I appreciate the explanation. I will of course be speaking to our DPO soon, so no doubt they'd have something to add. I guess the bit I'm a bit fixated about is "what does it do in Moodle?"
As far as I can tell, the category is just a label and a description that is only seen by the DPO and has no function in code. i.e. The requestee doesn't see it, and it's not adding anything to the processing of requests within Moodle - as far as I can tell atm.
"Purpose" at least contributes a retention period and a setting to determine if this trumps a requestee's right to be forgotten. So it's not so much the legislation I'm concerned with as Moodle processing.