consent-management-service-faq.pdf - etisalat uae
TRANSCRIPT
Etisalat Consent Management Service FAQ
Confidentiality Notice/Disclaimer
This document is disclosed only to the recipient to whom this document is addressed and is pursuant to a relationship of confidentiality under which the recipient has obligations of confidentiality. This document constitutes confidential information and contains proprietary information belonging to Etisalat. The confidential information is to be used by the recipient only for the purpose for which this document is supplied. The recipient must obtain Etisalat written consent before the recipient or any other person acting on its behalf, communicate any information on the contents or subject matter of this document or part thereof to any third party. The third party to whom the communication is made includes an individual, firm or company or an employee or employees of such a firm or company.
The recipient, by its receipt of this document, acknowledges that this document is confidential information and contains proprietary information belonging to Etisalat and further acknowledges its obligation to comply with the provisions of this notice.The contents of this document are provided in
commercial confidence, solely for the purpose of evaluating whether the contract should be awarded to Etisalat.The information contained in this document represents the views and opinions of Etisalat on the issues discussed, as of the date of publication. Due to the dynamic nature of the industry and the technology that it depends upon, Etisalat makes no warranty as to the long-term accuracy of the assessments made herein.Copyright © Etisalat. All rights reserved.
All product and company names mentioned herein are trademarks or registered trademarks of their respective owners.
Section 1 – FAQs FAQs for Consent Management & Re-registration of Sender IDs on CMS
Why do we need to segregate traffic between transactional and promotional messages?
Regulatory Authority has issued a new set of instructions to the existing UEC policy on 30th Jan 2020, which mandates the differentiation of the sender IDs by categorising them between promotional and transactional SMS. All promotional sender IDs need to have an “AD-“prefix.deployment thanks to our secured UAE-based data hosting on our state-of-the-art Etisalat Cloud.
What is a Valid Consent?
Valid Consent has the following attributes:
• Can be produced in a tangible form
• Explicit i.e., the exact words are NOT buried inside Terms and Conditions
• Can be in the form of Paper/Physical or Electronic
1. 2.
• Paper or Physical Consent needs to have:
Mobile Number
Date and Time
Signature of the Mobile Customer
Exact words used to capture the consent
• Electronic Consent, in addition, should also capture channel details to other information to uniquely identify the customer
What is UEC - Unsolicited Electronic Communication?
Unsolicited Electronic Communications means Electronic Communications (SMS and MMS) sent to a Recipient without obtaining/soliciting the Recipient’s Consent before sending the message. Such communications are considered as SPAM by the Regulatory Authority.
What are transactional messages?
Non-marketing electronic messaging communication is referred to as transactional messages. Some examples are SMS that informs transactional details of a recent purchase, SMS sent to staff as notification for employee communications such as payroll, attendance, employee relations matter, password reset, etc.
How many characters are allowed for transactional sender IDs? • 11-3 characters
• Can be Alpha or Alphanumeric or Numeric
• Max 2 special characters allowed
• Spaces are allowed but should not end with space
3.
4.
5.
Do we need to re-register transactional sender IDs as well?
All existing sender IDs both transactional and promotional should be registered in the new Consent Management platform. Transactional Sender IDs should be only registered in Consent management Platform, however there will be no consents uploaded for Transactional Sender IDs. Only promotional Sender IDs registered in Consent management Platform will have consents against them.
6.
What are promotional messages?
A promotional message is a marketing communication sent by a brand to customers with the purpose of:
• Offering to supply goods, services or business opportunity
• Advertising or promoting goods, services or business opportunities
• Any other purpose as designated by the Regulatory Authority
7.
How many characters are allowed for promotional sender IDs?
• 8 characters (excluding AD-)
• Cannot be only Numeric (excluding AD-)
• Max 2 special characters allowed (excluding-)
9.Is it mandatory to send promotional messages using a sender ID with “AD-“ prefix?
Yes, as per the new UEC policy, it is mandatory that any promotional messages being sent to UAE mobile numbers should have a sender ID with the prefix “AD-“. For e.g., if we are using “MyBrand” as a sender ID to send both promotional and transactional messages then we need to register a new sender ID – “AD-MyBrand” to send promotional messages. “MyBrand” sender ID can be used to send transactional messages only.
8.
What are applicable penalties if we send a promotional message over a non “AD-“ prefix sender ID?
Authorities can apply suitable penalties that might include, but are not limited to, temporary or permanent disconnection of the service or financial penalties, as TRA deems appropriate.
10.
What is the process to register an “AD-“ sender ID?
An NOC letter is still required if there any changes in the existing sender ID or if a new sender ID is being registered. Examples are provided below for your understanding:
• Existing sender ID: “MyBrand”
You want to register the same sender ID with “AD-“prefix i.e. “AD-MyBrand”. NOC is required.
11.
• Existing sender ID: “SuperBrand” You want to register the sender ID with “AD-“prefix but need to reduce the size of the sender ID due to the 8-character limit. New sender ID is: “AD-SprBrand”NOC is required.
• You want to register a fresh sender ID: “AD-NewMark”
NOC is required.
Customers have to raise an order through their sales managers/CP. The NOC document should be provided on the company’s letterhead, duly signed and stamped. Customers can send a digitally signed NOC letter on their organisations’ letterhead.
What will be the process to use Sender ID’s in Etisalat’s messaging service, for Aggregators?
As per the current process Aggregators are approved any sender ID only if the NOC is submitted from Brand. The same process will make sure that all authorized aggregators get access to Brands sender ID. Please refer to the Annexure A below for the NOC format that should be used.
By when do we need to complete the “AD-“ sender ID (re-)registration process?
Etisalat’s committed deadline was 3rd Nov 2020. Etisalat urgently recommends that customers start registering the promotional sender IDs as per TRA guidelines asap.
12.
13.
What is sender ID segmentation?
Sender ID segmentations allows for an additional classification of the marketing/ transactional text messages and distinguishes them according to the type of the advertising/message material. The marketing messages can be classified under any of the following segments:
14.
Banking services
Real estate services
Health services
The transactional messages can be classified under any of the following segments:
Banking services
Real estate services
Health services
Education services
Retail sale services
Tourism services
Government
Energy & Utility
Education services
Retail sale services
Tourism services
Do these regulations apply to government entities?
These regulations do not apply to government entities as government entities do not send marketing SMS. Therefore, they do not need to take any action on Consent upload. However, all new sender IDs required by government entities will require registration on the CMS service.
How do we identify government entities?
All customers with a “zzzzz.gov.ae” domain are considered as government; the rest will need to segregate the sender IDs as per instructions.
15.
16.
What is consent?
Consent is a proof that the mobile subscriber gives to a messaging service customer or enterprise allowing the enterprise to send promotion/marketing
17.
SMS to the mobile subscriber. While capturing consent, the following principles need to be kept in mind:
• The consent should be explicit, i.e. it cannot be hidden within the terms and conditions that are listed on a URL or are overleaf.
• The consent must contain date, time, customer’s mobile number and, in case of physical consent, the signature of the customer.
• In case of consent received over the internet, the consent must also capture the IP address in addition to the requirements of physical consent.
• In case of physical i.e. written consent, the customer must sign the document.
• A proof of purchase such as receipts are not valid consent.
• Any verbal communication is not a valid consent.
18. How should the consents be acquired from existing and new customers?
All forms of Consent (Digital/ physical) are acceptable as so long as the Consent can be stored and presented in tangible form whenever requested. Customers can acquire consents using emails, WhatsApp and social media channels to publish links of consent forms. Customers shall not send a request to a Mobile Subscriber for acquiring Consent using Mobile Text Messages or voice calls.
Regarding Consent the text should clearly specify the ‘Brand name’ or ‘Group name’ (incase if big conglomerates) and there is no need to specify the Sender ids and can say “I agree to receive marketing communication form “xyz brand or group”.
19. How should consent be stored?
All forms of consents are acceptable as so long as the consent can be stored and presented in tangible form when required by TRA. The record of a consent shall include the following:
Analog Consent details • MSISDN: MSISDN should start with 971 and
should be 12 digits.
• Date of consent gathering: Date column should be in this “YYYY-DD-MM” format
• Time of consent gathering
• Evidence File name
CSV File size should not exceed more than 2 MB, CSV file to be uploaded around 50K records
Evidence file size: 50 MB zip file (Individual files in PDF or JPG format)
Digital Consent details • MSISDN: MSISDN should start with 971 and
should be 12 digits.
• Date of consent gathering: Date column should be in this “YYYY-DD-MM” format
• Time of consent gathering
• Channel Column
• Channel value column
• Digital ID column
CSV file to be uploaded: 2MB around 50K records
20. Will Consent management allow re-creation of Short code as well?
Short codes cannot be used as sender id for promotional SMS. Short codes can only be used as Sender ID for Transactional SMS. Hence consents are not applicable for Short codes. Consents are only applicable for Sender ID starting with “AD-“.
21. What is the evidence file and what is the format?
Evidence file is the scanned copy of the form that is signed by customer while providing consent on a physical form. Such consents acquired on a physical form (paper form) are called Analog Consent.
Evidence file size: 50 MB zip file (Individual files in PDF or JPG format) only applicable for Analog Consents.
22. What is Consent API used for?
The Consent Management API is currently available to update, in real time, digital Consents that are being acquired by Brands/Customers. This API cannot be used for revoking consents.
23. Consent for each mobile number has to be managed at Brands account level or Sender Id level?
Consents are generally acquired by Brands/ Customers either at the Brand level or its affiliate level. In the new Consent Management Service you will be allowed to upload and manage consents against each Sender ID or for a group of Sender IDs.
24. What is scrubbing and who will initiate trigger towards CMS system?
Scrubbing is checking for consent on the CMS before a promotional message is sent to a mobile subscriber. A trigger will be initiated towards the CMS system to verify consent each time a promotional SMS is being sent to a mobile subscriber. Etisalat will initiate trigger toward CMS.
25. Will the on-going SMS service be disrupted from the Go-live date of CMS process due to lack of registration on CMS portal?
There will be no impact on the ongoing SMS messing service till the time scrubbing check is implemented.
26. Please explain the requirement for power of Attorney/ LOA document. Please share the format of LOA?
Power of Attorney is the letter of Authorization for devolution of power to a person or organization to act on someone’s behalf. These powers include handling financial and business transactions.
Passport copy/ Emirates ID of the authorized person would be required in this case. For format please refer Annexure B.
27. What opt out mechanism to be used for promotional SMS footer?
All promotional SMS should have an optout option for the mobile subscribers in the footer. It is mandatory, as per policy, to have only 7726 blocking mechanism. 7726 based blocking is a managed and maintained by the operator. Before any promotional SMS delivery this blocking database will be checked by the operator to take necessary action. Sample stated as below:
B <Sender ID> to 7726
28. Are the brands allowed to send out consent campaigns [with a link] to their subscriber database now and to the unconsented subscribers once the CMS has gone live?
As a principle, if an enterprise has already obtained the consent of the customer and
the consent meets the specifications of the UEC Policy, then there is no reason to ask the customers to reconfirm their consents.
As per article 9.2.5 of the Mobile Spam Regulatory Policy, the Messaging Services Subscriber (this is a Subscriber to whom the Messaging Service is extended by the Licensee for the purpose of sending it to the Mobile Subscriber) may not send requests for Consent to Mobile Subscribers by SMS or voice calls.
Since Messaging Services Subscriber already have consents, please make sure that all available Consent will only be acceptable as long as the Consent can be stored and presented in tangible form when required by the TRA (Article 5.3 of the Mobile Spam Regulatory Policy). Keeping this in view, promotional SMS can be sent to consented mobile subscribers asking them to get a confirmation on continuation of receiving promotional SMS.
Annexure A:
NOC format for using Sender ID in messaging services
Etisalat Consent Management Service –– FFAAQQ
PAGE 1100 OF 1122
ETISALAT CONFIDENTIAL
AAnnnneexxuurree AA:: NNOOCC ffoorrmmaatt ffoorr uussiinngg SSeennddeerr IIDD iinn mmeessssaaggiinngg sseerrvviicceess
Annexure B:
Letter of Authorization
- 1 - - 2 -
Etisalat Consent Management Service –– FFAAQQ
PAGE 1111 OF 1122
ETISALAT CONFIDENTIAL
AAnnnneexxuurree BB:: LLeetttteerr ooff AAuutthhoorriizzaattiioonn
Etisalat Consent Management Service –– FFAAQQ
PAGE 1122 OF 1122
ETISALAT CONFIDENTIAL
