Most privacy policies are incomprehensive and largely unreadable. As a consequence, most users do not bother to read them. We propose Leech, a serious game developed in a students’ project for learning about the contents and structure of privacy policies so that users get a rough understanding what to expect in privacy policies. Leech is an adventure game and the player has to solve quests to complete the game. Two of the tasks are implemented as a mini game to allow more complexity. Two pre-tests led to promising results and we intend to quantitatively evaluate the game in the next step by investigating players’ online privacy literacy, demographics, values on privacy policies, actions within the game, and their in-game experience.