Anti-Spam Policy
Vercom S.A.

At Vercom, we strive to ensure the highest quality and deliverability of Services for our Clients. We know that both Message Recipients and Clients themselves expect that the Communications sent will reach end devices without being hindered by filters and blocks. A key step towards this goal is preventing unwanted Messages, including SPAM and Smishing. We are aware that we cannot achieve this without cooperation with our Clients. Therefore, we have implemented this Anti-Spam Policy so that Messages sent through our Services reach only those Recipients who have given their consent and comply with applicable law as well as the Guidelines and Standards of the electronic communications industry.

§ 1. GENERAL PROVISIONS.

  1. This Anti-Spam Policy (hereinafter: the „Anti-Spam Policy”) sets out the minimum standards for using the Services provided electronically by Vercom, aimed at protecting Message Recipients against unwanted or unlawful Messages, including SPAM or Smishing Messages.
  2. This Anti-Spam Policy applies to all Clients using the Communication Channels offered by Vercom. If you provide your end users or clients with the ability to send Messages through Vercom’s Services, for example as an independent software vendor, you bear responsibility for the Message-related activity of those users. You must ensure that all Message-related activities generated by your users comply with Vercom’s Anti-Spam Policy.
  3. The Anti-Spam Policy constitutes an integral part of the Framework Agreement for the Provision of Services by Electronic Means (hereinafter: the „Agreement”). To the extent not regulated by the Anti-Spam Policy, the remaining Contractual Documents shall apply, including in particular the provisions of the Agreement.
  4. Vercom is a telecommunications undertaking entered in the register of SMS integrators maintained by the President of the Office of Electronic Communications (hereinafter: „President of UKE”) in accordance with the Act of 28 July 2023 on combating abuses in electronic communications.
  5. If you have any questions regarding our Anti-Spam Policy or wish to report the receipt of unsolicited communications including SPAM or Smishing, you may contact us at .

§ 2. DEFINITIONS.

For the purposes of this Anti-Spam Policy, the following definitions have been adopted:

  1. “A2P / Application-to-Person” – a type of communication in which an application sends automated Messages to a Recipient.
  2. “Double opt-in” – a process of collecting email addresses using double consent confirmation, which requires the Recipient to take two steps to join a subscriber list: (1) entering an email address in the appropriate form, and then (2) clicking an activation link in an automatically sent email. The address may only be added to the mailing list after completing this step. This process ensures a higher quality mailing list, because only those who genuinely wish to receive Messages are added.
  3. “Proof of Consent” – a document, system log, event log, or other file irrefutably confirming that the Consent collected by the Client from the Recipient to receive the Communication was obtained correctly. Regardless of the method of collecting Consent (single opt-in, double opt-in), the Proof of Consent must contain information documenting the opt-in, including but not limited to: who gave the Consent, when, how, through which form, what information was recorded, and the full wording of the information presented to the Recipient during the opt-in regarding the purpose of data collection and how the data will be used.
  4. “Database Hygiene” – activities carried out by the Client with respect to its mailing database, including, among others: obtaining Consents, verifying the accuracy of contact data, removing duplicate, outdated, incorrect or inactive data, appropriate data segmentation, etc., the purpose of which is to use only correct and up-to-date Recipients for Dispatch.
  5. “Communication Channel” – the form of sending Messages selected by the Client, offered as part of the Services provided by Vercom. Vercom offers sending Messages via the following Communication Channels, among others: SMS, MMS, email, Push, WebPush, OTT, RCS, Viber, WhatsApp.
  6. “Client” – a natural person, legal person, or organizational unit without legal personality to which a separate statute grants legal capacity, not being a consumer, who has concluded an Agreement with Vercom.
  7. “Marketing Communication / Marketing Message” – a type of Message sent by the Client to Recipients, focused on building relationships with existing and potential brand customers by conveying brand values, promoting products and services, in order to elicit desired responses such as purchases or loyalty.
  8. “Transactional Communication / Transactional Message” – a type of Message sent by the Client to Recipients, relating to the Client’s interaction with its customer during the execution of a sale, provision of a service, or resolution of problems, focused on efficient and effective support for the customer.
  9. “List-unsubscribe” – an optional email header element that makes it easier for Recipients to unsubscribe by adding an “Unsubscribe” button or link in the mail client interface, without having to search for it in the Message body. This enables quick removal from a mailing list, reducing the likelihood of the Message being marked as SPAM and improving the sender’s reputation.
  10. “Sender ID” – a sender identifier replacing the MSISDN number in the sender field of an SMS/MMS Message.
  11. “NASK” – the Computer Security Incident Response Team of the Research and Academic Computer Network – National Research Institute.
  12. “Recipient / Message Recipient” – a person whose personal data, including contact data such as an email address, identifier, telephone number, or other IT designation, based on the Consent given to the Client, is used by the Client in the process of sending Communications through Vercom’s Services.
  13. “One-click unsubscribe” – a feature in emails that allows the recipient to opt out of receiving future messages from a given mailing list with a single click. This is a requirement introduced by Email Service Providers, such as Google and Yahoo (hereinafter: “Email Service Providers”), to facilitate unsubscription and improve bulk mail deliverability.
  14. “Public Entity” – public entities as specified in the Act of 28 July 2023 on combating abuses in electronic communications.
  15. “Smishing” – the sending of a Message, including a short text message (SMS), in which the sender impersonates another entity in order to induce the Recipient to engage in specific behavior, in particular disclosing personal data, making unfavorable disposition of property, opening a website, initiating a voice call, or installing software.
  16. “SPAM” – any Messages sent without prior, verifiable, direct consent of the Recipient to be contacted in connection with the content of the Sent Message.
  17. “Spam Trap” – an email address traditionally used to expose unlawful senders who add email addresses to their lists without permission. They are appropriately configured by Email Service Providers to identify senders with improperly collected Consents and dispatch practices.
  18. “Industry Associations” – generally recognized national and international organizations operating, among others, in the telecommunications, electronic communications, marketing and other industries, specializing in issuing recommendations and guidelines regarding electronic communications in the broad sense, such as but not limited to: telecommunications operators, electronic messenger publishers and Email Service Providers, UKE (Office of Electronic Communications), CERT Polska, NASK PIB (Research and Academic Computer Network – National Research Institute), ETSI (European Telecommunications Standards Institute), CSA (Certified Senders Alliance), BEREC (Body of European Regulators for Electronic Communications), M3AAWG (Messaging, Malware, and Mobile Anti-Abuse Working Group), Cellular Telecommunications Industry Association, Canadian Wireless Telecommunications Association, and others.
  19. “Services” – services provided by Vercom S.A. to the Client under the Agreement.
  20. “Message / Communication” – a communication commissioned for sending through the Services by the Client to the Recipient. A Message may be sent as a communication using the Communication Channels made available as part of the Services.
  21. “Unsubscribe / Withdrawal / Revocation of Consent” – means the Recipient’s resignation from receiving specific types, channels, or content of messages or services. The Recipient must have the ability to easily withdraw the Consent given. The Client may not employ practices that impede the withdrawal of such Consent.
  22. “NASK Register” – a register containing the content of message templates containing Smishing, developed by NASK.
  23. “Sending Messages” (also in lowercase) – sending or commissioning the sending of Messages using the Service.
  24. “Guidelines and Standards” – all recommendations, norms, rules and guidelines published by, among others, generally recognized Industry Associations, telecommunications operators, electronic messenger publishers, and Email Service Providers.
  25. “Consent / opt-in” – an informed, explicit, current (no older than 24 months before commencing use of the Services), and verifiable consent of the Recipient to receive Communications, given by the Recipient to the Client, for the purpose of receiving communications of specific content, form, and sent through a specific Communication Channel. The Consent must meet all requirements set out by generally applicable legal provisions and this Anti-Spam Policy. Consent may be collected via single opt-in or double opt-in. Vercom recommends using the double opt-in methodology. The Client must hold Proof of the Consent collected.

All capitalized terms not expressly defined in the Anti-Spam Policy shall have the meaning assigned to them in the Agreement.

§ 3. SERVICES FOR PROFESSIONALS.

In order to minimize the risk of exposing Recipients to unwanted Messages, including SPAM or Smishing Messages:

  1. The Agreement may be concluded only with professional entities – undertakings and public entities. Additionally, an undertaking that is a natural person may conclude the Agreement only if it is directly related to the business activity conducted by that person and is of a professional nature, arising in particular from the subject of the business activity conducted, as disclosed pursuant to the provisions on the Central Register and Information on Economic Activity.
  2. Dispatch of Messages to actual Recipients (i.e. using data other than the personal data of the Vercom Client) may only take place after Vercom has positively verified the Client.
  3. Dispatch of a Public Entity’s Message may be commissioned to Vercom directly by that Public Entity or by a third party commissioning dispatch on behalf of and for the account of the Public Entity.
  4. A Client commissioning the dispatch of Messages on behalf of and for the account of a Public Entity is obligated, before commencing such dispatch, to provide Vercom with a declaration from the Client and the Public Entity regarding the right to send Messages on behalf of that Public Entity.
  5. In the event that the Client’s right to commission the dispatch of Messages on behalf of and at the request of a Public Entity expires, the Client is obligated to inform Vercom thereof within 1 business day.
  6. A Client commissioning the dispatch of Messages on behalf of and for the account of a Public Entity shall each time provide Vercom with the name and REGON number of the Public Entity on whose behalf the dispatch is commissioned.
  7. Vercom treats all Messages sent through its Services, regardless of their nature and type of communication, as A2P Messages. All Messages commissioned for dispatch by Clients through Vercom are subject to this Anti-Spam Policy and the rules and prohibitions described herein.

§ 4. MESSAGE RECIPIENTS.

  1. The Client bears full responsibility for the lawfulness of the Dispatch of Messages to a specific Recipient. In particular:
    1. The Client is obligated to obtain, in the manner specified by applicable law, all necessary, verifiable and current Consents in this respect before commencing Dispatch through the Services.
    2. The Recipient’s Consent must be explicit and unambiguous; it may not in any way be presumed or inferred from a statement of different content.
    3. Additionally, the Recipient must be entitled to a simple, unimpeded Revocation of Consent at any time.
    4. It is prohibited to send Messages to Recipients who have Withdrawn Consent or who have not given Consent.
    5. The Client is obligated to maintain the accuracy and correctness of the collected contact data of Recipients.
    6. The use of the double opt-in method is recommended for collecting email addresses.
    7. With the exception of the provisions of § 8 section 2A, it is prohibited to Send Messages to Recipients with whom you have not been in contact within the last 24 months without obtaining current Consent from the Recipients for further communication.
  2. Vercom is in no case obligated to verify whether Messages commissioned for dispatch by the Client in the course of using the Services comply with the law, nor is Vercom liable for the lawfulness of the Consents obtained by the Client from Recipients.
  3. The Client is obligated to include an unsubscribe link in Marketing email Communications. The use of List-unsubscribe and One-click unsubscribe is recommended. Vercom has the right to insert in each Marketing email Message of the Client a non-removable unsubscribe link enabling the Recipient to Withdraw Consent to receive further Messages from the Client.
  4. It is prohibited to use publicly available contact data of Recipients, in particular:
    1. collected from websites,
    2. purchased or acquired, including rented, under any other title, databases,
    3. gathered using hidden methods or other unlawful activities.

    This provision also applies to the contact data of addressees that are legal persons, organizational units without legal personality, and Public Entities.

  5. The use of any type of automated solutions, software, or scripts enabling the collection of contact data is prohibited.
  6. The Client must hold Proof of the Recipient’s Consent. Such proof must be retained in accordance with local legal regulations or best practices.

§ 5. MESSAGE CONTENT.

  1. It is prohibited to send Messages with any content that is contrary to law or good practices, including the principles of community coexistence, infringing upon or threatening the rights, including personal rights, of third-party persons and entities, infringing intellectual property rights, inciting the commission of unlawful acts, discriminatory, insulting or offensive, calling for racial, ethnic, religious, or cultural hatred and hatred relating to sexual orientation, propagating propaganda, fanaticism, pornography, or violence – in any form.
  2. It is prohibited to Send Messages containing content relating in particular to issues such as: gambling, cryptocurrencies or sales pyramids, affiliate marketing, financial pyramids, simulated social engineering attacks, multi-level marketing; get-rich-quick schemes and advice; loans or quick-credit services; gambling; weight-loss materials; mobile phone unlocking services; IPTV content; content about buying, selling, or sharing followers or likes for social media platforms; content about selling or buying mailing lists, or offering illegal goods and services; the sale of alcohol, medicines, tobacco or derivative products and other illegal substances, weapons and illegal products including chemicals that may be used for their manufacture; and other content intended for adults. Unless the Client, in the course of its professional activity, is engaged in the legal distribution of the aforementioned content and products, and generally applicable law permits electronic communication in this regard, provided that all required Consents are held and subject to each-time additional verification by Vercom of the materials planned for dispatch and receipt of Vercom’s consent for the Dispatch using the Services.
  3. It is prohibited to send unsolicited commercial information within the meaning of the Act of 18 July 2002 on the provision of electronic services, as well as to send SPAM or Smishing Messages.
  4. It is prohibited to carry out Message Dispatches in a manner and for the purpose of avoiding or circumventing mechanisms for verifying, detecting, and preventing unwanted Messages.
  5. We do not permit content that has been specifically designed to avoid detection by mechanisms for detecting and preventing unwanted Messages. This includes, among others, deliberately misspelled words or non-standard phrases that have been created specifically to circumvent these mechanisms.
  6. The Client is obligated to provide truthful and accurate information in communications directed to end users through Vercom, in particular regarding: the sender, subject, and content, and other elements required for proper sender verification depending on the specifics of the Communication Channel used, such as the header, routing (e.g. “From”, “To”, “Reply to”) for EMAIL Communications or the Sender ID of SMS/MMS Messages. It is prohibited to indicate elements in a Message in a manner that is misleading or even suggestive of a factual situation different from the truth.
  7. Every communication sent through the Services must contain the sender’s first and last name and address, as well as the current, accurate and full name of the legal entity, in communication channels where required by law. If you send communications on behalf of your User, you must appropriately provide the data of that client of yours.
  8. It is prohibited to use in the Sender ID of SMS/MMS Messages content that could mislead the addressee as to the sender’s identity, in particular the unauthorized use of first and last names, names of institutions, companies, and trademarks.
  9. It is prohibited to use in the Sender ID of SMS/MMS Messages commissioned by entities that are not Public Entities content included in the NASK Register of Public Entity Sender IDs, as well as content consistent with variants of names or abbreviations contained in the NASK Register of Public Entity Sender IDs.
  10. A Public Entity’s Message must contain a Sender ID in the form of a name or its abbreviation reserved for that Public Entity in the NASK Register. If a Public Entity commissioning Vercom directly or indirectly to dispatch Messages does not have a Sender ID reserved in the NASK Register, such Public Entity’s Message may not contain Sender IDs reserved for other Public Entities or Sender IDs in the form of name variants or abbreviations that could mislead the Recipient as to the origin of the message from a Public Entity, which are listed in the NASK Register.
  11. It is prohibited for entities that are not Public Entities to send Messages with a Sender ID containing the phrase #RP. The Client is solely responsible for the content of Messages sent. Vercom shall not be liable for the content sent by the Client when using the Services.
  12. Marketing Communications sent through Vercom’s Services must contain an advertising message identifier, where applicable.

§ 6. REVOCATION OF CONSENT BY THE RECIPIENT.

  1. Every communication sent through the Services must contain the following elements:
    1. Clear information about the Recipient’s right to unsubscribe or to request cessation of the use of their data in relation to any or all communication purposes,
    2. Clear information about the methods by which the Recipient may notify the Client of the unsubscription or request for cessation of the use of their data in relation to any or all communication purposes,
    3. In channels required by law, a one-click unsubscribe link that immediately removes the subscriber from the subscriber list. No action by the Recipient is required beyond confirmation. After unsubscribing, the Client may not contact them again, apart from sending a final confirmation of successful unsubscription or other communication necessary in this regard.
    4. The Client guarantees that it will promptly comply with all unsubscription requests or other data subject requests for cessation of further communication.
  2. Vercom’s Service may automatically revoke the consent of recipients to whom Messages are regularly returned as undeliverable and block such data so that no further Communications are delivered to them.

§ 7. VERCOM’S VERIFICATION PROCEDURES.

  1. Clients may not use the Services for the purpose of circumventing mechanisms for detecting and preventing unwanted Messages applied by Vercom or other institutions. In accordance with the Agreement and the Anti-Spam Policy, Vercom may collect and monitor the content of Messages transmitted through the Services for the purpose of detecting unwanted messages, including SPAM and Smishing, fraudulent activities, and violations of the law.
  2. Vercom applies various levels of approval and monitoring of Communications to ensure their compliance with this Anti-Spam Policy. To this end, Vercom has the right to verify Client Dispatches with respect to whether they constitute communication prohibited under this Anti-Spam Policy, including SPAM or Smishing dispatches, as well as with respect to: the existence of Spam Traps, and the volume and type of bounces and feedback reports after a Dispatch carried out by the Client. A negative result of such verification, including obtaining information on violations of legal requirements regarding required Consents and permits, subject to section 7 below, authorizes Vercom to temporarily suspend part or all of the Services and, in justified cases, also to terminate the Agreement with immediate effect.
  3. The Services are, among others, integrated with external SPAM reporting systems used by some of the largest Internet Service Providers and email providers. If you do not have the required Consents and someone marks your Message as SPAM, we will learn about it the moment that button is pressed. If you receive indicators exceeding the thresholds indicated in § 8 section 2, subject to section 7 below, this may result in the temporary suspension or closure of your Account.
  4. Our team may verify Clients’ mailing lists.
  5. Vercom monitors internet service provider and email service filter blacklists, as well as its own abuse warning systems on a 24/7/365 basis, enabling it to accurately and effectively identify Clients causing deliverability problems or generating Recipient complaints.
  6. Clients’ mailing lists are also monitored for the presence of spam traps (Spam-Trap). Accounts on which the presence of a Spam-Trap is detected, subject to section 7 below, may be suspended or closed.
  7. In situations where a violation of these rules is found, wherever possible, we will cooperate with Clients in good faith to restore their compliance with this Anti-Spam Policy. However, in the interest of all our Clients, in order to ensure their ability to continuously use the Service and to guarantee the highest level of deliverability, we reserve the right to suspend or block access to the Services for Clients or end users of our Clients who, in our opinion, knowingly and intentionally fail to comply with Vercom’s Anti-Spam Policy, generally applicable law, or the Guidelines and Standards. In such cases, we reserve the right to suspend the Client’s account without notice or investigation, regardless of whether we decide to contact them.

§ 8. DISPATCH POLICY.

  1. The Client is obligated to maintain Database Hygiene for data intended for Message dispatch and to keep the statistics of email Message dispatches below the permissible thresholds for email Message statuses (hereinafter: Thresholds) indicated in section 2 below. In the event that the Thresholds indicated in section 2 are exceeded, Vercom is authorized to suspend or close the Account. Vercom will contact the Client before suspending or closing the Account in order to clarify the reasons for the situation, unless the risk associated with further handling of Dispatches is deemed critical to the security or deliverability of the Services. Suspension or closure of the account constitutes grounds for termination of the Agreement by either Party, for reasons attributable to the Client.
  2. Permissible Thresholds. Vercom applies permissible Thresholds in accordance with the table below. Thresholds are calculated as the percentage share of email Messages with a specific status out of all email Messages sent from a given Account within 24 hours. The Thresholds below do not include Messages containing SPAM or Smishing, the sending of which is prohibited.
    Email Message StatusPermissible Thresholds
    Hardbounces≤ 10%
    Spambounces≤ 2%
    Spam Complaints≤ 0.1%
    Unjustified abuse complaints< 1

    Explanations of email Message statuses:

    1. Hardbounces – when an email Message was not delivered because the address or domain does not exist or the Recipient blocks the delivery of the email Message;
    2. Spambounces – when an email Message was classified as SPAM in the Recipient’s mailbox;
    3. Spam Complaints – when the email Message Recipient marked it as SPAM;
    4. Unjustified Abuse Complaints – when the email Message Recipient reports that the sender contacted them without the required Consent.
    1. 2.A Reactivation Campaigns
      Reactivation Campaigns (hereinafter: “Reactivation Campaigns”) are understood as the Dispatch of Messages to Recipients who have not opened or responded to previous Communications for an extended period of time. Reactivation Campaigns are permitted solely provided that:

      • The Recipients have previously given Consent to receive Messages from the Client (e.g. through a newsletter signup, account registration, etc.) and that Consent has not been withdrawn.
      • The Client holds Proof of Consent – maintains current, documented confirmation of the opt-in of each Recipient.
      • The contact list used in the Reactivation Campaign is regularly verified and cleaned of inactive, invalid addresses or those that generate bounces.
      • The Reactivation Campaign should clearly inform the Recipient why they are receiving the Message (e.g. “you are receiving this message because you previously subscribed to our newsletter”) and contain an easy and visible unsubscribe mechanism.
      • Vercom reserves the right to suspend or limit such Dispatches if it considers them excessively reactivating or potentially having a negative impact on the reputation of the sending infrastructure (IP, domains, deliverability indicators), including exceeding the Permissible Thresholds.

      All other provisions of this Anti-Spam Policy apply to Reactivation Campaigns.

  1. Vercom and telecommunications undertakings cooperating with it shall block the sending of Messages whose content matches the content of a message template contained in the NASK Register or which contain Sender IDs inconsistent with § 5.
  2. Vercom and telecommunications undertakings cooperating with it may block a Message whose content contains Smishing other than that matching the content of a message template contained in the NASK Register, including MMS messages.
  3. Vercom shall block the provision of Services to the Client in whole or in part in the event that the President of UKE issues an administrative decision under Article 23 of the Act on combating abuses in electronic communications ordering the introduction of such a block, of which it shall promptly notify the Client. Such a block shall not constitute a breach of the Agreement or grounds for the Client to terminate it.
  4. Vercom may charge fees for the sending of a Message that was blocked in accordance with sections 3 and 4, especially in a situation where the Message was blocked by a cooperating undertaking.
  5. Vercom shall not be liable for the blocking of Messages in accordance with sections 3 and 4; in particular, such blocking shall not constitute a breach of the Agreement or grounds for the Client to terminate it.

§ 9. FINAL PROVISIONS.

  1. The Client bears full and sole responsibility for the compliance of Message dispatch with applicable law, the Agreement, and the rules set out in this Anti-Spam Policy. In the event that Vercom were to bear any liability (civil, administrative, criminal, or other) arising from the Client’s breach of the obligations set out in the first sentence – the Client shall be liable to Vercom on a right-of-recourse basis for all damages, including lost profits arising therefrom, as well as any financial penalties imposed on Vercom by the President of UKE.
  2. In the event of a breach by the Client of any of the obligations set out in this Anti-Spam Policy, Vercom is authorized to terminate the Agreement with immediate effect.
  3. Vercom shall collect and process information related to the Service, including the content of a Message that was blocked as Smishing or due to the use of Sender IDs inconsistent with § 5, for a period of 12 months from the date on which the given Service was to be provided, or for the period necessary to resolve a dispute arising from the blocking of the Service.
  4. For the purpose of identifying, preventing, and combating abuses in electronic communications, Vercom shall process and share with NASK and other telecommunications undertakings information related to the Service, including the content of a Message that was blocked as Smishing.
  5. For the purpose of identifying, preventing, and combating abuses in electronic communications, Vercom shall process and share with NASK and other telecommunications undertakings information related to the Service processed by it, excluding the content of a message that was identified by Vercom as a form of abuse in electronic communications other than Smishing.
  6. The provisions of sections 3, 4, and 5 exclude the application of the confidentiality clause from the Agreement.