GDPR Compliance

 

GDPR is European data protection and privacy regulation that became law in May 2018. This law protects the privacy and personal data of individuals within the European Union, as well as addresses the export of data outside of EU borders.

 

GDPR puts privacy in the hands of European citizens and centralizes the rules and processes businesses must follow in order to guard and respect the interests of the European people.

 

This post will give you some insight on how to abide by GDPR regulations by telling you:
 

  • • How to update your Privacy Policy
  • • How to get customer consent and collect subscribers
  • • How to setup checkout opt-in

 

GDPR Compliance

 

In order to send text marketing and automation messages, you need to have legally gathered the client's phone numbers first. When talking about legally we refer to the customer giving you an explicit "Prior Written Consent". SMSBump offers 2 different ways for Store owners to legally gather prior written consent.

 

  • • Opting in through the checkout
  • • Opting in through our subscription form

 

‚ÄčWe will cover all these three a bit later on. Now back to the GDPR. The most important things we need to know here are:

 

  • • Customers need to agree to your Privacy Policy that needs to be explicitly stated on your checkout page
  • • Give customers the option to subscribe through a subscription form. Read more here.
  • • All agreement forms must clearly be visible to customers prior to giving their consent.

 

Disclaimer: We have worked with an attorney to help us draft the presented information, however, we are not a certified legal advisory team so we encourage you to consult with a lawyer who is familiar with GDPR before using our legal texts.

 

I Privacy Policy

 

In this guide, we will go through the steps for Shopify so if you are running any other platform you can just replicate the steps here.

 

1. From the Shopify main menu, click on Settings and then on Legal to get to your store's legal settings.

 

Legal settings

 

2. In the Privacy Policy text box, you can write your own privacy policy, or click on Create from template to use a sample one.

 

privacy policy

 

3. Your Privacy Policy should also contain the following text:

 

Text Marketing Terms and Conditions:

We are using a text messaging platform, which is subject to the following terms and conditions. By opting in for our text marketing and notifications, you agree to these terms and conditions.
By entering your phone number in the checkout and initialising a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. You acknowledge that consent is not a condition for any purchase.
Your phone number, name, and purchase information will be shared with our SMS platform "SMSBump Inc", an European Union company with an office in Sofia, Bulgaria, EU. This data will be used for sending you targeted marketing messages and notifications. Upon sending the text messages, your phone number will be passed to a text messages operator to fulfill their delivery.
If you wish to unsubscribe from receiving text marketing messages and notifications reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you within any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.
For any questions please text "HELP" to the number you received the messages from. You can also contact us for more information. If you wish to opt out please follow the procedures above.

 

Privacy Policy

 

4. Click on the Save button to save the changes made.

 

II Gathering Checkout opt-ins

 

Now that we have edited the Privacy Policy we will show you the process of receiving consent from the Shopify Checkout.

 

Step 1. Go to Shopify Settings and click on Checkout where you will be able to edit your checkout process.

 

Shopify checkout

 

 

Step 2. To add a sign-up checkbox to your checkout, in the Marketing consent section, check Show an option to subscribe at checkout.

 

Shopify checkout

 

Step 3. Click Save.

 

Step 4. Customize checkbox

 

From your Shopify Admin Settings go to Online Store → Themes → Actions → Edit Languages → Checkout & System.

 

Shopify checkout

 

This is where you get to customize your checkout checkbox. You can fill in:

 

  1. The accept SMS checkbox label
  2. Privacy policy
  3. Terms of service

 

 

How it looks in the admin panel:

 

Checkout

 

 

Please note that in order to find these sections in the panel, you need to scroll down to the bottom of the page. You can use CTRL+F afterward to quickly locate the boxes.

 

 

 

How it looks on your checkout page:

 

 

Checkout

 

The compliance text is preset by Shopify and can't be edited.

Both Privacy Policy links (#2 and #4 in the screenshot above) lead to the compliance text you added to the Legal section of your Shopify Admin. The same applies to the two Terms of Service links (#3 and #5 in the screenshot above).

 

 

 

Keep in mind that for the SMS marketing subscription preference to be saved, the customer needs to complete the checkout and finish their order. If the customer doesn’t complete the checkout process, they won’t be signed to your text marketing services, and no SMS automations or flows will be triggered.

 

 

Great job, you have now updated your checkout opt-in to comply with GDPR. Your store’s checkout page will look something like this:

 

GDPR checkout

 

III Unsubscribing clients

 

GDPR requires store owners to honor opt-out requests.

 

SMSBump automatically unsubscribes all customers who reply to text messages with “STOP” or click on the unsubscribe link in their text message. You can also unsubscribe customers manually in Lists & Segments in the SMSBump app.

 

SMSBump adheres to the national DND (Do Not Disturb) register each time a message is sent.

 

Rest assured that no marketing campaigns will be sent unless they contain a clearly written text giving customers a way to opt out.

 

If a customer changes their mind and wishes to opt in to receive text marketing again, all they need to do is respond to a text message with “JOIN.”

 

If a customer requests to have their personal data deleted from our servers, please forward their number to support@smsbump.com, and we will act on it.


Last Modified: Oct 22, 2021