Messaging Compliance

Last Updated: May 16, 2024


PLEASE NOTE BEFORE PROCEEDING:


The following details highlight some (but not all) of the relevant laws, regulations, and industry standards governing the use of our messaging services (“Messaging Compliance Rules”).
This information is not intended to serve as legal, compliance, or professional advice.
This is not an exhaustive list of Messaging Compliance Rules. It is the responsibility of our customers to adhere to all Messaging Compliance Rules, whether mentioned here or not. Specifically, this information does not account for specific rules enforced by the carriers, operators, and aggregators (“Service Providers”) we utilize for providing messaging services. Refer to section 2 below for additional information on Service Provider rules.


1. Messaging Compliance Rules


Given that our messaging services are utilized across various territories and jurisdictions, our customers must consider where:


(i) they use our messaging services; and 
(ii) their usage impacts the jurisdictions involved.


For instance, if our messaging services are used to send messages from the UK to end users in Germany, both UK and German jurisdictional rules, along with any overriding EU regulations, will apply.


Certain countries have specific Messaging Compliance Rules for business-related mobile messaging, including:


• Laws and regulations for electronic communications and telecommunications services applicable to A2P messaging.
• Regulations on A2P message content and permissible sending times.
• Industry codes of conduct regarding the use of short codes.
• Requirements for the pre-registration of bulk SMS (MT) message originators, including alphanumeric SenderIDs for A2P messages.


Additionally, some countries have laws, regulations, and codes of conduct governing marketing to individuals and businesses. These may specifically target messaging services or broadly cover all marketing activities. Generally, they align with privacy laws, ensuring that consent is obtained and not withdrawn before sending any marketing messages. Consent methods and withdrawal processes may vary by jurisdiction. Typically, clear and unequivocal consent must be obtained for marketing through messaging services, with an easy and convenient opt-out method available.


The definition of “personal data” or “personal information” (“Personal Data”) may differ by jurisdiction but generally includes:


(a) Information identifying, contacting, or locating an individual.
(b) Information combined with other data linked to an individual for identification, contact, or location purposes. Mobile phone numbers (MSISDN), IP addresses, and certain message content typically constitute Personal Data.
Before transmitting any Personal Data to us in connection with our messaging services, it is our customers’ responsibility to ensure compliance with applicable rules for using that Personal Data. This includes ensuring that necessary consent for the use and transfer of Personal Data has been obtained and not withdrawn.


2. Service Provider Rules


Many Service Providers have specific requirements for using our messaging services by us, our customers, and end users. These requirements may include:
• Type, content, and permitted sending times for messages.
• Pre-registration of message originators.
• Prohibition of certain message originators.
• Pre-approval of messaging campaigns.
• Pre-approval of keywords used in responses to mobile-originated messages sent to short codes.


By utilizing our messaging services, customers agree to comply with these rules at all times. Before sending messages to any country, customers should contact their account manager to discuss applicable Service Provider rules, including any necessary pre-registration or registration of originators needed before sending messages.