Gisou x Sephora Pop-Up System - Technical Overview

📋 Executive Summary

Project: Complete digital gift redemption and product testing waiver system for Gisou Holiday Pop-Up

Platform: RelayPro

Timeline: 2-day event, December 12-13, 2025

Capacity: 500+ registrations/hour, 300+ waivers/hour

Key Features

✅ Time-based QR code system (30 min expiry, 50 uses per code)
✅ Automated email distribution of gift codes
✅ Employee redemption tool with secure login
✅ Digital waiver with signature capture and IP logging
✅ Standalone walk-in product testing flow
✅ Rate limiting and security controls

Security Measures

Rate Limiting Role-Based Access Email Uniqueness One-Time Use Waivers IP Logging Secure Authentication

🔐 System Access

QR Display Tool (Sephora Side)

Purpose: Display registration QR codes in Sephora stores
URL: https://gisou.relaypro.nl
Login: qr@gisou.com
Password: QR2209!#
Access Level: QR Token Display only

QR Display Tool - Sephora View

Redemption Tool (Pop-Up Side)

Purpose: Employee tool for gift redemption and waiver generation
URL: https://gisou.relaypro.nl
Login: popup@gisou.com
Password: popup2209!#
Access Level: Redemption workspace access

Admin Access

Purpose: Full system access, backend management, data exports
URL: https://gisou.relaypro.nl
Credentials: Brian's admin account
Access Level: Complete system administration

⚠️ Security Reminder:

Do not share credentials publicly
QR display account can only view/display QR codes
Redemption account can only access the redemption workspace
Admin account has full system access - use responsibly

🏗️ System Architecture

Data Structure

Component	Purpose	Key Information
QR Token	Time-based registration tokens	30-minute expiry, 50 uses maximum, auto-refresh
Gift Redemption	Customer registrations & gift codes	Unique email, GISOU-XXXXXX codes, waiver data storage
Waiver	Standalone product testing waivers	Walk-in customers, unique email, signature + IP logging

Security & Rate Limiting

Rate Limiting: All public-facing APIs have rate limits to prevent abuse
Capacity: System handles 500+ registrations and 300+ waivers per hour
Protection: Email uniqueness prevents duplicate registrations
Legal Compliance: All signatures logged with IP address, timestamp, and full legal text

🎯 Flow 1: Sephora QR → Registration

Customer Journey

1 QR code displayed in Sephora stores

Sephora staff logs into QR Display Tool to show rotating QR code

Access: qr@gisou.com / QR2209!#
Display: Large QR code with countdown timer
Token Validity: 30 minutes from generation
Max Uses: 50 registrations per token
Auto-refresh: New token generated automatically when expired or maxed out

2 Customer scans QR code with phone

Opens registration form

Validation: Token checked for validity and usage limit before form displays
On failure: Shows "Invalid or expired QR code" message

Registration Form - Mobile View

3 Customer fills in details

Required: Full Name, Email, Phone Number

Email Uniqueness: System prevents duplicate registrations with same email
Validation: All fields required, phone format checked

4 System generates unique gift code

Format: GISOU-XXXXXX (6 random uppercase alphanumeric characters)

Example: GISOU-ABC123, GISOU-XYZ789
Uniqueness: Guaranteed unique, regenerates if collision detected

5 Email sent with gift code

Automated email delivery with premium Gisou branding

Gift Code Email Template

6 Success confirmation

"Check your email for your gift code!"

Registration Success Screen

🎁 Flow 2: Pop-Up Gift Redemption + Optional Waiver

Employee Tool Usage

1 Employee logs into Redemption Tool

Access secured workspace for gift redemption and waiver generation

URL: https://gisou.relaypro.nl
Login: popup@gisou.com
Password: popup2209!#

Redemption Tool Login

2 Employee enters customer's gift code

Customer shows email, employee types last 6 characters

Code Entry Screen

3 System displays customer details

Shows customer information and current status

Customer Details - Valid Code

Customer Details - Already Redeemed

4 Employee marks gift as redeemed

One-click redemption, updates database instantly

5 Waiver options presented

Two choices: Generate Testing Waiver or Skip (Gift Only)

Waiver Options Screen

Option B: Gift + Product Testing

6B Generate waiver QR code

Employee clicks button, QR popup appears

Waiver QR Code Popup

7B Customer scans QR with phone

Waiver form opens with name and email pre-filled

Waiver Form - Pre-filled (Mobile)

8B Customer reviews and signs waiver

Scrolls legal text, draws signature, checks agreement box

Saved data:

Digital signature (base64 image)
Full legal text with customer name
Timestamp (NYC timezone)
IP address (legal requirement)
Device/browser information

9B Success screen with verification

Large green checkmark displayed - customer shows to employee

Waiver Success Screen

🧪 Flow 3: Standalone Product Testing (No Gift)

Walk-In Customer Flow

1 Customer wants to test without gift

Employee clicks "Testing Waiver (No Gift)" button in redemption tool

Standalone Waiver Button

2 QR code popup appears

Static QR for standalone waiver (no pre-filled data)

Standalone Waiver QR Code

3 Customer scans and fills form

Empty waiver form - customer enters own name and email

Email uniqueness: Same customer cannot submit multiple standalone waivers
Separate database: Stored separately from gift redemptions

4 Same waiver process

Review legal text, sign, agree, submit - same success screen

⚙️ Backend Management & Reporting

Data Access

All data accessible via admin account at https://gisou.relaypro.nl

Available Reports & Views

Gift Redemption List:

All customer registrations from Sephora QR flow
Shows: Name, Email, Phone, Gift Code, Redemption Status, Waiver Status
Filters: Date range, Redeemed (Yes/No), Waiver Signed (Yes/No)
Export: Excel, CSV available

Gift Redemption List View

Individual Customer Records:

Complete customer details
Gift code and redemption timestamp
Waiver signature image (if signed)
Full legal document text
IP address and device information

Customer Detail View with Signature

Standalone Waiver List:

All walk-in testers (no gift)
Separate from gift redemptions
Same waiver data: signature, IP, legal text

Standalone Waiver List View

Real-Time Metrics

Available during event:

Total registrations (count)
Total redemptions (count)
Total waivers signed (count)
Registration rate per hour
Current QR token status

Post-Event Data

Export capabilities:

Complete customer database (Excel/CSV)
All waiver signatures (downloadable images)
IP addresses and timestamps for legal compliance
Full legal text for each signed waiver

Retention: Recommend keeping data for 2+ years for legal purposes

Data Export Sample (Excel)

🔧 Technical Specifications

Platform

System: RelayPro
Hosting: Hetzner Germany
Domain: gisou.relaypro.nl
SSL: Let's Encrypt (auto-renewal)
Backup: Daily automated backups
Email: Automated delivery via SMTP

Security Features

Access Control:

Role-based authentication (separate QR and Redemption accounts)
Admin account for full system access
Secure login required for all tools

Data Protection:

Email uniqueness prevents duplicate registrations
One-time waiver signing per gift code/email
Rate limiting prevents system abuse
HTTPS encryption for all traffic

Legal Compliance:

IP address logging for each signature
Full legal text stored with each waiver
Timestamp in event timezone (America/New_York)
Digital signature capture (base64 PNG)

Capacity & Performance

Tested capacity:

500+ registrations per hour
300+ waiver signatures per hour
Multiple employee devices simultaneously

Rate limiting: Built-in protection against spam and abuse
Auto-refresh: QR tokens update automatically every 30 minutes

Browser Compatibility

Tested on:

iOS Safari (iPhone/iPad)
Android Chrome
Desktop Chrome, Firefox, Safari

Touch support: Signature pad works on all touch devices
Responsive: All forms optimized for mobile screens

🔍 Common Issues & Solutions

Registration Issues

Issue: "Invalid or expired QR code"
Solution: QR Display Tool auto-generates new token - refresh page if needed

Issue: "Email already exists"
Solution: Customer should check email for existing gift code

Redemption Issues

Issue: "Gift code not found"
Solution: Double-check code, ask customer to show email

Issue: Code shows "Already Redeemed"
Solution: This is correct - show customer the redemption timestamp

Waiver Issues

Issue: "Already Signed" message
Solution: This is intentional one-time use protection

Issue: Signature not saving
Solution: Ensure customer actually draws on canvas and checks box

Login Issues

Issue: Cannot access redemption tool
Solution: Use popup@gisou.com / popup2209!#

Issue: Cannot access QR display
Solution: Use qr@gisou.com / QR2209!#

Emergency Support

Technical Support: Mike Solutions (Node24 B.V.)
Admin Access: Use admin account for full system control
During Event: Support available during event hours

✅ Pre-Event Readiness Checklist

Item	Status
All web forms published and accessible	✅
QR Display Tool login working	✅
Redemption Tool login working	✅
Admin access verified	✅
Email delivery operational	✅
SSL certificate valid	✅
QR auto-refresh working	✅
Signature pad tested on mobile	✅
IP logging functional	✅
All three flows end-to-end tested	✅
Rate limiting active	✅
Backup system operational	✅

Day-of-Event Checklist

Verify server status and uptime
Check SSL certificate validity
Confirm email sending is operational
Test QR codes scan from Sephora materials
Employee devices charged and internet connected
Login credentials distributed to staff
Admin contact information available

🔒 Protected Content

🎁 Gisou x Sephora Pop-Up System