Skip to main content

SMS Compliance Guide

SMS Compliance Guide

Written by Amber Kearley

Overview

HVAC BizPro SMS requires Twilio onboarding and campaign compliance approval before messages can be sent or received. To send SMS messages through HVAC BizPro, businesses must comply with carrier regulations for Application-to-Person (A2P) messaging. These requirements are enforced by messaging providers like Twilio and by major U.S. mobile carriers. In this article, we'll go over common practices, behaviors, and tips for becoming SMS-compliant. Being SMS-compliant is required for certain integrations involving Twilio A2P/SMS messaging.

Why SMS Compliance Matters

Mobile carriers require businesses to clearly inform customers when they may receive text messages. This protects consumers from unwanted messaging and ensures businesses only send messages to customers who have given consent.

If your website does not clearly explain:

  • What messages customers will receive

  • How often they may receive them

  • How to stop messages

  • How their phone number will be used

  • How do they consent to receive messages

Then your SMS campaign may be rejected during the A2P registration process.

Why is Getting Approval for Messaging So Difficult

Approval has become more difficult. In recent months, Twilio (and other providers) has significantly increased their compliance requirements and review process. Our checklist below outlines the most common items of Twilio reviews, and the updates members may need to make before submitting.

Twilio Compliance Checklist

Compliance Requirement #1: Public Website and Business Identity

As part of Twilio campaign compliance, Twilio will review your website to ensure it is public and to verify the business entity.

Twilio will check for the following:

  • ✅ The member has a real, public business website that loads without login, and is not just a standalone lead form.

  • ✅ The website clearly shows the same company/brand name that will be registered with Twilio.

  • ✅ The website gives enough business context for a reviewer to understand who the company is and what services it offers.

Twilio is likely to fail the compliance if:

  • ❌ The website is behind a login, staging site, admin portal, or internal tool.

  • ❌ The campaign mixes multiple brands, subsidiaries, or unrelated business names under one submission. Twilio reviews a campaign as one brand + one messaging use case.

Compliance Requirement #2: Privacy Policy and Terms & Conditions Must be Public and Easy to Find

Twilio requires that all members submitting messaging campaigns have a publicly available Privacy Policy. As of June 30th, 2026, Twilio will also require that member campaign submissions include a publicly available Terms & Conditions (Terms of Service) website section.

  • Privacy Policy - A privacy policy is a legal document or statement on a website or app that discloses how a business collects, uses, shares, and protects user data. It is legally required if you collect personal information (like names, emails, or IP addresses).

  • Terms & Conditions - Website Terms & Conditions are the rules a visitor or customer agrees to when using a website, service, or online tool.

If the Twilio reviewer cannot quickly find the Privacy Policy and Terms & Conditions from the public site, the rejection risk goes up. These elements do not necessarily need to be in the public website footer, but they do need to be easily discoverable.

Compliance Requirement #3: Twilio's Privacy Policy Audit Requirements

Twilio will review your Privacy policy to ensure it meets the requirements below.

  • ✅ The Privacy Policy is on a public URL.

  • ✅ It states that mobile information will not be shared with third parties or affiliates for marketing or promotional purposes.

  • ✅ It does not say SMS consent, mobile numbers, or opt-in data may be sold, rented, transferred, or shared for marketing.

  • ✅ If the website is used for customer information capture and messaging opt-in, the Privacy Policy also includes message frequency language and “message and data rates may apply.”

  • ✅ It explains, at a basic level, what data is collected, how it is used, and who supports the service.

Recommendation for Inclusion in Privacy Policy:

  1. Include language outlining the types of messages you may send.

  • We will be sending SMS transactional messages that include:

    • Appointment reminders

    • Proposal Quotes

    • Technician arrival updates

    • Overdue reminders

    • Service follow-up communications

    • Billing or account notifications

  1. Include language regarding message frequency may vary & message and data rates may apply

    • ‘Message frequency may vary. Message and data rates may apply.’

  1. Include language that mobile information is NOT shared for marketing/promotion purposes

    • "No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties."

The most common reason Twilio fails Privacy Policy audits is the absence of the non-sharing mobile data disclosure.

Compliance Requirement #4: Twilio's Terms & Conditions Audit Requirements

Twilio will be looking for similar SMS compliance language in your Terms & Conditions. This can often be handled by including a section in your Terms & Conditions that outlines SMS Program Terms.

  • ✅ The Terms & Conditions page is on a public URL.

  • ✅ It explains what messages the customer is signing up for: appointment reminders, technician updates, billing notices, marketing, etc.

  • ✅ It includes message frequency may vary.

  • ✅ It includes message and data rates may apply.

  • ✅ It includes Reply STOP to unsubscribe and Reply HELP for help.

  • ✅ It links back to the Privacy Policy.

  • ✅ It says consent is not a condition of purchase/service where that applies to the member’s flow.

SMS Terms Section in Terms & Conditions

The following section will display roughly how the terms section in Terms & Conditions should look.

SMS Program Terms

  • By opting in to receive SMS communications from [Company Name], you consent to receive transactional text messages regarding appointments, service updates, billing notifications, and other service-related communications. Message frequency may vary. Message and data rates may apply. To stop receiving text messages, reply STOP at any time. For help, reply HELP. Your consent to receive text messages is not required as a condition of purchase. For more information about how we collect, use, and protect your information, please review our Privacy Policy: [Privacy Policy Link].

Compliance Requirement #5: Website Form Capture and CTA Audit

If your website includes a customer details capture form and it includes a phone number field (even if it is not integrated to HVAC BizPro), then Twilio will consider it as part of the Twilio Compliance audit. Twilio may consider a contact form or even a free estimate (if they require a phone number) as an auditable form field. The existence of a non-compliant customer details capture form is most likely to trigger compliance rejection.

Please review the following requirements:

  • ✅ The form uses a separate SMS consent checkbox or similar control. It is not buried inside the general terms acceptance.

    • NOTE: While Twilio guidance states a separate checkbox is not required for transactional message compliance if the phone number field is optional, FieldEdge recommends a separate, optional, unchecked SMS consent checkbox on any public website form that collects a phone number. The phone number field itself may be optional or required, but SMS consent must remain separate and optional.

  • ✅ The consent checkbox is unchecked by default.

  • ✅ The user can decline SMS and still submit the form, create the account, or use the service.

  • ✅ The disclosure form language clearly says what kinds of texts they will receive.

  • ✅ The disclosure form language includes message frequency.

  • ✅ The disclosure form language includes message and data rates may apply.

  • ✅ The disclosure form language includes Reply STOP to unsubscribe.

  • ✅ The form links to both Privacy Policy and Terms & Conditions.

  • ⚠️ If the member sends both service and marketing texts, they should not rely on vague blanket consent. Twilio’s policy says consent must be specific to the sender and subject matter, and promotional messages require express written consent.

Visual: Compliant Web Form Patterns

Compliant Form for Transactional SMS with Required Phone Number (FieldEdge Recommendation)

Compliant Form for Transactional SMS (including 2-Way SMS) with Optional Phone Number field:

  • Note: While Twilio states the below approach is compliant, we have seen campaign rejections leveraging this pattern.

Compliant form for Transactional and Promotional Messaging with Required Phone number:

Red-flag Form Patterns:

  • ❌ "By submitting this form, you agree to our terms and to receive texts."

  • ❌ Consent Checkbox already checked

  • ❌ No STOP / HELP/ Rates/ Frequency language

  • ❌ Must agree to SMS to book service

Offline/Verbal/In-Person SMS Consent Compliance Submission

If your website does not collect customer phone numbers or SMS consent, FieldEdge may submit your campaign using an offline, verbal, or in-person opt-in method. In that case, members should use a consistent script and retain internal proof of consent. FieldEdge will submit a compliant script on your behalf, but members should enforce the script operationally to ensure compliance with SMS laws.

  • ✅ If the member collects consent by phone or in person, that method is clearly described in the campaign submission (handled by FieldEdge)

  • ✅ Staff uses a consistent script that explains message type, frequency, rates, and opt-out. That aligns with Twilio’s consent requirements that consent be informed and unambiguous.

  • ✅ Privacy Policy includes section about how consent is captured

  • ✅ Terms & Conditions includes section about how consent is captured

SMS Terms Section in Privacy Policy

The following section describes an example of roughly what an SMS Privacy Policy should look like.

SMS Communications and Mobile Information

  • We may collect your mobile phone number and SMS messaging consent when you provide it to us verbally, in person, by phone, through a form, or through another approved opt-in method. We use this information to send service-related text messages, which may include appointment reminders, technician arrival updates, service updates, billing notifications, and other communications related to services you request from us.

  • We do not sell or share mobile phone numbers, SMS opt-in data, or SMS consent status with third parties or affiliates for their marketing or promotional purposes. SMS consent information is used only to support our communications with you and to comply with applicable messaging requirements.

  • You may opt out of SMS communications at any time by replying STOP to any text message. You may request assistance by replying HELP.

SMS Terms Section in Terms & Conditions

The following section describes an example of roughly what an SMS Terms & Conditions should look like.

SMS Terms & Conditions

  • By providing your mobile phone number and agreeing to receive SMS communications from [Company Name], including verbally, in person, by phone, or through another approved opt-in method, you consent to receive text messages from [Company Name] related to your service relationship with us. These messages may include appointment reminders, technician arrival updates, service updates, billing notifications, and other service-related communications.

  • Message frequency may vary. Message and data rates may apply. To stop receiving text messages, reply STOP at any time. For help, reply HELP. Your consent to receive SMS messages is not required as a condition of purchase.

Did this answer your question?