How to comply with the bulk SMS law in Spain and Latin America?

Sending SMS in bulk is very useful and a fundamental pillar in any business communication strategy. However, it’s not strange that people have doubts about how to do it in a legal way, complying with all the laws and avoiding future problems. At LabsMobile, we have already informed you how the Spanish law works in this respect, but today we would like to take a step forward and focus on other countries, such as Mexico or Colombia and take a look at their regulations for sending SMS. Shall we?

But before starting, we would like to consider some aspects. The first one of them is following a series of good practices that can help avoid problems and comply with the law. 

1 Revise your database: we know that the database is a Holy Grail when it comes to sending SMS, but this must be licit. What does this mean? That you have to be sure that your contacts have given their consent to be part of their list. Ideally, they need to have clearly consented to receiving publicity.

2 Treat data in a confidential and safe way: it’s very important for you to be clear that the data given to you will only be used for marketing purposes of your company. Add that they’ll be treated with safety and confidentiality.

3 Always offer to unsubscribe:Athis is an option you have to include and needs to be visible and easy to execute. It’s also important that, when a client decides they don’t want to receive any more SMS, you unsubscribe them efficiently and quickly.

4 Give information about who you are: receiving SMS without having clear who is sending it is not very good. Ideally, your receivers should know who is writing to them and why. Also, as we’ll see below, the law makes you do this.

5 Don’t be too much. Send SMS that go to the point, when it’s necessary and when the occasion requires it (special offers, festivities…). If it’s too much, it’s possible that the client feels you’re being too invasive.

The Spanish laws for sending bulk SMS

Now that we’ve been through some general good practices, we would like to go deep into the laws of sending bulk SMS. We have already told you that in Spain there’s no specific law about sending text messages massively. However, the fact that there’s no specific law (in France it does exist), it doesn’t mean you can do whatever you want. Not at all.

There’s a legal framework we need to consider so as not to fall into a legal trap. These are two laws:

• Ley Orgánica 3/2018, from the 5th of December, of Personal Data Protection and digital rights guarantee.REGLAMENTO (UE) 2016/679 DEL PARLAMENTO EUROPEO Y DEL CONSEJO de 27 de abril de 2016, relative to real person’s protection when it comes to their personal data and the free circulation of this information.
• Ley 34/2002, from July 11th, of servicios de la sociedad de la información y de comercio electrónico. (LSSICE)

In the first and second one, the treatment of databases is regulated and having consent becomes mandatory. Also, it’s speficied that personal data should not be made known unless they are public. That is why it’s so important for you to manage yoru databases in a safe and confidential way. 

The LSSICE (Law of Society services of Information and eCommerce): take it into account

The second one, the Law of Society services of Information and eCommerce (also known as LSSICE) has as an objective the incorporation of the Spanish system to the European directions of the Information society. Even though it started in 2002, it has been updated several times, especially in certain fields, to adapt itself to the needs of an ever-changing world such as the internet. The last of these modifications is of 2020, so it’s important to watch out for this law.

For example, it introduces some guidelines for companies that obtain information from the internet and do business with it. It also establishes sanctions for those who don’t comply with the guidelines (which are quite elevated in terms of money), so we strongly advise you to not ignore them. 

The part that affects the sending of massive SMS is in the articles 21 and 22, which especifically talk about sending publicity and communications via email or other equivalent media. The law is extensive, but here we highlight many points you cannot miss:

• Sending publicity via email or any other medium is forbidden in case they have not been asked or at least authorized by the people who receive them. 
• The receiver can refuse at any time to receive these commercial communications by notifying the sender.

• You need to offer the receiver the possibility of having their personal data used for commercial purposes. This should be done in a simple and free manner, both when collecting the information and in any other type of communication you carry out. 

And in Latinoamerica? What laws should you take into account when sending SMS in bulk?

We already know how the law works in Spain, but what about Latin America? What laws should we take into account if we want to send our bulk SMS to Latam? Well, there’s no unified law for the continent but, roughly, msot countries have regulated the same aspects as in Spain. That is, they usually focus on data protection and in obligatory consent for publicity.

Laws for sending SMS in Colombia

So, for example, in Colombia there’s the law 1581 from 2012, where there are general aspects for the protection of personal data. Its objective is to give people the right to know, update, and rectify data companies have of them in their databases or archives.

Some of the points you need to take into account include:

• You have the duty to inform the person about the law and how you’ll manage their data.
• As a company, you need to have a clear procedure for complaints by any client, provider, employee, or third party.
• You need to have procedures for people to consult the information you have about them. 
• It should be easy for clients to take away their consent to use their personal data for commercial use. 
• As in Spain, you are obliged to offer a privacy notice.

The law also establishes sanctions for those who don’t comply with these regulations, so the lack of authorization to use personal data by users can be penalized. The same happens if the company does not respond to queries or demands made by users. The sanctions can be financial but they can also mean a cease of activity for a few months. 

México also has legislation: take a look at it

As we were saying before, most Latinamerican countries have been regulating aspects such as managing databases or treating personal data for publicity. Because of this, we need to consider these norms for sending SMS in bulk. 

In the case of Mexico, one of the laws to consider is the Federal Law of Personal Data Protection (Ley Federal de Protección de Datos Personales en Posesión de los Particulares). It’s a law from 2010 where it’s established, among other things that: 

• Obtaining personal data should not be done through fraudulent or tricky means.
• The treatment of personal data will be be subject to the person’s consent (except for some very concrete exceptions or when they are public data).
• It will be understood that the person tacitly consents to the treatment of their data when they have a privacy agreement before them and don’t oppose it.
• The owner of the data has to be presented with a privacy agreement.
• People have the right to access their personal data to modify them.
• Users have the right to cancel their data at any time.

How to comply with the bulk SMS law in Spain and Latin America?

As you can see, most countries regulate the same aspects, so it’s important that you have a licit database and that you have consent of all the clients you will send SMS to. It’s also important that you offer the possibility of unsubscribing easily and for free and that you show your data as a sender. In this way, you’ll make sure you are complying with the law and will save yourself some trouble!