Legal & Security

Compliance

ZhuMobile regulatory frameworks, certifications, and industry standards

← Return to ZhuMobile

At ZhuMobile, compliance is not an afterthought — it is an engineering principle. Our platform is designed from the ground up to enable enterprise clients to operate within the boundaries of global telecommunications regulations, data protection law, and sector-specific requirements. We maintain a dedicated compliance team and continuously monitor the regulatory landscape across our 45+ active markets.

Regulatory Frameworks

Data Protection

GDPR

General Data Protection Regulation — EU/EEA. We act as a data processor on behalf of clients who are data controllers. We provide Data Processing Addenda (DPA), maintain records of processing activities, and support data subject rights workflows.

Anti-Spam

CASL

Canada's Anti-Spam Legislation. All messaging flows support express and implied consent tracking, mandatory identification elements, and compliant unsubscribe mechanisms within the required timeframe.

Anti-Spam

CAN-SPAM / TCPA

US federal law governing commercial email and SMS. Our platform enforces opt-out honouring, sender identification, and messaging-hour restrictions for US-originated campaigns across all channels.

Data Protection

CCPA / CPRA

California Consumer Privacy Act and California Privacy Rights Act. We support consumer rights requests, data sale opt-outs, and privacy notice requirements for clients serving California residents.

Healthcare

HIPAA

Health Insurance Portability and Accountability Act (US). We sign Business Associate Agreements (BAA) with healthcare clients and implement technical safeguards for handling Protected Health Information (PHI) in messaging workflows.

Financial

PCI DSS

Payment Card Industry Data Security Standard. Our platform does not store or transmit raw cardholder data. Payment-related messaging campaigns follow PCI DSS guidelines for tokenised references and secure communication.

Regional

LGPD (Brazil)

Lei Geral de Proteção de Dados. We support Brazilian data subject rights, consent management, and the appointment of a Data Protection Officer (DPO) for clients operating in Brazil.

Telecom

Carrier Regulations

We maintain direct relationships with licensed carriers across 45+ countries and comply with national telecommunications authority regulations governing A2P SMS, WhatsApp Business messaging, and RCS delivery.

Security Standards

ZhuMobile's security programme is built on internationally recognised frameworks and best practices:

Consent Management

ZhuMobile's platform provides built-in tools to help clients manage messaging consent at scale:

Data Processing and Sub-processors

ZhuMobile uses a limited number of vetted sub-processors to deliver its services, including cloud infrastructure providers, analytics tools, and carrier aggregation partners. A current list of sub-processors is available to enterprise clients upon request and is maintained in your Data Processing Addendum. Clients are notified of material sub-processor changes with at least 30 days advance notice.

Compliance Documentation Available to Clients

To request compliance documentation, contact your account manager or our compliance team directly.

Responsible Messaging Commitment

ZhuMobile is committed to responsible mobile marketing. We reserve the right to refuse service to, or immediately terminate accounts of, any client transmitting content that violates applicable law, our acceptable use policy, or the spirit of responsible communication — including spam, deceptive content, phishing, or content that exploits or harms recipients.

Contact Our Compliance Team

For compliance enquiries, DPA requests, or to report a potential issue:
ZhuMobile — Compliance & Privacy
A Parlee Conseiller company
Email: compliance@zhumobile.com
Privacy: privacy@zhumobile.com
General: mmkt@zhumobile.com