If you display customer testimonials on your SaaS website, FTC guidelines apply to you.
Not just to enterprise companies. Not just to companies with paid endorsements. To everyone who uses customer quotes to sell a product. The FTC Endorsement Guides are federal regulations, and they apply regardless of your company size, your revenue, or whether money changed hands.
Most founders do not know this. Or they assume the rules only apply to influencer marketing — to paid Instagram posts and sponsored YouTube videos. They do not. If you are putting someone else's words on your website to persuade a visitor to buy your product, you are publishing an endorsement. And there are rules about how you do that.
Here is what actually matters for SaaS.
This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for questions specific to your business.
What the FTC Endorsement Guides Actually Say
The FTC's Endorsement Guides were originally published in 1980, revised in 2009, and significantly updated in 2023. The 2023 revision is the one that matters most because it explicitly addresses social media, paid partnerships, and employee endorsements — areas that barely existed when the original rules were written.
Here is the plain-language version of what the guidelines require:
Testimonials must reflect genuine experiences of real customers. You cannot fabricate quotes, invent customer personas, or attribute real quotes to fake people. The person in the testimonial must be a real customer who actually used your product.
You cannot use fake testimonials or fabricated quotes. This includes writing a quote yourself and asking a customer to approve it. The endorser's views must be their own. The FTC draws a line between asking someone for a testimonial and writing one for them to rubber-stamp. The first is fine. The second is not.
If a testimonial makes an atypical claim, you must either disclose that results are not typical or have substantiation that the results are in fact typical. This is the rule that catches the most SaaS founders off guard, and we will dig into it below.
Material connections must be disclosed. If there is any relationship between you and the person giving the testimonial that might affect the credibility a consumer gives to that endorsement, it must be disclosed clearly and conspicuously.
The 2023 update explicitly covers social media. Retweets, reposts, and shares of customer content can all constitute endorsements. If you embed a tweet on your website to sell your product, you are using it as an endorsement. The format does not change the obligation.
What "Material Connection" Means for SaaS
This is where founders get confused. A material connection is any relationship between the endorser and the company that a reasonable consumer would want to know about when evaluating the testimonial.
Here is a practical breakdown:
- You gave them a free account — disclose
- You gave them a discount or credit in exchange for a review — disclose
- They are an affiliate who earns commissions when people sign up through their link — disclose
- They are a friend or family member — disclose
- They are your employee — disclose
- They are a paying customer who voluntarily tweeted about your product — no disclosure needed
That last point is critical. When a paying customer writes an unprompted, organic tweet about your product — no free account, no discount, no affiliate deal — there is no material connection to disclose. They paid for the product, they used it, they said something publicly. That is the cleanest form of social proof available. It is also why organic X testimonials are the gold standard from a compliance perspective.
The disclosure itself needs to be clear. Burying "#ad" at the end of thirty hashtags does not count. On your website, if you are displaying a testimonial from someone who received your product for free, the disclosure should be visible right next to the testimonial — not hidden in a footer or behind a tooltip.
The "Typical Results" Problem
This is the rule that creates the most practical difficulty for SaaS founders.
If a customer says "I doubled my revenue using this tool" — can you put that on your landing page?
Only if you can demonstrate that result is typical of what customers generally experience, or you clearly disclose that it is not.
Before the 2023 update, companies could get away with small-print disclaimers like "Results not typical" or "Individual results may vary." The revised guidelines tightened this significantly. A vague disclaimer buried in fine print is no longer considered adequate. If you display a testimonial with an extraordinary claim, the FTC expects either substantiation that the claim reflects typical outcomes or a clear, prominent disclosure of what results consumers can generally expect.
The practical solution for SaaS founders is straightforward: feature testimonials about specific experiences rather than extraordinary outcomes.
Consider the difference:
- Lower risk: "This tool saved me hours every week on customer outreach."
- Higher risk: "I made $50,000 in my first month after switching to this tool."
The first describes a personal experience. The second makes a specific financial claim that implies a typical result. The first is safe to use without qualification. The second requires either evidence that $50K months are typical for your customers (unlikely) or a prominent disclosure explaining what results are actually typical.
This is one of the reasons why tweet-based testimonials tend to work well from a compliance standpoint. When a customer tweets "just switched to X, the onboarding was incredibly smooth" — that is a subjective experience statement, not an atypical results claim. It is both credible and low-risk. For a deeper look at collecting this type of feedback, see the guide on how to ask for a testimonial.
How the FTC Applies to Different Testimonial Formats
The format you use to display testimonials does not change whether the FTC rules apply. But it does change your risk profile.
Manual quote cards on your website. FTC rules apply — you are the publisher. You chose the quote, you formatted it, you placed it on your page. If the quote is fabricated, edited to change its meaning, or from someone with an undisclosed material connection, you are liable.
Embedded tweets (via X's native tools or LaunchWall). FTC rules still apply — you chose to display them. But organic, unsolicited tweets from paying customers are the safest format. They are publicly verifiable, unedited, timestamped, and attributed to real accounts. When embedded via LaunchWall, the link to the original post is preserved, which means anyone — including the FTC — can verify the testimonial is real and unaltered.
Video testimonials. Same rules. If the person was compensated, the disclosure must appear within the video itself, not just in the video description or caption. A verbal disclosure at the beginning of the video is the standard practice. See how to get video testimonials for production guidance.
Review platform badges (G2, Product Hunt, Capterra). These platforms handle their own compliance around how reviews are collected and displayed. Your risk is lower when linking to or displaying badges from established review platforms. But if you cherry-pick individual reviews and display them as quotes on your site, the standard rules apply.
Screenshots. FTC rules apply, and you have the additional problem of unverifiability. A screenshot cannot be clicked through to the original source. A visitor — or a regulator — has no way to confirm the screenshot is real, unedited, and current. This makes screenshots the riskiest format from both a compliance and a conversion perspective. See why screenshot testimonials do not convert for the full breakdown.
Practical Compliance Checklist for SaaS Founders
This is not exhaustive, but it covers the baseline that every SaaS company displaying testimonials should meet:
- All testimonials are from real customers. No fakes, no fabrications, no composite personas.
- No testimonials have been edited to change their meaning. You can fix typos or trim for length, but you cannot alter the substance of what someone said.
- Material connections are disclosed clearly. If the person received anything of value — free product, discount, payment, affiliate commissions — say so next to the testimonial.
- Extraordinary claims are substantiated or clearly flagged as non-typical. If a testimonial makes a specific results claim, you either have data showing that result is typical or you disclose that it is not.
- Testimonials are reasonably current. An endorsement from someone who used your product two years ago — before a major pivot or feature overhaul — can be misleading even if it was genuine at the time.
- You have a system for removing testimonials if a customer requests it. This is not strictly an FTC requirement, but it is a best practice that protects you from displaying outdated or retracted endorsements.
If you are collecting testimonials at scale, build compliance checks into your collection workflow rather than trying to audit after the fact.
Why Organic X Testimonials Are the Safest Format
Most SaaS testimonial formats require you to take someone's word for it. A quote card on your website says "Sarah from Acme Corp loves our product" — but there is no way for a visitor or a regulator to verify that Sarah exists, that she works at Acme, or that she actually said those words.
Organic tweets from paying customers eliminate nearly every compliance risk:
They are publicly verifiable. The tweet exists on X. Anyone can click through and confirm it is real. The FTC's job of verifying authenticity is done for them.
They are unedited. The customer wrote the words. You did not draft them, suggest them, or alter them. The endorser's views are genuinely their own.
They are unsolicited. When you capture praise from genuine replies to your posts, there is no material connection to disclose. The customer was not compensated, gifted, or incentivized.
They are timestamped. Freshness is visible. A tweet from last week carries more weight than a quote card with no date. And if the testimonial becomes outdated, the timestamp makes that apparent rather than hidden.
The original context is preserved. When embedded properly — rather than screenshotted — the full context of the post is available. The person's profile, their other posts, the thread they were replying to. This is exactly the kind of transparency the FTC guidelines are designed to encourage.
This is the core reason why tools that embed live tweets are a better compliance strategy than tools that create styled quote cards from manually entered text. The verifiability is built into the format. You can read more about the legal considerations of using tweets as testimonials in the guide on using tweets as testimonials.
Frequently Asked Questions
Do FTC testimonial rules apply to small SaaS companies?
Yes. The FTC Endorsement Guides apply to all businesses regardless of size. A solo founder with a $29/month SaaS product is subject to the same rules as a publicly traded enterprise company. The FTC has historically focused enforcement on larger companies and egregious violations, but the legal obligation is the same. And with the 2023 update, the FTC explicitly expanded its scope to cover social proof on SaaS landing pages and social media endorsements of all scales.
Can I use customer tweets without disclosure?
If the customer is a paying user who posted the tweet voluntarily — no free product, no discount, no affiliate relationship — then no disclosure is needed. There is no material connection to disclose. This is one of the primary compliance advantages of using organic tweets as testimonials. However, if you incentivized the tweet in any way (free months, discounts, swag), you must disclose that.
What happens if I violate FTC testimonial guidelines?
The FTC can issue warning letters, require corrective action, or pursue civil penalties. The penalty for violating the Endorsement Guides after the 2023 update can reach up to $50,120 per violation. In practice, most small companies receive warnings before facing penalties — but the FTC has been increasing enforcement activity, particularly around fake reviews and undisclosed paid endorsements.
Do I need a disclaimer on my testimonials section?
A blanket disclaimer like "Results may vary" is not a substitute for per-testimonial compliance. If a specific testimonial makes an atypical claim, that specific testimonial needs a disclosure. A general disclaimer on the page does not satisfy the requirement. That said, having a general note that testimonials represent individual experiences is a reasonable addition — it just does not replace the need for specific disclosures where required.
Are embedded tweets subject to FTC rules?
Yes. Embedding a tweet on your website to promote your product makes it an endorsement under FTC guidelines. The format does not change the obligation. However, embedded tweets from organic, unpaid customers are the lowest-risk format because they are verifiable, unedited, and typically do not involve a material connection.
The Bottom Line
FTC testimonial compliance is not complicated. The core principle is simple: do not mislead people. Use real quotes from real customers. Disclose relationships that matter. Do not imply that extraordinary results are typical.
The easiest way to stay compliant is to build your social proof around testimonials that are inherently transparent — real tweets from real customers, embedded in a format that preserves the original context and makes verification trivial.
That is not just a compliance strategy. It is a conversion strategy. The same properties that make organic tweets safe from a regulatory perspective — verifiability, authenticity, freshness — are the same properties that make them persuasive to visitors.
Display verifiable, organic testimonials from real customers →