Compliance
Hotel SMS Marketing Rules & Consent
Hotel SMS marketing is legal when it is consent-based: you may text a guest marketing messages only if they gave clear opt-in, you send within local quiet hours, and you honor STOP and HELP instantly. The fines for getting it wrong are real — in the US, statutory damages run $500–$1,500 per text. The rules below are the ones that matter for a boutique property with international guests.
This page is general guidance, not legal advice. Confirm current rules for your markets before sending.
Consent: the rule everything rests on
You need prior express written consent before sending marketing texts — a clear opt-in where the guest knowingly agrees to receive them. A checkbox at booking or a keyword opt-in works; a phone number collected for a reservation does not by itself count as marketing consent. Crucially, consent is per channel: an email opt-in is not an SMS opt-in, and neither is a WhatsApp opt-in.
Quiet hours: send by the guest's timezone
Marketing texts must land within 8am–9pm in the recipient's local time — not the hotel's. For an international guest list this means sending by each guest's own timezone. Some countries are stricter: Vietnam caps SMS to 07:00–22:00 and no more than three per day.
STOP, HELP, and suppression
Every marketing program must honor STOP (opt-out, immediate and permanent) and HELP (info) without manual effort, and suppress an opted-out guest everywhere. One opt-out should remove the guest from email, SMS, and WhatsApp at once via a shared suppression list. Honoring opt-outs late or per-channel is a common, expensive mistake.
Regional rules at a glance
The recipient's country governs, so an international guest list means several rule sets at once. The essentials:
| Region | Key rule |
|---|---|
| US (TCPA/CTIA) | Prior express written consent; 8am–9pm local; STOP/HELP; $500–$1,500 per violating text |
| EU / UK (GDPR/ePrivacy) | Explicit consent; easy opt-out |
| Australia (Spam Act 2003) | Consent + sender ID + unsubscribe |
| Canada (CASL) | Consent + identification + unsubscribe |
| Vietnam (Decree 91) | 07:00–22:00, ≤3 SMS/day; Zalo often the better channel |
| Malaysia | All URLs in SMS blocked |
| Singapore / US | DNC (do-not-call/contact) scrubbing required |
Deliverability is part of compliance
Even compliant texts fail if carriers filter them — so avoid public link shorteners and never use purchased lists. Use a branded short domain instead of bit.ly, send only to opted-in guests, and warm up volume gradually. Clean consent and clean sending are the same discipline.
How bonsai keeps a property compliant
bonsai treats compliance as a built-in feature: it only messages opted-in guests, sends within each guest's local quiet hours, auto-handles STOP and HELP, and keeps one shared suppression list across email, SMS, and WhatsApp. If a guest has no consent flag, they get no message — it fails closed by design. That is the reason SMS is safe to turn on for a luxury brand.
This page is general information, not legal advice. Confirm the rules that apply in your jurisdiction with qualified counsel before sending.
Frequently asked questions
Is SMS marketing to hotel guests legal?
Yes, when it is consent-based. You may send marketing texts only to guests who gave clear opt-in, within local quiet hours (generally 8am–9pm), while honoring STOP and HELP instantly. In the US, violations carry $500–$1,500 in damages per text.
Does a guest's phone number count as consent to text them?
No. A number collected for a reservation is not marketing consent. You need prior express written consent — a clear opt-in to receive marketing texts — and that consent is specific to SMS, separate from email or WhatsApp opt-in.
What times can hotels send marketing texts?
Within 8am–9pm in the recipient's local time, not the hotel's. For international guests you must send by each guest's timezone, and some countries are stricter — for example Vietnam limits SMS to 07:00–22:00 and three per day.
Do the same rules apply to WhatsApp?
The principles do — explicit opt-in, easy opt-out, restraint — but WhatsApp adds its own requirements: WhatsApp-specific consent, Meta-approved templates, and a quality rating that penalizes over-messaging.
How does bonsai keep my hotel compliant?
bonsai only messages opted-in guests, sends within each guest's local quiet hours, auto-handles STOP and HELP, and shares one suppression list across all channels. No consent flag means no message — it fails closed by design.