Data Privacy / GDPR

Handling Personal Data

Any type of information that could lead to identifying an individual is classed as personal data, and is subject to strict legal regulations when handled in professional working environments. Therefore, being able to ensure compliance to data privacy laws is essential so that organisations can secure the trust of customers, partners and employees, and safeguard the financial well-being of the business.

The focus on data privacy intensified in May 2018 when the new General Data Protection Regulation (GDPR) came into force – a move that standardised data privacy regulations across European Member States, and placed greater emphasis on the protection of personal data.

By delivering the ‘Data Privacy’ training programme to your employees, you can help them understand the new data privacy rules, making them aware of how it relates to their role and how they can comply. In accordance with the GDPR, the programme explains the legal regulations that apply to different types of data, how the rules can be applied and the consequences of breaching the policies.

For regular refresher trainings on data privacy, we have developed the “Escape Room”. This gamified training format, which is also known as the “Exit Game”, is perfectly suited for maintaining necessary awareness when handling personal data.

Contents of the Data Privacy e-learning programme

The tutorial consists of a number of self-contained lessons. You can pick and choose any combination of lessons depending on whether you want to use the standard product or would like more options. Click here to learn more about ’lessons’ and ’lesson types’.

  • Welcome
  • The GDPR - An overview
  • From DPA to GDPR (for UK)
  • Fundamentals of data privacy
  • Fundamentals of data privacy for financial service providers
  • Protecting information
  • Principles of data privacy
  • Commissioned data processing
  • Who is responsible for what at the company
  • Handling personnel data
  • What is permitted during the application process
  • Data and its use by the works council
  • Customer data and Marketing
  • Case study: A day at the office
  • Case Study: A Day in Marketing
  • Test

Expert author

Dr. Johann BizerThe expert author of our CEO fraud tutorial is Dr. Johann Bizer – Chief Executive Officer at Dataport, an IT service provider for the public sector. Dr. Bizer has served as a Deputy Regional Representative for data security for many years, and is well-known for his numerous publications on data privacy, as well as being one of the publishers of the ‘Data Protection and Data Security’ journal. Learn more at

"Escape Room" Refresher Training

This gamified training format is perfectly suited for refresher trainings. In this scenario, learners are locked in a room and need to find items that reveal data privacy-related questions. Solving each of those questions provides learners with one digit of a code needed to leave the room – and successfully finish the training.


The data privacy e-learning programmes from Sponge Compliance have already been successful for many commercial organisations, including the likes of BMW, Bosch, Computacenter, Daimler, Deutsche Post, EnBW, ING-DiBa, SCHOTT and Siemens.

You might also like

Learning Management System

Learn more about how to roll-out your compliance training to your employees with the help of our LMS.

Learn more about the compliance LMS

Compliance communication

An appropriate communication concept is always necessary to accompany your compliance training!

Learn more compliance communication

Our clients

Do you want to know which companies and organisations rely on compliance training by Sponge Compliance? Here is a selection of our clients and testimonials.

Clients overview