Used compliantly, SMS is a great way for businesses to reach UK residents with marketing messages, special offers, reminders and more. Read this guide to learn more about the rules and regulations for sending SMS in the UK so you can stay compliant.
SMS marketing is an extremely effective communication channel, letting you reach your audience quickly and directly with personalised promotional messages, reminders and more. But in order to protect consumers’ privacy, it’s also heavily regulated – there can be serious consequences for organisations that break the rules.
To help you stay on the right side of the law, in this guide we’ll break down the current UK SMS regulations and share our best practices for keeping your business compliant.
SMS marketing laws you need to follow
In the UK, the three main SMS marketing laws to know about are the Data Protection Act (DPA); the General Data Protection Regulation (UK-GDPR); and the Privacy and Electronic Communications Regulations (PECR).
While there’s some overlap between the three, complying with one doesn’t necessarily mean you’ll have the other two covered. Let’s look at them in more detail:
The Data Protection Act (DPA)
The Data Protection Act (DPA) regulates the way UK residents’ personal information and data is stored and used. Under the DPA, businesses can only keep customers’ data if they’ve had permission to do so, and even then can’t hold onto it for longer than necessary. Part 2, chapter 2 of the DPA supplements the UK-GDPR.
GDPR
The GDPR – the most comprehensive privacy and security legislation in the world – is designed to give UK and EU residents more control over their personal data.
It gives six instances in which it is legal to process personal data, and two of them apply to marketing activity:
- The data subject (the customer) has given you specific, unambiguous consent to process their information (in other words, they’ve opted in to your marketing SMS list).
- You have a legitimate interest to process someone’s data. This is more flexible, with several factors to consider – see the guidance from the UK Information Commissioner’s Office. It’s important to note that the customer’s own rights will always override those of your business.
Learn more: GDPR and Text Messaging: What You Need to Know
Privacy and Electronic Communications Regulations (PECR)
The Privacy and Electronic Communications Regulations (PECR) recognises that digital technology opens up new privacy risks, and puts extra rules in place to protect consumer data. These include regulations on:
- Marketing calls, emails and texts
- Cookies and similar technologies
- Keeping communications services secure
- Customer privacy regarding traffic and location data, itemised billing, line identification, and directory listings
💡 Doing SMS marketing in the US? Read our US SMS compliance guide to make sure you are aware of the rules there too.
Do’s and Don’ts for SMS Compliance
What You Should Do
At this point it’s worth noting that the law around SMS is extremely complex. The GDPR alone is a hefty 88 pages long, so all we can do here is give a simple overview of the main SMS regulations. These guidelines also follow marketing best practices, helping protect consumers and your brand alike. Here are five best-practice rules to follow:
1. Get clear consent
First, consent. It’s important that you get a customer’s express permission before sending marketing SMS. There are two ways to do this – you can either get consent in writing through a physical or a digital signature, or you can include an opt-in tick box on the form customers fill in when they make a purchase or sign up with you.
Be aware however, that you can’t make opt-in the default – your customer has to tick the box themselves. You also need to include a note explicitly asking for consent to send text messages.
Learn creative – and compliant – ways to gain consent.
2. Provide easy opt-outs
It’s not just signing up that needs to be crystal clear. GDPR and PECR regulations mean it’s a legal requirement to offer customers a simple way to opt out.
For marketing SMS, you should include an opt-out message in every text, reminding customers they can unsubscribe at any time by responding with the word ‘STOP’ or ‘UNSUBSCRIBE’. Don’t forget to send a follow-up text message to confirm the update.
3. Be transparent about data protection
UK regulations state that customers need to understand exactly what they’re signing up for, with a clear description and a full privacy policy. This should include a specific SMS policy that explains what information is gathered, how data will be used, and what sorts of communications customers can expect from you.
4. Make it clear who you are
The law – and common sense – requires you to make it clear who each message is from. It tells customers your message isn’t spam and means they’re more likely to engage with you.
The UK government states that emails or text messages must clearly indicate:
- Who you are
- That you’re selling something
- What the promotions are, and any conditions.
The Don’t’s of SMS Marketing
1. Don’t send customers messages without their consent
Just because you have your customers’ contact information, doesn’t mean you should use it. You should only send marketing SMS to people who have agreed to receive them. The only exception to this is where there is a clearly defined customer relationship.
The Privacy and Electronic Communications Regulations 2003 cover the sending of text message marketing. This legislation says that organisations must only send marketing text messages to individuals if you have agreed to receive them, except where there is a clearly defined customer relationship.
2. Don’t send messages outside of working hours
Sending your messages out at the wrong time can cause you to lose even the most loyal of customers. SMS marketing is all about timing, so stick to business hours – between 9am and 6pm.
Learn more about When To Send Marketing SMS.
3. Don’t spam your customers
Similarly, as we’re constantly bombarded with marketing messages it’s important that you’re not simply adding to the noise. We recommend you monitor engagement and unsubscribe and be sensitive to how your customers are responding.
SMS regulations FAQs
Still have questions on SMS marketing regulations? We’ve covered a few common queries here, but if you want to know anything more specific please get in touch with our team.
Who do SMS regulations apply to?
UK SMS regulations apply to all businesses who communicate with UK customers by text, whether those customers are individual consumers or other businesses. Marketing, promotional, transactional, and customer service messages are all covered by regulation.
How many messages can you send a day?
SMS marketing tools let you automate your messages, helping you work efficiently, minimise mistakes and see exactly what’s going out. You’ll also be able to set up workflows depending on specific customer actions. The frequency of the messages you send should depend on your audience and content.
How can I make sure all messages are received?
Your bulk SMS provider should be able to give you insights into this within the platform that you are using. As well as using a reliable bulk SMS platform, be sure to use the appropriate sender ID and avoid bombarding customers with repetitive messages.
Getting started with SMS marketing
While we’ve summarised the main SMS regulations to be aware of in the UK, this list is far from exhaustive. Laws are complex and nuanced, with variations from country to country. In addition, the compliance space is changing very quickly, with mobile networks and regulatory bodies working together to reduce fraud and unwelcome messaging traffic.
For this reason and many others, it’s important to work with an SMS messaging provider that adheres to ISO 27001 compliance and has expertise in delivering bulk SMS to both local and international customers.
To find out how we can help you cut through the complexity and connect with your customers, get in touch with our expert team today.