Ensure compliance with privacy laws for your 10DLC campaign with 4 key tips on crafting a comprehensive Privacy Policy. Learn how to protect consumer data and pass CTIA standards for SMS marketing.
This information does not constitute legal advice. Every company has different policies, business needs, and compliance risks. We recommend seeking specific legal advice before adopting any of the compliance practices listed below.
Message Senders are responsible for protecting the privacy of consumers information and must comply with all applicable privacy laws. How the business manages this should be documented in the companies Privacy Policy.
While your 10DLC campaign is being reviewed, it will be evaluated on a number of criteria, including your businesses Privacy Policy. This guide will walk through the four key tips to ensure your Privacy Policy is compliant and approved for your 10DLC campaign review.
For your 10DLC campaign review, your Privacy Policy should not only exist, but also should be publicly accessible from your business website. The policy should be conspicuously placed within your Website footer.
Within your 10LDC campaign submission, be sure to include a link to your Privacy Policy in your submission. The reviewer will be looking for it.
In addition to your Privacy Policy being part of your website, this policy must be mentioned as part of the invitation for users to sign up or opt-in when a messaging campaign is undergoing the approval process.
The policy should be place conspicuously within your opt-in form.
Within your Privacy Policy itself, you want to ensure it includes all of the required information. A 10DLC campaign’s privacy policy could be rejected if it is absent or if it fails to meet compliance standards.
Key items to include in your Privacy Policy include:
Provide consumers with a clear understanding of who is collecting their information. The policy should clearly state the name of the company or service provider the consumer is consenting to receive messages from.
The policy must detail the types of personal information collected from users. This includes both information that users actively provide (such as name, phone number, and email address) and information automatically collected through technical means (like cookies, web beacons, or usage details).
It is essential to specify why the data is being collected. Whether for marketing, customer service, transaction processing, or other purposes, transparency about the intent behind data collection is crucial.
The privacy policy should clearly explain how the collected information will be used. This includes detailing any processing, analysis, or sharing of data with third parties.
The policy must outline how consent is obtained from consumers for collecting their personal information. It should also explain how users can withdraw their consent at any time and the process for doing so.
Details on how the collected data is protected should be included. This includes physical, administrative, and technical safeguards put in place to protect personal information from unauthorized access, disclosure, alteration, and destruction.
The privacy policy should specify the duration for which the data will be retained and the criteria used to determine this duration. It should also explain how and when the information is disposed of.
The policy should clearly describe the rights of consumers regarding their personal information, including the right to access, correct, and delete their data. It should also provide information on how consumers can exercise these rights.
A statement should be included on how and when the privacy policy may be updated. It should also detail how consumers will be informed of these updates.
Finally, the privacy policy should provide clear contact information for consumers to reach out with questions or concerns about their privacy and data usage.
Your Privacy Policy must state that no mobile information will be shared with third parties or affiliates for marketing or other promotional purposes. You are permitted to share information with subcontractors related to the support services (e.g. customer service).
All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Start your 14 day free trial and Discover the power of SMS marketing to reach your audience well. Our unique integrations save you time and improve your customer experience and satisfaction.
Ensure 10DLC compliance in your marketing campaigns. Get best practices and tips to ensure your campaigns meet standards & maximize effectiveness.
Planning on using SMS software? If so, A2P 10DLC compliance is vital for the success of any campaign. Learn more about the process with this guide...
Understand 10DLC and its impact on business texting. We provide essential insights into 10DLC, what it is, why it matters, and how you can adapt.