SMS Compliance Policy - Canada
Purpose: This policy outlines the requirements for sending SMS messages to individuals within Canada, ensuring compliance with Canadian laws, including the Canadian Anti-Spam Legislation (CASL), the Personal Information Protection and Electronic Documents Act (PIPEDA), and applicable provincial regulations.
1. Consent
Express Consent: SMS messages may only be sent to recipients who have explicitly opted in to receive communications. Consent must be obtained through clear, affirmative action, such as checking an opt-in box, signing up via a website, or verbally confirming consent.
Implied Consent: Implied consent may be acceptable in certain situations (e.g., an existing business relationship), but this must be verified to comply with CASL's requirements.
Withdrawal of Consent: Recipients must have an easy and accessible method to withdraw consent at any time. A "STOP" or similar instruction must be included in every message to allow for immediate opt-out.
2. Identification
Each SMS message must clearly identify the sender. This can include the name of the business or a recognizable identifier such as a short code or phone number.
3. Content Requirements
No Unsolicited Commercial Messages: SMS messages must not be unsolicited commercial messages unless express consent has been obtained. Messages must be relevant to the recipient's interests.
Clear and Accurate Information: All messages must contain truthful, clear, and accurate content, including details of any products or services being promoted.
4. Opt-Out Mechanism
Each message must include a clear, easy-to-use mechanism for recipients to unsubscribe from future communications. A standard message such as "Reply STOP to opt out" must be included, with the request honored within 10 days.
The opt-out mechanism must be free of charge, and recipients who opt out should not receive further marketing messages unless they re-consent.
5. Message Frequency
Limit the frequency of marketing messages to avoid spamming. The frequency should align with the recipient’s expectations at the time of consent and should not be excessive.
6. Data Protection and Privacy
Personal information collected for the purpose of sending SMS messages must be handled in compliance with PIPEDA. This includes ensuring that any collected data is kept secure, used only for the purpose for which it was collected, and that recipients are informed about how their information will be used.
Recipients' personal information should not be shared with third parties without their consent.
7. Record Keeping
Businesses must maintain accurate records of consent for at least three years. These records should include the date, time, and method by which consent was obtained, as well as a copy of any communication sent.
8. Compliance with CASL
All SMS communications must comply with the Canadian Anti-Spam Legislation (CASL), which prohibits sending commercial electronic messages without proper consent. Violations can lead to significant penalties.
9. Third-Party Providers
If third-party providers or platforms are used to send SMS messages, ensure they comply with CASL and other applicable laws. The business remains responsible for ensuring compliance, even when outsourcing SMS marketing.
10. Enforcement and Accountability
The organization will monitor SMS marketing practices and ensure compliance with this policy. Violations may result in disciplinary action and could include termination of marketing campaigns.
Contact Information
For questions or concerns regarding SMS compliance, please contact our compliance team at Mi Websites.
This policy provides a foundational framework for compliance but should be reviewed regularly to stay current with any changes in legislation. Let me know if you’d like to customize it further!
"No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties."