Moodle Privacy Policy

1. Introduction

This Privacy Policy explains how Renewables Academy (RENAC) AG collects, uses, and protects personal data when you use our Moodle learning platform.

We process personal data in accordance with the General Data Protection Regulation (GDPR).

2. Data Controller

The data controller responsible for your personal data is:

Renewables Academy (RENAC) AG

Address: Schönhauser Allee 10-11, 10119 Berlin, Germany

Email: info@renac.de

3. Data Protection Officer

Sylvia Lüdecke

Email: luedecke@renac.de

4. What Data We Collect

We may collect and process the following personal data:

  • Full name
  • Email address
  • Username
  • Course enrolment information
  • Grades and assessment results
  • Activity logs (e.g. login times, course participation)
  • Content you upload (e.g. assignments, forum posts)
5. Purpose of Processing

We process your personal data for the following purposes:

  • Providing access to the learning platform
  • Managing user accounts
  • Delivering courses and assessments
  • Communicating with users
  • Tracking learning progress
  • Ensuring system security
6. Legal Basis for Processing

We process your data based on:

  • Consent (Article 6(1)(a) GDPR)
  • Performance of a contract (Article 6(1)(b) GDPR)
  • Legal obligations (Article 6(1)(c) GDPR)
7. Data Sharing

We only share necessary data when required by law or contract.

All service providers are contractually bound to comply with GDPR (data processing agreements).

8. Hosting and Technical Service Providers

Our Moodle platform is technically managed and maintained by:

3&PUNT SOLUCIONS INFORMÀTIQUES, S.L.
c. de València 359, entresòl 2a,
08009, Barcelona,
Spain

3&PUNT SOLUCIONS INFORMÀTIQUES, S.L. provides technical support and maintenance services and may have access to personal data as part of these services. A Data Processing Agreement (DPA) has been concluded in accordance with Article 28 GDPR.

The platform is hosted on servers provided by:

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany

Hetzner acts as a sub-processor, providing the infrastructure on which the Moodle platform is hosted. A Data Processing Agreement is in place to ensure GDPR compliance.

9. Learning Tools (LTI Integrations and External Services)

Our Moodle platform integrates with third-party learning tools and services using the Learning Tools Interoperability (LTI) standard or similar integrations.

These tools are used to support teaching, learning, assessment, and academic integrity.

When you access or use these services, certain personal data may be transmitted to external providers, including:

  • Full name
  • Email address
  • User ID
  • Course enrolment information
  • Learning activity data and results
  • Assessment or proctoring data (where applicable)

The following external services may be used:

  • AskAlma (Kersta GmbH, Oberer Wasen 35, 73642 Welzheim, Germany) – AI-supported learning assistance and educational support
  • Nudgis (Ubicast, 198 Avenue de France, 75013 Paris, France) – Video hosting and learning content platform
  • SMOWL (Smowltech, Portuetxe Kalea, 53 B, 20018 Donostia/San Sebastián, Gipuzkoa, España) – Online proctoring and academic integrity monitoring system on the basis of periodic snapshots through the user's front-facing camera during the exam's duration
  • StrikePlagiarism (StrikePlagiarism, 2 Gdanska 67, Warsaw, Poland 01-633) – Antiplagiarism tool

These providers may act as independent controllers or data processors depending on the service and integration type.

Data is shared only to the extent necessary for the intended educational purpose of each tool.

Where required under Article 28 GDPR, appropriate Data Processing Agreements (DPAs) have been concluded with the providers. In cases where providers act as independent controllers, their own privacy policies apply.

Users are informed when accessing external tools within the Moodle platform.

Personal data is processed exclusively within the European Union.

All providers are contractually required to implement appropriate technical and organisational measures to protect personal data.

10. Your Rights

Under GDPR, you have the right to:

  • Access your personal data (Article 15)
  • Rectification (Article 16)
  • Erasure (Article 17)
  • Restriction of processing (Article 18)
  • Data portability (Article 20)
  • Object to processing (Article 21)
11. Withdrawal of Consent

You may withdraw your consent at any time with effect for the future.

12. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in your country of residence.

13. Data Security

We implement appropriate technical and organisational measures, including:

  • Encrypted connections (HTTPS)
  • Access controls
  • Regular security updates
14. Cookies

Moodle uses cookies to:

  • Maintain login sessions
  • Improve user experience

You can control cookies via your browser settings.

15. Changes to This Policy

We may update this Privacy Policy if necessary. All current users will be informed.

Back
Back to top