30 controls your firm needs to meet. Each item references specific UK data-protection law — UK GDPR, DPA 2018, PECR, FCA SYSC, ICO accountability framework. Click any row to cycle: Not Met → Partial → Met. If you're unsure, leave as Not Met and use the Gap Analysis tab for chapter-by-chapter guidance.