Our Commitment to GDPR

1. Data Protection Principles

We adhere to GDPR principles: lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.

2. Lawful Bases for Processing

Personal data is processed based on contract performance, legal obligations, legitimate interests, and consent where required. We document all processing activities.

3. User Rights

• Right to access, correct, or erase personal data.
• Right to restrict or object to processing.
• Right to data portability.
• Right to withdraw consent at any time.
• Right to lodge a complaint with a supervisory authority.

4. Data Security

We implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

5. Data Processing & Third Parties

We act as data processors for client Moodle deployments. All third-party processors are vetted and contractually bound to GDPR standards. Data is processed only according to documented instructions.

6. International Data Transfers

Transfers outside the EU/EEA are safeguarded via Standard Contractual Clauses (SCCs) or equivalent mechanisms ensuring GDPR compliance.

7. Contact Us

For inquiries or to exercise your rights under GDPR, contact our Data Protection Officer (DPO):