‹ Esendex Blog

Topics
Automotive
Black Friday
Business messaging
Call Centres
Customer Service
Developers
Education
Esendex news
Finance & DCAs
Hair and Beauty
Healthcare
Hospitality
How-to guides
Lenders
Local Government
Marketing
Messaging API
Mobile Journeys
Partners
Product
Public Sector
RCS
Real Estate
Recruitment
Restaurants
Retail
SME
SMS
SMS Marketing
Social Housing
Sports
Technology
Travel
Uncategorized
User Experience
Utilities
WhatsApp

Topics

Automotive
Black Friday
Business messaging
Call Centres
Customer Service
Developers
Education
Esendex news
Finance & DCAs
Hair and Beauty
Healthcare
Hospitality
How-to guides
Lenders
Local Government
Marketing
Messaging API
Mobile Journeys
Partners
Product
Public Sector
RCS
Real Estate
Recruitment
Restaurants
Retail
SME
SMS
SMS Marketing
Social Housing
Sports
Technology
Travel
Uncategorized
User Experience
Utilities
WhatsApp

SMS Compliance (UK): A Guide to SMS Marketing Regulations

Topic: SMS, SMS Marketing

18 April 2024

Written by:

Individual leaning on desk with various notebooks and pens in background

SMS marketing rules are designed to better protect your customers – and your business reputation…

What we'll cover

SMS marketing can be extremely effective, letting you reach your customers quickly and directly with personalised promotional messages, reminders and more. But in order to protect consumers’ privacy, it’s also heavily regulated  – there can be serious consequences for organisations that break the rules.

To help you stay on the right side of the law, in this guide we’ll break down the current UK SMS regulations and share our best practice for keeping your business compliant. 

SMS marketing laws you need to follow 

In the UK, the three main SMS marketing laws to know about are the Data Protection Act (DPA); the General Data Protection Regulation (UK-GDPR); and the Privacy and Electronic Communications Regulations (PECR).

While there’s some overlap between the three, complying with one doesn’t necessarily mean you’ll have the other two covered. Let’s look at them in more detail:

The Data Protection Act (DPA)

The Data Protection Act (DPA) regulates the way UK residents’ personal information and data is stored and used. Under the DPA, businesses can only keep customers’ data if they’ve had permission to do so, and even then can’t hold onto it for longer than necessary. Part 2, chapter 2 of the DPA supplements the UK-GDPR.

GDPR 

The GDPR – the most comprehensive privacy and security legislation in the world – is designed to give UK and EU residents more control over their personal data.

It gives six instances in which it is legal to process personal data, and two of them apply to marketing activity:

  1. The data subject (the customer) has given you specific, unambiguous consent to process their information (in other words, they’ve opted in to your marketing SMS list).
  2. You have a legitimate interest to process someone’s data. This is more flexible, with several factors to consider – see the guidance from the UK Information Commissioner’s Office. It’s important to note that the customer’s own rights will always override those of your business. 

Learn more: GDPR and Text Messaging: What You Need to Know

Privacy and Electronic Communications Regulations (PECR)

The Privacy and Electronic Communications Regulations (PECR) recognises that digital technology opens up new privacy risks, and puts extra rules in place to protect consumer data. These include regulations on:

  • Marketing calls, emails and texts
  • Cookies and similar technologies
  • Keeping communications services secure
  • Customer privacy regarding traffic and location data, itemised billing, line identification, and directory listings

Do’s and Don’ts for SMS Compliance

Do:

At this point it’s worth noting that the law around SMS is extremely complex. The GDPR alone is a hefty 88 pages long, so all we can do here is give a simple overview of the main SMS regulations. These guidelines also follow marketing best practices, helping protect consumers and your brand alike. Here are five best-practice rules to follow: 

1. Get clear consent 

First, consent. It’s important that you get a customer’s express permission before sending marketing SMS. There are two ways to do this – you can either get consent in writing through a physical or a digital signature, or you can include an opt-in tick box on the form customers fill in when they make a purchase or sign up with you.

Be aware however, that you can’t make opt-in the default – your customer has to tick the box themselves. You also need to include a note explicitly asking for consent to send text messages. 

2. Provide easy opt-outs

It’s not just signing up that needs to be crystal clear. GDPR and PECR regulations mean it’s a legal requirement to offer customers a simple way to opt out.

For marketing SMS, you should include an opt-out message in every text, reminding customers they can unsubscribe at any time by responding with the word ‘STOP’ or ‘UNSUBSCRIBE’. Don’t forget to send a follow-up text message to confirm the update.

3. Be transparent about data protection

UK regulations state that customers need to understand exactly what they’re signing up for, with a clear description and a full privacy policy. This should include a specific SMS policy that explains what information is gathered, how data will be used, and what sorts of communications customers can expect from you. 

4. Make it clear who you are 

The law – and common sense – requires you to make it clear who each message is from. It tells customers your message isn’t spam and means they’re more likely to engage with you. 

The UK government states that emails or text messages must clearly indicate:

  • Who you are
  • That you’re selling something
  • What the promotions are, and any conditions.

Don’t:

1. Don’t send customers messages without their consent

Just because you have your customers’ contact information, doesn’t mean you should use it. You should only send marketing SMS to people who have agreed to receive them. The only exception to this is where there is a clearly defined customer relationship.

The Privacy and Electronic Communications Regulations 2003 cover the sending of text message marketing. This legislation says that organisations must only send marketing text messages to individuals if you have agreed to receive them, except where there is a clearly defined customer relationship.

2. Don’t send messages outside of working hours

Sending your messages out at the wrong time can cause you to lose even the most loyal of customers. SMS marketing is all about timing, so stick to business hours – between 9am and 6pm.

3. Don’t spam your customers

Similarly, as we’re constantly bombarded with marketing messages it’s important that you’re not simply adding to the noise. We recommend you monitor engagement and unsubscribe and be sensitive to how your customers are responding. 

SMS regulations FAQs

Still have questions on SMS marketing regulations? We’ve covered a few common queries here, but if you want to know anything more specific please get in touch with our team.

Who do SMS regulations apply to?

UK SMS regulations apply to all businesses who communicate with UK customers by text, whether those customers are individual consumers or other businesses. Marketing, promotional, transactional, and customer service messages are all covered by regulation.

How many messages can you send a day?

SMS marketing tools let you automate your messages, helping you work efficiently, minimise mistakes and see exactly what’s going out. You’ll also be able to set up workflows depending on specific customer actions. The frequency of the messages you send should depend on your audience and content.

How can I make sure all messages are received?

Your bulk SMS provider should be able to give you insights into this within the platform that you are using. As well as using a reliable bulk SMS platform, be sure to use the appropriate sender ID and avoid bombarding customers with repetitive messages. 

Getting started with SMS marketing

While we’ve summarised the main SMS regulations to be aware of in the UK, this list is far from exhaustive. Laws are complex and nuanced, with variations from country to country. In addition, the compliance space is changing very quickly, with mobile networks and regulatory bodies working together to reduce fraud and unwelcome messaging traffic.  

For this reason and many others, it’s important to work with an SMS messaging provider that adheres to ISO 27001 compliance and has expertise in delivering bulk SMS to both local and international customers. 

To find out how we can help you cut through the complexity and connect with your customers, get in touch with our expert team today.

Read next: SMS Marketing: How to Tap Into the Power of SMS

Author Avatar
Laura Brown

With over 16 years of marketing experience gained within tech, marketing automation and digital experience, I am a self confessed marketing geek, with a love of well orchestrated multi-channel campaigns; especially those that end with an SMS delivery notification and a parcel at the door! Having scaled marketing at companies that sold to Experian, IBM and SAP, I have always appreciated what technology and, timely and relevant communication, can bring to businesses. I’ve worked across verification and security, email marketing, CRM and marketing automation and lastly digital UX, which really drove home the value of putting customer experience at the heart of everything we do in business. Here at Esendex, I’m lucky to be able to take all of those experiences and passions into account as we look to help our customers design business messaging that connects, communicates and converts. Outside of work, you’ll usually find me in Halifax, West Yorkshire, surrounded by flowers, craft beer P&Ls and live music.

Related Posts