Data Protection and Messenger marketing: Double-Opt-In, Data Processing Contracts, GDPR, and over 1,000 customers

Data protection and messenger marketing in the same sentence? Definitely! In talks with potential customers, at lectures, or simply in passing conversations, it’s clear that interest in data protection is growing.

User privacy in the commercial usage of WhatsApp, Facebook Messenger, and Co. has become an important topic, and especially since WhatsApp for Business was recently launched.

It’s important to consider a few aspects here. For MessengerPeople, as a “Software as a Service” (SaaS) company, it’s a fundamental value that data protection takes top priority, in all of our two solutions:  Customer Service Platform, and Marketing Automation Platform.

Today, we want to go into detail on the topic of Messenger Marketing and data protection, to show how our approach gives us a competitive advantage.

Start your MessengerPeople trial period now.
14 days & for free!

Messenger Marketing & Data Protection: Consent and Double-Opt-In

Data protection in Messenger Marketing works under similar conditions to those in email marketing: the deciding factor is the active consent of the user.

In practice, this means that a user must actively and affirmatively demonstrate that he would like to receive newsletters via WhatsApp, Facebook Messenger, and Co. We’ll use a practical example to make this clear:

On our website and here on our online magazine, we have footers with our integrated widget. It shows the different Messenger options — Whatsapp, FB Messenger, Telegram, Insta — with which you can sign up for our newsletter.

FYI: The registration widget’s layout can be individually customized.

If you click on WhatsApp, for example, then you can follow the topic Messenger Marketing and receive relevant news and updates from MessengerPeople via WhatsApp.

A subscription to our news through WhatsApp requires the user’s active agreement, which consists of two steps:

  1. Adding the given phone number into their own address book.
  2. Actively sending a message that says “Start”.

By performing these two steps, the user has signed up for our news service via WhatsApp and given their consent to receive updates.

This “Double-Opt-In” procedure is comparable to email newsletter subscription: usually, after a customer chooses to sign up for an email newsletter, they are asked to click on a link to confirm their subscription.

Naturally, it needs to be clear that a user who has signed up for our WhatsApp news can also cancel his subscription at any time, simply by sending a message “Stop.”

For this purpose, we offer a question mark icon at the top right of the widget, which links to more information on the topic. In the same place, you can find information about the Data Protection Terms in regards to the MessengerPeople newsletter widget.

As this Double-Opt-In process shows, our service guarantees that a customer has to actively and affirmatively choose to engage in business usage of Messengers.

WhatsApp recently received criticism on this topic — in their model, a user agrees to the Terms and Conditions simply by using the app, and WhatsApp then has continued access to the personal data in the user’s address book.

The problem here lies in the fact that WhatsApp is not only able to continue using data from users have already allowed access by using the app, but also that through the address books, WhatsApp receives data from other people: if these people don’t use WhatsApp, then they did not allow or consent to the transfer of their data.

Because MessengerPeople doesn’t give WhatsApp access to any address books, MessengerPeople’s commercial use allows no cause for concern.

Messenger Marketing and Data Protection: User Data Handling and Data Protection Statement

The holy grail in digital marketing, and specifically in Messenger Marketing, is the handling of user data. There are two basic levels here:

  1. how the platform interacts with user data
  2. how MessengerPeople interacts with user data

MessengerPeople can’t influence how platforms such as WhatsApp, Facebook Messenger, and Co. handle and process user data. However, we comply to our own policies regarding the privacy of our users. A look at the current privacy statement on MessengerPeople’s website shows our position:

“Our website gathers personal data only if this is necessary for us to fulfill your commercial needs and/or if the data is willingly given.”

In reference to the Privacy Statement for Newsletters and Chatbots via Messenger, the widget provides helpful information specifically under numbers 3. Data Collection and 4. Collected Data Usage.

“MessengerPeople only uses your data to allow our customers to automatically send individual messages…

MessengerPeople gives the customer access to the collected data, and does not distribute your data to any third party. Some collected data can be seen by the employees of the platform you have signed into.

With most customers, it naturally happens that the users themselves decide which data is collected through Newsletters or Chatbots: for example, the telephone number with which the user registers, or any interest that the user lists on his or her profile, which he or she can edit at any time.

On Facebook Messenger it works slightly different: on their platform, messages can be personally addressed to subscribers based on their Facebook profile.

We generally settle on contracts with our customers concerning commissioned data processing, because our work for them includes handling of personal data. This is carried out in strict compliance with data protection regulations, and is controlled by our in house data protection officer.

Start your MessengerPeople trial period now.
14 days & for free!

Data Protection and MessengerPeople: over 1,000 Customers, and the Legal Perspective

data protection ftwSince starting two years ago, we’ve gained over 1,000 clients. Big and small companies and organizations successfully use our software for their digital communication, relying heavily on our data protection compliance.

Examples from a variety of branches demonstrate that more than simply meeting the government regulations for data protection, MessengerPeople is also able to ensure secure and protected data handling for large, well known brands and organizations.

SPD chat

From political parties to established banks, we are able to meet all varieties of data protection challenges. The Social Democratic Party of Germany used a “WhatsApp 1st approach” to inform followers about proceedings in forming the coalition with the Christian Democratic Union of Germany and the Christian Social Union in Bavaria.


device commerzbank

Commerzbank also offers services using WhatsApp to keep their customers and investors informed. Tip: You can find more about messenger marketing communication for both automotive and banking in our branch-specific pages.

Content Distribution via Messenger: Allowing everyone to reach their target groups directly. Big brands trust us. Big brands try out new things. Big brands can be innovative too.

To learn more about the legalities of user data handling and processing, we recommend a look at an interview with Dr. Carsten Ulbricht, a lawyer specializing in technology, internet, and data protection. Dr. Ulbricht firmly states where he thinks responsibility lies:

“The interesting question for data protection is whether — and if yes, then to what degree — a German business that employs WhatsApp is then responsible for the data processing that takes place on and through WhatsApp, even if they have no concrete or legal influence on that data processing.

One can infer, that the company is only responsible for this data processing if they themselves collect or process personal data over the app. This possibility can be implemented in compliance with data protection law, as long as the technical details are carefully checked, and the user demonstrates the necessary consent.”

The Stuttgart lawyer knows what he’s talking about: with the GDPR going into effect Europe-wide in May 2018, more and more clients have been coming to Dr. Ulbricht and his colleagues to talk about data protection.

“In contrast to the directive 95/46/EG, which has to be specifically integrated into national law by the European Union member states, the General Data Protection Regulation will take immediate effect in all European Union member states on the 25th of May, 2018.” Source: Wikipedia

We’ll close with a quotation from Peter Pock, data protection officer at MessengerPeople, who sees data protection as essential for business success:

“We are absolutely ready for the Europe-wide implementation of the GDPR. As a matter of course, during the contract award process we clarify the details of our data handling and processing with our customers, and agree on the terms of data protection. MessengerPeople’ position is clear: our one path to sustainable, continued success is based on full transparency in data handling and processing.”

Start your MessengerPeople trial period now.
14 days & for free!


Have a great idea for customer service via messaging apps and want to talk about it? Message us!

WhatsApp for Businesscustomer-journey