- Resources
- >>
- FAQ Category
- >>
- Compliance & Regulations
Compliance & Regulations
Compliance & Security
At WeAreSMS, security, privacy, and responsible messaging are central to how we operate. Our platform is designed to help businesses communicate with their customers while maintaining the highest standards of data protection, regulatory compliance, and messaging integrity.
Data Protection & Privacy
We operate in accordance with UK GDPR and EU GDPR principles and act as a Data Processor on behalf of our customers.
This means:
Customers remain the Data Controller of their contact lists
We process data solely to deliver SMS communications
We never sell or share customer data for marketing purposes
Our platform may process the following data when customers use the service:
Phone numbers
Contact names (optional)
Message content
Delivery metadata (timestamps, delivery status)
Customer data is securely stored within our cloud infrastructure and protected using industry-standard security controls.
Customers maintain control over their data and may delete contacts and message records at any time through the platform.
Platform Security
We employ a range of technical and organisational measures to protect customer data.
Data encrypted in transit using TLS
Secure infrastructure using industry-standard encryption
Role-based user permissions
Secure authentication controls
Administrative activity logging
Our infrastructure is hosted with trusted cloud providers and designed to ensure reliability and resilience.
Sub-processors & Infrastructure
We may use trusted third-party providers to support service delivery, including:
Cloud infrastructure providers
SMS routing and telecommunications partners
All subprocessors are required to meet strict security and privacy standards.
Messaging Compliance
Responsible messaging is essential for protecting consumers and maintaining trust in SMS communications.
All users of our platform must comply with applicable messaging regulations including:
UK Privacy and Electronic Communications Regulations (PECR)
UK GDPR / EU GDPR
Ofcom messaging guidelines
International carrier policies where applicable
Customers must ensure that recipients have provided clear and verifiable consent to receive SMS communications.
Examples include:
Website sign-ups
Customer account notifications
Service updates
Promotional opt-ins
Our platform supports automatic handling of common opt-out commands including:
STOP
UNSUBSCRIBE
CANCEL
Recipients who opt out are automatically added to suppression lists to prevent further messaging.
Acceptable Use
To protect consumers and telecom networks, the following activities are strictly prohibited:
Spam messaging
Phishing or fraud
Impersonation of brands or organisations
Illegal marketing campaigns
Harassment or abusive messaging
Accounts found violating these rules may be suspended or terminated.
Abuse Prevention & Platform Monitoring
To protect telecom networks and message recipients, we actively monitor for suspicious or abusive behaviour.
This includes:
Monitoring sending patterns
Detection of abnormal traffic volumes
Review of suspicious campaigns
Enforcement of acceptable use policies
We reserve the right to restrict or suspend accounts involved in harmful messaging activity.
Responsible Messaging
SMS is a powerful communication channel. We are committed to ensuring it is used responsibly, transparently, and in compliance with all applicable regulations.
Our policies are designed to protect both businesses and consumers while maintaining the integrity of the messaging ecosystem.