Client Compliance Guide

This guide outlines the mandatory protocols for any entity using data assets provided through Datamuri. As a user of these records you are responsible for maintaining legal standards and protecting the integrity of the data ecosystem.

Statutory Obligations for Outreach

Federal law dictates the parameters for using consumer data for commercial purposes.

Telephone Consumer Protection Act Adherence

The data includes phone numbers that must be scrubbed against the National Do Not Call Registry before any telemarketing activity.

CAN SPAM Act Requirements

When deploying cold email campaigns you must ensure that every message contains a valid physical address. Deceptive subject lines or falsified header information will result in a violation.

Managing Opt Out Requests

• The Ten Day Rule: You must process and honor all unsubscribe requests within ten business days.
• Global Suppression: Once an individual opts out they must be added to your internal suppression list.
• Transfer Prohibition: You are legally prohibited from selling email addresses of individuals who have opted out.

Identity Resolution and Pixel Integrity

• Transparent Disclosure: Your privacy policy must clearly state that you use third party technology to identify anonymous visitors.
• Pixel Placement: The pixels provided for identity resolution are to be used only on domains you own or have explicit authority to manage.

Data Security and Storage Protocols

Internal Access Controls

Limit access to raw data sets to only the personnel required for campaign execution.

• Administrative credentials must be updated quarterly.
• Local storage on personal computers or unencrypted mobile devices is prohibited.
• Any team member leaving the organization will have their access revoked immediately.

Encryption and Retention

All data should be stored in encrypted environments. CSV files and spreadsheets containing consumer information must be password protected or stored in a secure cloud environment with multi factor authentication enabled.

Outreach and Regulatory Protocols

• Scrubbing: All phone numbers must be cross referenced against the National Do Not Call Registry.
• Transparency: Every outbound email must clearly state the physical address of the company.
• Identification: Communications must be identifiable as advertisements.

Management of the Suppression File

• Opt Out Processing: Every unsubscribe request received through any channel must be recorded in a central suppression list.
• Synchronisation: This list must be applied to every new campaign before deployment.
• Permanence: Once a recipient opts out they are never to be contacted again unless they provide fresh explicit consent.

Data Retention and Disposal

• Records that have not shown engagement for 180 days should be flagged for removal.
• Purge these records from all active and backup systems on a semi annual basis.
• When disposing of records ensure the method renders the information unrecoverable.

Summary of Prohibited Activities

• Spoofing email headers or using disposable domains to hide your identity.
• Sending messages to individuals who have previously opted out.
• Using the data for any form of harassment or illegal surveillance.
• Reselling the raw files as a standalone product to other parties.

Incident Reporting

Any suspected breach of this policy or unauthorized access to the data must be reported to your compliance officer within 24 hours.