SEE OUR

Last-Minute
Openings!

Click Here
Book Online
Book Online

Privacy Policy

Summarize these instructions

These best practices are not exhaustive and do not consider every scenario. These materials

are intended as a guide to help your business with following the prevailing practices. Keep in

mind that Textel cannot give you legal advice.

In order for your business (Brand) to use text messaging with your customers (Consumer),

maintaining and conspicuously displaying a clear and easy-to-understand Privacy Policy is a

best practice, and will generally be necessary to meet text messaging industry requirements

regardless of the size of your business. If you need to build a Privacy Policy from scratch, a

couple of helpful resource might be:

BBB Business Tip: Writing an effective privacy policy for your business’s website

CTIA’s Messaging Principles and Best Practices

The CTIA in particular is a key wireless communications industry association which provides

standards and best practices guidance regarding texting. Their Messaging Principles and Best

Practices is the “set of voluntary best practices developed by CTIA’s member companies

throughout the wireless messaging ecosystem.”

You will see that CTIA lays out some basic standards for having a Privacy Policy that text

message senders like you should follow. We have seen that wireless providers may block

messages from senders based on Privacy Policy concerns. This is what CTIA says:

5.2.1 Maintain and Conspicuously Display a Clear, Easy-to-Understand Privacy Policy

Message Senders should maintain and conspicuously display a privacy policy that is

easily accessed by the Consumer (e.g., through clearly labeled links) and that clearly

describes how the Message Sender may collect, use, and share information from

Consumers. All applicable privacy policies should be referenced in and accessible from

the initial call-to-action. Message Senders also should ensure that their privacy policy is

consistent with applicable privacy law and that their treatment of information is consistent

with their privacy policy.

Industry standards also require that text message opt-in data and consent from consumers

never be shared, sold, or bought. There must be a direct connection between the Brand that

the message content is about and the consumer receiving the message.

Consumer opt-in ~~> Brand || Brand text ~~> Consumer

It must be clear that the Brand is collecting the opt-in information for themselves, and obtaining

this opt-in consent directly from the individual consumer and not from, or on behalf of, another

individual or organization.

A key CTIA best practice in this regard is:

5.1.4 Renting, Selling, or Sharing Opt-In Lists

Message Senders should not use opt-in lists that have been rented, sold, or shared to

send messages. Message Senders should create and vet their own opt-in lists.

This best practice is enforced broadly within the wireless communications industry. Toll-free

(TFN), 10-Digit Long Code (10DLC), and Short Code business phone numbers that will be used

for text messaging have various registration/verification processes that include an examination

of the business’ (Brand) information-sharing practices with 3rd parties (typically looking at

published privacy policies).

Businesses do share information with 3rd parties for many legitimate reasons. For example, the

use of Textel as a text messaging platform requires the sharing of some customer data (e.g.

phone number) and this is okay, but your Privacy Policy should say that you do this.

Consumer opt-in ~~> Brand || Brand text ~~> Textel ~~> Consumer

It is important to be clear in your Privacy Policy that, while you do share information necessary

to provide your services to your customers, you do not use opt-in lists that have been rented,

sold, or shared, and you do not sell or share your customer’s opt-in information for any 3rd

party’s business purposes.

An example statement might be:

We may contract with companies or persons to provide certain services including text

marketing, credit card processing, scheduling software, shipping, data analysis and

management, promotional services, etc. – collectively, Service Providers. We provide our

Service Providers with the information needed for them to perform these services for our

business.

We do not share your personal information with third parties for those third parties’ direct

marketing purposes; we do not buy, sell, or share text messaging opt-in information.

If you are an intermediary service (ISV), sending messages on your customers’ (Brand) behalf

to their customers (Consumer), you can pass through necessary information to Textel, and

Textel can use it, but the phone number registration/verification must be tied directly to the

Brand, and any opt-in must be directly between the Brand and the consumer; neither the

registration/verification nor the opt-in can be with the intermediary (ISV).

Consumer opt-in ~~> Brand || ISV text on behalf of Brand ~~> Textel ~~> Consumer

We hope this is helpful. Your lawyer and other industry groups may also be good resources for

you to draft and publish your Privacy Policy.

NOTE: Regardless of any other policy, sending messages related to cannabis, including CBD, is

prohibited in the United States as federal laws prohibit its sale, even though some states have

legalized it. For additional tips regarding regulations and carrier standards for messaging traffic

please see https://support.textel.net/article/304450/helpful-tips-for-regulations

Updated 2/28/2024

FOLLOW US ON INSTAGRAM @studio3thesalon
Copyrights ©Studio3theSalon 2025 | Made by D3Studio
Back to Top