Your CRM is a legal record. If a guest, owner, or inquiry-source disputes that you contacted them without permission, your tag structure and consent log will either protect you or bury you. Most operators run consent theater. They have a checkbox on the booking page. They have unsubscribe links in their emails. But they do not have a traceable consent timestamp, they cannot explain why a contact is tagged "Active Prospect," and they cannot replay the exact sequence that contact received. When a regulator, a platform (Airbnb, VRBO, Booking), or a lawyer asks "Did you have permission to send 17 SMS to this number?", they scroll through their CRM, see nothing but contact names and dates, and answer: "I have no idea." This is the leak. It is not about courtesy. It is about structural liability and platform risk. ## The consent audit starts in the CRM schema, not the compliance doc Clean consent lives in the CRM field layer, not in a spreadsheet or a lawyer's memo. You need three primitives: source, timestamp, and channel-specific consent. When a contact enters your system—inquiry form, owner signup, past guest email—that entry must carry metadata: Where did they come from? (Airbnb inquiry, direct website form, owner referral, email list import.) When did the consent happen? (ISO timestamp, not "a while ago.") Which channels did they consent to? (Email yes, SMS no, WhatsApp pending.) Without these three fields, your CRM is a liability engine. The simplest schema: a single contact record with a "Consent Log" field (or separate consent table) that appends a new row every time consent status changes. Guest books a stay via Airbnb: log it. Guest texts "OK to SMS" after checkout: log it. Guest unsubscribes from email: log it with timestamp. This creates an audit trail. If you ever need to prove you had permission, you have a timestamped record. ## Tag architecture must survive an audit Your tags are your operating system's intent layer. They tell the automation engine who to contact, when, and why. If your tags are chaos, your follow-up is chaos. Structure tags in three tiers: source, status, and action. Source tags (the origin, immutable): airbnb_inquiry, vrbo_inquiry, direct_website, past_guest, owner_signup, referral, email_list. This tells you where the contact legally came from and what consent they may or may not have granted when they arrived. Status tags (the current state): warm_lead, booked, checked_in, checked_out, churned, unsubscribed. This tells automation which sequences to run and which to skip. An "unsubscribed" tag is a kill-switch—no outbound message should ever fire for a contact carrying it, full stop. Action tags (the next move): needs_welcome_sequence, awaiting_turnover_text, owner_needs_contract, guest_needs_review_request, cold_60_days_no_booking. These tags are triggers. When a contact gets tagged "needs_welcome_sequence," a workflow fires (if and only if that contact hasn't hit "unsubscribed"). When they complete the sequence, the tag is removed and replaced with the next-state tag. If your CRM shows a contact tagged both "unsubscribed" and "actively_messaging," you have a broken tag system. An operator should never see that state. The system should prevent it. ## Consent mapping to channel and sequence Each follow-up channel—email, SMS, WhatsApp, push notification, in-app message—has its own consent requirement. A guest who books through Airbnb has implicitly consented to email (Airbnb forces it); they have not consented to SMS or WhatsApp. You cannot assume. You must ask, and you must log the answer. When you send a check-in email (booking confirmation, pre-arrival info), you are using transactional consent—the contact agreed to be booked, which carries transactional email. You don't need a second opt-in. But when you send the post-checkout review request, that's promotional. Many operators send it anyway and wonder why they get unsubscribe complaints. The fix: build consent decision-points into your workflows. In your follow-up sequence template, ask: Does this workflow only run if the contact has transactional consent, or does it need marketing consent? Tag accordingly. If SMS is on the sequence, only let it fire if the contact's consent log shows SMS approval. Use conditional branches—not all contacts will have the same consent footprint. One concrete pattern: a guest books. Workflow sends transactional pre-arrival email (allowed). Same workflow checks the consent log for SMS. If SMS consent exists, send the check-in reminder text. If SMS consent is absent, skip the text and send a second email instead. No contact is ever contacted on a channel they didn't agree to. ## The unsubscribe mechanism must be bulletproof Every outbound email and SMS must contain an unsubscribe link or reply-to mechanism. Most operators include the link but wire it wrong—it removes the contact from one list instead of all lists, or it removes them from email but not SMS, creating a compliance gap. When a contact unsubscribes, the system must: log the unsubscribe request with timestamp, apply the "unsubscribed" tag globally (not per-list), and immediately halt all future outbound on all channels for that contact. No email, no SMS, no WhatsApp, no push. Done. If a contact unsubscribes but they have an active booking, transactional messages (pre-arrival, check-in, emergency contacts) can still go out—those are service messages, not marketing. But your system must distinguish transactional from promotional and enforce the boundaries. Most operators do not. They send a promotional follow-up to an unsubscribed contact and call it an accident. Regulators call it a violation. An operator running a system leak scorecard will immediately see this pattern: contacts tagged both "unsubscribed" and "in_active_sequence." That is a system break. ## Compliance and scale go together Operators often think compliance is a cost—a legal friction that slows growth. It is not. Clean consent and tag architecture is the operational foundation for scalable, repeatable follow-up. You cannot automate what you cannot audit. When you own a traceable consent log, tagged contact records, and channel-specific workflow branching, you can: scale your follow-up sequences without fear of unsubscribe complaints; prove to platforms (Airbnb, VRBO) that your contact practices are legitimate; rebuild your contact list after a platform ban or data loss; hand off your CRM to a team member without them becoming a compliance liability; and meet any regulatory inquiry with a full audit trail. Without it, you are one regulator email away from a shutdown. Start now by running your contact base through the System Leak Scorecard. It will show you, tag by tag, where your consent and compliance architecture is missing—and exactly what to build first.