Support Inbox | Security & Privacy | Opt-in Management

Businesses are generally required in most countries to collect opt-ins from their users before contacting them. Europe’s General Data Protection Regulation (GDPR) and the US CAN-SPAM act require an active opt-in by the end-user.

Note: please be aware that opt-ins are NOT required to answer user-initiated conversations. However, the conversation is restricted to the particular inquiry the user sent - and not extended as a 'marketing' opt-in. In case you wish to message the user after the inquiry has been closed, the opt-in is required. Companies can invite the user during the conversation for an opt-in, during the 24 hour support window.

Learn how to collect opt-ins for WhatsApp Business
Download tyntec’s Security & GDPR Guide for WhatsApp Business

 

This means that your business needs to collect the opt-in before you can initiate a conversation with a user. Check the table below for more information about opt-in management.

Criteria WhatsApp Viber
Opt-ins must be collected before you initiate a conversation with a customer Yes – required Yes – required
Consent must be collected via a 3rd party channel (e.g. email, website, customer service call, SMS, IVR, in-app, etc.) Yes – required Yes – desired
Active opt-in: customer must actively consent by entering their phone number / ticking a checkbox Yes – required Not required
Businesses must clearly state that a person is opting in to receive messages from the business over the chat app Yes – required Not required
The business name that a user is opting in for, must be clearly stated Yes – required Not required
A visual opt-in element is required (e.g. checkbox) Yes – required Not required
A customer initiating a conversation counts as opt-in No Yes
Businesses must retain proof of the customer opt-in consent Yes – required Yes – required
Customers need to be able to block the service from sending messages at any given time Yes Yes