Overview

MyEdMentor provides decision-making simulation, an authoring platform (Studio), a Fellowship programme, and learning delivery to higher- and professional-education institutions. This Trust Center summarises the technical and organisational measures protecting personal data, for use in institutional procurement and Data Protection Impact Assessments.

Controller / Processor. For institutional use the university is the data Controller and MyEdMentor is the Processor, acting on the institution’s documented instructions. For the MyEdMentor Fellowship — MyEdMentor’s own programme — MyEdMentor is the Controller for applicant data. The binding terms are the signed institutional agreement and Data Processing Agreement.

Design principles. Per-institution isolation by default; least-privilege, time-boxed access; immutable audit and provenance trails; pseudonymisation before AI processing; private file storage with expiring access; and additive, backup-gated change management. Each control area is detailed in the sections below.

All content DRAFT pending solicitor sign-off.

Security

Tenant isolation, encryption, access controls, audit logging.

AI Governance

Pseudonymisation before AI calls, metadata-only logging, transparency.

Subprocessors

Current third-party processors and their purpose/location.

Data Retention

Retention model and erasure approach.

Data Processing

Controller/Processor model and DPA position.

Accessibility

Our accessibility commitment and approach.

Incident Response

How we detect, escalate, and notify.

Terms

Exercise your data rights

Data subjects should normally contact their university (the Controller). Where MyEdMentor receives a request directly we record and route it — see Data Processing.