Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Table of contents

Definition

Status

IN DESIGN

RBIberia Owner

Paula

RBI Owner

Carlos

Priority

1 (this is needed for the PLK ES go-live)

Complexity (1-5)

4

Open questions

We need to constantly make this section become empty.

  • Who are the migrated users?

  • If you change the T&C, does the user have to accept it again?

  • Currently check how and where T&C acceptances are saved.

  • Raphael Ferreira Gomes please send email to Paula asking for the examples of what they have in mind as inspiration.

  • There are fields in Dynamo DB - Silva, Carlos to help

Requirements

Problem statement

By law, every customer must comply with the privacy policy established by the company so it's possible to collect and use their personal information. For this reason, we need that, with each update of the privacy policy, the customer is notified and that he must accept it so that he can continue accessing the Popeyes login area on the Web and APP. 

Acceptance criteria

  • Privacy policy and terms of use contents are updated via CMS with version control.

  • Customers who have not accepted the most up-to-date version of the privacy policy will not be able to enter the Popeyes login area on the Web and APP. 

  • For customers who have not accepted the latest version of the privacy policy: 

    • After logging in, they will be informed that they need to accept it and will have access to the most up-to-date information (link). A link to the terms of use will also be shown temporarily. 

    • Check if they have already accepted to receive commercial communications from RBI, if not, the option to accept will be presented too. 

    • Access to the logged area is released immediately after accepting the new version. 

  • Metrics - tags will be applied that will allow us to answer the following questions:

    • How many customers were impacted by this modal? 

    • How many of these customers did not accept the new version? 

    • How many customers were we able to activate commercial communications using this modal? 

    • Store date, time and the last version of the privacy policy that each customer accepted. 

    • If the customer accepts commercial communications from RBI, this information will be stored in mParticle and Salesforce 

  • For user registration (sign up), acceptance of the privacy policy for the latest available version will be stored.

  • Import information from customers who have already accepted the latest version of the privacy policy in the current application (web/app) 

  • For the launch of this functionality, it is not foreseen to update the privacy policy and the terms of use. This means that the modal should only be presented to customers who have not yet accepted the privacy policy in the current App/Web. 

Success metrics

  • 99% of customers accept the privacy policy 

  • 50% increase in commercial communication activation 

Solution

Scenarios

Note: these are high level scenarios that must pass testing before we can release the feature. They should also be used to drive design. Note that we do not specify user interface details in these steps - that is deliberate, so that we focus on the process and not on the UI, since the UI can change throughout design and development.

Scenario 1: guest accepts agreements during sign up

Steps

Expected results

Open the PLK ES page and choose to register

Registration page appears. There is a section to accept all agreements, with a link to each of the agreements (Terms and Conditions, Privacy Policy, Loyalty Policy)

Guest fills in their personal information and accepts the agreements

Account is created.

Scenario 2: guest does not accept agreements during sign up

Steps

Expected results

Open the PLK ES page and choose to register

Registration page appears. There is a section to accept all agreements, with a link to each of the agreements (Terms and Conditions, Privacy Policy, Loyalty Policy)

Fill in your personal information and don’t accept the agreements.

Error message appears requesting guest to accept the agreements. No account is created until the terms are accepted.

Scenario 3: update Privacy Policy while user is signed out

Note: only updates to the privacy policy requires users to agree in the app . Updates to terms and conditions or loyalty policy don’t need acceptance and can be emailed instead.

Steps

Expected results

Using Sanity, update the Privacy Policy and ensure that “Requires acceptance” is set to true

Sanity is updated accordingly.

Sign in to PLK ES

[RFG] Ideally it should not be only in sign-in, since user can be signed-in for a long time. Not sure, if it’s possible to intercept every user request in the app, but a good step to verify it would be when landing Home.

You are asked to review and agree to the new privacy policy. You only options are to accept or to sign out.

[RFG] Displayed policy privacy text can be obtained from the last updated static page privacy-policy (sanity API).

Click/tap on the privacy policy link

The updated privacy policy opens on a separate window.

Scenario 4: update privacy policy while user is signed in

Steps

Expected results

Sign in to PLK ES

Home page loads normally

Using Sanity, update the Privacy Policy and ensure that “Requires acceptance” is set to true

Sanity is updated accordingly

Return to the PLK ES app and browse to any page

Nothing happens

Wait for 1 hour. Return to the PLK ES app and browse to any page

You are asked to review and agree to the new terms and conditions. You only options are to accept or to sign out.

Scenario 5: update terms & conditions

Steps

Expected results

Using Sanity, update the Terms & Conditions and ensure that “Requires acceptance” is set to false

Sanity is updated accordingly

Sign in to PLK ES

Home page loads normally

Check your email address

You have received an email from PLK ES informing that their T&C has been updated

Design

Figma design here: https://www.figma.com/file/sfH3mHXoEUfHbm5qMul0Vn/branch/akfj5Zk3gDEGHUXfBuLR3W/Popeyes?node-id=353-55073&t=ayZ3EGHIVY7vQT0Z-0

Development

Existing Behavior

No user agreements are stored. See tech details in /wiki/spaces/IN/pages/4044391349 . He/she only accepts it in sign-up process. After that, he/she uses the app normally.

Success Metrics

Increase compliance of users. Metrics should rely on the required acceptance document info that is stored in database for each user.

Potential Challenges

Existent customers. They have no stored user agreement. Some of them may be old, some of them are new. For all, app must check if it is consistent and apply privacy policy terms.

Solution

  • Sanity:

    • We should enhance sanity configuration to enable requiredAcceptance flag for each document (static page)

      • Marketing Content

        • Static Page

          • requiredAcceptance : bool ( default is false)

Repo: https://github.com/rbilabs/rbi-whitelabel-cms

https://dev-plk-menu.es.rbi.tools/desk/marketingContent;staticPages;0e0d12e4-d6cd-4b0e-bc9e-0cfbd590c922

Reason: That’s the place where it’s is used to configure this static page shown in the sign-up flow. Besides, there’s the possibility to retrieve the updateAt attribute, so that we can use it to take the decision to display new privacy policy to the customer or not.

  • Whitelabel:

    • Sign-up of users must enforce user acceptance of the latest politics of privacy (configuration).

    • Terms of loyalty and terms and conditions aren’t mandatory (configuration).

      • New user data must be saved into dynamodb

        • aws-rbi-<env>-brand. E.g.: aws-rbi-dev-plk

          • pk: user cognito pk

          • sk: v0_User

          • details

            • requiredAcceptanceDocumentInfo ( Id, updateAt)

    • Sign-in / Home

      • Home loading

        • Call service to check whether user has up-to-date

          • Get latest Sanity requiredAcceptanceDocumentInfo(s) (Id, UpdateAt) → Check first in cache

            • If applicable, store in cache.

          • Get dynamodb customer requiredAcceptanceDocumentInfo(s) (Id, UpdateAt) → Check first in cache

            • If applicable, store in cache.

          • For each sanity required acceptance document, verify if there’s a corresponding entry for the retrieved customer accepted documents → compare using id

            • If dynamodb customer document UpdatedAt >= Sanity document UpdatedAt

            • Enables home and user access

          • Otherwise

            • Blocks user access.

            • Renders new UI - Forces user to either:

            • - accept latest required document → We can retrieve this info via IStaticPage.Widgets

            • - signout.

            • - Optionally, propose user to accept receiving emails.

            • ----> impact when fetching user data to read promotionalEmails flag / call set-user-attributes.ts (mParticle) - To handle it in a separate User Story.

          • If user accepts latest required document, then it should call a service to update user requiredAcceptanceDocumentInfo(s) (Id, UpdateAt) ( function updateMe? ) and enable user access

Note: Another tool can send only emails to inform the user in such cases, but this is not in the scope of this epic. Maybe enhancing mParticle events should be considered for that.

Repo : https://github.com/rbilabs/intl-whitelabel-app

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.