With the upcoming changes in data privacy and how your customers opt-in to receiving information from you, there are lots of discussion on what counts as consent.
Making it really clear from the outset exactly what customers are opting in to means that not only will they be giving consent to hearing your exciting updates, but they’ll also know exactly what they signed-up for. After all, the new rules are about transparency and who doesn’t want to be told the truth?
Yes, there may be some customers who decide not to give their consent, so you cannot send them marketing messages by SMS; however this isn’t a bad thing – if you’re only reaching out to customers who want to hear from you, engagement will be much higher.
To be sure that you’re collecting consent in a way that is compliant with the new data regulations, you must ensure:
• It is clear exactly what is being opted in to
• Consent can be documented and evidenced if challenged
• It is easy for customers to withdraw consent at any time
The ICO have specified that, for organisations relying on consent you “cannot rely on silence, inactivity, pre-ticked boxes, opt-out boxes, default settings or blanket acceptance of your terms and conditions” as proof of consent, so make sure it is NOT:
• Collected using a pre-ticked box
• Bundled in to other offerings
• Assumed or defaulted
Not only must the consent given conform to the new regulations, but there also must be proof and data controllers “must have an effective audit trail of how and when consent was given, so organisations can provide evidence if challenged” this applies to anyone managing data, regardless of how that consent was obtained.
There’s lots of information and resources on both the DMA and ICO websites if you need help preparing for GDPR. When it comes to your SMS data, we’ve been working closely with the DMA in collating the most useful news and updates here on the blog.