Understanding the GDPR (General Data Protection Regulation), its principles, and the obligations and procedures it imposes for compliance can sometimes be challenging.
SNCF wanted to offer its executive employees, who are not familiar with legal issues, e-learning in order to increase their skills on the subject and acquire the right reflexes as soon as personal data processing is implemented. This e-learning training allows you to understand and memorize the fundamentals of the GDPR law to implement best practices within the Group.
Device
The training consists of a core curriculum (approximately 40 minutes) comprising 6 chapters:
- Introduction to the RGPD:
- Définitions et traitement des données à caractère personnel:
- The actors of the RGPD:
- The principles to be followed
- Documenting and proving compliance.
- Quiz
Seven specific elearning modules of 20 minutes on average also make up the training:
- Purchasing function
- HR function
- Communication / Marketing function
- Video surveillance / Video protection function
- IT Department function
- On-board staff function
Pitch: “Imagine yourself traveling aboard the RGPD Express train. Samuel, the conductor, asks for your personal ticket to access your seat. But when you arrive at your seat, your ticket is gone… You alert the conductor; this could be serious! The ticket may contain personal data… But do you actually know what personal data is?”
Technical solution
The e-learning allows learners to progress through the content at their own pace. The solution includes features for tracking and validating knowledge, with the issuance of a diploma. Monitoring indicators are also available.
Educational Objective
The training enables employees to enhance their skills in personal data protection and to acquire best practices for implementing personal data processing. It raises participants’ awareness of GDPR issues, educates them on the principles to follow, and equips them to document and demonstrate their compliance.
Strategic issues
The solution meets the strategic needs of SNCF regarding GDPR compliance. It enables each employee to become an active participant in personal data protection within the company. The technical solution provides the flexibility required to create customized training paths based on the various jobs and activities within the SNCF group.
Pedagogy
To make the training more engaging and enhance retention, Audace has chosen a playful and creative approach. Learners are immersed in a railway-themed environment, with storytelling inspired by the “Orient Express” crimes. Real-life case studies are integrated, presented as reviews of sensitive files, to illustrate the concrete implications of GDPR. Interactive quizzes are embedded throughout the course to reinforce learner engagement and raise awareness of the risks associated with data loss.
Gamification is also present in the training, with stimulating game mechanics. Learners are encouraged to advance in their learning by accumulating points, earning rewards, and unlocking levels. This approach enhances participant engagement and motivates them to continue exploring more advanced modules of the training.
