© 2026 Commonly Well, PBC.
Last Revised: 24 MARCH 2026
These Terms of Service (“Terms”) constitute a legally binding agreement between you (“User,” “you,” or “your”) and Commonly Well, PBC, a Delaware public benefit corporation (“Commonly Well,” “CW,” “we,” “us,” or “our”). These Terms govern your access to and use of the Commonly Well platform, including our Solomon and Modus applications, the Recovery Capital Index® (RCI), all SMS/text messaging communications, surveys, analytics tools, and related services (collectively, the “Services” or “Platform”).
By accessing or using the Platform, registering for an account, or providing a mobile phone number to receive text messages from Commonly Well or its customers, you acknowledge that you have read, understood, and agree to be bound by these Terms and our Privacy Policy, which is incorporated herein by reference.
If you are using the Services on behalf of an organization (“Customer”), you represent and warrant that you have authority to bind that organization to these Terms. If you do not agree to these Terms, you must not access or use the Services.
Commonly Well is committed to advancing purpose and wellbeing for all. As a public benefit corporation, our mission guides every aspect of how we design, deploy, and govern our technology, including how we collect, use, and protect your personal information.
The following definitions apply throughout these Terms:
“CW Application” or “Platform”: A cloud-based communications and data intelligence tool that enables customers to send and receive text and email messaging, deploy the RCI and other survey instruments, and view and analyze participant-reported data.
“Customer”: Any organization, entity, or individual that directly subscribes to or purchases a license to use the Platform or the RCI through a Customer Services Agreement or Order Form.
“Participant” or “End User”: An individual who receives or interacts with surveys, messages, or other services delivered through the Platform, typically a person receiving services from a Customer organization.
“Participant Data”: Data submitted by or on behalf of Participants or service recipients, including survey responses, assessment data, and other information captured through the Platform.
“Protected Health Information” or “PHI”: Protected Health Information as defined under HIPAA, 45 C.F.R. Parts 160 and 164.
“Recovery Capital Index” or “RCI”: A proprietary, validated survey instrument that collects, quantifies, and analyzes person-reported recovery capital data, exclusively licensed to Commonly Well.
“SMS Communications Program”: Commonly Well’s text messaging program used to deliver surveys, wellness check-ins, care coordination messages, platform notifications, and support communications via SMS/MMS.
“Services”: All products, tools, features, applications, APIs, and communications provided by Commonly Well, including the Platform, RCI, Advisory Services, and SMS Communications Program.
Commonly Well designs, develops, and distributes cloud-based communications and data intelligence tools for healthcare, behavioral health, substance use disorder treatment, and community wellbeing organizations. Our primary platforms, Solomon and Modus, enable Customers to:
Send and receive SMS and email messaging with Participants
Deploy the Recovery Capital Index® and other validated survey instruments
Capture, view, and analyze participant-reported data through an embedded analytics layer
Manage care coordination, program engagement, and outcome tracking
Generate reports and insights for program improvement and grant oversight
The Recovery Capital Index® is a validated, evidence-based assessment tool developed to measure and quantify recovery capital — the internal and external resources that support a person’s recovery from substance use disorder and related challenges. The RCI is the exclusive intellectual property of Face It TOGETHER, Inc. and exclusively licensed to Commonly Well. Use of the RCI is governed by these Terms and any applicable Customer Services Agreement.
Commonly Well may provide educational, training, consulting, and data advisory services (“Advisory Services”) as described in applicable Statements of Work (“SOW”). Advisory Services are supplemental to the Platform subscription and are governed by separate SOWs.
PROGRAM NAME: Commonly Well SMS Communications Program
PROGRAM DESCRIPTION: Commonly Well and its licensed Customers use SMS/MMS to deliver recovery-support surveys (including the Recovery Capital Index®), wellness check-ins, care coordination messages, appointment reminders, program notifications, and platform support communications to enrolled Participants.
MESSAGE FREQUENCY: Message frequency varies based on your program enrollment and the services being delivered. You may receive between 1 and approximately 30 messages per month depending on your program.
MESSAGE & DATA RATES: Message and data rates may apply. Contact your wireless carrier for details.
OPT-OUT: Text STOP at any time to unsubscribe from all SMS messages. You will receive a confirmation message and no further messages will be sent.
SUPPORT: Text ASSIST for assistance, or contact us at [email protected].
By providing your mobile phone number to Commonly Well, a Customer organization, or a Participating Agency that uses the Commonly Well Platform, you expressly consent to receive text messages (SMS and MMS) from Commonly Well and/or its Customers as part of the SMS Communications Program. Consent to receive marketing text messages is not a condition of purchasing any goods or services.Consent may be provided through: (a) written enrollment forms or digital opt-in screens; (b) verbal consent documented by a Customer; (c) electronic submission of a phone number in connection with program enrollment; or (d) other means authorized by applicable law.
Depending on the program and services you are enrolled in, you may receive:
Recovery Capital Index® survey invitations and follow-up reminders
Wellness check-in messages and engagement prompts
Care coordination and program-related communications from your provider organization
Appointment reminders and scheduling notifications
Platform access and account-related notifications
Program updates, resources, and informational content related to your recovery or wellness journey
Support messages in response to your inquiries
To stop receiving text messages: Reply Text STOP to any message to unsubscribe from all SMS communications from that sender. After texting STOP, you will receive one final confirmation message, and no additional messages will be sent. You may re-enroll at any time by texting START or by contacting your program provider.Please note that opting out of SMS messages does not affect any separate email communications or other services you have enrolled in, and does not constitute withdrawal from any clinical or program services.
Text ASSIST to any message you receive for assistance. You may also contact Commonly Well directly:
Email: [email protected]
Mail: Commonly Well, PBC, 3 College Park Rd., Potsdam, NY 13676
Commonly Well’s SMS Communications Program is supported by all major U.S. wireless carriers. Carrier support is not guaranteed. Commonly Well and participating carriers are not liable for delayed or undelivered messages.
Message and data rates may apply to SMS messages sent and received. Your wireless carrier’s standard messaging and data rates will apply based on your service plan. Commonly Well does not charge separately for SMS messages; however, your carrier may charge you for sending and receiving text messages. Please contact your wireless carrier for details about your plan.
No mobile information (including phone numbers collected for the SMS Communications Program) will be shared with third parties or affiliates for marketing or promotional purposes. Information collected in connection with the SMS Communications Program will be used solely to deliver the services described in these Terms and in accordance with our Privacy Policy. Text messaging originator opt-in data and consent will not be shared with any third parties except as required to operate the messaging program (e.g., your wireless carrier and our SMS platform provider, Twilio).
The Platform and Services, including participation in the Recovery Capital Index®, are not intended for individuals under the age of 15. By using the Services or providing consent to receive them, you represent that you are at least 15 years of age. Customers and Participating Agencies are responsible for obtaining appropriate parental or guardian consent for any individuals under 18 who participate in their programs.
Customers and authorized CW Application Users will receive login credentials upon execution of a Customer Services Agreement. Each user must be identified by unique subscription access rights (login credentials). Credentials may not be shared among multiple individuals. You are responsible for maintaining the confidentiality of your credentials and for all activities that occur under your account. Please notify Commonly Well immediately of any unauthorized use of your account at [email protected].
Customers who subscribe to the Platform are responsible for:
Obtaining lawful consent from all Participants before enrolling them in any messaging or data collection program
Ensuring all Participating Agencies and Application Users comply with these Terms and applicable law
Managing their own CW Application user accounts and access
Notifying Commonly Well of any known material breaches by Participating Agencies
Compliance with all applicable federal, state, and local laws, including HIPAA, 42 C.F.R. Part 2, CANSPAM, and the TCPA
Commonly Well believes that any personal data collected must be done voluntarily. Participation in our Programs and surveys is always voluntary. Customers agree to obtain consent, either written or verbal, from all Participants before collecting any information or delivering the RCI and/or Services.
Customers subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), 45 C.F.R. Parts 160 and 164, and/or 42 C.F.R. Part 2 (governing substance use disorder records) agree to comply with all consent, use, privacy, and disclosure rules contained in those regulations with respect to any and all information collected through the Platform. Failure to comply may result in immediate suspension or revocation of access to the Services.Participants have the right to deny or revoke consent for the disclosure of their substance use disorder information at any time.
Information You Provide. We may collect your name, postal address, email address, phone number (including mobile phone number), username, password, demographic information, protected health information, survey responses, and other information you directly provide through the Platform or through Customer-facilitated enrollment.
Information Collected Automatically. We automatically collect information about your device and interactions when you access the Platform, including IP address, device type, operating system, browser type, pages viewed, access times, and usage patterns, within applicable laws.
Cookies and Tracking Technologies. We may use cookies and similar tracking technologies on our websites to maintain and improve our services. Cookies are not linked to personally identifiable information. You may disable cookies in your browser, though doing so may affect certain Platform features.
SMS Interaction Data. When you interact with our SMS Communications Program, we collect your mobile phone number, message content, delivery status, opt-in and opt-out records, and timestamps of interactions for the purpose of delivering and managing the Program.
Commonly Well uses your personal information to:
Operate, maintain, and improve the Platform and Services
Establish and verify the identity and eligibility of users and Customers
Deliver the SMS Communications Program and other messaging services you have enrolled in
Deploy and process recovery capital and wellness survey instruments
Open, maintain, administer, and service user profiles and accounts
Analyze and improve the Platform, develop new features, conduct market research, and perform data analytics
Respond to comments, questions, and support requests
Send confirmations, invoices, technical notices, updates, security alerts, and administrative messages
Communicate about upcoming programs, events, and services offered by us or our customers
Authenticate users and protect against fraudulent, unauthorized, or illegal activity
Generate de-identified, aggregated reports for grant oversight, research, and program improvement purposes
Conform to legal requirements or industry standards and comply with legal process
Fulfill our obligations under Business Associate Agreements and applicable healthcare regulations
Commonly Well may create de-identified and aggregated “Validation Data” derived from Participant Data and Input Data, encrypted and de-identified within the meaning of the HIPAA Privacy Rule. Validation Data may be used to maintain quality controls on the Platform, improve the RCI and other instruments, and may be made publicly available in compliance with applicable law.
Our default policy is to never share your personal information with any third party without your consent. We will never sell or license any personal information provided to Commonly Well. We may share your personal information only in the following limited circumstances:
With your express consent, where your use of that information will be subject to those parties’ privacy policies
With contracted technology partners and subprocessors (such as Microsoft Azure, Snowflake, and Twilio) to provide the Services, under strict data processing agreements
With Customer organizations and their authorized staff, to the extent you are a Participant in their programs and have consented to such sharing
In connection with a business transaction such as a merger, acquisition, or asset sale, subject to appropriate confidentiality obligations
To comply with applicable law, respond to lawful requests or legal process, or when required by health oversight agencies
To protect the rights, property, and safety of Commonly Well, our Customers, Participants, and the public
In an emergency, to protect the safety of any individual
SMS Communications: No mobile information collected through the SMS Communications Program will be shared with third parties or affiliates for marketing or promotional purposes. SMS opt-in data and consent will not be shared with any third party except as necessary to operate the messaging program (e.g., our SMS carrier and platform provider, Twilio, Inc.).Your information may be stored and processed within the United States. All data is stored and processed within the United States and does not leave U.S.-based infrastructure.
Commonly Well operates a cloud-native architecture using enterprise-grade, HIPAA-eligible infrastructure. We do not operate on-premises servers or data centers. Our security controls include:
Encryption at Rest: AES-256 encryption applied to all data at rest across Microsoft Azure and Snowflake environments, with keys managed through Azure Key Vault
Encryption in Transit: All data in transit is encrypted using TLS 1.2 or higher, covering all API communications, user sessions, and data transfers
Access Control: Principle of least privilege is enforced across all systems; row-level security is implemented at the database layer through Snowflake
Data Residency: All data is stored and processed within the United States
Backup & Recovery: Daily automated backups are maintained through Azure and Snowflake native backup services
Business Associate Agreements: Executed BAAs are maintained with all subprocessors that handle Protected Health Information, including Microsoft Azure, Snowflake, and Amazon Web Services
Commonly Well maintains the following compliance posture:
HIPAA Privacy Rule: Compliant. Public privacy policy published; consent-based data collection; individual rights supported.
HIPAA Security Rule: Self-assessed compliance. BAAs executed with all subprocessors handling PHI; administrative, physical, and technical safeguards documented. Formal third-party assessment planned for 2026–2027.
SOC 2 Type I: Planned Q4 2026, following Modus platform launch.
Cyber Liability Insurance: Active cyber liability insurance policy in force, providing coverage for data breach response, notification costs, and third-party liability.
Commonly Well acknowledges that its current compliance posture does not yet include independent third-party SOC 2 certification and is committed to pursuing formal certification in 2026.
In the event of a security incident affecting your personal information, Commonly Well will notify you and/or applicable Customer organizations in accordance with applicable law and any executed Business Associate Agreement, including HIPAA breach notification requirements. Commonly Well will also reimburse Customers for reasonable, documented costs incurred in connection with legally required notifications to affected individuals, government agencies, and bureaus, to the extent such costs arise directly from CW’s failure to implement or maintain the security measures described in our Security Policy.
You have the right to access, correct, or request deletion of your personal information. To exercise these rights, contact us using the contact information in Section 17. We will respond to verifiable requests within the time periods required by applicable law.
You may opt out of any future communications from us at any time:
SMS: Reply STOP to any text message
Email: Use the unsubscribe link in any marketing email or contact [email protected]
All communications: Contact us at [email protected].
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know, delete, correct, and opt out of the sale or sharing of personal information. Commonly Well does not sell personal information. To submit a request, contact us at [email protected].
If you prefer not to store cookie information on your device, you may turn off cookies in your browser settings. Note that disabling cookies may impact certain Platform features. Commonly Well currently does not respond to Do Not Track (DNT) browser signals.
Commonly Well owns all right, title, and interest in and to the Platform, all features, functionality, templates, samples, and documentation (collectively, the “CW Materials”), including all related intellectual property rights. No rights or licenses are granted to you other than those expressly stated in these Terms. Use of and access to the Services are licensed, not sold.
The Recovery Capital Index® is owned by Face It TOGETHER, Inc. and exclusively licensed to Commonly Well. All rights to the RCI not expressly granted in these Terms are reserved by Commonly Well, Face It TOGETHER, Inc., and/or applicable technology partners. If data or results from the RCI are used in derivative works (such as presentations, reports, or publications), the following attribution is required: “Source: Recovery Capital Index® and Commonly Well, PBC.”
Customers and Participating Agencies own their respective Participant Data, Input Data, and reports generated through the Platform. Commonly Well does not claim ownership of data you submit. You grant Commonly Well a limited, revocable, non-exclusive license to use, process, and display such data solely for the purpose of providing the Services and Support.
If you provide Commonly Well with comments, questions, suggestions, or other feedback relating to the Services (“Feedback”), Commonly Well may freely use such Feedback for any purpose without attribution or compensation. You have no obligation to provide Feedback.
You agree that you will not, directly or through any third party:
Modify, translate, copy, or create derivative works based on the Services without prior written consent
Reverse assemble, reverse compile, reverse engineer, decompile, or attempt to discover source code or non-public APIs
Sublicense, sell, resell, rent, lease, transfer, assign, or commercially exploit the Services
Make the Services available to unauthorized third parties
Remove or obscure any copyright, trademark, or other proprietary notices
Use the Services in any way that violates applicable federal, state, local, or international law, including CANSPAM or the TCPA
Attempt to gain unauthorized access to, interfere with, or disrupt any part of the Services
Probe, scan, or test the vulnerability of the Services or any CW system
Use the Services to store or transmit infringing, libelous, or unlawful material
Use the Services for any purpose other than those defined in these Terms
Use the Services to transmit unsolicited commercial messages or spam
Commonly Well represents and warrants that: (a) it will comply with all applicable federal, state, and local laws and regulations in connection with providing the Services; (b) the Services will substantially comply in all material respects with the platform documentation; (c) it will provide support services in a professional and workmanlike manner; (d) it has used commercially reasonable efforts to ensure the software underlying the Services contains no malicious code; and (e) it uses commercially reasonable efforts to prevent the introduction of malicious code.
EXCEPT AS EXPRESSLY SET FORTH IN SECTION 13.1, COMMONLY WELL PROVIDES THE SERVICES ON AN “AS IS” AND “AS AVAILABLE” BASIS. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, COMMONLY WELL MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR NON-INFRINGEMENT. COMMONLY WELL MAKES NO WARRANTY AS TO THE ACCURACY, COMPLETENESS, CURRENCY, LEGALITY, USEFULNESS, OR RELIABILITY OF ANY DATA OR RESULTS AVAILABLE THROUGH THE SERVICES, OR THAT THE SERVICES WILL BE UNINTERRUPTED, TIMELY, COMPLETE, OR ERROR-FREE.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, COMMONLY WELL AND ITS LICENSORS, SUPPLIERS, AND PARTNERS SHALL NOT BE LIABLE TO YOU FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, DATA, BUSINESS, OR GOODWILL, ARISING FROM OR IN CONNECTION WITH THESE TERMS OR YOUR USE OF THE SERVICES, REGARDLESS OF THE THEORY OF LIABILITY AND EVEN IF COMMONLY WELL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.In no event will Commonly Well’s licensors, suppliers, or partners have any liability to you for any damages arising from or related to these Terms. Nothing in this section limits Commonly Well’s liability for damages arising from its own gross negligence, willful misconduct, or breach of its HIPAA obligations.
You agree to defend, indemnify, and hold harmless Commonly Well and its officers, directors, employees, contractors, licensors, and agents from and against any claims, damages, obligations, losses, liabilities, costs, or debt arising from: (a) your use of and access to the Services; (b) your violation of any term of these Terms; (c) your violation of any applicable law or the rights of a third party, including any privacy rights; or (d) any data you submit to the Platform. This defense and indemnification obligation will survive these Terms and your use of the Services.
These Terms shall be governed and interpreted according to the laws of the State of Delaware, without giving effect to any provisions thereof that would require the application of the law of a different state.Any dispute arising from or relating to these Terms that cannot be resolved by informal negotiation shall be submitted to non-binding mediation in the State of Delaware. Within 20 days after either party refers a dispute to mediation, the parties shall agree upon an impartial mediator experienced in commercial transactions, and upon a procedure and schedule for (a) exchange of information related to the dispute, and (b) conducting the mediation. All conduct and statements made in the course of mediation are confidential, privileged, and inadmissible for any purpose in any other proceeding between the parties, unless such evidence is otherwise admissible or discoverable.If mediation fails or if either party so chooses, a proceeding may be brought solely and exclusively in the appropriate state or federal court located in the State of Delaware. Each party consents to the jurisdiction of such courts and waives any objection to jurisdiction or venue.
Commonly Well reserves the right to modify these Terms at any time. Material changes will be communicated to Customers via email or in-platform notification with at least 30 days’ prior notice. Changes to the SMS Communications Program disclosures required by applicable law may be made with shorter notice as required. Your continued use of the Services after any modification constitutes your acceptance of the revised Terms. If you do not agree to a modification, you may discontinue your use of the Services.All updates to these Terms will be reflected on this page with a revised “Last Revised” date.
These Terms, together with the Privacy Policy and any applicable Customer Services Agreement, Order Form, BAA, or SOW, constitute the entire agreement between you and Commonly Well with respect to the Services and supersede all prior agreements and understandings.
If any provision of these Terms is found to be invalid or unenforceable by a court of competent jurisdiction, the remaining provisions will remain in full force and effect.
No waiver of any term of these Terms shall be deemed a further or continuing waiver of such term or any other term. Commonly Well’s failure to enforce any right or provision shall not constitute a waiver of such right or provision.
You may not assign or transfer your rights or obligations under these Terms without Commonly Well’s prior written consent. Commonly Well may assign these Terms in connection with a merger, acquisition, or sale of assets.
Nothing in these Terms creates any agency, employment, partnership, or joint venture relationship between you and Commonly Well.
For any questions about these Terms, our Privacy Policy, data practices, or your rights, or to submit a data subject request, please contact us:
Commonly Well, PBC
Postal Address: 3 College Park Rd., Potsdam, NY 13676
Email: [email protected]
Phone: (218) 779-8546
Website: commonlywell.com
Privacy Policy: commonlywell.com/privacy-policy/
Security Policy: commonlywell.com/security-policy/
Privacy & Security Officer: David Whitesock, CEO & Founder, [email protected]