Compliance

1. Overview

All customers using eSMS Africa's platform are bound by our Terms of Service, this compliance framework, and the laws and regulations of every country to which messages are sent. Compliance is not optional - violations may result in immediate suspension without refund.

Our compliance programme covers anti-spam, sender ID registration, content policy, data protection, and country-specific regulatory requirements across our 28+ African markets.

2. Anti-Spam

All messages sent through our platform must comply with applicable anti-spam laws. You must:

• Obtain clear, documented consent from recipients before sending marketing messages
• Provide a simple, functional opt-out mechanism in every marketing message
• Honour opt-out requests immediately and permanently - typically within 24 hours
• Maintain records of consent for at least 3 years
• Not send messages to numbers obtained through scraping, purchasing lists of unknown origin, or any method that did not include explicit consent

Transactional and OTP messages must be directly relevant to an existing relationship or a user-initiated action.

3. Sender IDs

Sender ID registration requirements vary by country. In many African markets, alphanumeric sender IDs must be pre-registered with local operators or regulators before use. eSMS Africa enforces the following:

• Sender IDs must accurately represent your brand or organisation
• Impersonating government agencies, financial institutions, or well-known brands is strictly prohibited
• You are responsible for obtaining required local registrations; eSMS Africa can assist with this process
• Unregistered sender IDs in regulated markets will be blocked at the operator level

Contact support@esmsafrica.io for sender ID registration assistance in specific countries.

4. Prohibited Content

The following content is prohibited on our platform regardless of destination:

• Phishing, fraud, and social engineering attacks
• Malware distribution or links to malicious content
• Gambling where not lawfully licensed in the destination country
• Adult or sexually explicit content
• Hate speech, discrimination, or content that incites violence
• Political campaigning without proper disclosure and applicable regulatory approval
• Loan sharking, predatory financial schemes, or unlicensed financial services
• Counterfeit goods or intellectual property infringement

We use automated and manual review to detect prohibited content. Violations result in immediate account suspension.

5. Data Protection

eSMS Africa processes personal data including destination phone numbers and message metadata. Our data practices are governed by our Privacy Policy. Customers acting as data controllers for their recipients' personal data are responsible for:

• Having a valid legal basis for processing recipients' phone numbers
• Complying with applicable data protection laws in destination countries (Kenya DPA 2019, Nigeria NDPR, South Africa POPIA, GDPR where applicable, etc.)
• Responding to data subject rights requests relating to their own customers

Enterprise customers requiring a Data Processing Agreement (DPA) should contact legal@eiradigital.com.

6. KYC & AML

eSMS Africa conducts know-your-customer (KYC) checks on all accounts as required by applicable regulations and our own risk policies. You may be asked to provide:

• Business registration certificate and certificate of incorporation
• Proof of identity for directors or authorised signatories
• Description of your use case and expected message volumes
• Sample messages for high-volume or sensitive use cases

Accounts that fail to complete KYC within 14 days of request may be suspended until documentation is received.

7. Country-Specific Rules

Regulatory requirements vary significantly across our coverage area. Notable examples:

• Kenya - CA Kenya requires sender ID pre-registration for commercial messaging; DLT registration required for bulk SMS
• Nigeria - NCC regulates A2P SMS; sender IDs must be registered via approved aggregators; NDPR governs data
• South Africa - ICASA governs telecoms; POPIA applies to all personal data processing; opt-out must be honoured within 5 business days
• Ghana - NCA regulates SMS; bulk sender IDs require carrier approval
• Tanzania - TCRA requires sender ID registration and content approval for certain categories

Country-specific guidance is available from our support team. It is your responsibility to understand and comply with the regulations of every country you message into.

8. Enforcement

We take compliance seriously to protect our direct operator relationships and the integrity of the SMS channel. Enforcement actions include:

• Warning - for minor or first-time violations with a clear remediation path
• Temporary suspension - pending investigation or remediation
• Permanent suspension - for severe or repeated violations, with no refund of remaining credits
• Regulatory referral - we will cooperate fully with law enforcement and regulatory bodies

9. Reporting Violations

If you receive unsolicited messages from a sender using our platform, or suspect abuse, please report it to abuse@esmsafrica.io. Include the sender ID, message content, and your phone number. We investigate all reports promptly.