Totara Learn Supports GDPR Compliance.


design element
scrolling arrow down

Totara Learning has announced that from the release of Totara Learn 11, a special interim release designed to help customers ensure their learning management platform supports their compliance with the EU General Data Protection Regulation (GDPR) before it becomes effective on 25th May 2018.

Totara makes it easy for end users to understand what their data will be used for, who will have access to it, and provide consent to site policies regarding the usage of their personal data (such as opting into receiving marketing emails and receiving notifications when their data will be passed to third parties).

EU flag with Totara and GDPR mentioned in the middle

Protect and support your system users


The new Site Policy feature will allow organisations to create a site-wide use policy that users must review and agree or decline – with all responses recorded. Versioning allows organisations to update policies as required, and users are able to visit a dedicated Site Policy page and amend their agreement if necessary. This will also ensure that data handling and processing is transparent enough to abide by the new regulations, protecting organisations and end users alike.


Administrators will have the ability to export all data that is linked to a given user, with the option to review the data prior to transmitting to the individual.

This export file will allow the individual to review what type of personal data is processed within their Totara Learn site and reconcile this information with their version of the Site Policy. For example, from the exported file, a user will be able to see that the platform is processing items such as quiz answers, 360° feedback responses, course enrolments, progress and completions, site logins etc.


While the data export feature will provide all user data in a consistent format that allows for porting of data, existing functionality within Totara Learn allows key learning data to be exported in a more ‘human readable’ format, via the Report Builder and Record of Learning areas.


Totara Learn will provide administrators with the ability to create and manage multiple ‘Purge Types’. Each Purge Type will have an individual configuration, specifying the retention, deletion or anonymisation requirements of various user data types throughout the system. Users may have a Purge Type applied to their account so their data will be processed in accordance with an organisation’s data retention requirements.


“Working closely with our Totara Partners across the EU, we have taken a proactive approach to supporting the rights mandated by the GDPR within the Totara Learn 11 release ahead of the regulation coming into effect in May. Organisations running Totara Learn will have the flexibility to control notifications to users about how their data will be used, give users access to the data held about them and also manage the scenarios where an organisation no longer needs to hold personal data.” Iain Napier, Director of Product Management at Totara Learning

To find out more about how Totara Learn helps you to manage GDPR get in touch with us.