Try the course before you roll it out.
A two-minute preview of PrivOptic's plug-and-play privacy training. Click through a real sample lesson, a knowledge check, and a scored mini-assessment below — the same experience your team gets in the full 9-module course.
The two regimes
The EU GDPR and the UK GDPR share about 90% of their DNA — same principles, same rights, same 72-hour breach deadline. But since the UK's Data (Use and Access) Act 2025 came into force in February 2026, the two have started to diverge. Here's one place that matters when you rely on legitimate interests.
Every reliance on legitimate interests needs a full balancing test — purpose, necessity, and the individual's rights, documented in an assessment.
For a list of recognised legitimate interests (e.g. crime prevention, safeguarding, emergencies), no balancing test is required. Everything else still needs one.
Get the full 9-module course
SCORM package + standalone HTML, white-label in minutes, tailored to employees, candidates, contractors, consultants, and third parties. Drops into any LMS.
View the course →