SMS regulations in Spain are regulated by the Agencia Española de Protección de Datos (AEPD). AEPD ensures compliance to data protection and anti-spam legislation relating to electronic communications.
Key requirements for SMS marketing:
Privacy and data protection
Consumers have the right not to receive unsolicited marketing communications via SMS and must be informed of how their personal data is to be processed by an organisation.
Opt-in: Consent to marketing
Organisations must not send SMS marketing messages to individuals without their specific, valid and prior explicit consent. This consent must be recorded and kept as proof of consent. There is a limited exception for previous customers, where it is allowable to send unsolicited advertising of similar goods and services to those previously purchased by such customers.
Opt-out: Removal of consent to marketing
Organisations must stop sending marketing messages to any person who opts out from receiving them. All marketing messages must include opt-out instruction in the SMS message. The universally recognised method of opting out from receiving marketing communications via SMS is for a consumer to send STOP to a message they received. You also need to honour an opt-out request via other channels you can be contacted on, for example, via email or telephonically. A STOP confirmation message must be sent to the consumer to confirm the opt-out. This message should include the name of your company and the following words: “You have opted out. You will not receive additional messages”. Records of opt-out communications need to be kept.
SMS messages must be clearly identified as advertising commercial messages and include the word “PUBLI” at the beginning of a message. The message must also clearly indicate the name of the organisation or brand that is sending the message so that a consumer can identify who to contact.
Links to regulations and further information
- Regulatory body: Agencia Española de Protección de Datos (AEPD)
- Spanish Data Protection Act 15/1999 (Ley Orgánica de Protección de Datos, 15/1999), as amended in 2011.
- Regulation on the Data Protection Act (Real Decreto 1720/2007, de 21 de diciembre, por el que se aprueba el Reglamento de desarrollo de la Ley Orgánica 15/1999, de 13 de diciembre, de protección de datos de carácter personal), as modified in 2012.
- Royal decree 899/2009 on the Electronic Communications Services’ Users’ Rights (Real Decreto 899/2009, de 22 de mayo, por el que se aprueba la carta de derechos del usuario de los servicios de comunicaciones electrónicas.).
- AEPD Recommendations on Messages to Mobile with Commercial and Advertising Purposes (Recomendaciones a Usuarios Sobre Mensajes Coretos de Telefonia Movel), dated November 2008.
Disclaimer: The information contained in this note is for general guidance on compliance matters only. While we have made every attempt to ensure that the information contained here has been obtained from reliable sources, BulkSMS.com is not responsible for any errors or omissions, or for the results obtained from the use of this information. It shall be the sole responsibility of Users of BulkSMS.com’s services to familiarise themselves with all applicable laws, regulations and codes of conduct to which they may be subject and to ensure compliance therewith.