Germany's consent bar is the highest in Europe
An SMS API in Germany faces one of Europe's strictest consent regimes. Three laws converge: the GDPR, the German Federal Data Protection Act (BDSG), and the Act Against Unfair Competition (UWG §7). They agree on one principle: you can only text someone who gave prior, explicit, freely-given, documented consent for that specific number. And in practice, that means double opt-in. The German Federal Supreme Court (BGH, 2019) has held that single opt-in is not sufficient to prove consent. So Germany isn't a market where a checkbox suffices. It's one where you confirm the consent and keep the proof — because a single unsolicited marketing SMS can trigger a cease-and-desist and fines up to €300,000 (UWG §7, 2021). For the authoritative reference, see the TCPA. The BGH ruling (Urteil vom 12.09.2019, Az. I ZR 199/18) involved a company sending SMS ads after a user entered their number on a website without double opt-in verification.
SMSRoute's published route page for Germany lists direct-carrier delivery via Deutsche Telekom, Vodafone, O2 from $0.085/message, with 84ms median submission and 99.2% delivered success (smsroute.cc route pages, 2026).
Three laws, one high standard
| Layer | What it governs | Requirement |
|---|---|---|
| GDPR | Personal data | Explicit, documented consent |
| BDSG | German data law | National implementation of GDPR |
| UWG §7 | Unfair competition / spam | Prior consent for marketing; fines to €300,000 |
| Double opt-in | The evidence standard | Courts: single opt-in insufficient |
The distinctive rule is double opt-in. It's not written as a hard statutory requirement, but German courts have made it the effective standard: the Federal Supreme Court (BGH, 2019) ruled single opt-in is not sufficient to prove consent, and called double opt-in a more appropriate means. So a subscriber opts in, then confirms via a link, and that confirmation is your evidence. One catch the BGH specified: the confirmation message itself must be completely neutral — no promotional content in it, or it becomes marketing you didn't have consent to send. On the penalty side, UWG §7 allows fines up to €300,000 (UWG §7, 2021), and a single unsolicited SMS can bring an Abmahnung (cease-and-desist). UWG §7 paragraph 2 sets this fine range. It is the maximum penalty, not the typical amount.
Sending compliantly in Germany
- Use double opt-inSubscriber opts in, then confirms via a link. Keep the confirmation as evidence. It's the standard German courts expect, mirroring GDPR consent wording at its strictest.
- Keep the confirmation neutralThe confirmation message must contain no promotional content. The BGH (2019) was explicit: a confirmation with an offer in it becomes unconsented marketing.
- Document consent thoroughlyPrior, explicit, freely-given, for the specific number, with records. In a dispute the burden is on you, and German enforcement is real.
- Separate transactional from marketingOTPs and transactional messages rest on the relationship or contract. UWG §7's consent rules target marketing. The transactional carve-out applies.
curl -X POST https://api.smsroute.cc/sms/send \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"to": "+491234567890", "from": "SMSRoute", "message": "Your OTP is 123456"}'
The neutral-confirmation rule catches marketers off guard. It feels natural to put an offer in the 'please confirm' message, but the BGH (2019) ruled the confirmation must be completely neutral. Slip a promotion into it and you've sent marketing without valid consent, defeating the whole double-opt-in purpose. Keep it plain.
Sending to Germany in practice
SMSRoute is a no-KYC SMS API with crypto billing (BTC, ETH, USDT, XMR, LTC, and SOL) serving the international route to Germany, with live pricing on the send SMS to Germany page. Germany supports alphanumeric sender IDs and has no sender-ID registration barrier, so the friction here isn't technical: it's consent. For transactional and OTP traffic resting on the relationship, the route delivers to German users cleanly. SMSRoute's published route data shows direct-carrier delivery from $0.004/message, sub-100ms median submission, and ~98.6% delivered success on direct routes (smsroute.cc route pages, 2026).
The honest framing: the consent obligations (GDPR, BDSG, and UWG double opt-in with a neutral confirmation) are yours to run whatever provider you use. We deliver what your compliant process approves. Germany is technically easy to reach (alphanumeric senders, no registration) but legally demanding on consent. Get the double opt-in right, keep the confirmation neutral, document everything, and Germany delivers. Treat consent casually and a single message can bring a €300,000 exposure. So here, more than most markets, the compliance is
FAQ
Do I need double opt-in for SMS marketing in Germany?
What laws govern SMS marketing in Germany?
Can I include an offer in a German double opt-in confirmation?
What's the penalty for unsolicited SMS in Germany?
Send your first SMS in 5 minutes
No KYC. Pay with BTC, ETH, USDT, XMR, LTC, and SOL. Live routes to 149 countries.
Get an API key →