TCPA & CTIA Compliance; Anti Spam Policy
Supercharged SMS
Effective: August 3, 2022
This information is not legal advice. While we do our best to provide useful information as a starting point, Supercharged SMS advises all merchants to obtain professional legal advice to ensure that all marketing campaigns are sent in full compliance with all applicable laws.
If you are one of the many merchants sending SMS marketing messages to U.S. customers, you must familiarize yourself with the local regulations and comply with them. All Supercharged SMS users can easily adhere to these regulations by following a couple of simple and intuitive steps.
The following article will introduce you to the key takeaways of the main guideline sources for SMS marketing in the U.S. – the TCPA regulations and CTIA best practices, as well as some local state rules such as the Florida Mini-TCPA and California’s CCPA, and how Supercharged SMS helps you comply with them at all times.
Understanding the TCPA and CTIA
TCPA is an acronym for the Telephone Consumer Protection Act. It is a federal law that covers the use of automated telephone communications – including phone calls, voicemails, fax machines, and text messages. It clearly defines spam text messages as an “unsolicited advertisement transmitted to any person without that person’s prior express invitation or permission, in writing or otherwise” and deems them illegal. Sending these can result in fines up to $1,500 per violation.
The CTIA stands for the Cellular Telecommunications Industry Association. It is an association created by key stakeholders in the telecommunications industry (i.e., mobile network operators) that serves, among other things, as a gatekeeper between advertisers and end-users. The CTIA is not a legal authority, and you cannot be sued for not following its guidelines, but there can be other consequences for violating them. You can be reported or flagged by the mobile carriers, which may shut down or suspend your SMS marketing campaigns to your customers. CTIA guidelines also regulate messages that contain content related to sex, hate, alcohol, firearms, or tobacco (SHAFT).
WHILE NOT FOLLOWING SOME OF THESE REGULATIONS MIGHT NOT RESULT IN ANY LEGAL CONSEQUENCES, WE ADVISE YOU TO COMPLY WITH ALL OF THEM EQUALLY TO ENSURE THE SUCCESS OF YOUR SMS MARKETING PROGRAM.
How to Stay TCPA & CTIA Compliant
Before sending marketing messages to U.S. consumers, you must:
- Obtain consent.
- Conspicuously explain what the shopper is subscribing to.
- Include a free and available opt-out mechanism at all times.
- Comply with quiet hours restrictions.
- Comply with abandoned checkout reminder regulations.
How to Get Consent
Shoppers must explicitly agree to receive promotional text marketing messages from you. When collecting phone numbers on your website, through a pop-up or another subscriber collection method, you must clearly state that the individual agrees to receive recurring marketing messages, including abandoned checkout reminders, at the mobile phone number they provide. You must mention that consent is not a condition of any purchase and provide links to your Terms of Service and Privacy Policy.
A consumer opt-in to receive messages should not be transferable or assignable, and message senders should not use opt-in lists that have been rented, sold, or shared.
With Supercharged SMS, this is done at your store’s checkout or via our various subscriber collection tools. All of them are built-in for compliance with all legal regulations and include the required legal verbiage.
NOTE, HAVING CONSENT FOR SMS DOESN’T APPLY TO SENDING OTHER TYPES OF PROMOTIONAL MESSAGES (I.E. EMAIL).
How to Provide an Opt-out Method
CTIA and carrier guidelines require you to occasionally include in your text messages clear instructions on how to opt-out, like the STOP to opt out verbiage. Some carriers ask that you do it once a month, while others – every five messages; we recommend including it every time to avoid oversight and possible sanctions.
It is important to remember that opting-out must be free and available at all times. When you use Supercharged SMS, even if your message doesn’t include verbiage such as “STOP to opt out,” a customer that replies “STOP” will be unsubscribed.
The Supercharged SMS campaign text editor automatically includes the STOP to opt out verbiage to all your text messages and ensures compliance at all times.
How to Respect Quiet Hours
Quiet hours are specific times during the day when you should avoid sending text messages to your subscribers (e.g., early in the morning, late at night).
Supercharged SMS users can set up their quiet hours from the app.
The TCPA prohibits sending text messages anytime after 9 PM and before 8 AM in the recipient’s time zone, but certain states have more restrictive rules, such as Florida – between 8 PM and 8 AM.
When to Send Abandoned Checkout Reminders
Abandoned Checkout Reminders are automated text messages sent by eCommerce merchants to shoppers who have left items in their online carts at checkout but haven’t completed their purchase. The regulations in the US on Abandoned Checkout Reminders are stricter, and on top of the other regulations, merchants must:
- Limit their Abandoned Checkout Reminders to 1 per shopping event.
- Send the Abandoned Checkout Reminder within 48 hours after the shopping cart was abandoned.
Additional State Laws
Apart from the federal law (TCPA) and the CTIA guidelines, Florida and California have issued additional relevant laws for SMS marketing. They include some specific regulations that any merchant who wishes to send text marketing messages in those states must adhere to.
Florida’s Mini-TCPA
In 2021, Florida introduced some additions on top of the TCPA, known as Florida’s Mini-TCPA. According to these additions, when sending marketing messages, merchants must:
- Respect quiet hours between 8 pm to 8 am.
- Limit messages to three within a 24-hour period (easily done with our Smart sending option).
California’s CCPA
The California Consumer Privacy Act (CCPA) is a law that came as a response to users’ concerns regarding their privacy protection. It states that every California user has the right to demand a report of all the personal information a company has collected on them and a list of all third parties this data is shared with (if any).
To comply with the CCPA, make sure that you:
- Provide customers with a contact on your website, enabling them to opt out of sharing or selling their personal information.
- Explicitly mention in your privacy policy you are using third parties such as Supercharged SMS for text marketing purposes (or any other marketing reasons), and give complete information on your vendor.
These are the general guidelines you must follow to comply with U.S. Legislation and the various ways Supercharged SMS ensures compliance at all times.
If you have any more questions about US laws and regulations, don’t hesitate to contact us.
Anti Spam Policy
Supercharged SMS definition of Text SPAM
We consider any unwanted text message (SMS) or image message (MMS) as SPAM.
Report abuse to Supercharged SMS
If you believe that you have been messaged without prior consent, or want to report abuse or violation of our service, please at laura@superchargedsms.com. We take SPAM very seriously and will investigate your report immediately and will terminate the client’s account if they do not adhere to our Anti Spam Policy.
How to unsubscribe from a Supercharged SMS campaign
Supercharged SMS allows you to quickly opt-out from any future message of a brand by simply replying with STOP, CANCEL, OPT OUT. If you are a client outside of the USA and Canada you will need to unsubscribe by clicking on our unsubscribe link. If you need more information on opting out you can at laura@superchargedsms.com.
Supercharged SMS Anti Spam Policy
Supercharged SMS has no tolerance when it comes to SPAM. If we suspect a campaign is violating our anti-spam policy, we will terminate the campaign immediately and block the user’s account.
GDPR Compliance
If you plan to send SMS marketing messages to citizens of the European Union, you must adhere to the GDPR. To do so, you must follow a couple of simple and easy steps presented in the following article.
What is the GDPR?
GDPR stands for the General Data Protection Regulation that went into effect in May 2018. It protects the privacy and personal data of individuals within the European Union and addresses data protection and privacy in the European Union and the European Economic Area.
GDPR centralizes the rules and processes businesses must follow in order to protect and respect the interests of European citizens.
How to Stay Compliant with the GDPR
When sending marketing messages to EU citizens, you must:
- Obtain explicit consent.
- Include a free and available opt-out mechanism at all times.
- Explicitly state your Privacy Policy on your checkout page and all subscriber collection methods.
Obtaining Consent
According to the GDPR, shoppers must explicitly agree to receive promotional text marketing messages from you. When collecting phone numbers on your website through a pop-up or another subscriber collection method, you must clearly state that the individual agrees to receive recurring marketing messages. You must mention that consent is not a condition of purchase and provide links to your Terms of Service and Privacy Policy.
A consumer opt-in to receive messages should not be transferable or assignable, and message senders should not use opt-in lists that have been rented, sold, or shared.
With Supercharged SMS, consent can be obtained at the Shopify checkout.
Providing an Opt-out Method
The GDPR requires you to honor their “right to be forgotten” and give customers clear instructions on how to opt out, such as an opt-out link in your text messages. It is important to remember that opting-out must be free and available at all times.
Keeping your Privacy Policy up to date
Your Privacy Policy should be explicitly stated on your checkout page and all subscriber collection methods. There are a few things you must include to stay GDPR compliant:
- How your brand is collecting and using customers’ data.
- How that data is being secured by you and by any data processors (i.e., Supercharged SMS) you’re working with.
- How you enable and support your customers’ rights to understand and control their personal data.