Zurück zur Startseite

WhatsApp Keyword Specification

Effective date: 2026-06-01

Effective date:
Version: keyword_spec_v1_1

Human-handoff and opt-out keyword specification v1.1

Changes from v1

  • Withdrawal consent_events row mirrors Tranche 1 v2 §3.6 fields.
  • Human-handoff fallback covers no-human-available cases.
  • [email protected] is the contact mailbox for data questions.
  • Human-handoff confirmation states that the confirmation itself is automated.
  • Gym legal name, CIF, and address are resolved server-side on re-display.
  • Unicode normalisation uses NFKD and quoted WhatsApp message text is excluded.
  • Keyword sets are reviewed semi-annually.

Opt-out keyword set

/\b(stop|unsubscribe|cancel|end|quit|baja|parar)\b/i

Applied after NFKD unicode normalisation, stripping of diacritics, trailing punctuation, and surrounding markdown.

On match:

  1. Set contacts.opted_out_at = now() in the database.
  2. Add a consent_events row with consent_type='marketing_whatsapp', granted=false, source_channel='whatsapp_keyword', source_ref=<message_id>, withdrawal_text_hash=<hash of inbound text>, withdrawn_at=now(), text_version, gym_legal_name_at_grant, gym_cif_at_grant, and consent_scope mirrored from the original consent record, so granular re-grant is auditable.
  3. Send a confirmation message.
  4. Block all future outbound marketing messages to this contact. Transactional or contractual messages under Art. 6(1)(b) continue.

Human-handoff keyword set

/\b(humano|persona|agente|operador|human|agent|operator|help)\b/i

On match:

  1. Set conversation state to awaiting_human_handoff.
  2. Notify the gym's on-call human via the gym's configured channel.
  3. Send a confirmation message to the lead.
  4. Suppress all AI responses on this conversation until a human responds or the lead writes CONTINUAR AI / RESUME AI.
  5. Audit-log entry: conversation.handoff.requested.

Handoff SLA fallback. If no human responds within the gym-configured HANDOFF_SLA (default 4 working hours), the lead receives an automated acknowledgement that a human has been notified and the conversation remains in awaiting_human_handoff until either a human replies or the lead writes the resume keyword. No AI replies are issued in the interim, satisfying Article 50(1) AI Act clarity.

Confirmation messages

Opt-out confirmation (ES):

Entendido. Hemos registrado tu baja y ya no te enviaremos más mensajes comerciales de [Gym] (responsable del tratamiento). Si en el futuro quieres volver a recibirlos, puedes escribirnos a [Gym email] o responder ALTA. Para cualquier consulta sobre tus datos personales, escribe a [email protected].

Opt-out confirmation (EN):

Got it. We have recorded your opt-out and will no longer send you commercial messages from [Gym] (data controller). If you wish to opt back in in the future, write to [Gym email] or reply START. For any question about your personal data, write to [email protected].

Human-handoff confirmation (ES):

Perfecto, te paso con una persona del equipo de [Gym]. (Este sigue siendo un mensaje automatizado.) En cuanto estén disponibles, te escribirán por aquí. Si prefieres volver a hablar con el asistente automático en cualquier momento, escribe CONTINUAR AI.

Human-handoff confirmation (EN):

Got it, I'll connect you with someone from [Gym]'s team. (This is still an automated message.) As soon as they're available, they'll write to you here. If at any point you'd like to resume with the automated assistant, just type RESUME AI.

Re-opt-in keyword set

/\b(alta|start|optin|opt-in)\b/i

Re-opt-in requires the contact to have previously opted out and to have received clear information about what they are opting back into. The keyword ALTA / START triggers a fresh consent prompt redisplaying the full whatsapp_marketing_consent_v2text with the gym's resolved legal name, CIF and address substituted server-side. If any of these fields is null at the server, the surface is blocked. A bare ALTA / START is not consent on its own; only a subsequent ACEPTO / AGREE re-adds the contact to the marketing list.

Storage and audit

Every keyword match generates an audit_log entry with: actor (the contact), action (the keyword class), resource (the conversation), metadata (matched regex group, channel, timestamps, NFKD-normalised inbound text hashed and truncated to 256 chars for forensic minimisation).

Edge cases

  • Mistyped keywords, such as STP instead of STOP, do not match by design. Mistypes are logged as optout.near_miss for periodic review.
  • Keywords inside longer sentences match because of word boundaries, for example please STOP sending me messages.
  • Keywords inside another word, such as humanity, do not match.
  • Multiple keywords in the same message are resolved by precedence: opt-out takes precedence over handoff.
  • Unicode variants such as BAJÁ, Baja., *BAJA*, or baja followed by emoji normalise through NFKD, diacritic stripping, trailing-punctuation stripping, and markdown stripping.
  • Quoted forwarded messages do not trigger if the keyword appears inside WhatsApp quote markup on lines beginning with >.

Periodic compliance review

The keyword sets and the regex are reviewed semi-annually against the then-current WhatsApp Business Messaging Policy and AEPD/EDPB guidance. Material changes generate a new keyword_spec_v(n+1) and a re-publication of this section. The semi-annual review is recorded in the audit log.