Data protection information for e-learning via the Moodle study platform (as of 7 October 2022)
HM Hochschule München University of Applied Sciences
The University of Applied Sciences is a public corporation. It is legally represented by its President Prof. Dr. Martin Leitner.
1. Information required for registration
In the course of the registration procedures the following data, so-called user data, of a Moodle participant1 will be stored:
Username, first name and surname, email address, student number2, ID number3, PersonScopedAffiliation4, institution5 and department6.
As a rule, to gain access to Moodle courses one-off registration on the Moodle study platform with the central university account data as well as registration for the respective course by way of an enrolment key are required. Since the Moodle study platform is connected to the central university database (Identity Management) by way of an authentication procedure (Shibboleth), the personal access data (username and password) corresponds to that of the central university database and cannot be changed in Moodle. External users must apply to central IT for a guest account.
All personal data of participants collected in the course of registration shall be processed in accordance with the applicable data protection laws. This also applies for storage for a limited period of individual connection data for the study platform which is necessary for system-related reasons. Disclosure of the data to third parties is excluded unless the user permits this or the operator is obliged to surrender data on the basis of provisions of law.
2. Voluntary data during registration
During registration on the study platform, besides the compulsory user data, additional data voluntarily entered7 by the participants from the moment of registration and/or data that arises in the course of use, so-called usage data, will be electronically stored in a database; this includes both automatically generated information and information entered by the participants.
The voluntary information that can be entered in the profile includes:
- Home address
- Private telephone number (mobile as well)
- Instant messaging program
- Profile description
- Profile image
- Personal website
- Course profile (visible only in one's own profile)
III. Log files and cookies
The time when you access components of the study platform and which components you access and the activities you participated in will also be logged. Neither course moderators (e.g. in the role of "trainer") nor other course participants (e.g. in the role as "participant") shall have access to the log files and the database.
The persons entrusted with the technical management of the Moodle platform (e.g. in the role of "administrator") and the database and web server shall have access to all the personal data stored in the system. They may only process the data insofar as it is necessary to ensure the operation of Moodle.
In addition, the Moodle study platform uses two types of cookies.
- MoodleSession (session cookie): this cookie must be permitted so that when you access Moodle the login is retained from page to page. After you log off or close the web browser the cookie is erased.
- MoodleID (login cookie): this cookie is used for greater convenience of use; it stores the username in the web browser. The cookie is retained after you log out of the e-learning system, so that when you next log in your username will already be entered. It is not compulsory to allow this cookie.
IV. Content submitted by the user
In addition to the personal data collected in the registration process, users also provide all content required in the context of using the system that can be ascribed to the specific user. Here, a clear distinction must be made between absolutely voluntary and compulsory content.
1. Compulsory content
For pedagogical reasons, several Moodle features can only be used as a compulsory component in compulsory, elective and compulsory elective subjects. Accordingly, alternative offerings do not have to be made available.
The legal basis for data processing for the compulsory features is the fulfilment of the sovereign task assigned to HM Hochschule München University of Applied Sciences for the cultivation and development of the sciences and the arts through research, teaching, studies and continuing education/professional development. This results in detail from Art. 4(1) Bavarian Data Protection Act (BayDSG), Art. 6(2-3, 1) (1) e) GDPR. Further legal bases are: Art. 6(1) BayDSG, Art. 2; Art. 4(1) (1) Bavarian E-Government Act (BayEGovG), Art. 2(1) (1,2,3 & 6); Art. 10(1); Art. 55(2) S Bavarian Higher Education Act (BayHSchG).
Data processing in the context of the following Moodle features is therefore compulsory:
a) Use of a created Moodle course
The Moodle course created consists of a basic framework (course name, course description) as well as other settings and content determined by the course moderator. The course will remain even if the course moderator logs out of the course or his/her account is deleted.
b) Entries in the activity databases
Entries in databases are used to record information in a structured way. This is a table created by course moderators, which can be searched and accessed again in a targeted manner and in which course participants can also make entries. (e.g. literature collections); their use is for teaching purposes and is therefore not just voluntary.
c) Entries in forums
Forums are used, for example, as a discussion or opportunity for sharing; assignments to be assessed can also be set via forums; voluntary only use is therefore not possible.
d) Entries in glossaries
Glossaries are, for example, a dictionary of technical terms; glossaries can be assessed; voluntary only use is not possible here.
e) Entries in wikis
Entries can be assessed; voluntary only use is not possible here.
f) Mutual assessments/assessment by students
For the purpose of learning through teaching, Moodle allows students to assess and evaluate each other. Course participants can upload files for this purpose. They are assessed by other course participants. Voluntary only use is not possible here.
g) Submission of assignment solutions
In the Moodle e-learning system, assignment solutions can be submitted as a file, for example, homework as a Word or PDF file. These assignment solutions are assessed by the teacher, so voluntary use is not possible here.
2. Voluntary content
In addition, there are several Moodle features that cannot be used as a compulsory component in compulsory, elective and compulsory elective subjects. The use of this feature is only possible with the (implied) consent of the student due to the freedom of study stipulated in the German Basic Law and the Higher Education Act (Art. 5(3)(1) Basic Law and Art. 108 Bavarian Constitution) (cf. also Art. 3(4) Bavarian Higher Education Act (BayHSchG)). Compulsory participation is excluded. Features that record the learning progress of a specific student and provide insight for the teacher are not permitted without the student's consent and violate the freedom of study.
The legal basis for data processing is therefore the (implied) consent according to Art. 6(1) a), Art. 7 GDPR. Specifically, consent must be voluntary, informed, related to a specific purpose and specific processing, and be unambiguous (see Art. 4 no. 11, Art. 6(1) (1) a) GDPR). In principle, it is effective until withdrawn (Art. 7(3) (1 & 2) GDPR).
In principle, implied actions can also constitute consent, such as voluntarily entering information that is not required in the Moodle platform. However, as part of the controller's accountability (Art. 5(2) GDPR), the controller has the obligation under Art. 7(1) GDPR to be able to prove that the data subject has consented to the processing of their personal data. This is done by confirming that they have been made aware of this information as part of the registration process.
Data processing in the context of the following Moodle features is therefore compulsory: Students must not be forced to use the following features, either directly or indirectly, through the prospect of any disadvantages:
In a Moodle course, voting can be held, for example on the topic of the next course or on the formation of groups. The results of voting are then presented to authorised users on a person-specific basis.
Participation is not possible anonymously, therefore participation is only possible with (implied) consent.
b) Feedback participation results
The Moodle feedback activity can be used to create your own surveys, e.g. to check prior knowledge and adapt the course material. Participation in feedback is also possible anonymously, if this has been configured.
Participation is voluntary and anonymous; in case of personal reference, participation is possible with (implied) consent
c) Test participation
Participation in multiple-choice tests for exam preparation is possible in Moodle. The test results can be viewed and evaluated by the teacher. This makes it possible to take stock of individual learning progress. This feature is only possible with the (implied) consent of the student. Compulsory participation is excluded.
d) Survey results
In an online course, surveys can be conducted by the course moderator. In principle, it should be possible to participate anonymously. A personal survey is only possible with the (implied) consent of the student. The voluntary nature of participation must be guaranteed by the teachers. Compulsory participation is excluded.
Short messages (no file attachments possible) are sent to other users via the internal service of the e-learning system. They are stored in a personal archive (received and sent messages for each user). Students can decide voluntarily about sending short messages. This is a possible means of communication.
f) Entries in learning packages
A learning package is an externally created Sharable Content Object Reference Model (SCORM) file. The contents are interactively prepared teaching materials and can include, for example, learning games and tests. The student's learning activities can be evaluated via the learning packages and stocktaking of the student's learning progress can be viewed and also evaluated by the teacher. This feature is only possible with the (implied) consent of the student. Compulsory participation is excluded. In addition, the provision of learning materials is made dependent on learning progress (similar to a learning game with several levels). The use of this feature is only possible with the (implied) consent of the student due to the constitutionally guaranteed freedom of study (Art. 5(3) (1) Basic Law and Art. 108 of Bavarian Constitution) (cf. also Art. 3(4) Bavarian Higher Education Act (BayHSchG)). Compulsory participation is excluded. The teachers ensure that students are able to access the materials required for taking summative examinations directly, even if they are not familiar with the interactively prepared teaching materials.
g) Entries in lessons
With the lesson activity, the course moderator can supplement learning materials with test questions (e.g. multiple-choice). The provision of learning materials is made dependent on learning progress (similar to a learning game with several levels). The use of this feature is only possible with the (implied) consent of the student due to the constitutionally guaranteed freedom of study (Art. 5(3) (1) Basic Law and Art. 108 of Bavarian Constitution) (cf. also Art. 3(4) Bavarian Higher Education Act (BayHSchG)). Compulsory participation is excluded. The teachers ensure that students are able to access the materials required for taking summative examinations directly, even if they are not familiar with the interactively prepared teaching materials.
h) Moodle chats
Moodle entries in chats/chat logs are made in chat rooms for real time communication. Conversations are stored in chat logs. Use of the chat is voluntary.
i) Visibility of email addresses
The email address (mandatory field) provided by the Central Identity Management of HM Hochschule München University of Applied Sciences is specified in system notifications triggered by user actions and is thus visible to the recipient of such system notifications and can be used by him/her for communication. Such a system notification to a user shall, for example, be triggered by sending messages via the Moodle internal message management.
As a rule, a user's email address is always visible for teachers (in the role of "trainer"). Other course participant (e.g. in the role of "participant") may see the email address if it has been activated by the user in the profile settings.
j) Moodle plugin "Hot Question"
V. Purpose and legal basis of data processing
1. The purpose of data processing is teaching as a public task of the university. E-learning, ensures the following:
- Management of teaching and learning materials
- Presentation of materials to teachers and students
- Administration of users, students and teachers
- Communication between students and between students and teachers
- Guiding learners through learning materials
- Student interaction with the study software
2. The legal basis of data processing is: Art. 4(1) Bavarian Data Protection Act (BayDSG), Art. 6(2-3, 1) (1) e) GDPR.
Further legal bases are: Art. 6(1) BayDSG, Art. 2; Art. 4(1) (1) Bavarian E-Government Act (BayEGovG); Art. 2(1) (1,2,3 & 6); Art. 10(1); Art. 55(2) S Bavarian Higher Education Act (BayHSchG).
The legal basis for all personal data voluntarily provided by students is consent according to Art. 6(1) (1) a), Art. 7 GDPR.
VI. Data subject rights
All registered participants may at any time request information from HM Hochschule München University of Applied Sciences on the personal data concerning them stored on the study platform or that all their data be erased (Art. 15 GDPR). Should you use your central university account for logging in to Moodle, only the user data stored in Moodle (i.e. your personal profile data) will be erased and not the central university account. Excluded from the erasure are contributions published by Moodle participants in forums, chats, blogs, wikis etc. and/or files made available by them for accessing, which will remain available until the respective Moodle course is erased.
If inaccurate personal data is processed, the user has the right to rectification (Art. 16 GDPR). If data processing has been consented to or if there is a contract for data processing and the data processing is carried out with the help of automated procedures, data subjects may have the right to data portability (Art. 20 GDPR). Data subjects have the right to withdraw their declaration of consent under data protection law at any time. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent until withdrawal (Art. 7 GDPR). Users have the right to request information on whether automated decision-making, including profiling, is used (Art. 22 GDPR). In addition, users have the right to object to the processing of their data at any time for reasons arising from their particular situation, if processing is carried out exclusively on the basis of Art. 6(1) (1) e) or f) GDPR (Art. 21(1) (1) GDPR).
Should the above rights be exercised, the public body shall check whether the legal requirements for this are met.
In addition, there is a right of appeal to a supervisory authority. The authority responsible for HM Hochschule München University of Applied Sciences is the Bavarian Data Protection Commissioner.
It can be reached under the following contact details:
Postfach 22 12 19
Tel.: +49 (0) 89 212672 - 0
Fax: +49 (0) 89 212672 - 50
1 In this document the male and female form are not always used. Wherever, for the sake of simplicity, the male form only is used, the female form is also meant.
2 Only applies for members of the university; the data originates from the Central Identity Management. Students may not view student numbers of other students.
3 Indicates status as a member of HM Hochschule München University of Applied Sciences. Applies for members of the university only; the data originates from the Central Identity Management.
4 Indicates status as a member of HM Hochschule München University of Applied Sciences. Applies for members of the university only; the data originates from the Central Identity Management.
5 The data originates from the Central Identity Management.
6 The data originates from the Central Identity Management.
7 For example a profile photo, interest fields, own website or telephone number