GDPR - How does retention period work?

GDPR - How does retention period work?

by Howard Miller -
Number of replies: 5
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers

I'm not sure I fully understand this purposes stuff, however...

Where is the retention period measured *from*?

If, for example, I set this for a course. Does it get deleted n years after it was created, the end data, last time it was updated, something else?

If, for example, I set this for a user. Do they get deleted n years after their account was created, last logged in, something else?

And so on.... it matters wink


AND...

Other than the retention period. What does the data registry actually *do*. Who sees the results of my efforts filling it in? 

Average of ratings: -
In reply to Howard Miller

Re: GDPR - How does retention period work?

by Andrew Lyons -
Picture of Core developers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers Picture of Testers

Hi Howard,

The retention period is currently measured from the course end date for the course that an activity is in. For a user it is from the last login time for any user who is no longer enrolled (or has already been deleted).

It would be too dangerous to delete from point of creation.

The data registry's current primary focus is to set the purpose and category of data (and thus the legal bases and retention period). We are looking to provide a read-only report of this data to users  See MDL-62551, MDL-62556, and MDL-62557 for more information on the areas we're looking to expand this into.

Thanks,

Andrew

Average of ratings: Useful (4)
In reply to Howard Miller

Re: GDPR - How does retention period work?

by Richard van Iwaarden -

Even a more simple question: where can I find this 'retention'?

Searching in site administration for the word 'retention' gives me no results...

Average of ratings: -
In reply to Richard van Iwaarden

Re: GDPR - How does retention period work?

by Mary Cooch (personal account) -
Picture of Documentation writers Picture of Testers

Privacy and Policies>Data deletion

Average of ratings: -
In reply to Mary Cooch (personal account)

Re: GDPR - How does retention period work?

by Richard van Iwaarden -

Thanks Mary, at my test site this says 'This context level has no data for which the retention period has expired'.

Is there a step-by-step manual of how to set everything up according to the GDPR requirements?

I have found some documentation but what I found is not complete at all... I have no idea how to set up anything on my Moodle site concerning the GDPR.


(for example: the link to 'moodle docs for this page' do not work: https://docs.moodle.org/35/en/admin/tool/dataprivacy/datadeletion)

Average of ratings: Useful (1)