Like many of you, CEM has been working over the last twelve months to ensure its technologies, its processes, its procedures and its staff would be compliant with the new EU General Data Protection Regulation by the 25th May 2018.
Many of you have been in touch to ask us about our preparations, and so we have placed as many of your questions in this FAQ as we could answer. If you have other specific questions feel free to contact us on This email address is being protected from spambots. You need JavaScript enabled to view it.
FAQ | Our Position |
What is a school’s relationship with CEM under GDPR? |
|
Please provide a summary of the activities undertaken to ensure CEM’s compliance with the EU GDPR |
|
What personal data do you process on our behalf? |
Please see our Privacy Notice at www.cem.org/privacy-notice to see what personal data we process for each of our assessment systems and entrance assessments. |
What technical and organisational security measures do you have in place to ensure a level of security appropriate to the risk? |
|
Do you engage sub-processors? |
Only for some paper-based Entrance Assessments. |
Do you have a new End User Licence Agreement containing specific GDPR clauses? |
Our Assessment and Monitoring Systems EULA's can be found at https://www.cem.org/gdpr. |
Is any data stored outside of the EU |
No, all of our data centres are in the EU. |