Flyntlok SMS Opt-In Compliance Overview

Flyntlok SMS Opt-In Compliance Overview

Flyntlok provides built-in SMS consent management to help dealerships comply with the Telephone Consumer Protection Act (TCPA), CTIA Messaging Principles, and 10DLC carrier requirements. These capabilities ensure that every text message sent through the platform is backed by documented, auditable consent.  More specifically, the system is designed to address the following:

‍

• TCPA Prior Express Consent (Transactional): Captured via verbal disclosure at work order intake and customer management, with employee attestation, timestamp, and exact language recorded.
• TCPA Prior Express Written Consent (Marketing/Promotional): Captured separately from transactional consent via a distinct checkbox, with full disclosure including “consent is not a condition of purchase” language, message frequency, data rates disclaimer, and opt-out instructions.

‍

This document walks through each component of Flyntlok’s opt-in system, showing how consent is captured, recorded, and enforced across the dealership workflow. Each section includes screenshots of the live functionality alongside the specific regulatory requirements it satisfies.

‍

Opt-In Consent Records

‍

Flyntlok maintains a per-customer, per-phone-number consent audit trail accessible from the customer record. Each entry logs the message category (Transactional or Promotional), event type (Grant or Revoke), source of the consent event (e.g., SMS_STOP_KEYWORD for keyword-based opt-outs, or VERBAL for in-person consent), CTA Snapshot (the exact disclosure language shown or read to the customer), Collection Context (where consent was captured, such as NEW_WORK_ORDER), the employee who collected it, and a timestamp.

‍

This record structure satisfies several critical regulatory requirements:

‍

• Proving consent at the time a message was sent. Flyntlok’s consent records store the exact disclosure language, the method of capture, and the timestamp
• Separating Transactional vs. Promotional Tracking: TCPA requires different consent standards for marketing messages (prior express written consent) vs. service-related messages (prior express consent). Flyntlok tracks these as separate consent categories, so revoking marketing consent does not automatically suppress service updates the customer actually wants.
• Generating an explicit opt-out audit trail: When a customer texts STOP, Flyntlok records the revocation for both Transactional and Promotional categories with the source marked as SMS_STOP_KEYWORD. The screenshots below show both the initial state (no consent records or active grants) and the post-STOP state (revocation entries), providing a complete chronological history of consent changes.

‍

The below screenshot shows a customer with multiple phone numbers. Numbers without consent display “No consent records for this phone number,” which prevents messages from being sent. The third number shows two REVOKE entries logged when the customer texted STOP — one for Transactional and one for Promotional — both timestamped and sourced to SMS_STOP_KEYWORD.

‍

‍

The below shows the same customer after re-opting in via the START keyword, creating GRANT entries for both categories. The full history is preserved: original grants, subsequent revocations, and re-grants — giving the dealership a complete, immutable consent trail.

‍

‍

The below shows a consent record captured verbally during work order intake. The CTA Snapshot column expands to reveal the exact disclosure text read to the customer, the Collection Context identifies it as a NEW_WORK_ORDER, and the Collected By field names the employee. 

‍

‍

Customer Language

‍

Flyntlok embeds SMS consent capture directly into the customer management screen, ensuring consent is collected at the point of customer creation or update. The consent panel appears alongside the customer’s contact information and includes all TCPA- and CTIA-required disclosure elements.

‍

The panel header “SMS CONSENT: READ TO CUSTOMER” instructs the dealership employee to read the disclosure aloud, establishing verbal consent as a documented, repeatable process. The disclosure text itself contains the dealership’s name (dynamically inserted), the types of messages (promotional and service-related updates), message frequency disclosure, standard message and data rates disclaimer, opt-out instructions (text STOP), HELP keyword support, a statement that consent is not required to do business, and a reference to the privacy policy.

‍

The panel includes a supplementary line — “If the customer asks: We do not share mobile opt-in information with third parties for marketing” — which satisfies CTIA’s requirement that mobile opt-in data not be shared or sold.

‍

Two separate checkboxes capture consent independently: one confirming the employee read the disclosure and the customer verbally consented to service-related messages at the specific phone number, and a second for promotional messages. This separation is critical — TCPA case law requires that marketing consent be voluntary and independent of transactional consent. Bundling them can invalidate the marketing opt-in. Flyntlok enforces this separation at the UI level, making it structurally difficult to conflate the two consent types.

‍

‍

New Work Order

‍

Flyntlok also captures SMS consent at the point of service, directly within the New Work Order form. When a service advisor creates a work order and selects a customer contact, the SMS consent panel appears inline if the contact’s phone number does not already have active transactional consent on file.

‍

In this context, the consent disclosure is scoped to service-related messages only (no promotional checkbox), reflecting the lower consent standard that TCPA applies to transactional communications. The disclosure reads: “[Dealership Name] would like to send you service-related updates by text to this phone number…” — explicitly limiting scope to service updates, which keeps it within the prior express consent tier rather than requiring prior express written consent.

‍

‍

Mobile View

‍

CTIA Messaging Principles require that every SMS program support HELP and STOP keyword responses. Flyntlok automates both.

‍

When a customer texts HELP, the system responds with opt-out instructions (“Reply STOP to unsubscribe”), a PRIVACY keyword option, and the standard data rates disclaimer. This satisfies CTIA’s requirement that subscribers can request assistance at any time and receive a clear response.

‍

When a customer texts PRIVACY, the system responds with direct links to the dealership’s Privacy Policy and Terms of Service (hosted at flyntlok.com/resources/privacy-policy and flyntlok.com/resources/terms-of-service). This satisfies the TCPA requirement that terms and privacy policies be accessible to subscribers.

‍

These keyword responses are handled automatically by the platform — dealership staff do not need to monitor for or manually respond to HELP or PRIVACY messages, eliminating the risk of delayed or non-compliant responses. The screenshot below shows the customer-facing experience on a mobile device.

‍

‍

Welcome Message

‍

CTIA requires that the first message sent to any new subscriber include the business name, opt-out instructions, and a clear identification of the messaging program. Flyntlok’s welcome message satisfies these requirements by identifying the dealership by name (“Welcome to Acme Construction & Outdoor Power Equipment”), inviting the customer to engage (“Feel free to respond to this message at any time with questions”), and providing opt-out instructions (“To stop receiving messages from us, reply STOP”).

‍

‍

This welcome message is sent automatically when a new consent record is created, ensuring every customer relationship begins with a compliant first touch regardless of which employee captured the consent or which workflow triggered it.

‍