Skip to Main Content

Library & Learning Services: Learning Platforms

Privacy Notice: Learning Platforms Moodle and Mahara

AECC University College’s Legal basis for using your personal information is in order to deliver our contractual obligations to you as a student or member of staff. The information on this webpage should be read alongside the Student or Staff Privacy Policies.

Data held on Moodle (VLE)

1. Data held by the Moodle platform (VLE)

Data held by Moodle includes your name, email address, username and your University information, such as your ID, School and course information. 

Moodle logs contain detailed information about user activity within each course, including the date and time of when course-specific information was viewed and/or updated, the address of the machine from which the access was made, the browser identification information and information about the referring web page. Logs can be used to create summary statistics which may be made publicly available. Summary statistics do not include personal data.

Information about contributions to courses, including contributions to discussion forums, ownership of resources, assignment/file submissions, text matching scores and evidence of participation in other online learning activities may be held within Moodle.

Information and data related to users, including grades, feedback comments, scores, completion data, access rights and group membership may also be recorded. 

Additional personal data may be held within individual courses, either within documents/resources uploaded to the course, or within activities within the course. Other than contributions to chat rooms and discussion forums which are submitted by individuals in a personal capacity, course tutors are responsible for the information held about you that may be uploaded onto such courses.

Where students have been requested to upload video content to Moodle or Mahara, or other learning platform for an assignment, it is the tutor’s responsibility to ensure that only the personal information for the students being assessed is included and no third parties or third party copyright is captured. Guidance notes for students should be issued on Moodle/Mahara to this effect.

How the Moodle system uses your personal information

Your information is recorded on the VLE in order to:

  • Provide access to courses/sites within Moodle
  • Provide an account on, and identify you within, the VLE (Moodle) system
  • Provide you the ability to upload, amend and delete certain information within Moodle
  • Provide access to the information, resources and activities uploaded to Moodle
  • Control access to different parts of the system
  • Report on course, resource and activity access, activity completion, course completion and course data (such as grades, scores, submissions and content uploaded)
  • For producing usage statistics for management and planning purposes.
Where Moodle information comes from

For all users, Moodle records information supplied by Registry/IT (students), or Schools for students on short courses, or HR (staff). This includes information entered into your profile (such as School and Course).


Who has access to Moodle data
  • VLE Administrators have access to the information stored within Moodle for the purposes set out above.
  • Course administrators and tutors have access to the personal information of the other users of that course.
  • Access to Moodle logs is restricted to authorised staff and teaching staff.
  • Staff are under an obligation only to access information in Moodle where this is required for the purposes of their role within AECC University College.

Moodle data retention

Where Moodle information is shared

Personal information within Moodle will be shared your with other systems within the University College, for example the Student Records System.

Certain data may be shared with the Text Matching Service (Turnitin); privacy notice available at:

Moodle data retention

Information and data uploaded to Moodle, including accounts, courses and about contributions to courses, including contributions to chat rooms and discussion forums, ownership of resources and evidence of participation in other Moodle-based activities may be retained indefinitely.

Moodle data is backed up by the IT Team. The backups are held for the purpose of reinstatement of the data, e.g. in the event of hardware or software failure or any other disaster scenario. Four weeks of backups are retained, in addition to a full annual backup which is retained for 7 years. In addition, a data snapshot is retained in a ring-fenced area of the network, accessible by authorised staff only. This is retained for one year and one month from the end of the academic year.

How IT/Learning Services Support uses your information

If you request help with a fault or other issue, authorised IT and/or Learning Services staff may need to look at your data held on the system, including files and the Moodle courses to which you belong. They may need to perform the following:

In the process of providing support, answering your question, reproducing/investigating your issue/problem or when forming a response, staff may navigate and interact with Moodle using your account. To do this they may use a feature known as 'login-as' which allows designated staff to take control of your account. They will not add, edit or delete any data within Moodle when doing this, without your prior permission. They will never ask you for your password as part of any support provided.