SMS and GDPR: customer reminders and consent
Posted: Tue Dec 24, 2024 5:30 am
Since the General Data Protection Regulation (GDPR) came into force on May 25, 2018, communication methods have changed somewhat. Although most companies specializing in digital communication were already in compliance with the CNIL, they must face additional measures. Find out everything you need to know about the GDPR and SMS thanks to reminders presented by SMS Envoi. This is particularly the case for the explicit consent of recipients. This is mandatory before sending marketing SMS .
GDPR and SMS: some reminders
Since May 25, 2018 and the implementation of the GDPR, the protection of user data is a sensitive subject to which companies must adapt. This regulation implemented by the European Union has a significant impact on the way in which companies can use SMS marketing as a communication channel.
Data storage
Companies need to be able to show how data is stored and what value it holds. But first and foremost, they need to ensure that personal data is stored securely.
It is essential that data is protected against loss, destruction, damage, theft, unauthorized use and disclosure. Furthermore, procedures must be in place to detect, report and investigate personal data breaches.
Finally, a clear data retention policy should be established. This aims to argentina phone number database define how long data is retained and when it is deleted.
GDPR and SMS: customer consent
Customer consent is a key element of the regulation regarding commercial SMS . In terms of digital communication (SMS, email, etc.), customers must give their consent to companies so that they can communicate with them.
The regulations on sending SMS stipulate that if a customer (or ex-customer) has not consumed in the company for a certain time, then the company will have to ask for his consent again. This allows to know if he still wishes to receive commercial offers from the latter.
In the event that a customer has recently consumed in the company, it is still possible to communicate with him by SMS, as long as the company can prove the act of purchase. An invoice constitutes admissible proof.
Consent must be explicit and unambiguous. Companies must also provide an easy and accessible way for individuals to withdraw their consent at any time.
GDPR and SMS canvassing: reminders
When it comes to canvassing, the GDPR therefore clarifies the responsibilities of each company in contact with customer data. It thus facilitates compliance and the processing of all personal data collected by the company.
Here are some reminders about GDPR and sending SMS :
compliance. Once the processes are in order, the company will be able to request a European certificate, valid for 5 years, attesting to its compliance with the GDPR;
Right to information: Individuals have the right to be informed about how their data is used, stored and protected. A company must therefore be transparent about its data processing practices;
right of access: customers can request a right of access to their personal data. In this case, companies must provide a copy of the personal data they hold;
right of rectification: it is entirely possible for a person to correct and update inaccurate or incomplete data;
right to be forgotten: in certain circumstances, a customer can request that their data be erased.
SMS and GDPR: example of obtaining consent
In order to obtain customer consent and be GDPR compliant, businesses can use various methods to obtain consent. For example, it is possible to request customer consent via SMS with a reply box.
As a first step, a simple SMS campaign can be sent to customers. It might look like:
“Dear customers,
Would you still like to receive offers from us via SMS?
Reply YES or NO to this SMS”
GDPR and SMS: some reminders
Since May 25, 2018 and the implementation of the GDPR, the protection of user data is a sensitive subject to which companies must adapt. This regulation implemented by the European Union has a significant impact on the way in which companies can use SMS marketing as a communication channel.
Data storage
Companies need to be able to show how data is stored and what value it holds. But first and foremost, they need to ensure that personal data is stored securely.
It is essential that data is protected against loss, destruction, damage, theft, unauthorized use and disclosure. Furthermore, procedures must be in place to detect, report and investigate personal data breaches.
Finally, a clear data retention policy should be established. This aims to argentina phone number database define how long data is retained and when it is deleted.
GDPR and SMS: customer consent
Customer consent is a key element of the regulation regarding commercial SMS . In terms of digital communication (SMS, email, etc.), customers must give their consent to companies so that they can communicate with them.
The regulations on sending SMS stipulate that if a customer (or ex-customer) has not consumed in the company for a certain time, then the company will have to ask for his consent again. This allows to know if he still wishes to receive commercial offers from the latter.
In the event that a customer has recently consumed in the company, it is still possible to communicate with him by SMS, as long as the company can prove the act of purchase. An invoice constitutes admissible proof.
Consent must be explicit and unambiguous. Companies must also provide an easy and accessible way for individuals to withdraw their consent at any time.
GDPR and SMS canvassing: reminders
When it comes to canvassing, the GDPR therefore clarifies the responsibilities of each company in contact with customer data. It thus facilitates compliance and the processing of all personal data collected by the company.
Here are some reminders about GDPR and sending SMS :
compliance. Once the processes are in order, the company will be able to request a European certificate, valid for 5 years, attesting to its compliance with the GDPR;
Right to information: Individuals have the right to be informed about how their data is used, stored and protected. A company must therefore be transparent about its data processing practices;
right of access: customers can request a right of access to their personal data. In this case, companies must provide a copy of the personal data they hold;
right of rectification: it is entirely possible for a person to correct and update inaccurate or incomplete data;
right to be forgotten: in certain circumstances, a customer can request that their data be erased.
SMS and GDPR: example of obtaining consent
In order to obtain customer consent and be GDPR compliant, businesses can use various methods to obtain consent. For example, it is possible to request customer consent via SMS with a reply box.
As a first step, a simple SMS campaign can be sent to customers. It might look like:
“Dear customers,
Would you still like to receive offers from us via SMS?
Reply YES or NO to this SMS”