Arkandis / legal
Vendor policy.
The standards every data-owner partner must meet before a dataset enters the registry. This is the formal version of what our Approach page describes.
01Who this applies to
Anyone supplying data for us to license.
This policy governs every company or individual (“vendor,” “data owner,” or “supplier”) that provides data to Arkandis for evaluation, clearance, or licensing to AI labs. It applies from initial submission through the end of any resulting license term.
02Eligibility
You have to own it, or have the right to license it.
A vendor must be the originator of the data or hold a documented, contractual right to sublicense it. We verify title and authority before diligence begins, and we do not accept data whose origin can’t be shown.
- Proof of title or license authority
- No aggregated or resold inventory
- Corporate signatory required
- Ongoing right to warrant the data
03Consent & legal basis
Every record needs a defensible reason to exist.
Vendors must document the consent basis or other legal basis (contract, legitimate interest, legal obligation) for every record supplied, mapped to the jurisdictions the data touches. Where the basis is unclear, we work with the vendor to re-consent affected users or remove the affected records — we don’t assume it’s fine.
04Preparation standards
De-identified before it’s registered — by you, or by us.
Vendors are expected to de-identify and scrub PII consistent with the relevant framework (GDPR, CCPA, or sector-specific rules) before submission. Where a vendor would rather not handle this in-house, Arkandis can perform de-identification and PII scrubbing directly, under a separate data processing agreement. Either way, the work is independently verified before a dataset is registered. Third-party IP and embedded content must be identified and disclosed at submission.
- De-identification — self-managed or by Arkandis
- Third-party IP disclosed upfront
- Format & metadata requirements
- Independent verification by Arkandis
05Ongoing obligations
Notify us the moment something changes.
Vendors must notify Arkandis promptly if a consent basis changes, a user revokes consent, or a legal claim arises over supplied data. Revocations are propagated to the dataset’s provenance manifest and covered by the deletion terms of any resulting license.
06Compliance & audit
We can check, and we do.
Arkandis reserves the right to audit a vendor’s consent and provenance records at any point during a license term. A material breach of this policy is grounds for removing a dataset from the registry and terminating the vendor relationship.
07Onboarding
Start with a short call.
From there, sourcing, clearing, preparation, and licensing follow the process described on our Approach page.
Think your data meets these standards? Let’s find out.