NEW: Free AI Compliance solution. Sign up for early access now


ComplyHero E-learning platform

Fill your office with well-trained compliance heroes.

GDPR & IT security training made easy

We know that GDPR training doesn’t have to be boring or even too complex. We believe that simplicity and fun are powerful tools towards making GDPR and IT security training that actually sticks.

Did you know that over 88% of data breaches can be traced back to an employee mistake*?

Significantly reduce this risk with our E-learning and awareness courses.

Start your ComplyHero journey today.

*Stanford University. (2020). Psychology of Human Error. CISO Magazine.

Why choose ComplyHero GDPR and IT security E-learning?

Stay ahead of the game with our user-friendly platform, engaging courses,
and interactive assessments that protects your business reputation.

Comprehensive coverage of GDPR regulation

Our E-learning program provides extensive coverage of GDPR regulation and is carefully crafted to ensure compliance with all legal requirements and adheres to the recognized ENISA standards for cybersecurity.

Developed by legal experts

All the courses have been carefully designed by leading GDPR experts and lawyers. Rest assured, this guarantees you top-class training that is well-considered and comprehensive.

Customizable learning paths

Tailor GDPR and IT security e-learning to your organization’s needs with customized learning paths for different roles and departments, ensuring targeted and relevant training.

Interactive and user-friendly courses

Experience an enjoyable and interactive training session with our GDPR and IT security courses. Designed to place you at the heart of a narrative that mirrors your own experiences, these courses are both entertaining and informative.

Always up-to-date content

We refresh our material on a yearly basis to guarantee its relevance and address the most current challenges and the latest practices in GDPR and IT security.

Real-world case studies and practical examples

Our e-learning platform incorporates real-world case studies and practical examples that help employees understand how GDPR principles apply in their day-to-day work.

The all-in-one GDPR and IT security training platform

Discover our comprehensive GDPR and IT security training platform, designed to meet all your organization’s compliance needs. Whether you’re a beginner or an expert, our platform has the perfect module to help you navigate the complexities of GDPR and IT security with ease.

GDPR & IT security basics

A simple, elementary, and basic course on the key aspects of GDPR and IT security, primarily aimed at blue collar workers who work with manual labour, but still need a basic introduction to the rules.

Course includes:

  • Introduction to personal data.
  • Introduction to IT-security including: password security, phishing etc..
  • Introduction to physical security including: handling of access keys, handling of physical personal data etc.

GDPR Foundation

A basic course on the fundamental data protection rules, principles and rights. The course is aimed at all employees in an organization and forms the basis for the subsequent courses.

Course includes:

  • Introduction to categories of Data Subjects
  • What the term ”processing” entails
  • Legal basis of processing of personal data, including the conditions for consent
  • Definition of a ”personal data breach” and how to access one
  • Rules on erasure and Anonymization

IT Security Foundation

A basic course on IT security aimed at all employees in an organization. It forms the basis for the remaining courses and is based on ENISA’s recommendations.

Course includes:

  • How IT security can be achieved
  • Recognized recommendations on passwords
  • Phishing
  • Transmission of confidential / sensitive information
  • Use of public networks and VPN


A specialized course regarding GDPR aimed at employees in the HR department.

Course includes:

  • Important considerations in connection to recruitment
  • Legal bases for processing of data
  • Erasure of data before / during / after recruitment
  • Storage of applications / recruitment documents
  • Obtaining of references and child / criminal records
  • Handling of sensitive personal data before / during / after recruitment

Compliance for Sales & Marketing

A specialized course on the aspects of GDPR and marketing law that are particularly important for employees working in sales and marketing.

Course includes:

  • The rules on consent
  • Participation in competitions
  • Use of cookies
  • Use of personal data in CRM systems

GDPR & IT Security for the IT Department (advanced)

A specialized course regarding GDPR and IT security aimed at employees in the IT Department. Based on ENISA’s recommendations and risk catalogue in the area.

Course includes:

  • The content of a risk assessment
  • Privacy by design
  • Risk assessment vs. DPIA
  • The data processing agreement
  • Control of data processors
  • Third-country transfers

NIS2 – For upper management

A course specifically designed for members of management in organizations covered by NIS2. The course provides the leader with the necessary knowledge about NIS2 and enables them to take on the responsibility and perform the tasks required by the directive.

Course includes:

  • Introduction to NIS2
  • Overview of the organization’s obligations
  • Identification of cyber threats
  • Method for risk assessments & evaluation of security measures
  • Overview of management’s responsibilities & tasks
  • Incident handling & establishment of an incident response team
  • Sanctions & other consequences for non-compliance

Responsible Use of AI

A brief introduction on generative AI and how to harness it while providing specific guidelines and tools for you to avoid the inherent risks and pitfalls, thus ensuring a responsible and compliant use of AI.

Course includes:

  • Learn how Generative AI can create value in your own workflow
  • Introduction to specific technologies and services
  • Learn about confidentiality risks, risks of misinformation and risks of lack of transparency
  • Learn about inherent risks of bias and discrimination in AI
  • Gain concrete tools to avoid these risks, ensuring compliant and responsible use of AI
  • Ensure transparency and integrity when using AI
  • Risk assessments in the context of AI
  • Assess the level of human oversight versus automatio
  • Copyright of content made with assistance of AI

What our customers say

“We are happy with ComplyCloud and have chosen to use the ComplyHero tool to create awareness of GDPR questions among our employees. It is accessible and at the same time increases general awareness of GDPR among employees. The courses incorporate real workplace scenarios, making GDPR principles much more comprehensible.”


Signe K. Stranddorf, Akademisk medarbejder og udstillingsassistent

See it in action

Unlock the power of compliance education with ComplyHero’s interactive E-learning platform.

Sign up for a personalized live demo today.

See ComplyHero in action

Do you want to know more about ComplyHero’s e-learning platform? Check out our on-demand demo presentation!

Frequently asked questions

The requirement for awareness training in relation to the handling of personal data and security can be found in several articles of the General Data Protection Regulation (GDPR). Specifically, Article 32 of the GDPR outlines the obligation for companies to implement technical and organizational measures to ensure an adequate level of security. These measures include conducting awareness training for employees.


Awareness training plays a crucial role in meeting this requirement by ensuring that employees have a clear understanding of their responsibilities and obligations regarding the protection of personal data. It helps to educate them on best practices, potential risks, and the importance of maintaining data security. By equipping employees with the necessary knowledge and skills, awareness training enhances overall compliance with the GDPR and contributes to the effective protection of personal data.

The level of GDPR proficiency expected in this training varies depending on the course. The different courses cater to individuals with different levels of knowledge and responsibilities related to GDPR. Here is a breakdown of the expected proficiency for each training:


  1. GDPR & IT Security Basics: This course is designed for blue-collar workers who may not work directly with computers and personal data but need to have a general understanding of GDPR and basic security concepts.

  2. GDPR Foundation: This course is aimed at individuals with little to no knowledge of GDPR. It provides a comprehensive introduction to GDPR principles and regulations.

  3. IT Security Foundation: This course is intended for individuals with little to no knowledge of IT security. It covers the basics of IT security, including its relevance to GDPR compliance.

  4. GDPR for HR: This course targets individuals working in HR departments who already possess a basic understanding of GDPR. It focuses on GDPR implications and considerations specific to HR functions.

  5. GDPR & IT Security for IT (Advanced): This course is designed for individuals working in IT who have a basic knowledge of GDPR. It delves deeper into GDPR requirements and best practices specifically relevant to the IT field.

  6. Compliance for Sales and Marketing: This course caters to individuals working in sales and marketing departments who already possess a basic understanding of GDPR. It provides insights into GDPR compliance within the context of sales and marketing activities.
  • The estimated duration of each course is approximately 1 hour and 15 minutes. This duration is calculated based on an allocation of 15 minutes per module. While this may be considered a slightly longer duration per module, it is intentionally designed to discourage rushing through the course. We believe that allowing employees to complete the course at their own pace is the most effective approach.

    It is not necessary to complete the course in one session. The training software enables you to pause and resume your progress at any time. This means you have the flexibility to take breaks or divide the course into multiple sessions while ensuring that your progress is saved.

The training is available in both Danish and English. Additionally, the application’s interface supports both languages.

Managers & administrators have access to the following information:

  • The availability of all courses in both Danish and English languages.
  • The number of people participating in a course.
  • The number of people who have successfully passed a course.
  • The dates when individuals have participated in a course.

However, it is important to note that detailed individual responses are not accessible to managers & administrators. The focus is on ensuring employees complete the courses rather than measuring them.

Yes, it is feasible to tailor the training specifically for our customers. However, the approach may differ from the standard training provided by ComplyHero. While ComplyHero offers a comprehensive training program, if you have specific requirements or want to focus on company-related topics, we can create basic custom questionnaires for an additional fee. These questionnaires can be designed to test your employees on the specific areas you deem important. You can even set a passing score that employees need to achieve, ensuring they have a solid understanding of the subject matter. This tailored approach allows you to address your organization’s unique needs and enhance training effectiveness.

Looking for a more extensive training program?

If you’re seeking something beyond e-learning, we’ve got just what you need.
Tailor-made advanced training course

Tailor-made advanced training course

Enhance your knowledge of GDPR regulations through our tailored advanced training course. Our modules will be thoughtfully customized to cater to your unique business needs and current level of GDPR understanding.

Contact us


To book a class, become a member, or rent our studio, please complete this short form. We’ll get back to you as soon as we can.