Full policy

Moodle Privacy Policy

This privacy policy explains how personal data is collected, used, stored and protected within the BACPR Moodle learning platform.

This platform is used to provide online learning, record course participation, track learner progress and, where applicable, issue certificates or CPD evidence. BACPR is committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who we are

The BACPR Moodle platform is provided for learners, members, staff and other authorised users accessing online education and related resources.

For general organisational privacy information, please also refer to the BACPR Privacy Notice on the main website.

What personal data we collect

When you use this platform, we may collect and store personal data including:

• Your name
• Your email address
• Your username and login details
• Your organisation or role, where relevant
• Course enrolment information
• Course activity and progress records
• Quiz, assessment and feedback responses
• Completion records, certificates and CPD evidence
• Technical information such as login times, IP address and browser or device data where required for security and system administration

How your data is used

Your personal data is used to:

• Provide access to Moodle courses and learning resources
• Manage your user account and enrolment
• Track course participation, progress and completion
• Deliver certificates, CPD records or other learning evidence where applicable
• Provide learner support and respond to queries
• Maintain platform security, performance and integrity
• Meet legal, regulatory or professional record-keeping requirements where applicable

Lawful basis for processing

We process personal data on one or more of the following lawful bases:

• To perform a contract or provide a service you have requested
• To comply with legal or regulatory obligations
• For legitimate interests in delivering and managing online learning and maintaining secure systems
• Where required, on the basis of consent

Who can access your data

Your data will only be accessed by people who need it for legitimate purposes connected with the operation of the learning platform. This may include:

• Authorised BACPR administrators and staff
• Course managers, tutors or reviewers where relevant to a course
• Technical support personnel responsible for maintaining the platform
• Approved service providers involved in hosting, support or maintenance, where necessary and subject to appropriate data protection obligations

Your personal data will not be sold or shared for unrelated marketing purposes.

How your data is stored and protected

We take appropriate technical and organisational measures to protect personal data held within the Moodle platform. These measures may include secure hosting, restricted access controls, account authentication, regular software updates and routine system monitoring.

Although every reasonable effort is made to protect your data, no online system can ever be guaranteed completely secure. Users should also take care to keep their login credentials confidential.

How long your data is kept

Your personal data will be retained only for as long as necessary for the purposes for which it was collected, including the provision of learning records, certificates, CPD evidence, auditing, reporting and any legal or regulatory requirements.

When data is no longer required, it will be securely deleted or anonymised where appropriate.

Cookies and technical data

Moodle uses essential cookies and similar technologies to support core site functions such as logging in, maintaining your session and remembering certain preferences.

These cookies are necessary for the platform to operate correctly. Additional technical information may also be logged for security, troubleshooting and system administration purposes.

Your rights

Under UK GDPR, you have rights in relation to your personal data, which may include the right to:

• Request access to the personal data we hold about you
• Request correction of inaccurate or incomplete data
• Request erasure of your data where this applies
• Request restriction of processing
• Object to certain types of processing
• Request transfer of your data in certain circumstances
• Withdraw consent where processing is based on consent

Some of these rights are subject to legal and operational limitations.

Third-party links

This platform may include links to external websites or services. Once you leave the Moodle platform, BACPR is not responsible for the privacy practices or content of external sites. You should review their privacy information separately.

Changes to this policy

This privacy policy may be updated from time to time to reflect changes to the platform, legal requirements or organisational processes. The most current version will always be published on this page.

Contact

If you have any questions about this privacy policy or wish to make a data protection request, please contact BACPR using the appropriate contact details published on the main BACPR website.