Data licence compliance is a legal and commercial imperative

Organisations that provide data to third parties have a legal responsibility to assure compliance with any limitations placed on the data. It is an essential data protection requirement to ensure that data is only used in ways that are compatible with the information provided to the person the data relates to and the consent they gave. It is also commercially sensible to ensure customers comply with your contract and don’t owe additional royalties to you.

DQM GRC is long established as the leading provider of data licence assurance services to the UK’s commercial data owners.

Data Licence compliance

Trusted by

How does a Data Licence Audit work?

Our specialist auditors will work with you to create a bespoke audit plan that meets your needs and requirements.


Audit templates

We will create one or more bespoke audit templates based on the terms of your licences or contracts for your approval.
This process includes establishing the audit framework and criteria to ensure that our audit is appropriately sensitised to areas of non-compliance with the contract. This will include ensuring customers understand and adhere to their obligations regarding reporting and payments, further licensing to third parties and ensuring what customers report to you is accurate.


Test audit

We will carry out a test audit to ensure that the audit template works as intended and the report meets your requirements.


Audit plan

We will work with you to design a suitable audit plan and schedule. This includes defining the scope and frequency of audits.


The audits

We will carry out the audits according to the agreed plan.
Depending on your preference, we can work directly with the audit subjects to schedule the audits or you can do this yourselves.


Formal procedural steps

We will work with you to monitor the ongoing effectiveness of the audits.
The frequency of this review cycle will be agreed with you, but will be triggered by changes to contract or licence terms, known breaches and incidents, and will take place at least annually.

What to expect

Your auditor will typically take two days to complete an audit.

The audit will be a combination of interviews with key individuals, reviews of documentation and sample checking. We aim to provide written reports to you within ten working days of the audit commencing. If any additional royalties are owed to you, we will deliver the evidence of this so you can pursue this with your customer.

If you wish, our consultants can work with your audit subjects to help them address areas of non-compliance. We can maintain strict barriers between our audit and consultancy teams to avoid conflicts of interest.

Service benefits

  • Increase revenue by recovering unpaid royalties and resolve issues with under-reported sales.
  • Ensure customers are compliant with their data protection responsibilities.
  • Help customers understand their data usage and get the most out of their licence.
  • Maintain contract compliance by ensuring complex licence agreements are understood and enforced.
  • Improve business relationships and reassure stakeholders that your assets and intellectual property are being handled correctly by customers.
Bespoke auditing solutions

Make it your own

We can tailor your audit programme to your specific needs and requirements. Examples include:

  • Helping you define standards for your data recipients to meet;
  • Reviewing your contracts and licences to ensure they remain in line with best practice and protect you and your data subjects appropriately;
  • Incorporating a data seeding programme to provide evidence of data usage; and
  • Any other support to meet your needs – just ask.

contact us