, marking criteria, awarding body requirements, and institutional style guide. Output feels authored by a senior colleague, not generated by a generic chatbot. Calibrated at department level — no per-user IT overhead.
Staff Upskilling at Scale
Built-in AI literacy prompting guides, live workshop sessions, and per-department usage analytics. L&D gets a dashboard showing adoption rates, confidence scores, and measurable time saved. Turns AI from a compliance risk into a reportable institutional capability.
Bespoke Builds
Apprenticeship EPA prep, research grant writing, TEF evidence packs, student-facing FAQ bots with hard content guardrails — if your institution has a workflow that generic tools ignore, we build a dedicated tool suite under a named delivery lead with fixed governance checkpoints.
Who we serve
Built for the full breadth of UK post-secondary education.
Why act now
Three forces converging on every institution in 2025–26.
Regulation is already live
DUAA 2025, UK GDPR, and the OfS transparency expectations are not coming — they are here. An institution that cannot show its AI governance framework is an institution with a procurement problem.
Your staff are already using AI
Consumer tools like ChatGPT do not carry a UK data processing agreement, do not honour a no-training commitment, and cannot be audited. Every day without an institutional answer is a day that gap compounds.
The benchmark is being set now
The institutions that establish AI capability in the next 12 months will define what "good" looks like in the sector. Those that wait will spend the following five years catching up to a standard they had no hand in setting.
Governance evidence — ready on day one
Signed Article 28 UK GDPR DPA, DPIA summary, sub-processor list with 30-day change notification, AI Transparency Statement, and DfE Product Safety Standards mapping — all published at lesso.co.uk/trust.
See what LESSO looks like inside your institution.
30 minutes. We walk through the governance framework, the data-sovereignty architecture, and what a pilot cohort looks like in your context. No procurement commitment required — just a conversation.