the "usermodified" also contains a userid field in your "quizaccess_schoolyear" table so this is classed as user information that should probably be covered in the privacy class along with the export - delete functions may need to be careful not to delete content that is still in use.
At the bare miniumum I think we the external location component coverage is a blocker for plugins db approval.
your plugin submits user information to an external service so must include the external_location_link stuff: https://moodledev.io/docs/apis/subsystems/privacy#indicating-that-you-export-data-to-an-external-location
the "usermodified" also contains a userid field in your "quizaccess_schoolyear" table so this is classed as user information that should probably be covered in the privacy class along with the export - delete functions may need to be careful not to delete content that is still in use.
At the bare miniumum I think we the external location component coverage is a blocker for plugins db approval.