OpenPhn docs
Compliance

Consent & opt-in

Consent types, proof requirements, and how to log consent.

Every OpenPhn outbound call requires a consent_type. This is a TCPA requirement — not an OpenPhn preference. Picking the right value and being able to prove you had a basis for it is your obligation.

The three values

consent_typeWhen to use
prior_expressYou have the called party's prior express written consent for calls of this kind. Strongest basis. Required for pure marketing.
existing_business_relationshipThe called party is your customer with an active commercial relationship and the call relates to that relationship (order updates, appointment reminders, account security). Transactional content only.
emergencyImminent safety / critical-service notifications (utility outage, security breach, weather). Extremely narrow — misuse is a federal offense.

OpenPhn records whichever you pass on call create; it's audit-logged and inspectable via the admin console. If the called party complains, your records are what matter — store the signed consent form, the opt-in click, or the business-relationship evidence at your own source of truth.

Proof you should keep on your side

  • Written consent form (wet or electronic signature) — date, time, IP, phone number, and the exact language the person agreed to.
  • Opt-in checkbox events — logs showing the user actively checked a clearly-disclosed consent box with TCPA-compliant language near it (no pre-checked boxes; no burying in a ToS).
  • Purchase / account-creation records (for EBR) — enough to show the commercial relationship is active (not stale).

OpenPhn's audit log is not a substitute. We log that you asserted consent_type at the time of the call; we do not log how you got that consent.

Call-hour rules

Regardless of consent_type, federal law restricts the time of day you may call:

  • 8 AM – 9 PM in the called party's local time zone.

OpenPhn enforces this on POST /v1/calls using the destination's area code to infer time zone. Calls outside the window return call_hours_violation. If a state your destination is in has tighter rules, that's on you to respect — we don't track state-level variations.

Opt-out handling

When a called party asks to be removed, add them to your DNC immediately — both your records and your OpenPhn DNC list (POST /v1/dnc/upload or dashboard UI).

Future calls to opted-out numbers will fail with dnc_blocked. If you re-upload them later without their re-consent, that's a violation.

A2P 10DLC registration

What you need, why, and how OpenPhn handles the filing.

DNC obligations

Federal and state DNC rules, and how to stay on the right side of them.

On this page

The three valuesProof you should keep on your sideCall-hour rulesOpt-out handling