Restrict companywide employee access to single doctype

I have an employee who documents training events for the whole company. In order for her to select other empolyees than herself I removed the user permission restricting her to only her empolyee-ID. However, I don’t want her to be able to see other employee information, e.g. the salary slip, or enter other employees in other doctypes than the training event.

How do I set up this restriction?

Try this way:
Step 1: Home > Users and Permissions > Permissions > Role Permissions Manager
Step 2: Select Document Type for which you want to set user permission. After permissions are loaded for selected document, scroll to role for which you want to set restriction.
Step 3: For Role to be restricted (Sales User in this case), check “Only If Creator”.

Wouldn’t this restrict her to see only her own training events?

I want her to be able to set training events for all other employees as well. But only in the case of training events, not for other doctypes.
The user permission “employee” which is automatically created for every employee by frappe restricts the employees, so that they can only enter themselves in employee fields. The only way to lift that restriction, is to delete it completely. I am searching for a way in between, to only lift the restriction for certain doctypes.

Create new role “Training Administrator” (or whatever name).
Set this role to be able to access all the relevant doctypes.
Assign this role to her user.

She is able to see, access and alter the relevant doctypes. I already assigned it to her role. That is not my problem.

This user permission, which restricts her to her employee-ID, is interfering:

This is the relevant table which she can only fill in with her own employee-ID:

I want her to be able to fill in all employee-IDs. But only in this one doctype.

For doctype Attendees field employee check the ignore user permission as below

this setting will cause normal users see other users training event also, you can re-apply the employee filter via permission query server script.