Skip to main content
Phone calls and texts are regulated. This guide helps you stay compliant.
This is educational information, not legal advice. Consult a lawyer for specific compliance questions.

Key regulations

TCPA (Telephone Consumer Protection Act)

The main US law governing phone calls and texts:
  • Consent required for marketing calls/texts
  • Time restrictions on when you can call
  • Do-not-call compliance required
  • Penalties up to $1,500 per violation

State laws

Many states have additional requirements:
  • California - Stricter consent requirements
  • Florida - Written consent for texts
  • New York - Enhanced caller ID requirements
Check laws in states where you call.

For marketing calls

You need prior express consent:
  • Customer gave you their number
  • They knew you might call
  • They agreed to receive calls

For marketing texts

You need prior express written consent:
  • Customer explicitly agreed to texts
  • Agreement was documented
  • They knew what they’d receive

For informational calls

Lower threshold:
  • Appointment reminders (existing relationship)
  • Order updates (transactional)
  • Service notifications (non-marketing)
Still respect opt-outs and calling hours.

Calling hours

Federal: 8 AM - 9 PM (recipient’s time zone) Best practice: 9 AM - 8 PM
TimeCompliant?Recommended?
7 AMNoNo
9 AMYesYes
12 PMYesMaybe (lunch)
6 PMYesYes
9 PMYesBorderline
10 PMNoNo
RevDesk automatically respects time zones.

Do-not-call (DNC)

National DNC Registry

Check numbers against the national list:
  • Before calling - Scrub your list
  • Every 31 days - Re-scrub regularly
  • Honor requests - Add to internal DNC immediately

Internal DNC list

When someone says “don’t call me”:
  • Remove immediately - Within 24 hours
  • Across all campaigns - Not just the current one
  • Keep records - Document when they opted out
RevDesk manages your DNC list automatically.

Recording disclosure

Most states require one-party consent (you can record if you’re on the call). But some require all-party consent: All-party consent states:
  • California, Connecticut, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania, Washington
Best practice: Always announce recordings. 
"This call may be recorded for quality and training purposes."
Enable automatic disclosure in Settings → Compliance.

Caller ID

Rules for displaying caller ID:
  • Don’t spoof - Must be a number you control
  • Be reachable - Number must work if called back
  • Be identifiable - Ideally shows your business name
See Branded Caller ID.

Text message compliance

Special rules for SMS:
  • Clear identification - Include business name
  • Opt-out instructions - “Reply STOP to unsubscribe”
  • Honor STOP immediately - No more messages
  • Frequency disclosure - Tell them how often you’ll text
  • Data rates disclaimer - “Msg & data rates may apply”

RevDesk compliance features

Built-in tools to help you stay compliant:

Record keeping

Keep records of:
RecordRetention
Consent documentation4+ years
DNC requests5+ years
Call logs2+ years
Opt-out requests5+ years
RevDesk stores these automatically.

Best practices

Start calls with who you are and why you’re calling.
Don’t hide the unsubscribe. Make it simple.
Just because you can call doesn’t mean you should. Be reasonable.
Keep records of consent, opt-outs, and compliance measures.

If you receive a complaint

  1. Take it seriously - Investigate promptly
  2. Document - Record the complaint and your response
  3. Remediate - Fix the issue
  4. Add to DNC - Immediately stop calling that number
  5. Review processes - Prevent recurrence

Compliance Center widget

The Outreach page includes a persistent Compliance Center button:
  • Amber warning triangle until the workspace acknowledges TCPA/DNC obligations.
  • Green shield once acknowledged. Annual re-acknowledgement prompt at 30 days before expiry.
Open it to see, in one place:
  • Workspace acknowledgement status (and who acknowledged, when).
  • Active disclosures (recording, SMS STOP append, TCPA quiet hours, DNC scrubbing, two-party-consent state list).
  • Per-active-campaign checkmarks: terms accepted, recording disclosure attested, calling-window configured, frequency cap set, 30-day attestation rate.
  • Consent record counters (voice / SMS / email opt-in, inbound-originated) and recent consent events.
  • 30-day disclosure attestation rates for voice + first-touch SMS.
  • “Export full audit” — CSV with channel, source, timestamp, sender, use case, disclosure attestation, two-party-state flag.
When you (the workspace operator) record an opt-in for a contact, RevDesk persists:
FieldDescription
{channel}OptInBoolean per channel (voice, SMS, email).
{channel}OptedInAtTimestamp the opt-in was captured.
{channel}ConsentSourceOrigin of consent (e.g. csv_upload, manual_admin, inbound_initiated).
{channel}ConsentSenderThe user / system actor that captured the consent.
{channel}ConsentUseCaseFree-form use-case label (e.g. sales_followup).
firstInbound{Channel}AtFirst time the contact initiated inbound on that channel.
When a contact initiates an inbound call or SMS, an inbound-initiated opt-in is recorded automatically with ConsentSource = "inbound_initiated". Capture opt-ins programmatically via the partner API, on contact CSV import, or manually from the contact-detail page.

Frequency cap

Each outbound campaign has a dailyCallsPerContact setting (default 1). Calls to a contact past the cap are deferred to local midnight of the next day. Admin TCPA bypass does not bypass the frequency cap.

Recording disclosure attestation

Every outbound call records:
  • disclosureAttested — true when the agent’s live greeting contained the recording disclosure phrase.
  • disclosureText — the disclosure phrase actually attached (first sentence of the greeting).
  • twoPartyStateAtCallTime — true when the recipient’s area code maps to an all-party-consent state.
Powers the Compliance Center “Last 30 days” attestation rate.

Resources

Compliance Settings

Configure compliance features