Building 10DLC-compliant privacy policies
- The type of information your organization collects
- How your organization collects that information from users
- How your organization uses and shares any information collected
- Explain how your organization protects user data
Explicitly Stating that Your Organization Does Not Share Information
A generated policy will contain separate sections for each topic of your policy. There will typically be a section regarding when information is shared with others. We recommend asserting your commitment to not sharing information without consent or legal obligation with the following language at the beginning of this section:
"[Your organization] maintains strict privacy policies, ensuring that personal information of our users and members is not sold, rented, released, or traded to others without prior consent or legal obligation."
Next, review any bullets in the section about sharing information for anything that is inconsistent with the requirements mentioned so far. Mentions of marketing can lead to the rejection of the use case, so these should be reworded or removed.
"SMS Opt-Out: If you are receiving text messages from us and wish to stop receiving them, simply respond with either "STOP" or "UNSUBSCRIBE" to the number from which you received the message. Once we receive your message, you will no longer receive further text messages from us."
Before You Submit