Data subject rights testing

Account preference testing

Consent management testing

Trusted by

Find out how we can support you with process testing

Contact us

Features and benefits


We will help you plan your testing to address each area of concern.

Confidential and subtle testing carried out using realistic profiles, planted ahead of time.

We will test any or all data subject rights including right to erasure, rectification and access.

We will test consent management or account preference management.

Our researchers are based worldwide, allowing rights to be tested globally.

A detailed report is sent at the end of the testing project.


Get reassurance that your processes are working properly.

Ensure outcomes are accurate by using realistic profiles.

Get an up-to-date report reflecting compliance levels with the UK GDPR.

Find out if consent is being properly managed by your systems.

Ensure compliance with any data protection regulations that apply to your organisation.

Get information about each individual dummy profile, which rights were tested and what the outcomes were.

Case study

The company: A British fashion and lifestyle brand requested data subject rights and consent management testing to measure their compliance with the UK GDPR and the PECR (Privacy and Electronic Communications Regulations).

The service: DQM GRC was commissioned to carry out data subject rights testing as part of a privacy assessment programme to examine our customer’s adherence in the UK to the requirements of the EU GDPR, the UK GDPR and the DPA (Data Protection Act) 2018, and the maturity of its compliance activities. The programme used the DQM GRC seeding and mystery shopping network to test email consent for marketing, postal consent for marketing, data subject access requests and the right to erasure.

The deliverables: A detailed report was delivered to the customer that included a summary and methodology for each test; details of communications via post, email and telephone, including dates; detailed observations of the customer’s data protection compliance; and remediation advice.

The results: Our customer has amended its practices to ensure that its data subject rights and consent management are now fully compliant.

Take immediate action to uncover compliance gaps and
safeguard your data with our testing services.

Contact us