Moodle Help & Support
The University of Nottingham (“we” “us”, or “our”) respects your privacy and is committed to protecting your personal data. The University of Nottingham uses the Moodle learning platform as part of its teaching provision for students and for staff training activities. Moodle is an open source project, for more about Moodle please see: https://docs.moodle.org/310/en/About_Moodle. The Moodle instance used by The University of Nottingham is maintained and managed by the Learning Technology Section (UoN Libraries) in the UK on our own web servers.
Please read this Privacy Notice carefully – it describes why and how we collect and use personal data and provides information about your rights. It applies to personal data provided to us, both by individuals themselves or by third parties and supplements any other privacy notices which may apply. We keep this Privacy Notice under regular review. It was last updated December 2020.
Personal data that we keep about you
As part of its operation, we store a set of data about you. This consists of:
- Login Username (User ID)
University e-mail address (personal e-mail address for associate accounts)
Student id number or staff payroll number or associate account id
The course ID that you are studying in the University
- The level of study you are undertaking (UG or PG)
- The date at which you are expected to finish your studies
Details about where you study/work in the University
- The name of the faculty, school or department that you are registered with or based in.
- The country in which your campus is based (Malaysia, China or United Kingdom).
Moodle also logs user activity. We will gather the following data via logs for each and every time you log into Moodle:
- Moodle Course ID (module code) of what you accessed
- Timestamp of when you accessed
- Action type (create, view, update, delete) of what you did
- Moodle object the action was on e.g. Quiz, File etc
- IP address of the logged-in user whilst doing that action.
Information about including grades, feedback comments, scores, completion data, access rights, group membership, contributions to courses, including contributions to chat rooms and discussion forums, ownership of resources, assignment/file submissions, text matching scores and evidence of participation in other Moodle-based activities is held within the Moodle system and available to review here - GDPR Moodle Plugin Data Use.pdf
Additional personal data may be held within individual courses, either within documents/resources uploaded to the course or within activities within the course. Other than contributions to chat rooms and discussion forums which are submitted by individuals in a personal capacity, module administrators are responsible for the information held about you that may be uploaded onto such courses.
How the Moodle system uses your personal information
From these logs Moodle generates a number of reports that are accessible to the 'administrators' on each Moodle module. Moodle reports enable course administrators to monitor activity in the course and to see what resources in the course are or are not being accessed i.e. engagement with teaching materials. These may be used by course teams e.g. module convenors, lecturers and tutors to support your teaching and learning. The administrator privilege is available on request only and just for the modules the requestor is supporting teaching and learning for.
Moodle records and uses your personal information to:
- Provide you an account on, and identify you within, the VLE (Moodle) system
- Provide you access to courses/sites within Moodle
- Provide you the ability to upload, amend and delete certain information within Moodle
- Provide you access to the information, resources and activities uploaded to Moodle
- Control access to different parts of the system.
- Help and support Moodle users
- For system administration and bug tracking
- Report on course, resource and activity access, activity completion, course completion and course data (such as grades, scores, submissions and content uploaded)
- For producing usage statistics for management and planning purposes
- For identifying and supporting users of specific bit functionality or area of the IT system e.g. relating to degradation/failure or change of functionality in the system
- To support an investigation into an academic offence e.g. accessing teaching materials during closed book assessment or the forums, the use of essay mills, 3rd party assistance during remote examination, accessing questions/examinations from remote locations.
- To support an investigation into breaches of the code of discipline, IT policies or illegal activities e.g. The distribution of copyright materials, contributions/postings that are offensive, harassing or illegal (racist, promoting terrorism etc), hacking/reverse engineering of IT systems.
- To support an investigation into the integrity of student contributions and assessment e.g. determining the originality of assessed work, the use of 3rd party services to provide solutions or answers on behalf of students..
Individual courses within Moodle may collect additional personal information in order to:
- Provide services to the users
- Facilitate and support business processes
- Support users in their use of Moodle
Student Engagement Analytics
Log data (as outlined above) is made available to the Strategy, Planning and Performance team for import into the University tableau data analytics tool. The Strategy, Planning and Performance team are responsible for analysis and insight into student engagement. Information from Moodle is combined with other sources of information to provide targeted support.
How the Learning Technology support team and the Information Services Service Desk use your information
If you approach a support team for help with a fault, issue, question or support, Moodle support staff will need to look at your data held on the system, including files in your personal areas and the Moodle courses to which you belong. We may need to perform any of the following:
- In the process of providing support, answering your helpdesk question, reproducing/investigating your issue/problem or when forming a response, the Moodle helpdesk may navigate and interact with Moodle using your account. To do this we may use a feature know as 'login-as' which allows the helpdesk to take control of your account. The helpdesk does not add, edit or delete any data within Moodle when doing this, without your prior permission. We will never ask you to send your password to us as part of any support that we provide.
- The helpdesk, when providing support to your query, may also duplicate your course or data and transfer it into another part of the system or one of our test systems. This is to allow us to carry out investigations, test solutions and provide you with support.
- When providing support, the helpdesk never gives out your personal information, including usernames and passwords.
The Moodle system is connected to two analysis tools that help the developers identify bugs and issues and also tune and optimise Moodle. Both of these systems use pseudo-anonymous user data (location, browser and equipment type, IP address). The first is called New Relic and the other is called Matomo
Who we share your data with
- Talis Aspire – Library reading lists
- MyMathLab - Online resoruces
- Engage - Lecture Capture
- Turnitin - Text Matching Service and Marking Tool
Data specific to students
Students will be automatically enrolled onto Moodle courses that they are taught via a direct link with the university’s student information system (Campus Solutions). This data will include data that has been provided as part of your student record. module enrolment, student name and student id number. Feedback from some assessments will be provided to students via Moodle, this information will also be stored in the Moodle database along with the user activity logs. Where required to either provide support or to investigate an issue, the Moodle database may also be accessed by information Services or UoN Libraries staff. Where assessment data relates to progression on course module administrators will extract this data manually and upload this into the Blue Castle system.
Data specific to staff
A combination of mandatory and optional CPD activities are provided via Moodle. Some Moodle courses make use of electronic submission. Applications, this is facilitated via Turnitin, these are subject to an additional privacy notice:
For staff facilitating courses:
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have established procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Moodle data retention
Information and data uploaded to Moodle, including accounts, courses and about contributions to courses, including contributions to chat rooms and discussion forums, ownership of resources and evidence of participation in other Moodle-based activities may be retained indefinitely. Moodle data is backed up at a facility managed by the University of Nottingham Information Services. The backups are held for the purpose of reinstatement of the data, e.g. in the event of failure of a system component.
Under certain circumstances, you may have the following rights under data protection laws in relation to your personal data:
- Right to request access to your personal data;
- Right to request correction of your personal data;
- Right to request erasure of your personal data;
- Right to object to the processing of your personal data;
- Right to request the restriction of the processing your personal data;
- Right to request the transfer of your personal data; and
- Right to withdraw consent.
If you wish to exercise any of these rights, please contact us using the details set out below.
You can contact the University of Nottingham by telephoning (0115) 748 7179. or by writing to:
Data Protection Officer,
A5, Trent Building,
University of Nottingham,
If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact our Data Protection Officer using the details set out below:
Data Protection Officer
0115 748 7179.
If you wish to complain about our use of personal data, please send an email with the details of your complaint to email@example.com so that we can look into the issue and respond to you.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) (the UK data protection regulator). For further information on your rights and how to complain to the ICO, please refer to the ICO website at https://ico.org.uk.