Privacy and GDPR Compliance

This article explains how the Credentium® Integration plugin handles personal data and complies with GDPR (General Data Protection Regulation).

Overview

The Credentium® Integration plugin implements full GDPR compliance through Moodle's Privacy API. This includes:

• Transparent declaration of data collection and processing
• Automatic data retention and deletion
• Support for user data export requests
• Automatic deletion when users are removed from Moodle

Data Collected and Stored

Data Stored Locally in Moodle

The plugin stores the following data in the local_credentium_issuances table:

Data Transmitted to External Service

When issuing a credential, the following personal data is transmitted to the Credentium® API (external paid third-party service):

Important: Data transmitted to Credentium® is subject to Credentium's privacy policy. The plugin only sends data necessary for credential issuance.

Data Retention Period

Configuring Data Retention

Location: Site Administration > Plugins > Local plugins > Credentium® Integration

How Automatic Cleanup Works

1. A scheduled task named "Clean up old credential issuance records (GDPR)" runs daily at 2:00 AM (server time)
2. The task identifies all issuance records older than the configured retention period
3. These records are permanently deleted from the Moodle database
4. Deletion applies to all records regardless of status (issued, failed, or pending)

Note: Since cleanup runs once daily, actual retention may be up to 24 hours longer than configured.

Choosing a Retention Period

Consider the following when setting your retention period:

• Legal requirements - Some jurisdictions require keeping educational records for a specific period
• Audit needs - How long do you need to verify that credentials were issued?
• Data minimization - GDPR principle suggests keeping data only as long as necessary
• Available units - You can configure retention in days or weeks

Recommendation: The default of 365 days (1 year) is suitable for most organizations. Adjust based on your specific legal and operational requirements.

User Rights Under GDPR

Right to Access (Data Export)

Users can request export of their personal data through Moodle's privacy tools.

For administrators:

1. Go to Site Administration > Users > Privacy and policies > Data requests
2. Process data export requests as they come in

Exported data includes:

• All credential issuance records for the user
• Credential IDs (external references)
• Course information
• Grades (if grade sending was enabled)
• Issuance status and timestamps

Right to Erasure (Deletion)

Automatic deletion on user removal: When a user is deleted from Moodle, all their credential issuance records are automatically deleted.

Manual deletion requests: Administrators can process deletion requests through Site Administration > Users > Privacy and policies > Data requests.

Important: Credentials already issued and stored in Credentium are in a separate system. To delete credentials from Credentium:

1. Contact Credentium support at support@credentium.com
2. Provide the user's email address or credential IDs
3. Request deletion under GDPR right to erasure

Right to Rectification

If credential data needs to be corrected:

• For Moodle records: Administrators can view records in the Credentium Report
• For issued credentials: Contact Credentium support - credentials may need to be revoked and reissued

Privacy API Implementation

The plugin implements the following Moodle Privacy API interfaces:

Metadata Declaration

The plugin declares:

1. Local database table (local_credentium_issuances) - stores issuance records
2. External system (Credentium® API) - receives user data for credential issuance

This information is visible in Moodle's plugin privacy registry.

Scheduled Tasks

Clean up old credential issuance records (GDPR)

To view or modify the schedule:

1. Go to Site Administration > Server > Scheduled tasks
2. Search for "Credentium"
3. Find "Clean up old credential issuance records (GDPR)"

Best Practices

For GDPR Compliance

1. Set appropriate retention period - Don't keep data longer than necessary
2. Document your data processing - Include Credentium in your privacy policy
3. Inform users - Let students know their data is sent to an external service
4. Process requests promptly - Handle data export and deletion requests within GDPR timeframes (typically 30 days)

For Data Security

1. Use HTTPS - Ensure your Moodle site uses HTTPS (data is transmitted securely to Credentium)
2. Protect API keys - API keys are encrypted at rest, but limit access to plugin settings
3. Monitor issuances - Regularly review the Credentium Report for any issues
4. Enable debug logging only when needed - Debug logs may contain personal data

Frequently Asked Questions

Does deleting records affect already-issued credentials?

No. Deleting issuance records from Moodle only removes the local tracking data. Credentials already issued in Credentium remain valid and accessible to the recipient.

What happens to pending credentials when records are deleted?

If a pending issuance record is deleted (due to retention policy), that credential will never be issued. Ensure your retention period is long enough to allow all credentials to be processed.

Can I disable automatic cleanup?

Setting a very long retention period (e.g., 9999 days) effectively disables automatic cleanup, but this is not recommended for GDPR compliance.

Where can students view their credentials?

Students receive credentials in their Credentium Wallet. The Moodle plugin only handles issuance - credential storage and viewing is managed by Credentium.

Need Help?

If you have questions about privacy and GDPR compliance, please contact:

Credentium Support Email: support@credentium.com

For Moodle-specific privacy questions, consult your organization's Data Protection Officer or privacy team.

Last updated: January 2026