Note: This page is a work-in-progress. Feedback and suggested improvements are welcome. Please join the discussion on moodle.org or use the page comments.

Overview

The Privacy API has been implemented to help report the use of data within Moodle Plugins as part of General Data Protection Regulations.

It shall be expected that *all* plugins will require to report their use of and storing of personal data.

All plugins will be expected to implement a privacy provider class. This class will provide details on:

• personal data being held by the plugin in:
  • database tables
  • subsystems
  • user preferences
  • external locations

Plugins that do not hold personal data

If a plugin does not hold any personal data it should implement a provider class that implements the core_privacy\local\metadata\null_provider.

get_reason(): string

This function should return a string that explains why the plugin is asserting that it holds no personal data.

Using Privacy API

Every plugin should define a privacy provider class.

This must:

• be named provider,
• be located in the classes\privacy\ directory for the plugin
• be in the "<pluginname>\privacy" namespace
• implement 'core_privacy\local\metadata\provider *or* 'core_privacy\local\metadata\null_provider'

namespace mod_peerassessment\privacy;

class provider implements

   \core_privacy\local\metadata\provider,
   \core_privacy\local\request\plugin\provider

{ ... }

Helpers