SMS Terms & Consent

0. The two SMS channels at a glance

Why two channels? Clinic OS Pro operates as a technical aggregator under an ISV (Independent Software Vendor) model: A-Caliber Inc. holds the Telnyx account and pays the carrier, but each subscribing clinic registers its own dedicated toll-free number under its own EIN. Carrier reputation, TCPA liability, and patient relationships all attach to the clinic, not to A-Caliber. This is the same architectural pattern used by Twilio + Stripe + Vercel.

1. Platform → Account Holder SMS (A-Caliber Inc.)

SMS messages from +1 (833) 819-3733 are sent by A-Caliber Inc. (an Ontario corporation operating as “Clinic OS Pro”, BIN 1001580753). They originate from a US toll-free number that has completed Toll-Free Verification (TFV) with our carrier partner Telnyx LLC. (TFV is the standard A2P compliance framework for messaging from US toll-free numbers; we do not use 10DLC, which only applies to standard 10-digit long codes.)

This number is used only for direct platform-to-account-holder communications. We do not send marketing or promotional broadcasts from this number. We do not send SMS on behalf of clinics to their patients — those messages come from each clinic’s own separately-verified toll-free number (see section 2).

1.1 How account holders opt in

We will only send platform SMS to a phone number if the recipient explicitly opted in through one of these flows:

• Implementation Call booking at clinicospro.com/book — the phone field is optional, and a separate unchecked-by-default checkbox captures explicit consent for a 1-hour-before reminder SMS. The booking is confirmed by email regardless of whether the SMS box is checked.
• Direct two-party reply — if you text our toll-free number first, we may reply on the same thread. Reply STOP to end further messages.

Each booking-form consent event is logged with a timestamp and IP address. Consent is not a condition of receiving any service — you can book a call without a phone number, create an account, and use every Clinic OS Pro feature without opting in to SMS. Two-factor authentication on the platform uses a TOTP / authenticator app; no SMS code is involved.

1.2 Sample message

2. Clinic → Patient SMS (per-clinic)

Clinic OS Pro does not send SMS to patients on behalf of a clinic. Instead, individual physical therapy clinics (our customers) use the Clinic OS Pro platform as a technical tool to send SMS messages to their own patients. Each clinic is the legal sender of those messages and is responsible for collecting and maintaining valid patient consent before any SMS is sent.

2.1 The five documented consent paths

Patients opt in through one of five paths. Each is recorded in the patient’s database record at the moment of consent with a timestamp, method, and a snapshot of the exact language they agreed to. Once recorded, consent fields are protected at the database layer from accidental modification.

1. WEB_INTAKE — the patient completes the clinic’s public intake form at clinicospro.com/c/<clinic-slug>/intake (which proxies to app.clinicospro.com/c/<clinic-slug>/intake), ticks an unchecked-by-default SMS consent checkbox, and submits. The patient’s IP address is also logged for audit. This is the strongest form of consent and is the URL submitted to mobile carriers during each clinic’s TFN verification.
2. BULK_IMPORT_TPO — when a clinic imports an existing patient list from its EMR, the clinic owner ticks an attestation that all imported patients are existing patients of the practice who provided their phone numbers for healthcare-related communications. This relies on the TCPA Treatment, Payment, and Operations (TPO) exception. The clinic owner is recorded as the attester for legal traceability.
3. MANUAL_FRONT_DESK — when clinic staff add a new patient one-by-one in the system (e.g. a walk-in), they confirm consent has been obtained (paper form, signed tablet, or verbal). The staff member is recorded as the attester.
4. PHONE_VERBAL — an existing patient calls the clinic and verbally agrees to SMS communications during the call. Front-desk staff record the verbal consent in the patient’s record, with their own user ID as the attester.
5. LEGACY_SEED — patients already in a clinic’s database before the consent infrastructure went live (May 3, 2026) are flagged with this method during a one-time backfill. Clinics are encouraged to re-collect explicit consent at the next patient touchpoint.

2.2 Canonical patient-facing consent paragraph

The exact paragraph displayed to patients on the public web intake page (path 1 above) is:

“I consent to receive text messages from [Clinic Name], including appointment reminders, treatment-related updates, recall and reactivation messages, and occasional clinic communications. Frequency varies. Msg & data rates may apply. Reply STOP to opt out, HELP for help. Consent is not required for treatment or services.”

[Clinic Name] is replaced at render time with the actual name of the clinic operating that intake page (e.g. “Peak Performance PT”). The text the patient agreed to is captured and locked in the database at the moment of consent and is never modified afterwards.

The bulk-import attestation (path 2) uses an equivalent paragraph confirming TPO consent. Manual front-desk and phone-verbal consent (paths 3 and 4) record the language presented to or agreed by the patient at the time of capture.

2.3 Technical enforcement

At the platform layer, the Clinic OS Pro messaging engine refuses to send any SMS to a patient whose consent record (smsConsentAt) is null. This applies whether the consent was never collected, never recorded, or was withdrawn (Reply STOP). For transactional reminder messages, if no SMS consent is on file but the patient has an email address, the system silently falls back to email. For marketing or reactivation messages, no SMS is ever sent without explicit consent on file. This enforcement runs on every send attempt and is logged.

2.4 What patients receive

Once opted in, patients may receive the following message types from their clinic. Frequency varies by clinic policy and patient engagement.

• Appointment reminders (transactional) — 1-3 days before a scheduled visit, day-of, and confirmation requests
• Missed-visit follow-ups — reminders within an hour of a missed appointment, plus rescheduling prompts (up to 4 over 5 days)
• Plan-of-care reminders — check-ins when patients fall behind on their treatment schedule
• Wellness and reactivation — seasonal check-ins for past patients (up to 2 per quarter)
• New patient welcome — welcome messages after a first evaluation

2.5 Sample patient messages

3. Opt-out (STOP) and help (HELP) — both channels

Reply with any of the following keywords to immediately stop all further SMS to your number on whichever channel you received the message:

• STOP
• STOPALL
• UNSUBSCRIBE
• CANCEL
• END
• QUIT

Once any of these keywords is received, the recipient is flagged as opted-out in real time and no further SMS will be sent to that number unless they affirmatively opt in again later. Carrier-level filtering is also enforced by Telnyx LLC.

Reply HELP or INFO to receive a standard response with contact information and opt-out instructions. For the platform channel, the response includes the A-Caliber Inc. support email. For the patient channel, it includes the clinic’s name and contact info.

4. Message and data rates (both channels)

Msg & data rates may apply. SMS is transmitted over standard carrier networks (AT&T, T-Mobile, Verizon, Rogers, Bell, Telus, etc.). Recipients are responsible for any charges their wireless carrier may apply to incoming or outgoing text messages. Neither A-Caliber Inc. nor participating clinics charge recipients for receiving SMS.

5. Carriers and supported numbers

SMS is available to mobile numbers on major North American carriers in the United States and Canada. Some pre-paid plans, VoIP numbers, or landlines may not support text messaging. We do not retry undeliverable messages indefinitely.

6. Privacy of SMS data

Phone numbers, opt-in records, message content, and delivery status are handled under our Privacy Policy (see Section 12 “SMS Consent Records” for the per-patient fields stored for the patient channel). SMS is transmitted via Telnyx LLC. We do not sell, rent, or share phone numbers with third-party marketers. SMS is not end-to-end encrypted; clinics are advised to avoid sending sensitive clinical detail via SMS and to use secure portals for anything beyond appointment logistics.

7. HIPAA considerations (patient channel only)

Clinic OS Pro is designed as a HIPAA-aware platform for healthcare providers. Clinics (covered entities) are responsible for obtaining appropriate patient authorization before sending any Protected Health Information (PHI) via SMS. By default, Clinic OS Pro patient SMS templates avoid clinical detail and financial amounts — messages typically contain only the patient’s first name, clinic name, and general appointment context. Clinics may add additional details, in which case they are responsible for ensuring patient consent covers those disclosures. Our Business Associate Agreement governs our role as a business associate when PHI is involved.

8. Changes to this page

We may update these SMS terms to reflect changes in law, carrier requirements (e.g. Toll-Free Verification rules), or our messaging practices. Material changes will be reflected here with an updated “Last updated” date. By continuing to receive SMS after an update, recipients confirm ongoing consent.

9. Contact

Questions about SMS, consent, or opt-out:

• Platform channel: support@clinicospro.com
• Patient channel: contact the clinic that sent the message directly — their contact information is included in every SMS they send.
• Privacy: clinicospro.com/privacy
• Terms: clinicospro.com/terms
• Business Associate Agreement: clinicospro.com/baa

Sender of record (platform channel): A-Caliber Inc. operating as Clinic OS Pro. Ontario corporation #2809321, BN 787192947RC0001, BIN 1001580753. Windsor, Ontario, Canada.