5 Common Questions About SMS Marketing Compliance
Electronic marketing is a tricky thing. There are rules and regulations you need to follow, and it can all seem pretty intimidating at first. Thankfully, the rules laid out in the UK Privacy and Electronic Communications Regulation (PECR) are fairly simple to follow once you understand them, their implications, and for lack of a better word, mushy parts. To help you get started, I’ve gathered five of the most commonly asked questions about SMS marketing and the regulations and summed them up here.
1. Do I need to use an opt-in?
The short and long answer to this one is: Yes. But there are two types of opt-ins. There are “hard” opt-ins and “soft” opt-ins. A soft opt-in is when you already have personal information (like a name and mobile number) of current or previous customers. A lead that never became a customer but contacted you to “negotiate” services or a purchase can also be a soft opt-in. You can potentially send all these types of people messages without specific prior consent.
However, there are some conditions. The SMS marketing messages you send have to be related to the original purchase or service provided or discussed. You can’t send a message promoting a discounted trip to Bali if they bought a computer from you. But you might be able to send a message about discounts on a new hard drive upgrade.
Notice the “might” in that last sentence. Another condition you must meet to use a soft opt-in is that the person must have had the option of opting out of all marketing when you originally collected their data. This option to opt-out could take different forms, but it must have been clearly offered if you want to use their information for marketing in the future.
This is one of the mushy parts of the regulation, even though the conditions are spelled out clearly. For example, there is no hard definition of what “related” means exactly. Maybe you bought your computer in Bali and the trip offer is related. Also what constitutes a “negotiation” or discussion of a sale is also rather vague. Since these parts aren’t always clear we recommend using a hard opt-in.
A hard opt-in is when you specifically request permission to send SMS marketing messages. This can be done by an opt-in on your website, or a print advert with instructions on how to sign up. As long as it is something someone deliberately does and you are clear in what you’ll do with the information then you’ll be compliant with the PECR. In this case either someone signed up to your list or they didn’t. Not mushy at all.
One other important note is that the soft opt-in rule only applies to commercial marketing. Other types of organisations such as charities or political parties are not allowed to use the soft method at all.
Also, no information obtained from a third party can be used for marketing without a direct consent. So if you purchase a list from another entity, you cannot use the soft opt-in method for those contacts. You cannot send messages at all unless they specifically give you, the sender, explicit permission. This is different than other forms of marketing where sharing the data with third parties is commonplace. Don’t do it when using electronic marketing, especially SMS messaging.
2. Do I really need opt-out instructions in every message?
The answer depends on whether or not you have a soft opt-in list or a hard list. The PECR requires that any message sent to a soft contact must include opt-out instructions in every message. It is very clear about that!
Hard opt-ins though, need to be given a clear, “simple” way to opt out. This means you can’t require them to send you a note in writing. You can’t require them to jump through any hoops that are designed to make it difficult to get off a list.
While not required, the PECR recommends marketers use the same method as the soft list, which is to provide a method of opting out in every message. This is what we recommend too, as it is the easiest for both you and the person on your list. And though you don’t want people to unsubscribe, if they do, you’re better off making sure they stay off your list than risk a spam complaint. But more on that in question 5.
3. Is there a limit on the number of messages I can send?
There aren’t any specific limits set in the regulations. But you need to remember what it is you’re doing. SMS marketing isn’t like email. It is much closer to telephone marketing since it contacts the person is a very personal way on their mobile. Everyone knows that getting called multiple times a day by a marketer would be annoying and likely to cause a complaint being filed.
That same common sense applies to SMS marketing. So while you can send ten messages to someone every day, you really don’t want to (unless it really does fit your business and customers – read on). Instead, do some research to see how many messages your customers are willing to accept. You can run a survey of existing customers, use a survey someone else did in the same industry, or as a last resort use trial and error.
Whatever you decide on, let the customers know what to expect. If you run a restaurant, will you send your lunch specials out to them once a day, five days a week? Or will you run a weekly discount for the most loyal customers by sending one message a week? Whatever it is, tell the people on your list so they know what they will get when they sign up.
If you start getting massive opt-outs, chances are you’re sending too many!
4. Can I ask my list to forward the list to others?
One way some businesses try and get around some of the opt-in rules is to ask their list to forward offers on to other people – who then get added to the original list. But this is specifically called out as a violation of the PECR.
This practice is sometimes called viral marketing. It’s kind of like referral marketing on steroids. You tell two friends, then they tell two friends, and on and on. Suddenly you have thousands more getting your messages than you have on your list.
Now, anyone can forward your message and there’s nothing you can do about it. But a forwarded message alone isn’t where the violation comes in. The PECR specifies that the forwarding needs to have been “instigated” by you in order to be a violation. So avoid phrases or requests that ask people to share the messages because by doing so you’re instigating the action.
5. What happens if I violate the rules - accidentally of course?
The Information Commissioner’s Office (ICO) is responsible for investigating violations. If they received enough complaints, or other information, they will investigate your company. What happens after that depends on what they found.
For example, let’s say somehow you didn’t screen messages against the list of people who’ve opted out and sent them all messages. If this happened one time and it was due to a computer or procedural error, they might issue you a warning that you need to improve your message processing. They might come back and inspect to see whether you did or not.
If you continue to have violations they will take more action each time, potentially leading up to huge fines. But those are usually reserved for the worst – and arguably deliberate – violations of the regulations.
It’s scary, but a single violation isn’t likely to cause much harm in the long term. Just be prepared to fix whatever went wrong.
Learning more about SMS marketing
The questions and answers above aren’t meant to replace a thorough understanding of the full set of requirements. The ICO website has a great walkthrough of the regulations aimed at helping business people stay compliant.
You should also know that these rules apply to the UK. If you’re planning to send marketing messages to another country, then be sure to check on the local rules there too.
As an entrepreneur, it is notoriously difficult to get your message out there. It's even harder to get seen and heard in a meaningful way that doesn't offend people. Email marketing has been the darling of entrepreneurs for years, but it's time for something new. Something that supersedes the email and circumvents the spam folder.
SMS Marketing, also known as test message marketing, is one of today's most powerful and cost efficient marketing tools when used correctly and offers endless opportunities with a little creativity added to the mix. However, whether careless or intentional, some mistakes can be harmful to your brand and reputation - as well as leaving you in legal trouble in certain circumstances. Luckily, this is extremely rare and it is easy to stay safe and make sure your SMS Marketing is an all round success. In this article, we look at come examples of how not to do things and offer our advice for ensuring your campaigns are effective and profitable.
Yet another company (Quigley and Carter Limited) have been fined by the ICO for not having permission to send SMS messages. In this case, they had outsourced their marketing to a third party who then sent messages on their behalf. So is staying compliant with the regulations regarding SMS messaging so difficult? It doesn’t have to be.
The PECR Regulations, better known as the Privacy and Electronics Communications (EC Directive) Regulations 2003 are one of the most important pieces of legislation affecting those involved in SMS Marketing. They exist to safeguard the privacy and use of personal information when used for direct marketing through electronic means, including communications by SMS. Parts of it crossover with the Data Protection Act 1998 (DPA) and where it does so, both pieces of legislation should be complied with. Unlike the DPA, the PECR is obligatory whether or not you process personal data in the course of your business. Read this essential guide to PECR for SMS Marketing to ensure you know everything you need to know.
One of the most interesting use cases for SMS messaging is the financial industry. Just a couple weeks ago I wrote a blog on 7 ways the financial industry can use SMS messaging to communicate with customers. In this blog I'll expand on the topic from a different perspective: personalisation.
As with anything in business, there are rules and regulations that need to be followed. Some of the key ones are laid out in the UK Privacy and Electronic Communications Regulation (PECR) - and while this can seem like a daunting document at first, it doesn't need to be...