Engage - Privacy Policy Guidelines

Twilio, the provider that verifies toll-free messaging, requires your practice website to include a Privacy Policy. Below are the guidelines for what qualifies as an acceptable Privacy Policy.

Source: Twilio.com

Privacy policy and Terms and Conditions

Every registration needs to include both a privacy policy and terms and conditions, and they need to meet specific requirements that protect your customers and keep you compliant with industry standards. Both are required for approval. In your privacy policy, Twilio checks for language that makes it clear that Messaging Consent data isn't being shared, sold, or bought. Here’s an example of the language we look for:

“All the above categories exclude text messaging originator opt-in data and consent; this information won’t be shared with any third parties.”

Your privacy policy must:

• Disclose what data you collect and how it’s used
• Explain that information won’t be shared with third parties or for marketing purposes (required by CTIA)

Your terms and conditions should generally include: 

• Program or brand name
• Program description
• Message and data rates may apply disclosure
• Message frequency (or recurring message disclosure)
• Customer support contact information
• Complete opt-out instructions (HELP and STOP), displayed in bold
• Link to the privacy policy
• Disclosure that states "Carriers are not liable for any delayed or undelivered messages"

We recommend consulting with your legal counsel to make sure that your terms of service and privacy policy are compliant with applicable laws and consistent with standards for your particular campaign and industry. 

Pro tip: Consider creating messaging-specific privacy policies and terms and conditions rather than updating your main company documents. Dedicated messaging policies are easier to keep current if requirements change.