Moodle suggests that larger organisations should have a separate role on their site for a “privacy officer” who will deal with requests to either delete or export information about users. Although my site hardly has any users, I’ve followed this advice to see how it looks. We start off from the point of view of an ordinary user who is authenticated in the site and enrolled as a student in various courses…

On the user’s “profile” page, there is a section called Privacy and Policies. This includes the option “Delete my account”. Note that this section also allows me to send a message to the Privacy Officer.

this opens a page which gives a choice of either DELETE or export your data. I’m going to start by asking to export it.

After making my request, I see a page showing that it is awaiting “approval” from the privacy officer.

Now switching to the point of view of a member of staff who has the special role of “privacy officer”. For more about how to set this up, see this video

When the privacy officer logs into the site they see that a data request has been sent to them…

They can view all such requests through “site administration”> “users”> “data requests” and then approve it

The student who made the request receives an email automatically from the privacy officer with a link that will allow them to download the user data. When they click on this link, as soon as they log in… a file downloads with the name export.zip.

Unpack the zip file and you get a folder with these contents..

Most of the data is in the js folder, but for the user, there is an html page index.html which serves as an organiser. This example is in Russian (which is the user’s preferred language). and here is the English language version: .

You can see there is an index panel down the left-hand side, similar to what the user would see when inside a course.

For example, here the user can view the dates of their last access to each course they have studied.

and here they can see the full log of all visits they have made to the site: