Terms of Use and Privacy Policy for the Learning Management System Moodle

With the learning management system Moodle, the Erlangen National High Performance Computing Center (NHR@FAU) offers teachers and students at the Friedrich-Alexander-Universität Erlangen-Nürnberg  (FAU) as well as external collaborators and course attendees a teaching and learning platform that supports the organization of lectures and courses, communication among participants, and learning itself. Accordingly, course rooms are available in Moodle for a course, the elements of which can be used in the courses.

The learning management system Moodle can be used by teachers, students, external attendees, and guests under acceptance of these terms of use. In order to use the e-learning platform, you must consent to the processing of your data. You will not suffer any disadvantages if you do not consent, but registration in Moodle is not possible without your consent, which limits the functionality of Moodle to guest access. Consent can be freely revoked at any time with future effect by making a corresponding declaration to the Moodle administration. In the event of revocation, your personal user access to Moodle will be deleted and only guest access is possible.

Terms of use

Circle of participants

If you want to actively participate in courses and use the full functionality of Moodle, you must be registered in Moodle. Using Moodle as a guest is possible, but functionality will be limited. Registration is done when you first log in to Moodle. Users can either log in using the DFN-AAI single sign-on (SSO) service or by setting up a local Moodle account. Lecturers must submit a request to the NHR@FAU Moodle administrators to set up courses within Moodle. 

Course rooms

Lecturers can offer their courses to everyone registered in Moodle, but they can also use an access key to restrict their courses to the group of attendees for whom they are intended. The access keys to the courses are only issued by the lecturers or their representatives. In case of misuse, the access keys can be changed. The assigned user ID and password may not be shared.

Lecturers may pass on roles with lower permissions to other users registered in Moodle. Saving and restoring courses is only possible without participants and participant contributions. The settings of the central learning management system Moodle of NHR@FAU are not intended for online exams.

Lecturers must inform course attendees about the visibility of names when using the activities "Voting" and "Feedback", set up this activity anonymously and/or enable anonymous voting if necessary.

Dealing with copyrights and other legal requirements

Each user is obligated to comply with the law, in particular to protect personal rights, copyrights, performance rights and trademark rights. Each user is responsible for the material they upload to the Moodle learning management system from their own or external sources, including RSS feeds. The copyrights of all information and materials, whether user-created or external documents, that are entered into the Moodle learning management system must be acknowledged and respected by each participant. FAU is not liable for any infringement of rights by users.

Privacy policy


The use of Moodle is voluntary.

Processing of personal data

We process personal data collected during visits to this website in compliance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR). The responsible party according to the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:

Friedrich-Alexander Universität Erlangen-Nürnberg
Legally represented by the President
Prof. Dr. Joachim Hornegger
Schloßplatz 4
91054 Erlangen

Legal basis

Insofar as the University obtains the consent of the data subject for the collection of personal data, Art. 6 § 1 lit. (a) of the GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of the University, and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 § 1 lit. (f) of the GDPR serves as the legal basis for the processing.


Each time this website is accessed, the following data is stored in log files for data security and statistical purposes:

  • IP address,
  • time of access,
  • UserAgent (browser and operating system used),
  • accessed page or content elements, and
  • if provided, referrer URL (the previously visited page).

These purposes are also our legitimate interest in data processing according to Art. 6 § 1 lit. (f) of the GDPR. The data is stored for a maximum of 7 days, after which it is deleted for good.

Logging (after registration)

For the purpose of user administration, authentication of users and the implementation of virtual courses, the following personal data is processed: When you first register in Moodle via DFN-AAI SSO and log in, your user ID, last name, first name, and university email address are transferred to the Moodle database. This is also true if you choose to register without SSO but instead set up a local Moodle account.

Your role (for example, lecturer or student) as well as the above mentioned data can be viewed by lecturers, trainers without editor rights, and other participants. The visibility of the email address in the user profile to other users can be configured: it can be hidden, visible only to students in the courses you are taking, or visible to all users. For administrators and lecturers your e-mail address is always visible in the user profile.

The city/town and country information is requested by the system, but is not required to use Moodle. Therefore you can enter fictitious data here. The description and other data do not have to be entered for using Moodle, but you are free to design your user profile with additional information about yourself or a picture. Personal data from Moodle, including contributions to individual activities, may only be transferred to other computers, servers or to other files outside the program for the purposes of the respective event. It must be ensured that no third party gains knowledge of this personal data and that the data is completely deleted when storage is no longer required.

Log data that is collected in the background when using Moodle, including time, IP address, full name, action and object information, represents at what time which parts of the course offerings and profiles of other users are accessed, possibly also whether set tasks were completed or whether and how an activity was participated in. Each participant sees the log data with regard to his/her own data. The data is only made available to the lecturers in aggregated and anonymous form, and anonymous usage statistics are compiled for this purpose.


When you visit this website, so-called "session cookies" are placed and stored on your computer. Cookies are small text files that are used to make the website more user-friendly, effectivem and secure. They do not cause any damage to your computer and do not contain viruses. As a rule, session cookies are automatically deleted at the end of your visit. You have the option of deactivating the storage of cookies by making the appropriate settings in your browser. Please note that by deactivating cookies you may not be able to use all functions of this website to their full extent.

Data security

Communication with the learning management system is done via an encrypted and authenticated connection. The course rooms themselves are protected from being indexed by search engines. A backup with a fixed retention period is created to restore the system if necessary.


Administrators have access to all data created within the Moodle learning management system. They may only make use of this within the strictly limited scope of their duties. No personal data is passed on to third parties in the administration process, not even in anonymized form. Legal transmission obligations remain unaffected.

(Non-) Disclosure of test results

It is not permitted to publish examination results or grades in Moodle. Lecturers are obliged to use their local universities' facilities, which in turn must ensure data protection-compliant individual disclosure. Exceptions to the above principle are the assessments of performances that are not a compulsory part of the performances to be rendered according to study and examination regulations. In these cases, the disclosure of examination results via Moodle is not a matter of data protection law, provided that this is done on an individualized basis (e.g. via the internal assessment system).

Contributions/comments, assessments, completion tracking

In the course of using Moodle, further data such as contributions or comments on the individual activities and their evaluations by lecturers or trainers without editor rights are generated within the courses. Contributions and comments to activities are visible to participants and guests in the course. Evaluations are only visible to the individual evaluated participant(s), the lecturer and to trainers without editor rights. Posts and comments on activities, as well as ratings, are usually locked when the participant logs out of the respective course. In activities where locking would destroy the context, for example in forums, chats, in the glossary, and in wikis, the contributions remain. Only when the course is deleted will these posts/comments and assessments be permanently deleted within Moodle. In the context of conditional activities, when using completion tracking, the status of the processing of the included material and activities is visible to the instructors of the courses on a user-by-user basis.


The chat feature can only be used by registered and logged-in users. Chat allows you to communicate with other users in real time. Messages that you post in the chat are visible to all course participants with the day and time of the post, your name and, if your profile contains a picture, also with this picture.


Forum contributions can only be made by registered and logged-in users. In forums, course members can communicate with each other in a time-delayed manner. Posts are visible to all students with the day and time of the post, your name, and if your profile contains a picture, your picture as well.


Blog contributions can only be made by registered and logged-in users. Blogs are visible to all Moodle students, except for personal blogs. Here you can share course-related information and opinions, as well as general topics. Posts are visible to all Moodle users with the day and time of the post, your name, and if your profile contains a picture, your picture as well.


Messaging in Moodle can only be used by registered and logged-in users. Messages can be sent to any Moodle user, independent of the course. To send messages, Moodle provides an address book containing only the names of Moodle users, not their email addresses or other information. However, the address book is not available to users as a list of all names; rather, the name of the specific recipient must be entered via a search form. Each Moodle user's name is added to the address book upon registration. Lecturers have access to all names of course participants for collective messages via a participant list of the course.

Glossary and Wiki

Glossary and wiki contributions can only be made by registered and logged-in users. Contributions to the glossary and wiki are tagged with the day and time of the contribution, your name, and if your profile contains a picture, the picture is visible to other Moodle users.

Your own files/calendar

Data and files in the calendar or in "My Documents" are only visible to the respective logged-in user.

Transfer of data/external services

External information can not only be identified and actively used by links/references to third party systems, but can also be integrated directly into a Moodle page, for example as an image file, IFrame or similar from other web offerings (e.g. video portals, RSS feeds, language courses). In this case, your browser may also transmit data to the third-party system.

Deletion of data

Personal data on the profile page will be deleted as soon as a user's account is deleted. Profile data that you have entered voluntarily to freely design your profile can be deleted by yourself at any time. The deletion of a course can be initiated by the lecturers at any time. This also deletes the students' contributions within the course. Contributions and comments in forums, wikis, and the glossary, as well as from files made available, can be accessed by other users even after your Moodle access has been deactivated, until the corresponding course or activity is deleted. Log data is permanently deleted after 180 days, the approximate period of a semester.


If you contact us by email to, you may withdraw your  consent for the storage of your personal data at any time. In this case the conversation cannot continue, and all personal data which were stored when contact was made are deleted.

Furthermore, you have the right to request free information about your stored personal data, its origin, recipients, the purpose and duration of data processing. In addition, under certain conditions, you have the right to rectification, restriction of processing (e.g. blocking), deletion and the right to data portability of your data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority for data protection if you believe that the processing of your personal data is not lawful.

If you have any questions regarding data protection, you may contact the University's Data Protection Officer:

Norbert Gärtner, RD
Schloßplatz 4
91054 Erlangen