Docs/Guides/TCPA consent capture
◆ Guide

TCPA consent capture.

The schema, the UI surfaces, the audit log, and the state-by-state quirks we've learned the hard way.

  • One consent schema across web, chat, phone, iPad
  • STOP, STOPALL, UNSUBSCRIBE handled automatically
  • Exportable consent ledger for legal
  • DNC scrubbing integrated with outbound calling
In this guide
  1. What TCPA requires
  2. Capture surfaces
  3. Consent event storage schema
  4. One-click unsubscribe (STOP + email)
  5. The audit log and CSV export
  6. State-by-state notes
  7. DNC scrubbing integration

1. What TCPA requires

The short version: to call or text a US consumer with an autodialer or prerecorded voice for marketing, you need prior express written consent. That means a clear disclosure that you'll call/text, a clear act of agreement by the consumer (a checkbox, a "yes," a signature), and a record of it with a timestamp you can defend in court.

The long version: 47 CFR §64.1200(f)(9), plus a decade of case law and the 2026 one-to-one consent rule. This guide is not legal advice. Your lawyer is.

2. Capture surfaces

We capture consent on every surface that can take a phone number. Same storage schema, different source value.

Source How it's captured
Web form Checkbox above submit. Unchecked by default. Text shown to user is stored verbatim.
AI Companion chat Consent line inserted when a phone number is collected. Same storage format.
Phone transcript Agent reads a scripted line; call recording timestamp is stored alongside the consent.
Showroom iPad Signature pad captures a typed name + signature image; image hash is stored.
Text-to-opt-in Dealer-specific shortcode + keyword. Incoming SMS is the consent artifact itself.

3. Consent event schema

One row per event. Events are append-only; revocation is a new event with direction: "revoked", not a delete.

consent_event.json 
{
  "id": "cev_01HR8X4V72PK9AD",
  "contact_id": "cnt_YTG9210",
  "phone_e164": "+12395550198",
  "direction": "granted",
  "channels": ["sms", "voice"],
  "scope": "marketing",
  "source": "web_form",
  "source_url": "https://yourdealer.com/grady-white-307",
  "consent_text": "By checking this box, I consent to receive marketing calls and texts from Dealer Name, including via autodialer, at the number I provided. Consent is not a condition of purchase. Msg & data rates may apply. Reply STOP to opt out.",
  "ip": "203.0.113.42",
  "user_agent": "Mozilla/5.0 ...",
  "captured_at": "2026-04-22T14:12:04Z",
  "evidence_hash": "sha256:c2e4...",
  "one_to_one_seller": "Acme Boats of Ft. Myers"
}

The evidence_hash is a SHA-256 over the rendered page + form state at the moment of submission. It's what you show a plaintiff's lawyer.

4. Revocation — STOP + email unsubscribe

Every outbound SMS includes "Reply STOP to opt out." Incoming STOP, STOPALL, CANCEL, END, QUIT, and UNSUBSCRIBE all trigger a revocation event and a confirmation reply. Re-consent requires START.

Every outbound marketing email includes a one-click List-Unsubscribe header (RFC 8058) plus a visible footer link. Clicks are processed in <2 seconds.

5. Audit log and CSV export

Under Compliance → Consent log. Filter by date, phone, source. Export as CSV with the following columns:

event_id, contact_id, phone_e164, direction, channels, scope, source, source_url, consent_text, ip, user_agent, captured_at, evidence_hash, one_to_one_seller, revoked_at, revoked_reason

The export is also available via GET /v1/compliance/consent-events.csv?since=.... Your legal team can subscribe to a weekly automated dump to S3.

6. State-by-state notes

Jurisdiction What to know
Federal (FCC 2026-01) One-to-one consent required per seller. Bundled consent across "partners" is not valid.
California CPRA opt-out preferences (Global Privacy Control) must be honored as SMS unsubscribe.
Florida FTSA echoes TCPA; plaintiff-friendly. Store the IP + user agent of every consent event.
Washington My Health My Data Act: never imply consent to marketing from a service appointment.
Oklahoma OTCPA allows $500–$5,000 per violation. Same storage is fine; just don't miss it.

7. DNC scrubbing

BoaterOS scrubs against the national DNC registry and state registries nightly. An outbound call or bulk-SMS job refuses to dispatch to a number on DNC unless there is an active granted consent event with scope=marketing that post-dates the DNC registration. If you use an external dialer, consume the compliance.dnc_status webhook or call GET /v1/compliance/dnc-check?phone=... before dialing.

Good habit. Don't treat consent from one seller as consent for another. If you acquire a dealership, you inherit liability, not consent — re-collect.

◆ Next step

Marketing, without the lawsuits.

Every BoaterOS dealer gets the consent log, STOP handling, and DNC scrubbing by default. Talk to us about bulk export for existing contacts.

Book a demo Back to docs