Website Edit Requirements for SMS Compliance

This document summarizes mandatory website edits needed for SMS 10DLC registration and compliance. These edits ensure that your brand’s Terms & Conditions and Privacy Policy meet carrier vetting standards and align with the Telephone Consumer Protection Act (TCPA).

1. Overview

Your website will be reviewed during campaign vetting to verify:

  • Consumers provide clear and verifiable consent (opt-in) before receiving text messages.

  • That your site contains mandatory disclosures for Terms & Conditions and Privacy Policy.

  • The website content does not contain disallowed material (SHAFT-C: Sex, Hate, Alcohol, Firearms, Tobacco, or Cannabis).

Failure to meet these website requirements is one of the top causes of campaign rejection.

2. Terms & Conditions Page (Mandatory)

✅ Required Elements

Your Terms & Conditions (or Terms of Service) page must include:

  1. Program / Brand Name
     The brand name must match the business name being registered for the SMS campaign.

  2. Type of Messages
     Specify what types of messages consumers will receive (e.g., order updates, quotes, customer support, promotions, etc.).

  3. Message Frequency
     Indicate how often messages are sent (e.g., “Message frequency varies,” or “Up to 4 msgs/mo”).

  4. Message & Data Rates Disclosure
     Include the phrase:

     “Message and data rates may apply.”


  5. HELP Information
     Include a clear statement like:

     “Text HELP for help or contact support@[yourbrand].com.”


  6. Opt-Out Instructions
     State how users can stop messages:

     “Text STOP to stop receiving messages.”
     (Other acceptable words include END, CANCEL, or UNSUBSCRIBE.)


  7. Links to Privacy Policy and Terms of Service
     Both links must be easily accessible and clickable.

? Example (Compliant Script)

“Do you consent to receive SMS from [Brand] for the purposes of providing quotes and customer support? You can opt in by providing your verbal consent, and you may opt out at any time by replying ‘STOP’ or by contacting us via phone or email. Text HELP for help. Message frequency varies. Message and Data Rates may apply. Do you agree to our Privacy Policy and Terms and Conditions as stated on our website: [brand].com?”

⚙️ Implementation Notes

  • If your business collects opt-ins via a verbal script, include that exact language on the site for reference.

  • Ensure the phone number or short code for opt-in keywords is displayed if keyword opt-ins are used.

  • Keep the consent clear and one-to-one—no pre-checked boxes or bundled consent.

3. Privacy Policy Page (Mandatory)

✅ Required Elements

Your Privacy Policy must clearly address SMS practices and data handling. It should include:

  1. Non-Sharing Clause
     Explicitly state that user information will not be shared or sold for marketing or promotional purposes.

     “We do not share, sell, or rent your personal information to third parties for promotional purposes.”

  2. Opt-In Description
     Clarify how users opt in to SMS communications (e.g., via verbal consent, website form, or keyword).
     Example:

     “By providing your verbal consent, you agree to receive SMS messages for quotes and customer support from [Brand].”


  3. Opt-Out Instructions
     Users must be informed how to stop receiving messages:


     “You may opt out at any time by replying STOP or contacting us.”


  4. Message & Data Rates Disclosure


     “Message and data rates may apply.”


  5. Contact Information
     Provide at least one contact method: email and/or phone number.

⚠️ Privacy Policy vs. Terms & Conditions

Purpose

Terms & Conditions

Privacy Policy

Focus

Rules governing SMS program use and consent

How personal and mobile data are collected, stored, and shared

Covers

Message frequency, HELP/STOP language, consent details, link references

Data handling, privacy protection, and opt-out procedures

Why Required

Demonstrates compliance with SMS communication regulations

Demonstrates compliance with data privacy and non-sharing laws

? Common Privacy Policy Errors

  • Stating data will be shared for “marketing, services, or promotions” – this will fail vetting.

  • Missing the non-sharing clause for SMS consent data.

  • Not explaining the opt-in or opt-out process.

4. Contact / Lead Form Requirements

If your website includes a contact or “Get Started” form:

  • The phone number field must be optional (not required).

  • Add an SMS disclaimer near the form or in a pop-up for users who consent to receive texts.
     Example:

     “By providing your phone number and verbal consent, you agree to receive SMS messages from [Brand]. Message frequency varies. Message and Data Rates may apply.”


5. Final Notes

  • Both the Terms & Conditions and Privacy Policy pages are mandatory for 10DLC approval.

  • The pages must be publicly accessible—no login required.

  • Ensure the brand namecontact details, and URLs are consistent across all pages.

  • Always include a clear HELP and STOP reference.

  • Capture screenshots of all updated pages before submission.


✅ Pre-Submission Checklist for Website Edits 

  • The Terms & Conditions page includes: brand name, message types, frequency, HELP, STOP, and rate disclosure.

  • Privacy Policy page includes a non-sharing clause and explicit SMS consent/opt-out.

  • Both pages link to each other.

  • The contact form phone field is optional.

  • All pages display “Message and Data Rates may apply.”


Suggestions & Best Practices for Customers

  • Start with a generator or template to avoid writing from scratch, but always tailor it to include your brand name, message types, SMS disclosures, opt-in language, etc.

  • Have legal review (or at a minimum, compliance review), especially if you operate in regulated sectors.

  • Always include the SMS-specific clauses (non-sharing, opt-in method, opt-out, message & data rates) — many generic templates will omit them by default.


2.6 SoundCurve website example: