Summary
This document is a GDPR Questionnaire that outlines Moodle's compliance with the General Data Protection Regulation (GDPR) and details its data protection practices. It includes information about the appointment of a Data Protection Officer (DPO), security measures in place to protect personal data, and the principles of Data Protection by design and default. The document describes how Moodle conducts Data Protection Impact Assessments (DPIAs) for new services and emphasizes the importance of user data privacy. It also explains the legal basis for transferring data outside the European Economic Area (EEA) and the procedures for deleting or anonymizing personal data upon termination of services. Additionally, it addresses the lack of involvement in legal proceedings related to data processing and outlines the certifications and audit schemes in place to ensure compliance with applicable laws. The document concludes with information on training provided to Moodle team members regarding data protection and information security.
