SMS Marketing Compliance and The New GDPR Regulations
There’s no doubt that SMS marketing is a great way of interacting and communicating with customers. As numerous stats show, nowadays millions upon millions of people use their mobile phones to send text messages.
Not only that but we’re a generation addicted to our handsets, meaning we’re receiving and reading messages quicker than ever. SMS messages have a higher open rate than emails, and many surveys have found that users would prefer to communicate with businesses via texts rather than any other form of communication. In short, SMS marketing is popular and it works – but that’s not to say it doesn’t come without its complications.
As with anything in business, there are rules and regulations that need to be followed. Some of the key ones are laid out in the UK Privacy and Electronic Communications Regulation (PECR) – and while this can seem like a daunting document at first, it doesn’t need to be.
As long as you are aware of the important points and are operating within the law, you have absolutely nothing to worry about with SMS messaging and marketing. One of the key areas to be aware of is how you get the information of those you’re contacting…
The Numbers You Contact Need to be Opt-In
You can’t contact anybody via SMS messaging unless they have opted-in to receiving communications from you. There are two types of opt-ins that you need to be aware of – the distinctions are quite key.
One is considered “hard”, in which you specifically requested their permission to send them text messages (perhaps through them ticking a box on your website or a form) and they confirmed that this was okay. It is always important in this instance to be clear about what you will be doing with their information when they sign up.
You should also keep a record of how you confirmed their acceptance. In the event that anyone should make a complaint, this will be of great value to you. You can contact “hard” opt-ins as much as you want (although sending too frequently isn’t advised as you can end up annoying your subscribers).
The other type of opt-in is known as “soft”. This is where you may already have someone’s contact information (e.g. name and number) because they have been a customer previously or they’re a current customer. Additionally, if you have someone’s details because they contacted you to discuss your services or a purchase but they never became a customer, this would also be known as a “soft” opt-in.
You can potentially contact these types of individuals without their specific consent beforehand. However, the message that you send them has to be related to whatever service or product you initially discussed with them.
For example, if you spoke with them about buying a phone from you, you can’t then contact them about discounted holidays or window cleaning services. You might be able to message them about anything relating to the phone though – for example, cheap mobile packages or new phone covers.
However, the “might” is because if someone is a “soft” opt-in, they must have also been given the chance to opt-out from all marketing at the point when you first collected their data. The rules concerning “soft” opt-ins are quite vague and easy to misconstrue, so for the avoidance of doubt, it is always best to use a “hard” opt-in.
Always Give People The Option to Opt-Out
When you’re messaging contacts, regardless of how you have obtained their information, it is important to offer the option for users to opt-out. If they’re a “soft” opt-in, the rules are very strict that you must include instructions for opting-out in every message.
If they’re a hard opt-in, then it doesn’t have to be quite as blatant but it should still be clear, simple and easy for them to be able to opt-out. It may seem frustrating when you want to keep everyone on your messaging list, but annoying customers and risking becoming a spam complaint just isn’t worth it.
Giving customers the chance to easily opt-out will leave them feeling a lot less frustrated (for example, if they realise they’ve changed their mind since first opting in) and will see them potentially repeating their custom once again.
You Need to Know About The EU General Data Protection Regulation
The data protection directive has had a fresh makeover and coming into action now is the EU General Data Protection Regulation (GDPR). The idea is that it will make the data regulations cohesive across the EU member states. It requires that any information is processed lawfully, fairly and transparently.
It also dictates that when information is collected, it is specified explicitly what it will be used for and is taken for legitimate reasons. Additionally, it can’t be processed again for any other purposes beyond the initial reason.
Any personal data that is kept on file should have been consented to by the subject – and it must be possible for anyone using the information to show that it was given freely, in an informed way, for the specific purposes that you are using it for.
As part of the GDPR, silence, boxes that have already been ticked (and require opt-outs) or inactivity cannot be considered as consent.
Information must also be kept in a way that means subjects who have their information being kept on file can get in touch with you easily and request that their details are removed from your system (and any other system they may be on). They can also request details on how their information is being used. This means keeping an organised record of where all contact details are and who it relates to.
Finally, it is important that all information is stored securely and is protected against any unlawful or unauthorised processing. It should also be kept safe from damage, destruction or accidental loss. This also includes keeping it away from hackers who could potentially steal and use this information.
With the GDPR, the person who the data relates to now holds a lot more rights over their information and how it is being used. It is therefore very important to ensure your company respects these regulations and is in compliance with the various legislations that you are working under. Not only does it demonstrate good working practice and help to foster positive relationships with clients, but it also protects your company should claims be made against it.
Get in touch
To find out how FastSMS can help your business stay compliant with its SMS marketing, or for any help and advice, contact us today.
In many of our previous posts, we have discussed the whys and hows of SMS marketing, listing the benefits, and the impacts on lead generation. There’s no doubt that by employing a marketing strategy that uses business SMS as a medium that your processes will become more efficient and your leads will become more targeted, meaning a better ROI. Here we will look at the best practices for SMS marketing to ensure your campaigns are offering the best for you and your users.
The PECR Regulations, better known as the Privacy and Electronics Communications (EC Directive) Regulations 2003 are one of the most important pieces of legislation affecting those involved in SMS Marketing. They exist to safeguard the privacy and use of personal information when used for direct marketing through electronic means, including communications by SMS. Parts of it crossover with the Data Protection Act 1998 (DPA) and where it does so, both pieces of legislation should be complied with. Unlike the DPA, the PECR is obligatory whether or not you process personal data in the course of your business. Read this essential guide to PECR for SMS Marketing to ensure you know everything you need to know.
The Information Commissioner’s Office (ICO) issued seven monetary penalties against companies this year. We’ve read through them all – so you don’t have to – and discovered two lessons every company should learn about SMS marketing if they want to be successful.
ICO, the Information Commissioner's Office, has recently imposed a huge fine on direct marketing company Help Direct UK for sending illegal SMS messages.
Need to know all about mobile marketing with SMS messaging? We’ve pulled together the top ten blog posts that tell you everything you need to know. The list starts with the basics and goes through analysing the success of your campaign.
The first thing to remember is that legally, you must give the customer the chance to both opt-in and opt-out of your SMS campaign - but the good news is people are happy to opt-in - 49% of them according to a 2014 survey. So all you need to do is stay compliant and follow some basic guidelines to grow your list.
Any UK business that collects, stores and uses other people’s personal data for purposes such as marketing and selling is subject to the rules of the Data Protection Act, and those using SMS marketing are no exception. Having a basic understanding of the DPA legislation and its main requirements is useful to maintain best practice in direct marketing such as SMS marketing and also helps to uphold your hard won customer trust - as well as avoid the potentially costly consequences of falling foul of the law. Read this article to learn how to avoid the simple pitfalls and get your SMS marketing campaign off to the right start.
As an entrepreneur, it is notoriously difficult to get your message out there. It's even harder to get seen and heard in a meaningful way that doesn't offend people. Email marketing has been the darling of entrepreneurs for years, but it's time for something new. Something that supersedes the email and circumvents the spam folder.