Trying to wrap your head around what is actually compliant when it comes to proving that a customer has opted-in to your business text messages?
Maybe you’ve had your 10DLC registration application rejected and don’t understand why your opt-in proof isn’t compliant. Or maybe you feel confused and frustrated after reading other guides about SMS opt-in texts.
We may not be qualified to give legal advice (or play lawyers on TV), but we’ve gathered some of the best SMS opt-in templates to steer you in the right direction. We also provide some use case-specific examples you can draw from.
Here’s a no-nonsense look at compliant SMS opt-in examples so your campaigns can get approved and you can get back to texting customers quickly.
Key terms to know for SMS compliance
Before we jump in, here are key terms you should know:
- Opt in: Getting consent to message a recipient. For a list of contacts you intend to message, this is typically done through an opt-in form.
- Opt out: A customer asks to be removed from your subscriber list. If they choose, they can opt back in later.
- Single opt-in: A user opts into your campaign through a web form, email, or check box.
- Double opt-in: A user opts into your message campaign, and then opts in again (usually via text or email).
- Transactional texts: These are messages designed to inform rather than persuade, such as shipping updates or appointment confirmations. They’re typically triggered when customers take an action like making a purchase on your website. Order confirmation, two-factor authentication, and password resets fall into this category. Since they’re not marketing anything to customers, they don’t require double opt-in.
- Promotional texts: These are marketing campaigns that include discounts, flash sales, promotions, coupons, and more. You need written SMS consent as per regulations to protect consumers from spam. Double-opt-in is a good way to cover all your bases.
- Implied consent: If a customer initiates an SMS conversation, your business has implied consent and can respond to them as long as your message is relevant to the conversation.
- Express written consent: A customer agrees to receive texts for a specific purpose when they provide their mobile number. You can record consent via phone call, direct text, web form, or even a piece of paper.
- SHAFT regulations: SHAFT stands for ‘Sex, Hate, Alcohol, Firearms, and Tobacco/Vaping.’ These are highly regulated SMS categories — any message pertaining to them requires a shortcode. With OpenPhone, you can’t send messages promoting SHAFT content.
- 10DLC: This stands for 10-digit long code, which allows you to send messages with better deliverability and compliance. We wrote a full guide to A2P 10DLC compliance here, but if you just want the SparkNotes, it uses virtual local numbers to connect with individual recipients.
- Campaign: A group of business messages designed to reach a specific goal. For SMS marketing, this could be something like customer satisfaction surveys.
- Call to action (CTA): A section on 10DLC registration where you describe how customers opt in to messaging campaigns. For promotional messages, this could be something like, ‘customers check a box on a web form after entering their number to receive texts.’
- TCR: This stands for The Campaign Registry, which is the organization responsible for authorizing 10DLC campaigns. OpenPhone can help you navigate this process and ensure deliverability in the US and Canada.
How to prove SMS opt-in for A2P 10DLC registration
When you complete A2P 10DLC registration with your virtual phone provider, you need to indicate how your contacts opt in (and by opt-in, we mean they give you explicit consent to send them text messages). For OpenPhone customers, this is under “How do you collect consent to send text messages?” For other providers, this may be labeled under Call to Action (CTA).
Your options here include:
- Verbal consent: Exactly what it sounds like. If you record calls for compliance reasons or are having an in-person conversation with a customer, you can ask them to confirm their consent to receive SMS messages.
- Physical form: Customers indicate their consent on physical paper. Be sure to keep a copy for your records.
- Text: Customers initiate the first text to your business, sometimes with an SMS keyword (which we’ll cover later). Just keep in mind all future messages must stay on topic. If contacts request a quote, for example, you can’t start sending marketing messages without consent.
- Web form: A web form prompts users to enter their mobile phone number and opt into text messages. Keep in mind the checkbox for opting in must be selectable by the user and should not be preselected.
- QR code: You can use a QR code to send customers to a form where they opt in to your marketing list. This is best paired with double-opt-in.*
*OpenPhone does not support mass texting marketing lists and does not have an option for using a QR code to show a contact has opted-in to your text messages.
What you need to include in the call-to-action
Any verbal consent script, physical form, or web form needs to contain the following information to provide clear and conspicuous details on how an end customer consents to receive messages and understands the purpose of the messaging:
- The program or product description
- Telephone number(s) from which messaging will originate
- Identify the organization or individual being represented in the initial message
- Clear and conspicuous language about opt-in and any associated fees or charges
- Compliant Privacy Policy: A privacy policy must state that no mobile information will be shared with third parties/affiliates for marketing/promotional purposes. Information sharing with subcontractors in support services, such as customer service, is permitted. All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
- Other applicable terms and conditions (e.g., how to opt-out, customer care contact information)
Not following these legal requirements could mean losing your privileges to send SMS in the future.
What about proving consent?
In addition to providing opt-in information, you may also need to prove how you gather consent with a screenshot or script. If the way you collect consent can’t be verified, your registration may be rejected.
What you need to include in a compliant SMS opt-in text
After a contact subscribes to your campaign, you must send an opt-in text message that includes:
- The program name or product description
- Customer care contact information (like a toll-free number, 10-digit telephone number, or HELP command instructions)
- How to opt-out
- A disclosure that the messages are recurring and the frequency of the messaging
- Your “message and data rates may apply” disclosure
Curious what this looks like in real life?
Let’s look at some templates you can start using today.
Single opt-in examples
Single opt-in is perfectly acceptable for campaigns that don’t include marketing messages. Welcome texts, appointment reminders, and alerts fall under this category.
You can capture single opt-in consent verbally, through a form, or with a QR code.
Here are some examples of single opt-in SMS messages:
General confirmations
These basic confirmation messages have all the nuts and bolts you need for SMS opt-in compliance.
[Business]: Welcome! Message and data rates may apply. MSG frequency is recurring and varies. Reply HELP for help, STOP to cancel. Read full terms and privacy policy here: [URL].
[Business]. Welcome [name]! You’ll receive (number) messages about (use case) per month. Message and data rates may apply. Read full terms and privacy policy here: [URL]. Reply STOP to unsubscribe.
You are now subscribed to [business] [use case] messages. Frequency varies. Msg & data rates may apply. Read full terms and privacy policy here: [URL]. To cancel, reply STOP. For help, reply HELP.
Welcome to [use case] messages from [business]. Frequency varies, and msg/data rates may apply. You may cancel at any time by replying STOP. Read full terms and privacy policy here: [URL]. For help, call [number].
Here’s a confirmation message from skincare brand Barefaced:
Confirmation messages after verbal opt-in
If your company asks for single opt-in consent during calls, you can send one of these texts to confirm next steps:
[Business]: You have verbally subscribed to our [use case] texts. Message and data rates may apply. To confirm, reply YES. To cancel, reply CANCEL. For help, reply HELP. You may view our terms and privacy policy here: [URL]
Hey, [name]! We spoke on the phone recently and you indicated you’d like to receive SMS messages. Message and data rates may apply. To cancel, reply CANCEL. For help, reply HELP. You may view our terms and privacy policy here: [URL]
Hi [name], this is confirming your subscription to [business] SMS messages. It also links to our terms and privacy policy here: [URL]. Message and data rates may apply. You can always unsubscribe by replying STOP.
Double opt-in examples
Double opt-in is required if you’re sending SMS marketing texts, though it’s generally a good practice in almost any situation.
It also applies to digital subscriptions like filling out a web form or a pop-up on your site.
Here are some examples to get you started:
General confirmations
Double opt-in requires you to send two messages: one introducing your company and one including the particulars (like message frequency, for example).
Here are some examples with both steps to get you started:
1. Hi there! Text YES to confirm [business] can send recurring [use case] messages.
2. You’re in! Messages are recurring and frequency varies. Text STOP to cancel. HELP for help. Read full terms and privacy policy here: [URL]. Message and data rates may apply. Consent not required to purchase.
1. Hey [name], this is [name] from [business]. You filled out an online form and said we could text you at this number. Is that still okay with you?
2. Thanks for confirming!” Msg frequency varies. Message and data rates may apply. Read full terms and privacy policy here: [URL]. Text STOP to cancel. HELP for help.
1. Almost there! Please confirm [business] can send you text messages about [use case]. Reply YES to accept or STOP to unsubscribe at any time.”
2. You are now subscribed to [campaign] from [business]. Message frequency varies and msg/data rates may apply. You can read our full terms and privacy policy here: [URL]”
1. [Name], you indicated interest in receiving SMS messages from [business]. To confirm, reply YES.”
2. Thanks for confirming. You’ll now receive up to [number] [use case] messages per month. Msg/data rates may apply. Our privacy and terms can be found here: [URL]
HIPAA-compliant confirmations
If you’re a healthcare company working under HIPAA, you need to let patients know SMS isn’t always secure.
Here are a couple of ways to make this clear:
[Business] would like to send you text messages and timely updates. Please note that text messaging is not entirely secure. To confirm, reply YES. Text HELP for Help and STOP to cancel. Message and data rates may apply. Msg frequency varies. Read full terms and privacy policy here: [URL]
You have indicated your interest in receiving important messages from [company]. As a HIPAA-compliant organization, we must inform you SMS is not a fully secure channel. To opt into messaging, reply YES. Msg/data rates may apply. Msg frequency varies. Read full terms and privacy policy here: [URL].
Opt-in examples by use case
If you don’t want to see your 10DLC application get rejected, you need to build compliant opt-in messages for every campaign you build. Remember, any text, written, or web form opt-ins require terms and conditions and a privacy policy.
Fortunately, this doesn’t have to be complicated.
Here are 14 examples for three different departments.
Customer service opt-in examples
You can use these templates in customer service scenarios like tracking a ticket number or confirming a shipping date.
1. Verbal opt-in example
TCR and other third-party entities that review 10DLC registrations typically want to see the typical conversations that happen when a customer opts in with your business, like in the following example:
Customer service rep: “If it would be helpful, [business] can send SMS messages providing real-time updates on the status of your ticket. If you’re interested, say YES, and I’ll send a confirmation text.”
Customer: “Yes, sure.”
Customer service rep: “Great! We will send you a confirmation text shortly to confirm your enrollment.”
2. Web form opt-in example
“Check this box to receive SMS messages regarding your recent order. Read the terms and privacy policy here: [URL]. Up to 5 messages per month, msg and data fees may apply. Reply STOP to cancel and HELP for help.”
3. Paper form opt-in example
“Would you like to receive customer service texts from [business]? We will not send you messages without your consent. Signing this confirmation form indicates you agree to receive [use case] text messages from [business]. You may reply STOP at any time to cancel or call us at [phone number]. You may request a copy of our privacy policy and terms at any time.”
4. Keyword campaign opt-in examples
A keyword campaign — sometimes called a text-to-join campaign — invites people to text your business first. You typically just need implied consent, but as always, marketing campaigns require double opt-in.
“Text [keyword] to [number] to receive updates on orders and shipping from [business].”
5. Mobile QR code opt-in example
“Scan this QR code to register your product. First, open your phone’s camera app. Then, click the generated link.”
Keep in mind if the QR code leads to a web form, it needs to meet the requirements for the forms mentioned above.
Sales opt-in examples
You can use these examples to help customers opt in to sales messages, such as getting a quote or requesting a demo.
1. Verbal opt-in example
This example is for when your team applies for A2P registration, as the TCR and other third-party entities reviewing your application want to see how part of an example conversation goes when potential customers opt into receiving texts from your company.
Sales rep: “Our sales team can put together a proposal and send it back to you ASAP. If you’re interested, we can send SMS messages with your quote, proposal, and other collateral. Say YES, and I’ll send the confirmation text.”
Customer: “Yes, please!”
Sales rep: “Excellent! Expect a confirmation text confirming your enrollment very soon.”
2. Web form opt-in example
“Get a quote from [business] today. Check this box to receive messages from our sales team, and we can send a copy of your quote via text. Message frequency varies, and data rates may apply.”
Make a copy of this SMS-compliant opt-in form for your website so that users can fill out to subscribe SMS updates and notifications from your company.
If you’re an OpenPhone customer, you can send an automatic text message after someone fills out a Jotform using the Zap below:
Check out our guide to the OpenPhone Zapier integration for more information.
3. Paper form opt-in example
“Signing this agreement authorizes [business] to send SMS messages to your number for sales purposes. Message frequency varies, and data rates may apply. Please sign and date the bottom of the form to indicate you’d like to hear from us. You may request a copy of our privacy policy and terms at any time. Replying to our messages with STOP will cancel your subscription. You may also call us directly at [number].”
4. Keyword campaign opt-in examples
“Text [keyword] to [number] to [complete action]. Message and data rates may apply. Message frequency varies. Text STOP to [number] to cancel. Text HELP to [number] for help. Read full terms and privacy policy here: [URL].”
Marketing opt-in examples
As mentioned, brands need express written consent before sending marketing messages. The best way to do this is by having customers opt in — with a web form, verbally, or a QR code — and then confirm their consent via text.
1. Verbal opt-in example
Verbal opt-in is the most challenging method for verifying marketing messages. However, it’s still acceptable if you provide sufficient details for the TCR and its third-party reviewers about the normal communication between your business and customers.
Try saying something like this:
Business support rep: “Thanks for calling us today. We’re enhancing our communication to keep you informed about special offers and discounts via text messages. Would you like to opt in to receive SMS notifications from us?”
Customer: “Yes I do, sounds great.”
Business support rep: “Excellent choice! You’ll receive a confirmation text for your enrollment very soon.”
Confirmation text after verbal opt in
We suggest sending a confirmation text after a customer verbally opts in and then using the customer’s reply text as a confirmation.
Once they’ve consented over the phone, you can send a message like this:
Thanks for signing up to receive text notifications about [topic] from [business]. Reply with YES to confirm your preferences. Text STOP to cancel and HELP for help. Message and data rates may apply. Read our terms and privacy policy here: [URL]
2. Web form opt-in example
Web forms make it easy to passively collect opt-in requests. This example from Sephora is a great way to start:
3. Paper form opt-in example
A visitor at your store can fill out a physical form providing their phone number and consenting to your texting campaign.
Here’s a good example from the HHSA:
4. Keyword opt-in example
With keywords, customers can opt into marketing messages without a form. It’s also an easy way to confirm double opt-in, like in this example from Papa Johns:
5. Mobile QR code opt-in example
You can use QR codes to link to an online form, initiate a text message, or open an opt-in webpage.
If you’re redirecting to an online form, it must be live before completing your 10DLC registration.
Here’s an example from Amazon’s Share a Smile Campaign:
5 best practices for SMS consent and compliance
As tempting as it is to jump straight into your TCR application, you should double-check your opt-in process unless you want a surprise rejection.
Here are some SMS opt-in best practices to improve your customer experience:
1. Send a confirmation text
Once a customer opts in to your campaign, you should send a confirmation message to set their expectations.
If you don’t send an initial message within a reasonable period, you will need to reconfirm their consent in the first message you send.
For example, you may want to say:
“Hey [name]! To confirm your subscription to [business] SMS messages, reply YES. To opt out, reply STOP. Message and data rates may apply. Read our terms and privacy policy here: [URL].”
As always, be sure to include opt-out language to keep your campaign compliant.
Other SMS opt-out examples
Here are a few other ways to explicitly provide opt-out instructions at the end of your confirmation text:
- Reply STOP to unsubscribe
- To opt out of receiving texts from us, reply STOP
- If you no longer wish to receive texts from us, reply STOP
If you’re an OpenPhone customer and one of your contacts opts out, we automatically send them a message confirming they’ve successfully opted out.
2. Get consent for each campaign
Different SMS campaigns require different opt-in messages. If you send promotional and transactional text messages, you need to get consent for each campaign separately.
Also: customers consenting to one type of campaign doesn’t allow you to send messages from other brands or companies. For example, if you own a soap-making business and a dog-walking business, you can’t cross-promote marketing messages without express implied consent for each.
3. Avoid generic link shorteners
Trying to save space by shortening your links? Don’t use generic link generators. Spammers love using shared public URL shorteners, so most US carriers automatically block messages containing bit.ly or tiny.url links.
You can shorten links by:
- Removing https:// and www from the URL (like openphone.com)
- Signing up for a messaging service offering custom link shortening
- Shrinking the body copy to make space for the link
4. Be aware of forbidden messaging categories
We’ve already covered SHAFT messages, which refer to highly regulated subject matter. But we haven’t yet covered forbidden messaging, which includes even more sensitive content.
With OpenPhone, you’re forbidden from sending texts that promote:
- Get-rich-quick schemes
- Illegal items and substances
- Debt forgiveness and collection
- Third-party lead generation services
- Risky financial services (like payday loans)
Even if you have implied written consent, these are still forbidden messaging categories and not a fit for OpenPhone.
5. Keep a record of SMS opt-ins
Unwanted text messaging has become a hot-button issue, which means even as a small business, the cost of noncompliance is steep. Class-action lawsuits can cost you thousands of dollars, inevitably impacting your brand image and reputation.
In case a dispute arises with new subscribers, you should keep proof of opt-in consent for each customer — even once they’ve opted out.
OpenPhone workspace owners can easily bulk export all their message logs in case a dispute arises.
Staying SMS compliant
SMS compliance can feel like navigating a minefield, and running afoul of the TCPA could jeopardize your SMS privileges.
Thankfully, most of the basics are common sense: get explicit consent from contacts, optimize your messages with disclosures, and build a solid opt-out/opt-in process so recipients know what to expect. If you’re specifically sending promotional messages, you must use double opt-in to double-check recipient consent.
Keep in mind SMS compliance changes all the time, so you need to keep an eye out for any major updates.
Read our guide on SMS compliance and learn best practices to ensure you can keep texting customers without interruption.
