Do I need TCPA consent to text a lead who gave me their phone number?

Yes. Simply having someone's phone number does not constitute consent to send marketing text messages. You need express written consent that specifically mentions SMS communication.

What happens if I send a text without proper consent?

You could face fines of $500–$1,500 per message under TCPA. With no cap on damages, a single campaign to thousands of contacts could result in millions in liability. Individuals can also sue directly.

Does YetiConnect handle 10DLC registration?

YetiConnect guides you through the 10DLC registration process, including brand registration and campaign setup with The Campaign Registry (TCR). The process typically takes 3–5 business days.

Can I use the same consent for email and SMS?

No. Email and SMS require separate consent under TCPA. A contact who opted into email marketing has not consented to receive text messages. You need a distinct SMS opt-in checkbox or disclosure.

What if someone replies STOP to my text?

You must immediately stop sending them text messages. YetiConnect processes STOP keywords automatically, updates the contact's consent status in HubSpot, and blocks future SMS enrollments.

TCPA Compliance: What Every HubSpot User Needs to Know

If your sales team sends text messages to prospects — or is thinking about it — TCPA compliance isn't optional. It's the difference between a high-performing SMS channel and a lawsuit that could cost your company $500 to $1,500 per message.

The good news: compliance isn't complicated once you understand the rules. This guide breaks down exactly what TCPA means for HubSpot users, what 10DLC registration requires, and how to build compliant opt-in workflows that don't slow down your team.

What Is TCPA and Why Should You Care?

The Telephone Consumer Protection Act (TCPA) is a federal law passed in 1991 that regulates telemarketing calls, auto-dialed calls, pre-recorded calls, and text messages. In 2024–2025, the FCC tightened enforcement significantly, and class-action lawsuits are at an all-time high.

Here's what's at stake:

$500 per violation for unintentional TCPA breaches
$1,500 per violation for willful or knowing violations
No cap on damages — a single campaign to 10,000 contacts could mean $5M–$15M in liability
Private right of action — individuals (not just regulators) can sue you directly

The FCC's 2024 one-to-one consent rule made things even stricter: consumers must now give consent to each specific seller, not just a blanket "marketing partners" checkbox. Lead aggregators and shared consent forms no longer protect you.

The Three Types of Consent You Need to Know

Not all consent is equal under TCPA. Here's the hierarchy:

1. Express Written Consent (Required for Marketing SMS)

This is the gold standard and what you need for any promotional or marketing text message. The consumer must:

Provide their phone number voluntarily
Agree in writing (including electronic forms) to receive texts
See clear disclosure about what they're opting into
Understand consent is not a condition of purchase

2. Express Consent (Required for Informational SMS)

For non-marketing messages (appointment reminders, order confirmations, account alerts), you need express consent but not necessarily written consent. Providing a phone number in a business context generally qualifies.

3. Prior Express Consent (Required for Calls)

For voice calls using an auto-dialer or pre-recorded message, you need prior express consent. For manual, one-to-one calls, the rules are less strict — but documentation matters.

What Is 10DLC and Why Does It Matter?

10DLC (10-Digit Long Code) is the carrier registration system that governs how businesses send SMS from standard phone numbers. Since 2023, all major US carriers (AT&T, T-Mobile, Verizon) require 10DLC registration for application-to-person (A2P) messaging.

Without 10DLC registration, your messages will be filtered or blocked entirely.

The 10DLC Registration Process

Brand registration — Register your company with The Campaign Registry (TCR). You'll provide your EIN, business address, and website. This takes 1–3 business days.
Campaign registration — Register each use case (e.g., "sales outreach," "appointment reminders"). You'll describe the message content, opt-in flow, and sample messages.
Carrier vetting — Carriers review your registration and assign a trust score that determines your throughput limits (messages per second).

Trust scores matter. A high trust score means you can send more messages per second without throttling. Low trust scores (common for new registrations) mean lower throughput. Building trust takes time and clean sending behavior.

10DLC Fees

Brand registration: ~$4 one-time fee
Campaign registration: $10–$15/month per campaign
Per-message carrier surcharges: $0.003–$0.005 per SMS segment

Building a Compliant Opt-In Flow in HubSpot

Here's the practical part: how to set up your HubSpot forms and workflows so every SMS you send through YetiConnect is backed by proper consent documentation.

Step 1: Add SMS Consent Language to Your Forms

Every HubSpot form that collects a phone number for SMS outreach needs explicit consent language. Here's a compliant example:

By providing your phone number and checking this box, you consent to receive text messages from [Your Company Name] at the number provided. Message frequency varies. Message and data rates may apply. Reply STOP to opt out at any time. Consent is not a condition of purchase. View our Privacy Policy.

Key requirements:

The checkbox must be unchecked by default — no pre-checked boxes
The consent language must be clearly visible, not hidden in a Terms of Service link
You must name your specific company (not "marketing partners")
Include message frequency, data rates, and opt-out instructions

Step 2: Create an SMS Consent Property in HubSpot

Create a custom contact property called sms_consent (or similar) with these values:

opted_in — Contact has given express written consent
opted_out — Contact has replied STOP or revoked consent
not_set — No consent recorded (do not text)

Map your form's SMS consent checkbox to this property. This creates an auditable record of consent that's tied to the contact's timeline.

Step 3: Gate Your SMS Workflows with Consent Checks

In every HubSpot workflow that includes an SMS step (via YetiConnect), add a branch:

If sms_consent = opted_in → proceed to SMS step
If sms_consent ≠ opted_in → skip SMS, send email instead (or skip entirely)

This ensures no text message ever reaches a contact who hasn't explicitly opted in.

Step 4: Honor Opt-Outs Instantly

When a contact replies STOP, UNSUBSCRIBE, or CANCEL to any YetiConnect message, the opt-out must be processed immediately. YetiConnect handles this automatically:

The contact's sms_consent property is set to opted_out in HubSpot
All active SMS sequences for that contact are terminated
Future SMS workflow enrollments are blocked by the consent check
A confirmation message ("You've been unsubscribed from text messages") is sent automatically

Step 5: Document Everything

If you ever face a TCPA challenge, your defense depends on documentation. Make sure you can prove:

When the contact opted in (timestamp on the form submission)
What they consented to (the exact language they saw)
How they opted in (which form, which page, which campaign)
That opt-outs were honored (timestamp of STOP message + confirmation)

HubSpot's form submission log + YetiConnect's message history provide this audit trail automatically.

Common TCPA Mistakes HubSpot Users Make

Even well-intentioned teams get tripped up. Here are the most frequent compliance gaps we see:

1. Using Email Consent for SMS

A contact who opted into email marketing has not consented to text messages. These are separate consent channels under TCPA. You need a distinct SMS opt-in.

2. Texting Leads from Third-Party Lists

Purchased lists and lead aggregator contacts almost never have valid one-to-one SMS consent for your company. The FCC's 2024 rule killed the "lead gen consent" loophole.

3. No Opt-Out Mechanism

Every SMS campaign must include a way to opt out. YetiConnect processes STOP keywords automatically, but make sure your first message in any new conversation mentions it.

4. Texting Outside Business Hours

While TCPA doesn't specify exact hours, sending texts at 11 PM is a fast track to complaints and carrier filtering. Stick to 9 AM–8 PM in the contact's local time zone.

5. Ignoring State Laws

Some states (Florida, Oklahoma, Maryland) have their own telemarketing laws that are stricter than federal TCPA. If you sell nationwide, build for the strictest standard.

A Compliant SMS Program Is a Better SMS Program

Here's the thing most sales leaders miss: compliance isn't a tax on your SMS program — it's the foundation that makes it sustainable. Teams that build proper opt-in flows see:

Higher reply rates — people who explicitly opted in actually want to hear from you
Better deliverability — clean consent = higher 10DLC trust scores = more messages delivered
Zero legal exposure — proper documentation makes frivolous claims easy to dismiss
Carrier trust — compliant senders get priority routing and avoid filtering

The teams getting the best results from HubSpot + YetiConnect are the ones who invested 30 minutes upfront to set up compliant opt-in forms and consent-gated workflows. The ROI on that 30 minutes is infinite compared to the alternative.