> ## Documentation Index
> Fetch the complete documentation index at: https://docs.messagedesk.com/llms.txt
> Use this file to discover all available pages before exploring further.

# SMS Privacy Policy Requirements

> Write and publish an SMS privacy policy that meets A2P 10DLC and toll-free verification requirements. Includes required sections, examples, and templates.

# SMS privacy policy requirements

To get approved for **A2P 10DLC** (local) and to pass **toll-free verification**, carriers require a **public, compliant SMS privacy policy**. Use this guide (plus our downloadable template) to publish yours and keep your messages deliverable.

## Privacy policy resources (getting started)

**Download:** [MessageDesk SMS Privacy Policy Template (PDF)](https://cdn.prod.website-files.com/6349fd438ecb3a3594605225/67afb34b6eef780d2481b82d_A2P%2010DLC%20Carrier%20Compliance%20Privacy%20Policy%20Template%20-%20MessageDesk.pdf)

\*\*Free Tool: \*\*[**AI-Powered Privacy Policy Checker**](https://www.messagedesk.com/free-tools/privacy-policy-generator)

***

## What your SMS privacy policy must include

* **Data collected:** What you collect (e.g., name, mobile number) and **how** (web forms, keywords, in-store signups).
* **Data usage:** Why you send texts (reminders, order updates, service notices, promotions).
* **Consent and opt-in:** The explicit opt-in method (checkbox text, keyword, form language, written/verbal consent).
* **Opt-out mechanism:** Clear instructions like **"Reply STOP to opt out."** Include this **in your policy and sample messages**.
* **Third-party sharing:** State you **don't sell or share** SMS data with third parties for marketing. If you use an SMS provider, say it's **only to deliver messages**.
* **Security:** High-level measures (encryption, access controls).
* **Retention and deletion:** How long you retain data and how users can **request deletion**.
* **Support contact:** Email and/or phone for privacy inquiries.

<Tip>
  For promotional messaging, get **express written consent**. A **double opt-in** (user enters number → confirm SMS → user replies YES) is strongly recommended.
</Tip>

***

## Where to publish (and link) your privacy policy

* Add the policy to your website and link it in the **global footer**.
* Link it anywhere you collect phone numbers:
  * Opt-in forms and checkouts
  * Chatbot flows
  * Landing pages and popups
  * Paper or in-store signups (QR/link)

<Tip>
  Already have a general privacy policy? Add a dedicated **SMS section** covering all points above.
</Tip>

***

## Copy-and-adapt privacy policy template (starter language)

> **Privacy Policy**\
> *Last updated: \[Month Day, Year]*
>
> This Privacy Policy describes how **\[Your Business/Organization]** collects, uses, and discloses information when you subscribe to our SMS messages.
>
> **Data Collection.** We collect your name and mobile number when you sign up (e.g., via our website form, in-store signup, or by texting a keyword).
>
> **Use of Data.** We use this information to send service updates (e.g., appointment reminders, order notices) and occasional promotions related to our services.
>
> **Security.** We use encryption and access controls to protect your information. No method of transmission or storage is 100% secure, but we use commercially acceptable means to safeguard your data.
>
> **Retention.** We retain your information while you remain subscribed and as required by law. You may request deletion at any time.
>
> **Opt-Out.** Reply **STOP** to unsubscribe. We process opt-out requests promptly.
>
> **No Selling/Sharing.** We don't sell or share your SMS data with third parties for marketing. We may share data with our SMS provider solely to deliver messages.
>
> **Contact.** For privacy questions or data requests, contact us at **\[email]** or **\[phone]**.

> **SMS Terms & Conditions (add to the same page or link to a separate T\&Cs page)**
>
> 1. **\[Your Business/Organization]**
> 2. Message types you send (e.g., appointment reminders, customer service, special promotions)
> 3. To cancel, reply **STOP**. We'll confirm your unsubscribe via SMS.
> 4. For help, reply **HELP** or contact **\[support email or toll-free number]**.
> 5. Carriers aren't liable for delayed or undelivered messages.
> 6. Message and data rates may apply; message frequency varies.
> 7. For privacy inquiries, see our privacy policy at **\[policy URL]**.

> **Important:** Replace **all placeholders** (business name, contact info, message types, URL, dates). Template language is a **starting point**. You must tailor it to your business and actual use case.

***

## Carrier registration checklist (pre-submission)

* ✅ Business details **match registration** (legal name, EIN, address).
* ✅ Website is **live** and matches your brand/legal name.
* ✅ **Opt-out** ("Reply STOP…") appears in your **policy and all sample messages**.
* ✅ Message examples reflect your **real messaging use case**.
* ✅ Opt-in method is **documented and visible** where numbers are collected.
* ✅ Clear **no-sharing** clause for third-party marketing.

***

## Common causes of rejection (and fixes)

* ❌ Missing **opt-out** → Add "Reply STOP to opt out" to policy **and** samples.
* ❌ No visible policy → Publish and link from footer plus all opt-in points.
* ❌ Vague purpose → Specify use cases (reminders, order updates, etc.).
* ❌ Website mismatch → Ensure site shows the **same legal name** and address.
* ❌ New EIN (less than 30 days) → Wait until records propagate, then resubmit.

***

## Frequently asked privacy policy questions

**Do I need a separate policy just for SMS?**\
Not required. You can add an **SMS section** to your existing privacy policy that covers opt-in, opt-out, usage, sharing, retention, and contact.

**Is double opt-in mandatory?**\
No, but it's recommended for **promotional** messaging and improves compliance evidence.

**Does this apply to toll-free numbers?**\
Yes. **Toll-free verification** is separate, but the same privacy expectations apply.

***

## Final compliance checklist (before you submit)

* ✅ Publish/update your **SMS privacy policy** (with SMS Terms and Conditions).
* ✅ Link it in your **footer** and on **all opt-in forms**.
* ✅ Include **consent flow** and **STOP keywords** in sample messages.
* ✅ Submit with **accurate business info** that matches public records.
