Growing your customer base

Making sure your SMS marketing is GDPR compliant

December 29, 2022
5 min
With the recent implementation of the General Data Protection Regulation (GDPR), marketers are starting to rethink their strategies for using and storing personal information. Luckily, it's easy to make the most of SMS marketing with a few simple steps, while being aware of GDPR and remaining GDPR compliant. Read on to discover important tips.
Making sure your SMS marketing is GDPR compliant

The SMS marketing method has proven to be an effective way to reach consumers directly. The rise of SMS marketing can be attributed to how much quicker it is, how much easier it is, and how dramatically less intrusive it can be than more traditional methods of communication.

Most people spend a lot of time on their mobile phones and messaging apps today, and SMS still has the highest open and reply rates compared to more “traditional” marketing channels like email. Case in point, 90% of text messages are read within three minutes, meaning your clients are more likely to see, read, and respond to your marketing if it’s sent by text message.

Additionally, about 64% of customers say they prefer companies that use SMS marketing. So, the more you use SMS marketing, the more your customers feel connected to your brand, with open rates as high as 98% compared to around 20% of emails. It also has a relatively high response rate of about 45%, compared to only 5% of emails. SMS marketing can help your customers get the information and feedback they need far quicker than any of the “traditional” methods.

But with the recent implementation of the General Data Protection Regulation (GDPR), marketers are starting to rethink their strategies for using and storing personal information.

Luckily, it's easy to make the most of SMS marketing with a few simple steps, while being aware of GDPR and remaining GDPR compliant. Read on to discover important tips.


What is GDPR


The General Data Protection Regulation (GDPR), an EU policy that entered into force on May 25, 2018, replaced the 1995 EU Data Protection Directive. It aims at giving people more control over their data, in addition to giving them new rights to improve data protection in Europe.

The UK also adopted the content of the European GDPR into UK law in 2018.

GDPR is designed to protect the personal data of individuals within the European Union. It is a set of rules that give consumers more control over how their personal data is used and requires companies to be transparent with what they are collecting and how it will be used.

GDPR applies to all businesses that process the personal data of citizens, regardless of their location. Businesses that process the personal data of citizens are required to comply with the GDPR unless they can demonstrate that they meet certain conditions.

It also requires businesses to obtain explicit consent from individuals before collecting, using or sharing personal data. Businesses must provide individuals with clear and concise information about their rights under the GDPR and make it easy for individuals to exercise those rights.

GDPR imposes hefty fines on companies that violate its provisions, allowing people to lodge grievances with regulating authorities if they feel cheated.


How to ensure your SMS marketing is GDPR compliant


With the new GDPR rules, businesses need to be very careful in how they interact with people through messaging, email marketing, and more. When it comes to SMS marketing, there are a few things you need to keep in mind to make sure you're GDPR compliant.

Get consent

First, you must obtain explicit consent from your customer or client before sending any marketing materials. This means it’s vital you make it clear what they are signing up for and making it clear that they are allowed to opt out at any time. If you need to create a form that includes terms and conditions for your customers, make those terms and conditions clear on the form, so your customers are well-informed before they fill it out and provide their contact information.

Remember that you need to request consent separately for different communication channels. For example, if you’re storing both the emails and phone numbers of your prospects, but have only requested consent for email marketing, you need to request consent for SMS or WhatsApp marketing before kicking off your messaging campaign.

You can track the marketing status of your customers (i.e. whether they have given you consent for each communication channel, or not) from the Fuzey contacts page.

With Fuzey, contacts who have not given consent are automatically filtered out of SMS campaigns, so you don't risk sending marketing information to someone who doesn't want to receive!

Disclose basic information

GDPR requires that companies that process personal data disclose their identity and the purpose of processing personal data. In order for SMS marketing to be compliant with GDPR, you should disclose:

  • Who you are
  • The purpose behind messaging them
  • Your planned frequency of messages
  • Any messaging fees or data fees that may apply to them when they reply
  • How they can opt out

Opting-in and opting-out should be simple processes

Opting in and opting out of receiving messages should be simple processes that are easy to understand. In order for this to happen, you need to provide clear opt-in and opt-out options that are easy for customers to find and act upon.

With Fuzey, for example, you can let your customers opt-in and opt-out via SMS by replying to your texts using keywords like SUB or UNSUB. Easy peasy!

Have a clear data retention policy

Essential elements of the best way to market via SMS and comply with GDPR rules are to only keep customer data for as long as necessary. This means setting clear and concise data retention policies and ensuring compliance.

Your data retention policy should outline how long you plan to retain certain types of data and what happens after that period (i.e. how you intend to dispose of it). Once you have your policy in place, ensure everyone in your organisation is aware of it and knows how to follow it.

Don't store data for longer than necessary

It is crucial to store data only as long as you need it, for several reasons. Firstly, it helps protect the privacy of customers and clients. You keep data only as long as necessary to reduce the risk of unauthorised or inappropriate usage.

Secondly, storing data for longer than necessary can be a significant resource drain. Not only do we need space to store all this data (commonly on secure cloud storage), but we also need to keep track of it and ensure it's safe from breech. All this costs time and money.


As explained earlier, SMS marketing is a really powerful way to engage with your customers quickly and directly. With a high open rate of close to 99% and response rate of 45%, SMS is the ideal solution to market your services and promote your brand. But marketers are having to rethink their strategies for using personal information, especially under the new GDPR.

Understanding that GDPR may limit your ability to reach potential customers using text messages is critical, as is understanding what you need to do to execute your SMS marketing strategy while remaining compliant. But, with careful considerations around customer data, it’s possible to remain compliant, and boost the impact of your marketing, all with the power of messaging.

A solution like Fuzey can help you harness the power of SMS marketing while making sure you remain GDPR compliant and stay out of trouble.

If you're eager to learn more, book a demo filling the form below!

Get started today!

Start setting up your account by filling the details below.
Thank you!
A member of our team will be in touch shortly!
Oops! Something went wrong while submitting the form.

Similar posts

With over 2,400 apps available in the Slack App Directory.