Refer friends and earn rewards! The Weave customer referral program awards you gift cards for every business you refer that completes a product demo or signs up for Weave.

How It Works

1. Sign up by creating an account at refer.getweave.com/register
2. Verify your account in the confirmation email
3. Refer a business using your unique code by copying the referral link or code on the dashboard and pasting it in a text or on social media

   Note: You can also use the buttons at the bottom of the dashboard to open a pre-written email with your referral link in your default email, draft a tweet, or share on Facebook.

4. Earn a $25 gift card when your referral completes a demo and a $500 gift card when they become a Weave customer
5. Track your referrals and rewards through the online dashboard. 

FAQs

Who can I refer to Weave?

Weave works with all local service businesses including dentists, optometrists, veterinarians, auto shop owners, attorneys, CPAs, physical therapists, insurance agents, and more.

When do I get the gift card?

You will receive the first $25 gift card via email as soon as the business you referred completes a demo of Weave services. The $500 referral bonus gift card will also be delivered via email, but only after the referred business signs up for Weave, is fully onboarded to Weave, and is a customer in good standing for 90 days.

How does Weave deliver the gift card?

Weave will send you a code via email to redeem your gift card. Gift card redemption codes must be redeemed within 90 days of receipt but the gift cards do not expire once the code is redeemed.

Do I have to be a Weave customer to participate? 

Yes, you must be a current Weave customer in order to receive the referral bonus.

Will the money be taxed?

Weave asks that you fill out a W-9 form prior to receiving your $500 reward to ensure that Weave is meeting all applicable tax requirements. You can find that form HERE. Before you are eligible to receive your $500 reward, we ask that you return the aforementioned form to tax@getweave.com for processing. You are only required to report on these rewards if you receive more than $600 in incentives from Weave throughout the calendar year.

What if I refer someone who is already in the process of learning about Weave but is not yet a customer?

This program is for new referrals only. Businesses that have received a demo within 30 days will not qualify as a referral under the Weave Referral Program.

Can I refer another location that I own, or that is owned by an existing Weave customer?
This program is only for new referrals. Locations that share the same beneficial ownership as an existing Weave customer do not qualify as a referral under the Weave Referral Program.

Can I post my link on social media?
Of course, we would love for you to share your link in any way that you feel most effective.

Where can I see how many people I’ve referred?

Once you create an account at https://refer.getweave.com/, you will be able to log in, and track your referrals, as well as your rewards resulting from qualified referrals.

How will Weave engage with someone I refer?

After receiving a demo request, a Weave representative will reach out to the referred business to schedule a demo of Weave services and answer any questions or concerns that they may have.

Terms and Conditions

To qualify for this promotion:

• Referrals must be submitted via a referral link or with a referral code unique to the referring business
• Both the referred and referring businesses must be located in the United States.
• Participants must be 18 years or older.
• The referred business may not be a current or former Weave subscriber or be engaged in the sales process at the time of the referral.
• The referred business may not share beneficial ownership with any current Weave subscriber.
• The referred business must not have received a demonstration of Weave products and services within thirty (30) days of the sign-up submission date.
• The referred business must execute an agreement with Weave for the Weave products and services within ninety (90) days of the referral submission date.

Offer may not be combined with any other offers. This promotion is not available to any Weave partners with an active partnership agreement with Weave. The recipient is responsible for all taxes and fees associated with the receipt and/or use of the Mastercard E-Gift Card as well as reporting the receipt of the Mastercard E-Gift Card as required under applicable federal and state laws. Weave is not responsible for and will not replace Mastercard E-Gift Card if Mastercard E-Gift Card is lost or damaged, is not used within any applicable timeframe, or is misused by the recipient. This offer is sponsored by Weave Communications, Inc. and is in no way sponsored, endorsed or administered by, or associated with Mastercard, Inc. The Mastercard E-Gift Card will be sent via email within thirty (30) days of the referred business’ ninetieth (90) day of active Weave service, provided that the referred business is fully onboarded to Weave products and services and the referred business’ Weave account is in good standing and provided that the referrer has completed a W-9 tax form, available for download at https://www.irs.gov/pub/irs-pdf/fw9.pdf, and returned the form to tax@getweave.com for processing. For information about Weave Communications’ terms of service and policies, go to www.getweave.com/legal.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that seeks to improve the efficiency and effectiveness of the healthcare care system, while also establishing national standards for privacy and security protections for health information. The following information regarding HIPAA is not legal advice and is provided for information purposes only. Weave encourages you to seek legal advice from an attorney to obtain specific guidance-related compliance with HIPAA and the requirements applicable to your business.

HIPAA includes three primary rules:

• The Privacy Rule establishes standards for the protection of certain protected health information (PHI).
• The Security Rule establishes security standards for protecting the confidentiality, integrity, and availability of PHI held or transmitted in electronic form, otherwise known as electronic protected health information (ePHI). 
• The Breach Notification Rule establishes standards for notification following a breach of unsecured PHI.

HIPAA generally applies to health plans, healthcare clearinghouses, and to most healthcare providers. These are referred to as “covered entities.” Additionally, persons or entities (like Weave) who perform functions or activities on behalf of a covered entity that involve access to PHI may also be considered “business associates” subject to certain HIPAA standards. 

You can learn more about HIPAA requirements from the Department of Health and Human Services (HHS). 

It’s important to know that HHS does not endorse or recognize private organizations’ HIPAA “certifications”. Some service providers may claim that they or their systems are “HIPAA compliant” or “HIPAA certified”. These claims are misleading, as compliance with HIPAA and other applicable laws and regulations will depend on your particular use case and context. 

Weave is committed to protecting your data, including the PHI of your patients. Weave has been designed with features to support you in complying with HIPAA, while also enabling you to make the most of your communications with patients. However, the primary responsibility for compliance with HIPAA rests with you. You are responsible for your use of the Weave service and for ensuring that your use of the Weave service complies with HIPAA and other applicable laws. This includes, but is not limited to:

• Taking your own steps to maintain appropriate security and privacy protections, including properly limiting access to the Weave service. 
• Ensuring that all communications sent through the Weave service comply with the HIPAA Privacy and Security Rules, including calls, texts, faxes, and email marketing messages. 
• Notifying Weave of any of your policies, agreements, or restrictions to which you have agreed that may affect Weave’s performance of services, and any changes in, or revocation of, permission by an individual to use or disclose PHI, to the extent that such changes may affect Weave’s use or disclosure of PHI.

Our legal, compliance, and security teams work across the company and alongside our customers to understand and meet customer needs. Weave has implemented the following safeguards to meet HIPAA requirements:

• Weave has established and implemented policies governing the protection and use of PHI. 
• Weave has implemented administrative, technical, and physical safeguards for protecting PHI. Weave regularly reviews and enhances safeguards based on risk assessments. Safeguards in place include:
• Logical and physical access controls are employed to ensure that only authorized personnel access PHI.
• Encryption of data in-transit and at rest. Weave employs industry-standard TLS 1.2+ and HTTPS encryption when transferring data between subscribers and Weave’s infrastructure. All subscriber data is encrypted at rest using AES-128-bit symmetric encryption keys or better.
• Security awareness training and education for all Weave personnel.
• Incident detection and response capability to detect and respond to security incidents and appropriately report any unauthorized access or use of PHI.
• Data is regularly backed up and replicated to geographically dispersed locations, which allows us to quickly recover and restore data and systems in the case of data corruption or loss.
• Weave’s privacy and security safeguards are reviewed and assessed by independent advisors. 
• Weave has established a standard business associate agreement (BAA), which is an addendum to our standard Terms of Service. Our Terms of Service and BAA, together with our Privacy Policy, are designed to address Weave’s commitments for protection and use of personal information and PHI, per HIPAA, and other applicable privacy laws and regulations. Weave only uses your data to provide the Weave service to you, except with your prior written consent or as otherwise expressly permitted under the Terms of Service or BAA.
• Weave ensures that its subcontractors and personnel authorized to access PHI are bound by appropriate obligations of confidentiality or a BAA.

Below is additional information of which you should be aware and that will help you comply with HIPAA when communicating through the Weave service:

Team Chat

• Team Chat is designed to support secure communication between team members, with all messages encrypted in transmission and at rest.

Messages

• Weave Messages can be used to communicate in a manner that is compliant with HIPAA. However, it is your responsibility to discuss with your patients what information may be communicated via text, especially sensitive information and PHI. Text messages sent through Weave are transmitted via traditional SMS text message methods. Traditional SMS text messages are generally considered an insecure mode of communication, as texts are not encrypted in transit and there are limited controls over the message after it is sent. Compliance with HIPAA when sending texts will depend on the content of the text and other factors.

Fax

• Faxes sent through Weave are encrypted at rest with a unique encryption key for each customer. Additionally, Weave encrypts faxes sent through Weave. However, you should apply reasonable safeguards when sending PHI through fax to protect the information from inappropriate use or disclosure. More guidance is available by visiting the HHS website.

Email Marketing

• The Email Marketing feature was designed for our subscribers to communicate updates, promotions, and newsletter-type information with their patient base. Weave's Email Marketing feature was not designed for the purpose of communicating ePHI. Accordingly, the Weave Email Marketing feature does not include end-to-end encryption or other security features that would protect the contents of an email, such as sensitive ePHI, while in transit to the intended recipient. Emails sent to customers through Weave Email Marketing should never include sensitive information, and you should always discuss with your customers what information may be emailed to them.
• The HIPAA Privacy Rule provides individuals important controls over whether and how their PHI is used and disclosed for marketing purposes as that term is defined by HIPAA. With some exceptions, the Privacy Rule requires an individual’s written authorization before a use or disclosure of his or her PHI can be used for marketing. Compliance with the Privacy Rule while using Weave’s Email Marketing will depend on the content of the email and other factors. You can learn more about HIPAA and marketing by visiting the HHS website. 

Digital Forms

• Forms sent and received through the Digital Forms service are encrypted in transit and at rest. 

Call Recordings

• Call recordings are encrypted at rest with a unique encryption key for each customer. 

Keep in mind, Weave cannot give you legal advice. Compliance with HIPAA and other applicable laws and regulations will depend on your particular use case and context. This information should not be relied upon as legal advice or to determine how legal requirements apply to your use of the Weave service. Weave encourages you to seek guidance from your legal counsel regarding the requirements of HIPAA and other relevant laws and regulations to ensure compliance.

Several laws in the US and Canada regulate communications between businesses and their customers. These laws include, but are not limited to, the TCPA, CAN-SPAM, and CASL. Additionally, the US wireless communications industry has published principles and best practices regarding text communications. The underlying goal of these regulations and best practices is to protect consumers against unwanted communications. Weave is your partner in understanding these requirements and ensuring that your messages are delivered to your customers with minimal disruption.

The following information regarding these laws is not legal advice and is provided for information purposes only. You are encouraged to seek competent legal counsel for specific guidance related to compliance with these laws.

TCPA

The US Telephone Consumer Protection Act (TCPA) regulates telemarketing calls, auto-dialed calls and text messages, artificial or pre-recorded calls, and unsolicited faxes. The TCPA requires prior express consent to send text messages to customers. While there are some exemptions to TCPA requirements for certain healthcare-related communications under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), TCPA requirements still apply to marketing communications and any other non-healthcare-related communications. For example, text messages that contain marketing or advertising content require you to obtain prior express written consent from your customers.  

You can learn more about the TCPA from the Federal Communications Commission’s (FCC) FCC website. 

TCPA exemptions for healthcare providers

The TCPA provides exemptions specifically for healthcare-related calls and text messages which apply to HIPAA-covered entities, created by the FCC in its Declaratory Ruling and Order on July 10, 2015. Under one exemption, calls or texts made by or on behalf of a covered entity or its business associate and which have a healthcare treatment purpose do not require the prior express written consent of the receiving party. Such calls or messages include:

• Appointment and exam confirmations and reminders
• Wellness check-ups
• Hospital pre-registration instructions
• Pre-operative instructions
• Lab results
• Post-discharge follow-up intended to prevent re-admission; prescription notifications
• Home health care instructions

The following additional conditions for each exempted voice call or text message, made by or on behalf of a healthcare provider, must be met:

• Call or text messages must be sent only to the mobile number provided by the patient.
• Name and contact information of the healthcare provider must be stated at the beginning of each call or included in each text message.
• Limit calls and text messages to one per day and no more than three calls or text messages per week.
• Calls and text messages must comply with the HIPAA Privacy Rule.

Despite these exemptions, you should always discuss with your customers what information may be communicated via text, especially sensitive information. It is important to note that texts related to accounting, billing, debt collection, or that contain other financial content or texts that include advertising content are not part of this exemption. Additional details can be found in the FCC’s July 2015 Declaratory Ruling and Order. 

CAN-SPAM

The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM) establishes requirements for commercial emails and gives recipients the right to have you stop emailing them. CAN-SPAM applies to all commercial email messages, which the law defines as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service.” CAN-SPAM’s primary requirements include:

• Email header and routing information must be accurate and identify the person or business who initiated the message.
• The subject line should not be deceptive and must accurately reflect the content of the message.
• Messages must be identified as an ad.
• Messages must include your valid physical postal address.
• Messages must include a way to opt-out of receiving further messages.
• Honoring a recipient’s opt-out request within 10 business days.

You can learn more about CAN-SPAM from the Federal Trade Commission (FTC) website and the FTC’s compliance guidelines . 

CASL

Canada’s anti-spam legislation (CASL) regulates commercial electronic messages (CEM) that are sent to or by Canadians. A CEM is any electronic message (including a text or email) that encourages participation in a commercial activity. For example, a CEM would include a text or an email that offers to provide a service or a product (including a text or email that contains a coupon or describes a promotion). CASL does not apply to a pure service message (such as a simple reminder of an existing appointment), unless the message also encourages participation in a commercial activity (such as a reminder of an existing appointment which also promotes a sale on other services). 

Key requirements of CASL include:

• Before sending a CEM, the sender must have express consent or implied consent from the recipient, or fall within one of the exemptions specified in CASL. You can learn more about the requirements for express and implied consent and exemptions here. 
• Unless the sender has a complete exemption from CASL, the CEM must include (1) the name by which the sender carries on business, if different from its name, and if not, its actual name, (2) the sender’s mailing address and either a phone number or an email address or web address, valid for 60 days, and (3) an unsubscribe mechanism that allows the recipient to opt-out of receiving all future CEMs.
• The unsubscribe mechanism must be available to the recipient without cost, be easy to use, and must use the same electronic means as the CEM. The sender must process an unsubscribe request without delay, and in any event within 10 business days.
• CASL regulators expect senders to have a CASL corporate compliance program and CASL training materials. CASL also imposes certain record-keeping requirements relating to express consents, implied consents, opt-outs, and CEMs. Weave does not maintain those records for you. For information on these requirements, see the links provided below or speak with your lawyer.

You can learn more about CASL from the Canadian government’s overview and frequently asked questions.

CTIA Messaging Principles and Best Practices

The CTIA, an organization representing the US wireless communications industry and companies throughout the mobile ecosystem, has developed and published Messaging Principles and Best Practices (Principles and Best Practices). The Principles and Best Practices reflect the wireless industry’s efforts to preserve trust in the messaging services provided by mobile network operators (MNOs), such as Verizon, AT&T, and T-Mobile. The Principles and Best Practices also support a wireless messaging community where message senders and consumers can exchange wanted messages and while still protecting consumers from unwanted messages, in conformity with applicable laws and regulations, such as TCPA and CAN-SPAM.

The Principles and Best Practices include parameters for facilitating business text messages, also known as “non-consumer” or “Application-to-Person” (A2P) messages, such as those sent by Weave subscribers through the Weave service. Regardless of regulation, the CTIA recommends that all A2P message senders should take the following actions to maintain consumer confidence in messaging services:

• Obtain a consumer’s consent to receive messages generally.
• Obtain a consumer’s express written consent to specifically receive marketing messages.
• Ensure that consumers have the ability to revoke consent.

Consent may vary on the type of message content exchanged with a consumer. The Principles and Best Practices provides examples of the types of messaging content and the associated consent that should be expected for A2P messages.

10DLC Brand and Campaign Registration

In addition to the CTIA Principles and Best Practices, the mobile network ecosystem has been working to find ways to better support businesses sending A2P messages to consumers and reduce the number of spam text messages that consumers receive. In 2021 the MNOs began implementing standards to register and validate businesses that send A2P messages using 10-digit long codes (10DLC) (a 10-digit telephone number designed for A2P messaging). This is referred to as “brand” and “campaign” registration and validation. Providing visibility into the source and content of A2P messages allows the MNOs to provide more reliable and trustworthy messaging services. Businesses that send A2P messages via 10DLCs are required to register their brand and messaging campaigns through their service providers, like Weave, to take advantage of increased messaging deliverability and throughput, and avoid potential fees or disruption to texting services. Businesses that are registered and verified with the MNOs are less likely to be flagged for sending spam messages. You can find more information about these requirements here.

Your Responsibility to Use Weave in Compliance with the TCPA, CAN-SPAM, CASL, and other best practices

Weave text and email features have been designed with features to support you in complying with the TCPA, CAN-SPAM, and CASL and enable you to make the most of your communications with customers. However, primary responsibility for compliance with TCPA, CAN-SPAM, CASL, and other best practices rests with you. You are responsible for the communications that you cause to be sent through the Weave service and for ensuring that those communications comply with all applicable laws. This includes, but is not limited to:

• Obtaining, documenting, and tracking customer consent.
• The content and frequency of communications.
• Promptly honoring opt-out and withdrawal of consent requests.

More details on your responsibility for compliance with laws and regulations can be found in Weave’s Terms of Service.

Weave has implemented the following features which support you in complying with the TCPA, CAN-SPAM, CASL, and the CTIA Principles and Best Practices:

Text messaging

• All automated texts have opt-out instructions appended to the end of the message. Additionally, regardless of the type of text message, the standard "STOP" reply will automatically unsubscribe customers from further text message communications. You can learn more about how customers can opt out of texts here. 
• Our default text message templates include the name of the subscriber (e.g., "Hello {first name}, this is {subscriber name}"). These templates can be modified by you to include additional information, including contact information, message frequency, and applicable terms and conditions.
• Weave is your partner in registering and validating your 10DLC messaging brand and associated messaging campaigns with the MNOs and their partners. The majority of our existing subscribers’ brands and campaigns are already registered and validated. New subscribers are registered and validated during the onboarding process. 

Email marketing

• Weave’s email marketing tool includes the following information as standard at the bottom of every email campaign:
• Unsubscribe instructions and automatic opt-out when requests are received
• Business and contact information, including postal address
• Required email subject and “From” email address for every email campaign.

Keep in mind, we aren’t your lawyers, so we cannot give you legal advice. Compliance with the TCPA, CAN-SPAM, CASL, and other applicable laws, regulations, or best practices will depend on your particular use case and context. This information should not be relied upon as legal advice or to determine how legal requirements apply to your use of the Weave service. We encourage you to seek guidance from your legal counsel regarding the requirements of TCPA, CAN-SPAM, and CASL and other relevant laws and regulations to ensure compliance.

The Weave service may be purchased only by customers located in the United States (including Puerto Rico) or Canada and is intended for use only in those locations. Weave makes no representations or warranties that the service is appropriate or available for use outside of the United States or Canada.

Subscribers that choose to access or use the Weave service from outside the United States or Canada do so at their own risk and are entirely responsible for compliance with local law, including, but not limited to export and import regulations. In addition, the Weave service is subject to United States export laws and regulations and may not be exported or re-exported to certain countries or those persons or entities prohibited from receiving exports from the United States.

You can read more about the location of the Weave service and other restrictions on use of the service in our Terms of Service.

Before you attempt to use or access the Weave service in other locations, please consider the following:

• Weave does not provide support for customers using the service outside of the United States or Canada.
• Weave does not ship VoIP telephones to locations outside the United States or Canada.
• The Weave mobile app can only be downloaded in the United States or Canada.
• Weave may block individuals from certain geolocations from downloading and updating the Weave desktop app.
• Weave may restrict accessing or using the service if we reasonably believe you are using the service outside of the United States or Canada.
• E911 service is not supported for VoIP phones located outside of the United States, Puerto Rico, or Canada. (See additional information below.*)
• Your VoIP call quality may suffer if you use the VoIP phones and service outside the United States or Canada. (See additional information below.**)

* PLEASE NOTE: Weave cannot provide E911 support for customers who use the service outside of the United States, Puerto Rico, and Canada. We want to make sure that you are aware of important differences in the way 911 service operates with a VoIP phone when compared with traditional telephone service. With traditional phone services, your 911 call is sent directly to the nearest emergency response center. With VoIP phone service, your 911 call is forwarded to a third-party service provider that will automatically or manually route your call to the emergency response center. Weave will attempt to provide the emergency operator with your service address, so it is important that your information on file with us is always accurate and updated. Weave currently only supports registration of E911 addresses located in the United States, Puerto Rico, and Canada. If you attempt to call 911 from a Weave VoIP phone located outside of the United States, or Canada, the emergency operator may assume that you are calling from the last registered address. You can update your E911 address at any time in the Weave Admin Portal. For a complete description of our VoIP service and limitations of E9-1-1 service, please see this important E911 information and Weave’s VoIP Terms of Service.

** PLEASE NOTE: VoIP call quality is impacted by internet bandwidth and congestion, priority routing rules, and latency, among other factors. Call quality may be impacted by the location of your VoIP phone relative to Weave’s infrastructure, located in data centers located in the United States. If you choose to relocate your physical VoIP phones outside of the United States or Canada and attempt to receive or make calls, your call quality is likely to be significantly degraded. For example, typical round trip time between the United States and Australia is around 200-300 milliseconds. To avoid degraded call quality, round trip time should ideally be no more than 120 milliseconds.

Weave is committed to providing you with the best experience. To benefit from everything Weave has to offer, including features that integrate with your practice management system, we recommend using one of the operating systems below that continue to receive security updates by Windows or Apple.

Desktop App Requirements

The Weave Desktop App will be installed on each computer station in your office that needs access to Weave. The following is a list of supported desktop operating systems and when each will no longer be receiving security updates.

For more detailed information on how to upgrade to an operating system that is receiving security updates, reference the resources from Microsoft and Apple.

Windows

MacOS

Server Requirements

If you signed up for the integrated version of Weave and have a server-based practice management system, a sync application will need to be installed on your server. 

The following is a list of supported server operating systems and when each will no longer be receiving security updates.