Skip to main content

Understanding SMS Marketing Consent - Laws & Compliance

Updated

Disclaimer: This information is provided as guidance only. Customers should consult their local laws and regulations to ensure compliance with SMS marketing requirements. As compliance regulations frequently change, customers are responsible for keeping their practices up to date.

Marketing Communications

The SMS Marketing Campaigns feature allows you to connect directly with your customers, providing a fast and effective way to share promotions, updates, and personalized messages. However, to comply with CASL when sending commercial electronic messages (CEMs), businesses must obtain proper opt-in consent before launching any marketing campaign, ensuring only those who have agreed to receive communications are included in the targeted audience.

Next up, stay informed about the Disallowed Content in SMS Marketing.

Consent Requirements for SMS Marketing

Similar to email marketing, sending SMS marketing messages requires that clients provide explicit consent. The three types of consent also apply to SMS marketing:

  • Explicit Consent: A guest must actively agree to receive SMS communications, typically by checking an opt-in box at the time of providing their phone number or through a dedicated consent request.

  • Implied Consent: This applies when a guest provides their phone number but does not explicitly opt-in to receive SMS marketing messages. However, it is crucial to note that some regions may not allow implied consent for SMS communications.

  • Unsubscribed: A guest who has opted out of receiving SMS messages must be excluded from your marketing campaigns. Guests can unsubscribe by replying to an SMS message with a keyword such as "STOP" or by updating their preferences online.

Consent Tied to Phone Number and Restaurant 

Consent for SMS marketing is managed at two levels: by restaurant and by phone number. In multi-restaurant accounts, guests can unsubscribe from marketing communications for a specific restaurant while still receiving them from others. Consent for SMS is tied specifically to the guest's phone number rather than the guest directly, meaning each phone number carries its consent status independently. If a guest updates their phone number, the consent associated with the old number does not automatically transfer to the new one.

SMS Marketing Compliance

To avoid fines when sending text messages related to business, investment, or donation opportunities, ensure compliance with CASL's opt-in criteria. Start by identifying your organization and any other parties involved in the message. Additionally, follow these three main requirements:

  • Obtain Consent: Ensure you have proper opt-in consent (either implied or explicit).
  • Provide Opt-out Options: Include a clear way for recipients to unsubscribe from future messages.
  • Maintain Records: Keep detailed records of when, how, and why consent was obtained.

By following these best practices, you can help ensure compliance with SMS marketing regulations and avoid potential penalties

What Libro Does

Here's what we take care for you to comply with laws & regulations:

  • Obtain Consent: SMS Marketing Campaigns are only sent to guest who have provided explicit or implicit consent, which is obtained or not through the reservation process. 
  • Provide Opt-out Options: The following legal text is automatically added at the end of the SMS you send: "STOP to opt-out".
  • Maintain Records: Once your organization obtains consent through Libro, we keep a record of the status of the consent and when it was obtained. 

Differences in CAN, US & EU Regulations

When comparing SMS marketing regulations across Canada, the US, and Europe, several differences and similarities emerge:

Consent Requirements

  • Canada (CASL): Requires explicit or implied consent. Implied consent applies if there’s a pre-existing relationship, while express consent is obtained directly from the recipient. Messages must include clear identification and unsubscribe options.
  • US (TCPA and CAN-SPAM): Requires explicit written consent for marketing messages. Consent must be clearly communicated, and messages cannot be sent during "quiet hours" (9 PM - 8 AM). Messages must also include opt-out instructions.
  • Europe (GDPR): Focuses on explicit consent for data collection, including SMS. GDPR mandates transparency on how data will be used, with clear opt-in and opt-out options. Strict guidelines on data protection and privacy are enforced.

Message Content & Identifications

  • Canada: Businesses must clearly identify themselves in the message and include a way for recipients to unsubscribe. Transparency in who is sending the message is critical.
  • US: Along with requiring identification, there are additional rules on message timing and frequency. For example, businesses must avoid sending messages during specific hours.
  • Europe: The GDPR also requires full transparency on how personal data is handled and transferred, with additional obligations for the protection of that data.

Opt-Out and Quiet Hours

  • Canada: CASL requires a simple opt-out mechanism and mandates that businesses respect the customer’s withdrawal of consent.
  • US: Under TCPA, messages must include clear instructions for opting out, and "quiet hours" rules are strictly enforced.
  • Europe: GDPR also requires a clear and accessible opt-out process. Additionally, the Privacy and Electronic Communications Regulations (PECR) work alongside GDPR in countries like the UK to regulate electronic communications.

Related articles