Are you confused about the regulations governing text messaging? It would be easy if one set of rules governed the states and countries you text regularly. Unfortunately, the more places you text, the more regulations you’ll have to consider.
Here’s a beginner’s guide to compliance for companies using business-to-person texts in the United States, the European Union and the United Kingdom. And even if you’re an old hand at text messaging, we may have some good advice for you, too.
The U.S. Congress originally created the Telephone Consumer Protection Act (TCPA) to combat unsolicited phone calls, and it has expanded to include new technologies like text messaging. It contains specific restrictions and penalties that companies ignore at their peril. The fines can be as much as $1,500 per message sent. In one of the first class-action lawsuits concerning texting, Papa John’s settled the case against it for $16.5 million in 2013.
Perhaps the most important portion of the TCPA concerns acquiring permission to text. You must have express written consent before your company can legally send text messages to anyone. Before that first text goes out, your customer must say it’s okay or “opt in” to receiving your text messages.
That generally means the first contact must made by a different type of communication. Email, online applications, online communication preferences, direct mail, comment cards, and point-of-purchase materials are some of the most common. Some companies ask customers to text them first, and that action starts an automated chain of messages that allows the customer to opt in.
When a company responds to a request to text, the first text they send must contain a few elements. Here they are:
That’s quite a bit to include in 160 characters, so you can design a series of automated texts that contain the information. Your second text can explain any coupons, discounts or other promotions you’re offering.
In the years since the General Data Protection Regulations (GDPR) hit the streets in the European Union, it’s become clear that all businesses, regardless of size, need to understand what the GDPR requires. The EU is serious about enforcing its provisions.
Fines have ranged from €2.5 million to €225 million for non-compliance. Although these fines may be negligible to multinationals, smaller companies could be devasted by them. Smaller companies and individuals are not exempt from harsh penalties and the costs associated with defending the charges.
The same rules apply in the United Kingdom as they do in the European Union. The UK agreed to GDPR and Brexit has not changed anything.
Of course, companies that conduct business in the EU and the UK are directly affected by the GDPR rules. But so are companies with customers there. That could be you. Also, your company might be affected if someone living in the EU or UK visits your website and allows you to install cookies on their computer. The more contact you have with people in the EU, the more risk you assume.
The GDPR is based on seven basic tenets:
As the EU has updated the GDPR, you need to know what’s changed:
If you thought you could simply wait out the implementation of TCPA and GDPR and fly under the radar, you might need to rethink your strategy. They are not going away, and privacy regulations are growing.
You must track who opts in and who opts out of your text marketing campaigns, and you must have explicit consent to collect and process a customer’s personal information. You’ll also need to track who is already in the system to keep one person from opting in multiple times, and you’ll need to be able to erase a person’s data from all parts of your system, if requested.
SMS-Magic can make compliance easy, particularly if you’ve tied your text messaging campaigns into your CRM. We can help you keep up with customer permissions as they opt-in (and perhaps opt-out) of your messaging campaigns.
Our back-end systems are structured so that we can display individual requests, and we can prove you’ve complied with customer requests. You won’t have to worry about regulators asking to see your records. We use on-going processes to collect and store information about distribution and can share it with regulators, if necessary.
Protecting privacy is a complicated question, but with the right partner, the answer can be simple. Let SMS-Magic help you reach your customers while you’re protecting their privacy.
Contact us to answer your questions, set up a demo or start your free trial. Let us show you why your compliance worries will disappear with SMS-Magic!