Privacy Policy
Information about personal data processing
Pursuant to articles 13 and 14 of the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
GÉANT Data Protection Code of Conduct
Name of the service
MODERN-A: Moodle
Data controller and a contact person
15 Tzar Osvoboditel Blvd., Room 12, 1504, Sofia, Bulgaria
Prof. Eliza Stefanova, PhD
Personal data processed
A. Following data is requested from your Home Organisation:
- your unique user identifier (SAML persistent identifier – EduPersonPrincipalName)
- your email address for communications and forum messages
- your full name (GivenName, SN Surname) for personal identification
B. the eduPersonEntitlement and the Affiliation if your IdP expose it for automatic enrolment to specific courses
C. Following data is gathered from yourself:
- your profile optional data or different email address
Purpose of the processing of personal data
In accordance with Bulgarian and European legislation on data protection (General Regulation on the Protection of Personal Data n. 679/2016), we inform you that the data, collected through your home organisation and profile pages on the platform, will be stored in databases, collected and processed for all the institutional learning purposes including grading and tests, statistics on learning activities and management of the courses.
Third parties to whom personal data is disclosed
Optional Moodle plugins may disclose mandatory user data (EPPN, email address, your fullname) to external services such as MSTeams and others parties under specific agreements with the Sofia University.
How to access, rectify and delete the personal data
Contact the contact person above.
To rectify the data released by your Home Organisation, contact your Home Organisation's IT helpdesk. Optional data and email can be rectified by the user himself accessing the profile page.
Data retention
Users’ personal data are processed for the period of time strictly necessary to achieve the purposes previously mentioned. Data are stored without any temporal limit for the whole period during which the user is registered to the platform.
Criteria used to determine the storage period are established by:
- specific laws, which regulate the activity of the Sofia University and other federated universities;
- by the period of permanency of the user registered to our services;
- upon user request.
Data Protection Code of Conduct
Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy. See http://www.geant.net/uri/dataprotection-code-of-conduct/v1 for details.