CM.com

What Is CM.com?

No European business should route customer messaging through a San Francisco API company. That statement is contentious — but CM.com's 27-year existence is built around making it unnecessary.

Founded in Breda, Netherlands in 1999, CM.com (CMCOM on Euronext Amsterdam) has grown from an SMS gateway into a full conversational commerce platform processing €274 million in annual revenue. The company is publicly traded, independently governed, and subject to Dutch and EU regulatory oversight. When US-headquartered messaging platforms cite GDPR compliance, they are describing a legal obligation they manage from outside the EU. CM.com is subject to that framework as a Dutch entity — the distinction is structural, not marketing.

The platform covers SMS, WhatsApp Business (as an official Meta Business Solution Provider), RCS, Apple Messages for Business, Facebook Messenger, Viber, and voice — all through a single Business Messaging API. Beyond messaging, CM.com offers in-conversation payment processing, a no-code chatbot builder, mobile ticketing, and identity verification (OTP, eID). This breadth is CM.com's primary competitive argument: one vendor, one contract, one compliance relationship, across every customer communication channel.

The company serves enterprises across retail, hospitality, transport, and financial services. With 675 employees and direct operator connections across European mobile networks, CM.com operates at a scale that justifies its positioning against Twilio in the European market.

Key Features

Omnichannel Business Messaging API

CM.com's Business Messaging API is the foundation of the platform. A single integration point connects to SMS, WhatsApp, RCS, Apple Messages for Business, Instagram Direct, Facebook Messenger, Viber, and Telegram. Channel routing logic can be defined at the API level: attempt WhatsApp first, fall back to SMS if the number is not WhatsApp-registered, for example.

For enterprises managing communication across multiple channels and regions, this consolidation reduces vendor relationships, API integrations, and billing relationships to one. The alternative — separate Twilio integrations for SMS, a WhatsApp BSP for Business Messaging, and a voice provider — generates three contracts, three compliance reviews, and three integration maintenance burdens.

Conversational Commerce and Embedded Payments

CM.com's most strategically differentiated feature is in-conversation payment processing. Customers can receive a WhatsApp or SMS message containing a payment link — or, on supported channels, a full payment interface — and complete a purchase without leaving the messaging thread.

Supported payment methods include iDEAL (Netherlands), credit and debit cards, PayPal, Apple Pay, and Google Pay. For European e-commerce and ticketing use cases, this creates a checkout experience inside the channel customers already trust for communication. The payment infrastructure is PCI-DSS certified, which matters for organisations that have already completed their own PCI compliance processes and need their payment partners to match.

Conversational AI and Chatbot Builder

The Conversational AI Cloud provides a no-code chatbot builder with natural language understanding in multiple languages, sentiment analysis, and handover-to-agent workflows. Chatbots can be deployed across any connected messaging channel simultaneously. Conversation history is maintained across sessions and channels, meaning a customer who starts a conversation on WhatsApp and continues via SMS retains context.

The NLU capabilities are competitive for standard customer service workflows — FAQ deflection, order status lookup, appointment booking. Organisations with complex routing requirements or sophisticated dialogue management needs may find the platform's AI less flexible than specialist conversational AI providers.

Direct Operator Connections

CM.com's SMS infrastructure includes direct connections to European mobile network operators, bypassing aggregator layers that can introduce latency and delivery uncertainty. For time-sensitive messaging — OTP codes, appointment reminders, fraud alerts — direct routing improves reliability.

The company publishes per-country SMS pricing with one rate per country across all operators, with no additional fees — a deliberate contrast to variable-rate pricing models that make cost forecasting difficult.

Mobile Marketing Cloud

The Mobile Marketing Cloud provides campaign management, audience segmentation, and omnichannel journey orchestration for marketing teams. Campaigns can combine SMS, WhatsApp, email, and push notifications in a single workflow. Segmentation works on first-party data — purchase history, engagement history, custom attributes — without relying on third-party cookie data.

Pricing

CM.com's pricing structure is volume-based and custom for most meaningful deployments. The Go and Basic tiers offer pay-as-you-go access to core messaging APIs — suitable for testing and low-volume integrations. Advanced and Enterprise tiers involve negotiated volume commitments with account management, SLAs, and dedicated support.

SMS pricing is published per country as a single rate regardless of operator, which provides cost predictability. WhatsApp Business pricing follows Meta's conversation-based model, with CM.com adding its platform margin on top of Meta's published rates.

The absence of a transparent per-unit price list for WhatsApp and higher-tier features is a genuine friction point. Organisations evaluating CM.com against Twilio cannot do a direct line-item comparison without engaging sales. This is common across enterprise messaging providers but worth noting for procurement teams with strict vendor evaluation processes.

There is no free tier. All production usage requires either a pay-as-you-go account or a negotiated contract.

EU Compliance & Privacy

CM.com's compliance posture is one of the strongest in the European messaging market. The company holds ISO 27001 certification for information security management and PCI-DSS certification for payment processing. GDPR compliance is structural — as a Dutch company processing data in EU infrastructure, regulatory accountability is default rather than contractual.

As an official Meta Business Solution Provider, CM.com handles WhatsApp Business API access under Meta's BSP programme, which includes its own compliance requirements for data handling within WhatsApp conversations.

Data Processing Agreements are available for enterprise customers. For organisations in regulated industries — financial services, healthcare, public sector — the combination of ISO 27001, PCI-DSS, and EU-native data processing satisfies most compliance procurement requirements without additional vendor questionnaires.

The company's public company status (Euronext Amsterdam) provides an additional governance layer: audited financials, public disclosures, and independent board oversight. This is not a compliance certification but a meaningful indicator of operational transparency.

Who It's Best For

European enterprises running multi-channel customer communication who need a single vendor across SMS, WhatsApp, and voice. The consolidation value is most pronounced at volumes where managing multiple messaging vendor relationships creates real overhead.

E-commerce and ticketing operators who want to offer in-conversation payment experiences. The combination of messaging API and PCI-DSS certified payment processing in one platform removes a significant integration dependency.

GDPR-sensitive organisations that cannot use US-headquartered messaging providers without extensive legal review. CM.com's EU-native status removes the data transfer complexity that accompanies Twilio or Vonage for EU customer data.

Financial services and regulated industries where ISO 27001 and PCI-DSS certification are procurement requirements, not nice-to-haves.

CM.com is less suited for small businesses with simple SMS needs (pricing is optimised for volume), developer teams who prioritise API documentation depth over channel breadth, or organisations that need specialist conversational AI capabilities beyond standard customer service workflows.

The Verdict

CM.com is what a European alternative to Twilio looks like when it has had 27 years to develop. The platform's breadth — from direct-operator SMS to in-conversation payment processing — is genuinely impressive and largely unique in the EU market. The compliance credentials are real: ISO 27001, PCI-DSS, Dutch regulatory jurisdiction, and public company accountability combine into a posture that satisfies enterprise procurement teams.

The trade-offs are real too. Developer experience trails Twilio's API-first ecosystem. Pricing transparency is limited. Platform complexity makes initial onboarding harder than it should be. For EU enterprises that need a single vendor across all messaging channels with genuine compliance accountability, CM.com is the strongest European option available.

Frequently Asked Questions

Is CM.com GDPR compliant?

Yes. CM.com is headquartered in Breda, Netherlands, and processes customer data within EU infrastructure. The company holds ISO 27001 certification and provides Data Processing Agreements for enterprise customers. As a Dutch entity, GDPR compliance is a regulatory obligation rather than a contractual commitment.

How does CM.com compare to Twilio?

Twilio has stronger API documentation, wider third-party SDK support, and a larger developer community. CM.com's advantages are EU-native data processing, direct European operator connections, native payment integration, and a compliance posture built for regulated European industries. For EU enterprises with GDPR requirements, CM.com removes legal complexity that Twilio generates.

What messaging channels does CM.com support?

CM.com's Business Messaging API supports SMS, WhatsApp Business, RCS, Apple Messages for Business, Facebook Messenger, Instagram, Viber, Telegram, and voice. All channels are managed through a single API and unified inbox.

Does CM.com support in-conversation payments?

Yes. CM.com enables payment completion within WhatsApp, SMS, and other messaging channels. Supported methods include iDEAL, credit and debit cards, PayPal, Apple Pay, and Google Pay. The payment infrastructure is PCI-DSS certified.

Is CM.com suitable for small businesses?

CM.com targets mid-market and enterprise customers. Pay-as-you-go access is available for lower volumes, but the platform's full value — omnichannel messaging, conversational AI, embedded payments — is most cost-effective at enterprise scale. Small businesses with basic SMS needs will find simpler, cheaper alternatives.