4 Simple Steps to Staying Compliant When Using SMS Messaging

Yet another company (Quigley and Carter Limited) have been fined by the ICO for not having permission to send SMS messages. In this case (you can read our blog about the last one here), they had outsourced their marketing to a third party who then sent messages on their behalf.

So is staying compliant with the regulations regarding SMS messaging so difficult? It doesn’t have to be. In fact, if you do your own marketing, the ICO recommends just four steps you need to do when sending SMS messages.

Only send messages to people who have explicitly opted into receive them. Simple enough yes?

There is one exception to step one that makes communicating with existing customers easier however. You can send messages to current or previous customers if the message is about your “own similar products” and you offered them a chance to opt out when they gave you their mobile number.

So if you had someone purchase a TV from you, and they gave you their mobile number during the transaction, you can send them messages about related electronics products and services you provide. You can’t send them messages promoting other goods or companies that are unrelated.

In summary, step one means you can safely send messages to a confirmed opt in, or a previous customer who made a related purchase.

Always provide an opt out option.

No exceptions to this rule. The form the opt out takes needs to be simple though. If you have an opt out process that makes it too difficult for a customer to find it, or to request to be taken off the list, then chances the ICO might see that as an attempt to avoid the requirement.

The ICO actually recommends you offer the opt out via a reply SMS message or by a link that takes the recipient directly to an unsubscribe option.

You need to maintain a list of everyone that opts out.

This is another simple one, but perhaps not something everyone realises they need to do. If someone opts out, you need to stop sending them messages of course. But that means keeping a record of their opt out request, and not simply removing them from the send list. You’ll see why in Step 4.

You need to screen your list against the opt out list from Step 3.

If someone opts out, you don’t want to ever send them a message again (unless they re-opt in later).
That means every time you send a campaign, you need to check the send list against the opt out list.

This also assumes that both lists are kept current at all times. Fortunately, with services like our NetMessenger, the opt out list (called the blacklist in our system) is always maintained. That means you can check your active list against your blacklist with a click of a button. This is called “cleaning” your distribution list and it ensures you are following step 4.

It seems that most companies that get in trouble with the ICO for sending spam do one of three things: Buy a list, outsource their marketing, or use robo-callers.

It’s obvious that robo-callers that dial random numbers do not fit with the policies of permission based marketing required by law. But you can be compliant if you buy a list or outsource, but the process involves more steps than the four simple ones listed above.

To help everyone, the ICO created a Direct marketing checklist for marketers and organisations to use when sending electronic communications. The four steps above are listed under the “Marketing by email or text” section. But the document goes into a detailed check list for buying lists or outsourcing to a company that does. It also includes items for other forms of marketing like voice calls and mail.

You can download a copy of the checklist here. If you have any questions about how easy it is to comply with the regulations, we’re also here to help. We work with organisations of all sizes and sectors, so chances are we’ve heard your question before and can answer it quickly. You can catch us on our live chat, via email or phone.