GDPR / TCPA compliance
CartBounty helps to save abandoned carts and uses customer personal data to send abandoned cart reminders. A lot of thought and effort has been put into making sure cart abandonment messages deliver great customer experience. CartBounty is respectful of customer personal data and takes privacy very seriously. This guide is designed to help safely use CartBounty in compliance with GDPR and TCPA regulations.
- Sending email reminders
- Sending SMS text message reminders
- Opt-in customers for SMS text messages
The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU.
CartBounty integrates with built-in WordPress privacy features which allows it to be fully compliant with the GDPR requirements, e.g., allowing users the right to access their data, delete it, export etc.
The Telephone Consumer Protection Act (TCPA) is used in the United States and it limits the use of automated SMS text messages, prerecorded voice messages etc. without the recipient’s prior consent.
While TCPA specifies several requirements, here are the main ones which apply to CartBounty SMS text message reminders:
- Collect explicit prior written consent from customer before sending a message
- Inform customers what kind of text messages will they be receiving
- Honor opt-out requests sent through any channel
- Avoid sending text messages during quiet hours from 21:00 to 08:00 in the message recipient’s time zone
- Go to your WordPress dashboard > Settings > Privacy
- Switch to Policy guide tab
3. Sending email reminders
CartBounty saves and stores user data to send abandoned cart reminder emails and improve user experience during checkout process by remembering user input.
Abandoned cart reminder emails are considered to be transactional emails because a user that added a product to the shopping cart showed an intention to buy. Transactional emails are direct one-to-one emails with personalized information regarding a transaction a customer did or started on a site and these emails include:
- Order confirmations
- Delivery updates
- After purchase receipts
- Cart abandonment reminders
Therefore CartBounty does not require to collect consent from the customers to send abandoned cart recovery emails (the same as Shopify does it). However, this does not apply to SMS text message reminders.
4. Sending SMS text message reminders
To comply with GDPR and TCPA rules while sending abandoned cart reminder text messages, store owners should know how to collect customer consent, what should be included in the reminder message and when it can be sent. Please follow these steps to make sure you are compliant:
- Opt-in customers to receive abandoned cart SMS text messages
- Include an opt-out option in your text message
- Enable quiet hours so you would not disturb customers during their sleep
5. Opt-in customers for text messages
CartBounty allows an easy way to collect customer consent about text messages both during WooCommerce checkout and in tools like Exit Intent and Early capture. Please follow these steps to enable it.
- Go to your WordPress dashboard > WooCommerce > CartBounty Pro
- Open Settings tab
- Enable phone number consent
- Use the “Save settings” button
From now on, text messages will be sent out only to those abandoned cart users who have provided their consent. This does not in any way affect email reminders and they will continue to be working as before.
Please make sure to clear cache after enabling this and check your WooCommerce checkout form to see if the phone consent checkbox is under phone input field.
By enabling phone number consent collection in the settings, it will also automatically be applied to CartBounty provided efficiency tools, e.g., Exit Intent and Early capture which offer excellent ways to easily collect both customer consent and phone number data.
Please note that this guide is not a legal advisory and you should not rely on it as a legal advice. We recommend consulting with your legal team to make sure you are fully compliant with all the rules and regulations that apply to your business and country. We reserve the right to change this guide at any time without notice.