4 Simple Steps to Staying Compliant When Using SMS Messaging
Yet another company (Quigley and Carter Limited) have been fined by the ICO for not having permission to send SMS messages. In this case (you can read our blog about the last one here), they had outsourced their marketing to a third party who then sent messages on their behalf.
So is staying compliant with the regulations regarding SMS messaging so difficult? It doesn’t have to be. In fact, if you do your own marketing, the ICO recommends just four steps you need to do when sending SMS messages.
Step One
Only send messages to people who have explicitly opted into receive them. Simple enough yes?
There is one exception to step one that makes communicating with existing customers easier however. You can send messages to current or previous customers if the message is about your “own similar products” and you offered them a chance to opt out when they gave you their mobile number.
So if you had someone purchase a TV from you, and they gave you their mobile number during the transaction, you can send them messages about related electronics products and services you provide. You can’t send them messages promoting other goods or companies that are unrelated.
In summary, step one means you can safely send messages to a confirmed opt in, or a previous customer who made a related purchase.
Step Two
Always provide an opt out option.
No exceptions to this rule. The form the opt out takes needs to be simple though. If you have an opt out process that makes it too difficult for a customer to find it, or to request to be taken off the list, then chances the ICO might see that as an attempt to avoid the requirement.
The ICO actually recommends you offer the opt out via a reply SMS message or by a link that takes the recipient directly to an unsubscribe option.
Step Three
You need to maintain a list of everyone that opts out.
This is another simple one, but perhaps not something everyone realises they need to do. If someone opts out, you need to stop sending them messages of course. But that means keeping a record of their opt out request, and not simply removing them from the send list. You’ll see why in Step 4.
Step Four
You need to screen your list against the opt out list from Step 3.
If someone opts out, you don’t want to ever send them a message again (unless they re-opt in later).
That means every time you send a campaign, you need to check the send list against the opt out list.
This also assumes that both lists are kept current at all times. Fortunately, with services like our NetMessenger, the opt out list (called the blacklist in our system) is always maintained. That means you can check your active list against your blacklist with a click of a button. This is called “cleaning” your distribution list and it ensures you are following step 4.
Outsourcing Or Buying Lists
It seems that most companies that get in trouble with the ICO for sending spam do one of three things: Buy a list, outsource their marketing, or use robo-callers.
It’s obvious that robo-callers that dial random numbers do not fit with the policies of permission based marketing required by law. But you can be compliant if you buy a list or outsource, but the process involves more steps than the four simple ones listed above.
To help everyone, the ICO created a Direct marketing checklist for marketers and organisations to use when sending electronic communications. The four steps above are listed under the “Marketing by email or text” section. But the document goes into a detailed check list for buying lists or outsourcing to a company that does. It also includes items for other forms of marketing like voice calls and mail.
You can download a copy of the checklist here. If you have any questions about how easy it is to comply with the regulations, we’re also here to help. We work with organisations of all sizes and sectors, so chances are we’ve heard your question before and can answer it quickly. You can catch us on our live chat, via email or phone.
Related Articles
4 Simple Steps to Staying Compliant When Using SMS Messaging
Yet another company (Quigley and Carter Limited) have been fined by the ICO for not having permission to send SMS messages. In this case, they had outsourced their marketing to a third party who then sent messages on their behalf. So is staying compliant with the regulations regarding SMS messaging so difficult? It doesn’t have to be.
ICO issues a huge fine for massive illegal SMS campaign
ICO, the Information Commissioner's Office, has recently imposed a huge fine on direct marketing company Help Direct UK for sending illegal SMS messages.
How are companies sending all those SMS messages illegally?
SMS Marketing – Should You Buy a List?
Starting an SMS marketing campaign can be a daunting task. Gathering explicit opt ins can take time, as you need to make an investment in advertising. So why not just get a jumpstart and buy a list of mobile numbers from an organisation that already has the opt ins? You could do that, but it’s probably harder than just getting people to opt in on their own. Here’s why.
GDPR: Here’s What You Need to Know for Your SMS Messaging
The UK may be leaving the EU, but the GDPR is still coming. Find out what it means for your business, and your SMS messaging, in our post that looks ahead and reviews the ICO guidance to prepare for the new rules.
Why Brits are Lucky When it Comes to SMS Spam
SMS spam is a problem worldwide. But in the UK, we’re less likely to get it than many other countries. Find out why that is, see some examples, and how you can do your part to keep your SMS messages free of spam.
Be Careful When Reading About Shortcodes and VMNs
When you start using SMS marketing, one of the first decisions you need to make is whether or not you’ll need to get replies. If you do, then you’ll need to decide between shortcodes and a virtual mobile number (VMN, also called longcode). If you don’t, then that’s alright too.
SMS Marketing: An Essential Guide to PECR
The PECR Regulations, better known as the Privacy and Electronics Communications (EC Directive) Regulations 2003 are one of the most important pieces of legislation affecting those involved in SMS Marketing. They exist to safeguard the privacy and use of personal information when used for direct marketing through electronic means, including communications by SMS. Parts of it crossover with the Data Protection Act 1998 (DPA) and where it does so, both pieces of legislation should be complied with. Unlike the DPA, the PECR is obligatory whether or not you process personal data in the course of your business. Read this essential guide to PECR for SMS Marketing to ensure you know everything you need to know.
SMS and the Future of Sales and Marketing
Four years ago, reputable commentators in The Guardian were wondering if SMS - short message service or text messaging - had peaked in performance after a two-decade exponential rise. Here we look at the evidence which shows that SMS is not only going strong, but continuing to stand out as an essential marketing channel for many businesses.
SMS Marketing – A Brief Guide to the Data Protection Act 1998
Any UK business that collects, stores and uses other people’s personal data for purposes such as marketing and selling is subject to the rules of the Data Protection Act, and those using SMS marketing are no exception. Having a basic understanding of the DPA legislation and its main requirements is useful to maintain best practice in direct marketing such as SMS marketing and also helps to uphold your hard won customer trust - as well as avoid the potentially costly consequences of falling foul of the law. Read this article to learn how to avoid the simple pitfalls and get your SMS marketing campaign off to the right start.