An introduction of approximately 20 minutes with an explanation of both the GDPR and the Privacy Escape Room. Roles, powers and supplies are divided. The team of 6 to 9 people is prepared for the challenge they face.
The team carries out the mission independently in a maximum of one and a half hours. They perform tasks and unravel puzzles in which characteristic parts from the GDPR are discussed. All this to find and dismantle the bomb and to get the USB stick.
A relaxed retrospective of approximately 40 minutes on the course of the challenge, the GDPR components and what they mean. Additional information puts it all in context to paint a complete picture.
Nico Nijenhuis MSc ECPC-B accommodates the Privacy Escape Room. A Data Protection Officer (CDPO) certified by the European Center on Privacy and Cybersecurity. Nico is a socially involved ICT professional with passion and experience in helping organizations to understand privacy and compliance. Mainly as a trainer, advisor or formal Data Protection Officer (DPO) registered with the Dutch Data Protection Authority. In other words, a pragmatic expert who also acts in various (sectoral) working groups and speaks at conferences. Nico is also the founder of the European Network of Independent Privacy Officers (ENIPO) and active as an Ethics Expert for the European Commission.
Enerverende privacy awareness training op locatie in de vorm van een escape room
There are more privacy escape rooms. Most of these however are essentially about security rather than privacy and/or are facilitated by ‘game hosts’ instead of privacy experts. This Privacy Escape Room is not just a fun game and is really about the privacy laws and regulations (of which security is part). It is an awareness training with a challenge in the form of an escape room. Fully accommodated by an experienced and certified privacy professional, which in combination with the briefing (before) and debriefing (after) has the character of a thorough exciting training.
The Privacy Escape Room has been developed for teams for which privacy awareness is crucial. And therefore also for organizations that take privacy by design seriously and/or want to demonstrate this. After all, privacy by design requires a certain level of knowledge in addition to alertness. It can contribute to both initial training and refresher training. Privacy awareness is not a one-off exercise and variety in the form is effective in this. Participants do not need any prior knowledge.
We also see the Privacy Escape Room being used as a standard part of the introduction training for new employees in sectors in which this is relevant. But also as project kick-off of projects where, in addition to team building, privacy by design is essential. Organizations that want to combine a company outing with substantive enrichment also see a good alternative in the Privacy Escape Room. Sometimes the Privacy Escape Room forms part of a larger program (whether or not organized by Privius). The Privacy Escape Room is also increasingly used as a (playful) part of cybersecurity and privacy conferences. And last but not least, the Privacy Escape Room can be used as an introduction to a privacy workshop or open space.
The components that will be discussed are primarily a selection from the General Data Protection Regulation (GDPR), the Dutch Implementation Act (uAVG) and from guidelines from supervisors such as the Dutch Data Protection Authority (AP) and the European Data Protection Board (EDPB). This was then supplemented with case law, current affairs and our own expertise. But please note, the level concerns general knowledge (awareness) for a wide audience that can be followed without prior knowledge.
Yes, there is some time for this in the (de)briefing. If it is already clear in advance that there are quite a few questions, it is advisable to plan a separate workshop or open space (perhaps subsequently).
The time schedules always take place in consultation, but the standard evening session lasts from 19:00 to 21:30 and from 09:00 to 12:00 and/or from 13:00 to 16:00 during the day. There is a (customized) possibility to do 3 in one day and this means a session from 10:00 to 12:00, a session from 13:00 to 15:00 , a session from 16:00 to 18:00 and a joint debriefing from 19:00 to 20:00.
For the (de)briefing there must be a table with enough chairs for the participants, as well as the possibility to project on something (a beamer or flat screen). The space is divided into two parts in which they must be able to move freely. Furthermore, it works best to choose a room with the most homely atmosphere. Finally, take into account sirens and smoke.
Yes, but Privius is seriously considering adding an English version as well. English spoken participants can already participate in the Dutch version but the will have to be supported by the team itself. In practice this works fine for the team, but the participant in question doesn’t get everything.
6 to 9 participants can participate in a regular Privacy Escape Room. On the same day, 2 regular Privacy Escape Rooms can take place in succession. 3 are possible but then the debriefing is done together at the end. This allows a maximum of 27 participants to experience the Privacy Escape Room on the same day.
Are you interested or do you have any questions about this exciting privacy awareness training on location in the form of an escape room? Fill in the contact form and Privius will contact you by email as soon as possible. You can also send an e-mail to firstname.lastname@example.org.
By sending your data to Privius, you ask us to contact you. For that purpose alone we will process your data. Privius does not transfer your data to other parties. See our Privacyverklaring for more details.