At Postscript, compliance is our top priority. That's why we've put together this guide that makes it easy for you to ensure your SMS/MMS marketing campaigns comply with U.S. laws and regulations, including the Telephone Consumer Protection Act (TCPA).
Before You Get Started
Postscript allows you to send consumers text messages regarding your Shopify store. As you use Postscript, it's important to keep the following questions in mind:
- Have I researched and reviewed all applicable laws, regulations, and guidelines related to text message marketing, including the Telephone Consumer Protection Act (TCPA) and the applicable CTIA guidelines?
- Have I obtained TCPA-compliant written consent from each consumer, through which they have acknowledged and agreed to receive automated marketing messages from my Shopify store?
What is TCPA?
U.S. Congress passed the Telephone Consumer Protection Act (TCPA) and its accompanying regulations to control how companies can use SMS and MMS text messaging services to reach out to their consumers.
It is your responsibility to ensure that when using Postscript to send messages to consumers, you understand and are complying with all relevant TCPA regulations. Therefore, you should make yourself familiar with all applicable TCPA laws and the relevant industry guidelines that build on these laws, including the CTIA guidelines for text message marketing.
You can boil down the TCPA’s regulation of text message marketing campaigns to the following statement:
Key Elements of Compliance
Under the TCPA, you can only send a consumer automated marketing messages once that consumer has provided you with prior expressed written consent. You can gather consent electronically, including through text messaging keywords.
However, at minimum, consent must contain explicit language for every element identified below and indicate that the consumer acknowledges and agrees to each.
- To receive recurring marketing messages on the consumer’s mobile phone number.
- That text messages may involve the use of an automatic telephone dialing system (“ATDS”).
- That consent is not a condition of purchase.
You should retain consent so that you can produce it in the event of litigation as federal law dictates that it is the burden of the person sending the messages to prove that the consumer provided express written consent to text them.
Furthermore, you should ensure you are following the practices outlined in the latest version of CTIA’s Short Code Monitoring Handbook and CTIA’s Messaging Principles and Best Practices Guide, as these practices are designed to protect consumers and ensure your messages are being sent in a manner approved by the nation’s wireless carriers.
Compliance Language Requirements
You should include TCPA and CTIA-compliant language wherever a consumer is giving their consent to receive automated marketing messages.
This includes, but is not limited to:
- Instagram Stories
- Printed materials with QR Codes
- Emails containing opt-in links
Below is TCPA and CTIA-compliant language:
SMS Quiet Hours
Quiet hours are specific times during the day when you should avoid sending text messages to your subscribers (e.g., early in the morning, late at night, when they are sleeping, etc.). In addition to a bad customer experience, messages sent during these hours often lead to higher unsubscribe rates and a greater likelihood of customer complaints and spam reporting.
While there are no explicit federal laws outlining quiet hours for promotional text messages, TCPA and FCC guidance suggests that text messages should not be sent before 8 am and after 9 pm in the recipient's local time zone. Further, Florida state law has imposed stricter requirements that state text messages can only be sent between the hours of 8 am and 8 pm in the recipient’s local time zone.
To be safe, you should only send texts during the hours of 8 am to 8 pm in the recipient's local time zone.
At Postscript, we've implemented safeguards to assist shops in complying with quiet hours when sending campaigns and automations. These safeguards also allow shops to target subscribers at times that make sense across the contiguous U.S.
Postscript's current global campaign and automation waking hours are as follows:
- Global campaign waking hours:
- 8 am - 11 pm EST (US/CAN excluding Florida)
- 8 am - 8 pm local time zone (Florida)
- Global automation waking hours:
- 11 am - 9 pm EST (US/CAN excluding Florida)
- 8 am - 8 pm local time zone (Florida)
While broad campaign hours allow shops to send geographically targeted campaigns during the waking hours across the country, Postscript recommends that you either:
- Segment your campaign sends such that messages are only sent between 8 am and 8 pm in each recipient's local time zone, or
- Only schedule campaign sends between 11 am EST and 8 pm EST to ensure messages are sent within waking hours regardless of the recipient's local time zone.
Automations, on the other hand, are less targeted and fire automatically, so we employ the most conservative nationwide waking hours window to ensure compliance without shop oversight.
If a user subscribes to (or unsubscribes from) your store during quiet hours, Postscript will still promptly send opt-in or opt-out messages as required by federal law.
How Quiet Hours Work
Postscript prevents you from sending campaigns and automations during SMS quiet hours. For more information on how quiet hours affect automations and campaigns, check out the tabs below.
List Upload Compliance
If you are new to Postscript, you may be able to upload a list of SMS subscribers you collected on another platform. These subscribers need to have been collected in a TCPA-compliant manner in order to be uploaded into Postscript.
You can upload your list by completing this form. Please note that by submitting a list for upload, you certify that you collected subscribers in a TCPA-compliant manner. If you're not sure, please consult a TCPA defense attorney.
Our team uploads lists as quickly as possible. Please note that lists of 1,000+ subscribers may take up to 48 business hours.
If you have collected subscribers on Facebook or by other means while already using Postscript, our team can review these subscribers but their upload is not guaranteed as list upload assistance is geared for accounts that are just getting started.
Compliance Best Practices
While using Postscript, it is crucial that you adhere to our anti-spam policy, as well as all relevant laws and regulations where you operate (such as the Telephone Consumer Protection Act (“TCPA”)). Violations of the TCPA can lead to damages of $500-$1,500 per message, while violations of CTIA guidelines can lead to being prevented from using the wireless carrier networks.
While not a comprehensive list, here are two critical guidelines to always follow when adding subscribers to your text message marketing program:
- Clearly display TCPA & CTIA-compliant opt-in language. Clearly display language that states what the subscriber is signing up for and ensure that the language complies with all relevant laws and regulations, such as the TCPA and CTIA.
- Do not precheck boxes on opt-in forms. Avoid prechecking boxes on any subscriber opt-in forms such as your checkout page. This helps ensure customers aren't automatically subscribed.
The CTIA is a trade association representing the wireless communications industry in the United States. This group creates and enforces guidelines and best practices as it relates to SMS marketing.
Below is an excerpt from CTIA's Messaging Principles and Best Practice guide regarding profanity:
5.3.1 Prevention of Unlawful Activities or Deceptive, Fraudulent, Unwanted, or Illicit Content Message
Senders should use reasonable efforts to prevent and combat unwanted or unlawful messaging traffic, including spam and unlawful spoofing. Specifically, Message Senders should take affirmative steps and employ tools that can monitor and prevent Unwanted Messages and content, including for example content that: (1) is unlawful, harmful, abusive, malicious, misleading, harassing, excessively violent, obscene/illicit, or defamatory; (2) deceives or intends to deceive (e.g., phishing messages intended to access private or confidential information); (3) invades privacy; (4) causes safety concerns; (5) incites harm, discrimination, or violence; (6) is intended to intimidate; (7) includes malware; (8) threatens Consumers; or (9) does not meet age-gating requirements. Message Senders can also review the Common Short Code Handbook for further examples of Unwanted Message content.
Further, Message Senders should take steps to ensure that marketing content is not misleading and complies with the Federal Trade Commission’s (FTC) Truth-In-Advertising rules.
The guidelines are especially relevant to shortcodes, which are built for marketing and distributed to specific industries (like Postscript). As a result, carriers monitor shortcodes more closely.
At Postscript, we're committed to helping you stay up-to-date with legislation and guidelines that impact compliance.
Below we've gathered a few additional resources you can review for the latest compliance updates.
Need ongoing channel strategy guidance? Please fill out this form and we'll connect you to one of our certified partners.