Consent and GDPR

SMS marketing in France and the EU requires explicit, provable consent. Noticia is built so that every message you send maps back to a recorded opt-in.

Proof of consent

When you opt a profile in, record where and how consent was given. The consent_source is required; consent_proof is the optional but strongly recommended evidence you keep for an audit:

{
  "phone_number": "+33612345678",
  "consent_source": "IN_STORE_TABLET",
  "consented_at": "2026-05-28T10:00:00.000Z",
  "consent_proof": {
    "terms_url": "https://brand.example/sms-terms",
    "terms_version": "v2.3",
    "source_text": "Lyon Confluence in-store tablet",
    "ip_address": "203.0.113.42",
    "user_agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X)"
  }
}

consent_source is one of LOYALTY_PROGRAM, CSV_IMPORT, API, WEB_FORM, IN_STORE_TABLET, OTHER. Pick the value that reflects reality: it is part of your audit trail.

Consent history

Every change to a subscription is retained. The consent-history endpoint returns the full timeline (opt-in, opt-out, source, timestamp) for one profile, which is exactly what a CNIL or GDPR audit asks for. You never lose the record of how a person joined or left.

Opt-out and STOP

A subscriber can leave at any time:

• Replying STOP to any SMS unsubscribes them at once.
• POST /v1/subscriptions/opt-out unsubscribes from your side (for example when your CRM records a withdrawal).
• An agent can unsubscribe them in the Noticia app.

Once UNSUBSCRIBED, the phone number receives no further marketing SMS until a fresh opt-in is recorded. Honoring opt-out is immediate and not negotiable.

Legal sending hours

Noticia enforces French legal sending windows and appends the mandatory STOP mention to marketing messages for you. You focus on the content; the platform keeps the message compliant.