Objective: Hire a full‑stack developer (or small team) to build a high‑performance, secure, gdpr/lgpd‑compliant saas platform for european citizenship processes. The system must support complex multi‑contract family workflows, Stripe Billing subscriptions, E‑signature automation, and an integrated CRM + Client Portal.
1. High‑Level System Architecture
The platform will be fully Headless, ensuring scalability, security, and independent evolution of each layer.
Front‑end
Next.js with:
ssr for public/seo routes
csr for the authenticated client portal
tailwind css (mobile‑first, fully componentized ui)
back‑end
node.js + TypeScript (mandatory) for static typing, maintainability, and early error detection.
Database & Infrastructure
PostgreSQL, ideally via Supabase (Auth + Storage + RLS management unified).
Security – Non‑Negotiable
Row Level Security (RLS) required.
Every document (PDFs, images, certificates) must be isolated by user_id.
No user can access another user's data under any circumstances.
2. Acquisition Module (Lead Qualification & Conversion)
Two primary acquisition pathways:
A) Direct E‑commerce Route
For standalone services (e.g., Sworn translation, genealogical research):
Product landing page → Stripe Checkout → user creation → Client Portal
Does not pass through the Triage Wizard
B) Triage Wizard (Eligibility Engine)
A multi‑step dynamic form driven by JSON/business‑rule logic.
All steps completed anonymously
Sensitive fields (Name, Email, WhatsApp) appear only at the final step
No partial data storage allowed
cpf/rg prohibited during this phase
crm receives only fully completed, hot leads
retention layer
exit‑intent popup (dom mouse‑leave/back‑button detection → whatsapp cta)
meta api chatbot (whatsapp/instagram/facebook) for early qualification + crm injection
3. Sales Module – Family Contract Engine (“Satellite Contracts”)
Designed to handle families with multiple adults and minors while preserving individual legal privacy and asynchronous payment cycles.
Secure Proposal Link
Admin generates a /proposal/[uuid] link with visual expiration countdown.
Primary Lead Flow
Enters sensitive data: cpf, rg, address
optionally adds minor children (system auto‑recalculates total via add‑ons)
for adding adult relatives: only name, email, whatsapp are allowed (gdpr/lgpd requirement)
automatic contract dispatch
upon submission:
back‑end triggers clicksign or docusign api
generates contract a for primary lead
opens personal stripe checkout session
automatically sends unique links to each added relative (siblings/adults)
satellite signer flow (siblings/relatives)
each relative:
opens their exclusive link
submits their own cpf/rg
can add minors if needed
receives independent contract + independent payment cycle
non‑blocking rule
each contracting party:
has their own activation timeline
starts the process only when their payment is completed
never depends on family members’ payments
4. Financial Module (Stripe Billing + Default Management)
Billing Model
Entry payment + 11 recurring monthly installments
Brazilian payment methods: Pix, Boleto, Credit Card
Values always displayed in brl (fixed, no fx confusion)
grace period (days 1–29 overdue)
status: pending_payment
no operational blocking
automatic email + whatsapp with updated payment link
persistent yellow warning banner in client portal header
hard lock (30+ days overdue)
status: suspended
storage download permissions revoked
client portal shows only a “restricted access” payment screen
admin panel alerts internal team to pause operations
accounting integration (erp – conta azul)
no native p&l
automatic reconciliation through stripe webhooks
node.js sends POST requests to Conta Azul with transaction data (amount, client, date)
5. Admin Panel & Client Portal
Admin Panel
CRM with Kanban/Table lead management
Manual Override module
Ability to generate/edit proposals, contracts, custom payment links
Client Portal (SPA)
Interactive Dashboard
Visual Timeline of process steps (based on status_id)
Bidirectional Vault:
Upload BR documents
Download EU certificates and protocols from Admin
Developer Requirements (Ideal Candidate)
Advanced proficiency in
Next.js +
Node.js + TypeScript
Strong experience with Supabase, including RLS
Proven integrations with:
Stripe Billing
Clicksign / DocuSign
WhatsApp / Meta API
Conta Azul ERP
Experience with complex dynamic forms and multi‑user flows
Solid understanding of gdpr/lgpd compliance.
Delivery term: Not specified