Having a publicly available SMS Privacy Policy is required for registration. We recommend working with your legal team and crafting your own personalized privacy policy, but we understand online resources such as Termly Privacy Policy Generator may be useful to complete this step of the process by providing a template and customizable options to suit the organization’s data collection and usage practices. When crafting a SMS privacy policy you need to make sure the follow are explicitly covered.
Ensure that your Privacy Policy Complies with 10DLC Standards
After a privacy policy is generated, it should be revised to ensure it complies with 10DLC standards. First, make sure that it is comprehensive and addresses these key points:
– Accurately describe the SMS program/service, including when and what type of messages users will receive (marketing, account notification, etc). Needs to match your selection for SMS use case above.
– The type of personal information your organization collects (name, email, phone, etc)
– How your organization collects that information from users (a form, cookies, etc)
– Explain how you’re using this personal data (to send emails or text messages, etc)
– Explain how you store, maintain, and protect the personal information you’re collecting
– Explain if, how, and why you share personal data with third parties
– Provide clear options for customers/visitors to correct, verify, change, or remove their personal information
– If using verbal Opt-in also provide a section that advertises the Opt-in key word
Next, ensure that your privacy policy covers these crucial aspects:
– Your privacy policy must explicitly state that your organization does not share or sell personal information with third parties without consent, except when legally required to do so.
– Your privacy policy must share information about how to opt out of further communications, particularly text messages.
The absence of either of these elements will result in the rejection of the use case. Please note that if a privacy policy generator is used, we recommend reviewing, editing, and/or amending the policy to verify that it covers these points.
Explicitly Stating that Your Organization Does Not Share text messaging opt-in with any third parties
Carriers closely scrutinize any language that might be interpreted as sharing information with third parties for marketing purposes. Your privacy policy can state that it shares personal information strictly for the purposes of conducting essential business operations, but it should explicitly mention that personal information will otherwise not be shared with third parties without the consent of the user or unless legally required. To address these concerns, we recommend ensuring that the language of your policy reflects these sentiments.
A generated policy will contain separate sections for each topic of your policy. There will typically be a section regarding when information is shared with others. We recommend asserting your commitment to not sharing information without consent or legal obligation with the following language at the beginning of this section:
“[Your organization] maintains strict privacy policies to protect the personal information of our users obtained for text message communications. This information is never sold, rented, released, or traded to others without prior consent or legal obligation. Any sharing of information with third parties is solely for the purpose of fulfilling the organization’s obligations to the user. We guarantee that it will never be shared with third parties for marketing purposes.”
Next, review any bullets in the section about sharing information for anything that is inconsistent with the requirements mentioned so far. Mentions of marketing can lead to the rejection of the use case, so these should be reworded or removed.
Opt-Out instructions
Your privacy policy must include instructions on how to opt out of further text communications. We recommend adding the following language to an appropriate section within your privacy policy:
“Text Message Opt-Out: If you are receiving text messages from us and wish to stop receiving them, simply respond with either “STOP” or “UNSUBSCRIBE” to the number from which you received the message. Once we receive your message, you will no longer receive further text messages from us.”
Now that you have your privacy policy you need to add this to your web site or if you don’t have a web site you can great a public google document
Here is a quick guide to help you create one is needed.