Lesson 6: Templates and Expected Structure

# PRD: [Feature Name]
 
**Author:** ___
**Status:** Draft / In Review / Approved
**Version:** 1.0
**Last Updated:** ___
**Stakeholders:** ___
 
---
 
## 1. Problem Statement
 
### What problem are we solving?
[1–3 sentences describing the user pain or business gap.]
 
### Who has this problem?
**Primary users:** ___
**Secondary users:** ___
**Estimated affected users:** ___
 
### Why now?
[What makes this the right time to solve this problem?]
 
---
 
## 2. Goals and Non-Goals
 
### Goals (what success looks like)
- [ ] ___
- [ ] ___
 
### Non-Goals (explicitly out of scope)
- ___
- ___
 
---
 
## 3. User Stories
 
| ID | As a... | I want to... | So that... | Priority |
|----|---------|-------------|------------|----------|
| US-01 | | | | Must Have |
| US-02 | | | | Should Have |
| US-03 | | | | Nice to Have |
 
---
 
## 4. Acceptance Criteria
 
### US-01: [Story Title]
- [ ] Given [context], when [action], then [outcome].
- [ ] Given [context], when [action], then [outcome].
 
### US-02: [Story Title]
- [ ] Given [context], when [action], then [outcome].
 
---
 
## 5. Scope
 
### In Scope
- ___
 
### Out of Scope
- ___
 
---
 
## 6. Dependencies
 
| Dependency | Type | Team/System | Status | Risk if Delayed |
|------------|------|-------------|--------|-----------------|
| | API | | Confirmed | |
| | Design | | Pending | |
 
---
 
## 7. Success Metrics
 
| Metric | Current Baseline | Target | Measurement Method | Timeline |
|--------|-----------------|--------|-------------------|----------|
| | | | | |
 
---
 
## 8. Open Questions
 
| # | Question | Owner | Due Date | Status |
|---|----------|-------|----------|--------|
| 1 | | | | Open |
 
---
 
## 9. Appendix / References
 
- ___

# PRD: Saved Payment Methods at Checkout
 
**Author:** Sarah Chen, Product Manager
**Status:** In Review
**Version:** 1.2
**Last Updated:** April 1, 2026
**Stakeholders:** Engineering (Backend, Frontend), Design, Legal, Finance, Customer Support
 
---
 
## 1. Problem Statement
 
### What problem are we solving?
Returning customers must re-enter their full payment details on every purchase, creating friction that contributes to cart abandonment. Our checkout completion rate of 61% is 12 points below the industry benchmark of 73% for our segment.
 
### Who has this problem?
**Primary users:** Registered customers who have made at least one prior purchase (approximately 340,000 accounts)
**Secondary users:** Guest users who complete account registration at checkout
**Estimated affected users:** 340,000 existing registered users; approximately 15,000 new registrations per month
 
### Why now?
Q3 customer survey results (n=1,200) identified checkout friction as the #1 reason for abandonment. Competitor analysis shows all three primary competitors launched saved payment methods in the last 18 months. Engineering has completed the Adyen migration, which provides the tokenization infrastructure this feature requires at no additional compliance cost.
 
---
 
## 2. Goals and Non-Goals
 
### Goals (what success looks like)
- [ ] Customers can save up to 3 payment methods to their account profile
- [ ] Checkout flow completes in 2 taps or clicks or fewer for users with a saved default method
- [ ] Checkout completion rate increases from 61% to 68% or higher within 90 days of launch
- [ ] Zero increase in fraud rate (measured month-over-month)
 
### Non-Goals (explicitly out of scope)
- Saving payment methods for guest (non-logged-in) users — deferred to Q4
- Support for PayPal, Apple Pay, or Google Pay tokenization — separate initiative
- Bulk payment management (e.g., deleting all methods at once)
- Business or team accounts with shared payment pools
 
---
 
## 3. User Stories
 
| ID | As a... | I want to... | So that... | Priority |
|----|---------|-------------|------------|----------|
| US-01 | returning customer | save my credit card after a successful purchase | I don't have to re-enter it next time | Must Have |
| US-02 | returning customer | set one card as my default payment method | my checkout experience is one click | Must Have |
| US-03 | returning customer | delete a saved payment method from my account | I can keep my account up to date when cards expire | Must Have |
| US-04 | returning customer | see the last 4 digits and card type for saved methods | I can choose the right card without exposing full details | Must Have |
| US-05 | returning customer | add a new card during checkout without replacing saved methods | I can use a different card for one-off purchases | Should Have |
 
---
 
## 4. Acceptance Criteria
 
### US-01: Save card after purchase
- [ ] Given a logged-in user completes a successful purchase, when the order confirmation page loads, then a "Save this card for future use" checkbox is displayed (default: unchecked).
- [ ] Given the user checks the box and confirms, then the payment method is tokenized via Adyen and stored against the user account.
- [ ] Given the user already has 3 saved methods, then the save option is not displayed and an informational message reads: "You have reached the maximum of 3 saved payment methods. Remove one to save a new card."
 
### US-02: Default payment method
- [ ] Given a user has at least one saved payment method, when they reach the payment step in checkout, then their default method is pre-selected with a "Change" option visible.
- [ ] Given the user clicks "Change," then a list of their saved methods is displayed with the option to use a different saved card or enter a new one.
 
### US-03: Delete saved method
- [ ] Given a user navigates to Account > Payment Methods, when they click "Remove" on a saved card, then a confirmation dialog appears.
- [ ] Given the user confirms removal, then the card is deleted from display within 2 seconds and removed from the Adyen token vault within 24 hours.
- [ ] Given the deleted card was the user's default, then no default is set automatically and the user is prompted to set a new default.
 
---
 
## 5. Scope
 
### In Scope
- Tokenized storage of Visa, Mastercard, and American Express cards via Adyen
- Account Profile > Payment Methods management page
- Checkout flow integration for saved method selection
- Save-card prompt on order confirmation page
 
### Out of Scope
- Debit card differentiation from credit card (treated identically)
- International card support beyond current Adyen regions (US, CA, UK, AU)
- Payment method sharing between accounts
- Saving cards for subscription or recurring billing (separate billing system)
 
---
 
## 6. Dependencies
 
| Dependency | Type | Team/System | Status | Risk if Delayed |
|------------|------|-------------|--------|-----------------|
| Adyen tokenization API | Technical | Payments Engineering | Confirmed — live since March 2026 | None |
| Account Profile redesign (Q2) | Design | Design Team | In progress | Delays Payment Methods page layout |
| Legal review of stored payment data language | Legal | Legal/Privacy | Pending — due April 15 | Blocks copy for consent checkbox |
| PCI-DSS scope confirmation | Compliance | Security | Confirmed — token vault out of scope | None |
 
---
 
## 7. Success Metrics
 
| Metric | Current Baseline | Target | Measurement Method | Timeline |
|--------|-----------------|--------|-------------------|----------|
| Checkout completion rate | 61% | 68% or higher | Analytics (session funnel) | 90 days post-launch |
| Saved method adoption | 0% | 35% or more of eligible users | Account profile data | 60 days post-launch |
| Checkout time (registered users) | 4.2 min avg | 2.5 min avg or less | Session recording (Hotjar) | 30 days post-launch |
| Fraud rate (card-not-present) | 0.08% | 0.08% or lower (no increase) | Adyen fraud dashboard | Monthly |
 
---
 
## 8. Open Questions
 
| # | Question | Owner | Due Date | Status |
|---|----------|-------|----------|--------|
| 1 | Does saving a card require explicit re-consent under GDPR for EU expansion in Q4? | Legal | April 15 | Open |
| 2 | Should we support 4 saved methods instead of 3? Benchmarking shows competitors allow 5. | PM | April 8 | Open |
| 3 | What is the token expiry policy when a user has not logged in for 12 or more months? | Engineering | April 10 | Open |
 
---
 
## 9. Appendix / References
 
- Q3 2025 Customer Survey Results (internal link)
- Adyen Tokenization API Docs
- Competitor Analysis: Checkout UX Benchmarking (April 2026)
- PCI-DSS Scope Confirmation Memo — Security Team, March 2026

# Technical Spec: [Feature Name]
 
**Author:** ___
**Engineering Lead:** ___
**PM Owner:** ___
**Status:** Draft / In Review / Approved
**Version:** ___
**Target Sprint:** ___
 
---
 
## 1. Overview
 
### Summary
[2–3 sentences: what this spec covers and why.]
 
### PRD Reference
[Link or reference to the PRD this spec implements.]
 
---
 
## 2. Architecture
 
### System Diagram
[ASCII diagram or link to Miro/Figma architecture diagram]
 
### Components Affected
| Component | Change Type | Notes |
|-----------|------------|-------|
| | New / Modified / Unchanged | |
 
### Data Flow
1. ___
2. ___
 
---
 
## 3. API Contracts
 
### Endpoint: [METHOD] /path
 
**Request:**
```json
{
  "field": "type — description"
}

{
  "field": "type — description"
}

{
  "adyenToken": "8415968893916991",
  "brand": "visa",
  "last4": "4242",
  "expiryMonth": "09",
  "expiryYear": "2028",
  "setAsDefault": true
}

{
  "id": "pm_01HXYZ",
  "brand": "visa",
  "last4": "4242",
  "isDefault": true,
  "createdAt": "2026-04-01T14:00:00Z"
}

# Sprint 46 Review
 
**Team:** Checkout Squad
**Sprint Dates:** March 31 to April 11, 2026
**Facilitator:** Sarah Chen (PM)
**Attendees:** Marcus Webb, Priya Nair, Tom Delacroix, Ji-Young Kim (QA), Sarah Chen, Diana Osei (Design)
 
---
 
## Sprint Goal
 
> Complete the backend API for saved payment methods (all 4 endpoints) and the Account Profile payment management page, unblocking the checkout integration work planned for Sprint 47.
 
**Goal achieved?** Partially — backend complete, frontend page 80% complete (styling review pending).
 
---
 
## Completed Work
 
| Story ID | Story Title | Story Points | Notes |
|----------|-------------|-------------|-------|
| CHK-201 | GET /payment-methods endpoint | 3 | All tests passing, deployed to staging |
| CHK-202 | POST /payment-methods endpoint | 5 | Includes Adyen sandbox integration |
| CHK-203 | DELETE /payment-methods endpoint | 3 | Soft-delete logic confirmed with Legal |
| CHK-204 | PATCH /payment-methods/{id}/set-default | 2 | |
| CHK-208 | payment_methods DB migration | 2 | Ran in staging; zero downtime confirmed |
| CHK-210 | Unit tests — Payment Service | 3 | 87% coverage achieved |
| CHK-211 | Account Profile: Payment Methods page (core) | 5 | Pending design sign-off on card icons |
 
**Total Points Completed:** 23
**Sprint Velocity:** 23 (team average last 4 sprints: 26)
 
---
 
## In Progress (Carried to Next Sprint)
 
| Story ID | Story Title | % Complete | Carry-Over Reason | Owner |
|----------|-------------|-----------|-------------------|-------|
| CHK-212 | Account Profile: mobile responsive styling | 80% | Design review took longer than estimated — card brand icon set from Design delivered Friday EOD | Tom Delacroix |
| CHK-215 | Integration tests — Adyen sandbox edge cases | 40% | Sandbox environment was down Wednesday through Thursday; recovered Friday but not enough time to finish | Priya Nair |
 
---
 
## Blocked / Removed
 
| Story ID | Story Title | Block Reason | Action Taken |
|----------|-------------|-------------|--------------|
| CHK-220 | Checkout flow: saved method selection step | Waiting on Legal review of consent copy (due April 15) | Moved to Sprint 47 backlog; story point buffer added |
| CHK-225 | Load testing (k6) | k6 scripts require staging environment with Adyen sandbox connected | DevOps creating new staging env config; unblocked April 10 |
 
---
 
## Key Metrics
 
| Metric | Sprint Goal | Actual | Delta |
|--------|------------|--------|-------|
| Planned Points | 28 | 23 | -5 (Adyen sandbox outage and Design delay) |
| Completed Points | 28 | 23 | -5 |
| Velocity | 26 (rolling avg) | 23 | -3 |
| Bugs Found in Sprint | — | 4 | 3 minor (P3), 1 medium (P2) |
| Bugs Resolved in Sprint | — | 3 | P2 fixed same day; 1 P3 deferred |
 
---
 
## Demo Notes
 
| Feature Demoed | Feedback Received | Follow-up Action |
|----------------|------------------|------------------|
| Account Profile: Payment Methods page | Stakeholders liked the layout; Diana flagged card brand icons are too small on mobile | Tom to increase icon size in Sprint 47 |
| DELETE flow with confirmation modal | Marcus flagged the modal copy says "delete" but Legal wants "remove" — aligns with PRD language | Update modal copy in CHK-212 |
| GET /payment-methods API response | Engineering Lead asked if we should return cardType (credit vs. debit) — not in scope for MVP | Logged as backlog item CHK-280 for Q3 |
 
---
 
## Retrospective Highlights
 
**What went well:**
- Backend APIs shipped on time and ahead of integration test schedule
- Soft-delete architecture decision saved significant rework (Marcus flagged risk 3 weeks ago — good catch)
- Team communication during the Adyen outage was excellent — Priya escalated same day and the team re-planned within 2 hours
 
**What could improve:**
- Design sign-off was on the critical path but not scheduled until Day 9 of the sprint — should be Day 5 at latest
- We underestimated the Legal review dependency for CHK-220; this is the second sprint in a row Legal has been a late blocker
 
**Action items from retro:**
 
| Action | Owner | Due |
|--------|-------|-----|
| Add "Design sign-off checkpoint" to sprint planning template for all frontend stories | Sarah Chen | April 14 |
| Set up recurring 30-min Legal sync at start of each sprint to surface copy reviews early | Sarah Chen | April 15 |
| Document Adyen sandbox outage in runbook and add fallback mock service for future sprints | Marcus Webb | April 18 |
 
---
 
## Next Sprint Preview
 
**Proposed Sprint Goal:** Complete checkout flow integration for saved payment methods, finish all integration and load tests, and launch internal canary (engineering team only).
 
**Candidate Stories (top 5):**
1. CHK-220 — Checkout flow: saved method selection step (8 pts)
2. CHK-212 — Account Profile: mobile responsive styling (carry-over, 2 pts)
3. CHK-215 — Integration tests — Adyen sandbox edge cases (carry-over, 3 pts)
4. CHK-230 — Checkout flow: "Save this card" prompt on order confirmation (5 pts)
5. CHK-225 — Load testing — k6 suite against staging (3 pts)

# Incident Report: [Short Title]
 
**Incident ID:** INC-____
**Severity:** P1 / P2 / P3
**Status:** Open / Resolved / Post-Mortem Complete
**Date/Time Detected:** ___
**Date/Time Resolved:** ___
**Total Duration:** ___
**Report Author:** ___
**Report Date:** ___
 
---
 
## Executive Summary
 
[2–4 sentences: what happened, who was affected, and what was done to resolve it. Written for non-technical leadership.]
 
---
 
## Timeline
 
| Time (UTC) | Event | Who |
|-----------|-------|-----|
| | Incident detected | |
| | On-call engineer paged | |
| | Initial diagnosis | |
| | Mitigation applied | |
| | Incident resolved | |
| | All-clear confirmed | |
 
---
 
## Root Cause Analysis
 
### Immediate Cause
[The direct technical trigger — what broke?]
 
### Contributing Factors
1. ___
2. ___
 
### Root Cause (the systemic "why")
[Why did the immediate cause go undetected or uncaught by existing safeguards?]
 
---
 
## Impact Assessment
 
| Impact Area | Details |
|-------------|---------|
| Users affected | |
| Revenue impact | |
| Data integrity | |
| SLA breach | Yes / No |
| External communications required | Yes / No |
 
---
 
## Resolution
 
### Immediate Fix Applied
___
 
### Verification Steps
- [ ] ___
 
---
 
## Prevention Plan
 
| Action | Owner | Priority | Due Date | Status |
|--------|-------|----------|----------|--------|
| | | P1/P2/P3 | | Open |
 
---
 
## Lessons Learned
 
**What worked:**
- ___
 
**What did not work:**
- ___
 
**Process changes:**
- ___

# Incident Report: Checkout Payment Failure — Adyen Token Validation Error
 
**Incident ID:** INC-2026-0412
**Severity:** P1
**Status:** Post-Mortem Complete
**Date/Time Detected:** April 12, 2026, 02:17 UTC
**Date/Time Resolved:** April 12, 2026, 03:44 UTC
**Total Duration:** 1 hour 27 minutes
**Report Author:** Marcus Webb, Engineering Lead
**Report Date:** April 14, 2026
 
---
 
## Executive Summary
 
On April 12, 2026 at approximately 02:17 UTC, the checkout payment system began rejecting all transactions that used a saved payment method. The failure was caused by a deployment of a new Adyen integration library version that changed the token format expected by the validation layer. Approximately 1,240 checkout attempts failed during the 87-minute outage window. The estimated revenue impact is $31,000 based on average order value. The issue was resolved by rolling back the library version. No customer payment data was compromised. A full prevention plan is in place.
 
---
 
## Timeline
 
| Time (UTC) | Event | Who |
|-----------|-------|-----|
| 01:55 | Automated deployment of Adyen SDK v3.2.1 completed (routine dependency update) | CI/CD System |
| 02:17 | Monitoring alert fires: checkout error rate for saved methods crosses 5% threshold | PagerDuty — On-call: Priya Nair |
| 02:22 | Priya acknowledges alert, begins investigation; error rate now 98% for saved methods | Priya Nair |
| 02:31 | Priya identifies error: TOKEN_FORMAT_INVALID in Adyen response logs; correlates with 01:55 deployment | Priya Nair |
| 02:38 | Marcus Webb paged as incident commander | Priya Nair |
| 02:45 | Decision made to roll back Adyen SDK to v3.1.4 rather than hotfix | Marcus Webb |
| 03:10 | Rollback deployment initiated | Marcus Webb |
| 03:29 | Rollback complete; error rate returns to 0.02% baseline | Marcus Webb |
| 03:44 | 15-minute observation window passes cleanly; incident declared resolved | Marcus Webb |
| 04:00 | Customer Support notified; templated response prepared for affected users | Sarah Chen |
| 08:30 | Post-mortem scheduled | Marcus Webb |
 
---
 
## Root Cause Analysis
 
### Immediate Cause
Adyen SDK v3.2.1 introduced a breaking change in how `recurringDetailReference` tokens are formatted in API requests. Our validation layer expected the v3.1.x format (16-char hyphenated string). The new version sends a base64-encoded string. Our validator rejected all base64-format tokens as invalid before they reached Adyen.
 
### Contributing Factors
1. The SDK upgrade was classified as a "minor" version bump and was included in an automated dependency update batch without manual review.
2. The Adyen sandbox environment used in integration tests was still running the v3.1.x mock API, so the format change was not caught in staging.
3. The deployment occurred at 01:55 UTC (off-peak) but the canary rollout was already at 100% for saved methods, so the entire saved-methods user base was affected immediately.
 
### Root Cause (the systemic "why")
Our dependency update process does not distinguish between SDK changes that affect payment token format (high-risk) and routine library updates (low-risk). All Adyen SDK updates should require a manual review step and a format compatibility test in the Adyen sandbox environment before merging.
 
---
 
## Impact Assessment
 
| Impact Area | Details |
|-------------|---------|
| Users affected | 1,240 checkout sessions failed (100% of users attempting saved-method checkout during window) |
| Revenue impact | Approximately $31,000 (1,240 sessions at $25 average order value) |
| Data integrity | No data loss or corruption; no payment data exposed |
| SLA breach | Yes — checkout availability SLA is 99.9% monthly; this outage consumed 0.12% of the monthly budget |
| External communications required | Yes — 1,240 affected users received email with apology and 10% discount code |
 
---
 
## Resolution
 
### Immediate Fix Applied
Rolled back Adyen SDK from v3.2.1 to v3.1.4. All saved payment method transactions resumed normal processing within 15 minutes of rollback completion.
 
### Verification Steps
- [x] Error rate returned to 0.02% baseline
- [x] 50 manual test transactions with saved methods completed successfully in production
- [x] Adyen dashboard confirmed no rejected tokens after 03:29 UTC
- [x] Customer Support queue monitored for 2 hours post-resolution — 12 tickets received, all responded to
 
---
 
## Prevention Plan
 
| Action | Owner | Priority | Due Date | Status |
|--------|-------|----------|----------|--------|
| Add Adyen SDK to "manual review required" list in dependency update policy | Marcus Webb | P1 | April 18 | Done |
| Create dedicated Adyen sandbox format compatibility test that runs on every SDK bump | Priya Nair | P1 | April 25 | In Progress |
| Update canary rollout policy: saved payment methods must hold at 5% for 30 min before advancing | Marcus Webb | P1 | April 18 | Done |
| Update Adyen sandbox mock to auto-track production API version | Platform team | P2 | May 2 | Open |
| Add token format validation to pre-deployment smoke test suite | Priya Nair | P2 | April 25 | Open |
 
---
 
## Lessons Learned
 
**What worked:**
- Monitoring alert fired quickly (22 minutes from deployment to page)
- On-call runbook guided Priya to the correct log source within 9 minutes of investigation start
- Rollback process was clean and well-rehearsed — rollback deployment took under 20 minutes
 
**What did not work:**
- Automated dependency updates should not include payment-critical libraries without a human review gate
- The Adyen sandbox was out of sync with production API version — this is the second time this has caused a test gap
 
**Process changes:**
- Adyen and all payment-adjacent libraries moved to "gated upgrade" status: requires Engineering Lead approval and format compatibility test before merging
- Monthly sandbox sync check added to Platform team's first-Friday checklist

# Meeting Notes: [Meeting Title]
 
**Date:** ___
**Time:** ___
**Location / Link:** ___
**Facilitator:** ___
**Note-taker:** ___
 
**Attendees:**
- [ ] ___ (Role)
- [ ] ___ (Role)
 
**Absent:**
- ___ (sent apologies)
 
---
 
## Agenda
 
1. ___
2. ___
3. ___
 
---
 
## Decisions Made
 
| # | Decision | Rationale | Decision Maker | Date Effective |
|---|----------|-----------|---------------|----------------|
| D-01 | | | | |
 
---
 
## Discussion Notes
 
### Topic 1: ___
[Key points raised, options considered, conclusion reached]
 
### Topic 2: ___
[Key points raised, options considered, conclusion reached]
 
---
 
## Action Items
 
| # | Action | Owner | Due Date | Priority | Status |
|---|--------|-------|----------|----------|--------|
| A-01 | | | | High/Med/Low | Open |
 
---
 
## Parking Lot (items to address in a future meeting)
 
- ___
 
---
 
## Next Meeting
 
**Date:** ___
**Proposed Agenda:**
1. ___

# Meeting Notes: Saved Payment Methods — Sprint 47 Kickoff and Legal Sign-Off
 
**Date:** April 14, 2026
**Time:** 10:00–10:50 AM PT
**Location / Link:** Google Meet (link in calendar invite)
**Facilitator:** Sarah Chen
**Note-taker:** Sarah Chen
 
**Attendees:**
- [x] Sarah Chen (PM, Checkout Squad)
- [x] Marcus Webb (Engineering Lead)
- [x] Priya Nair (Backend Engineer)
- [x] Tom Delacroix (Frontend Engineer)
- [x] Ji-Young Kim (QA Lead)
- [x] Rachel Torres (Legal / Privacy)
- [x] Diana Osei (Product Design)
 
**Absent:**
- David Park (VP Engineering) — sent apologies; asked for decision summary by EOD
 
---
 
## Agenda
 
1. Legal sign-off on consent copy for "Save this card" checkbox
2. Sprint 47 goals and priority alignment
3. Load testing plan and go/no-go criteria for internal canary
4. Open questions from Sprint 46 retro (Design sign-off process)
 
---
 
## Decisions Made
 
| # | Decision | Rationale | Decision Maker | Date Effective |
|---|----------|-----------|---------------|----------------|
| D-01 | Consent checkbox copy approved: "Save this card for faster checkout. You can remove saved cards anytime in Account Settings." | Rachel confirmed this satisfies GDPR Article 7 informed consent requirements; no separate opt-in modal needed. | Rachel Torres (Legal) | Immediate |
| D-02 | Sprint 47 goal: complete checkout flow integration, all integration and load tests, and internal canary launch | Aligns with Q2 target of public launch by May 5 | Sarah Chen (PM) and Marcus Webb | April 14 |
| D-03 | Go/no-go for public launch requires: error rate <0.1% for 48-hour canary and load test passing at 2x peak | Based on INC-2026-0412 learnings; erring on side of caution post-incident | Marcus Webb | April 14 |
| D-04 | Design sign-off checkpoint moved to Day 4 of each sprint (previously Day 9) | Retro action item; prevents frontend stories from blocking on design at end of sprint | Sarah Chen | Sprint 47 onward |
 
---
 
## Discussion Notes
 
### Topic 1: Legal Sign-Off on Consent Copy
Rachel reviewed the proposed copy ahead of the meeting. Her key points:
- The phrase "faster checkout" is acceptable marketing language and does not constitute a misleading claim under CCPA
- The checkbox must be unchecked by default — confirmed in PRD, Tom confirmed implementation matches
- We are not required to list our data retention period in the checkbox copy; it is sufficient in the Privacy Policy linked from the checkout footer
- GDPR note: for EU expansion in Q4 we will need a separate review, but the current copy is compliant for US, CA, UK, and AU (current Adyen regions)
 
**Conclusion:** Copy approved with one minor edit — change "your account" to "Account Settings" to match the exact nav label. Tom to update in the component.
 
### Topic 2: Sprint 47 Goals
Marcus walked through the carry-over stories (CHK-212 and CHK-215) and the new stories for checkout integration (CHK-220 and CHK-230). Team confirmed:
- CHK-212 (mobile styling) is blocked only on the card icon size fix — Tom estimates 2 hours. Will be done by end of Day 1.
- CHK-215 (Adyen sandbox integration tests) — Priya estimates 1 day now that sandbox is back up
- CHK-220 (checkout flow: saved method selection) — Marcus flagged this is the highest-risk story; needs a 2-day buffer in the plan
- Load testing (CHK-225) — Ji-Young has the k6 scripts ready; needs 4 hours of staging environment time. DevOps confirmed Wednesday 6 PM–10 PM slot.
 
Total estimated points: 28. Team capacity: 30. Plan is feasible.
 
### Topic 3: Go/No-Go Criteria
Post-INC-2026-0412, Marcus proposed stricter canary criteria than originally planned. The team agreed on:
- Internal canary (engineering team, 8 accounts): 24-hour observation, error rate target <0.1%
- 5% canary: 48-hour observation, error rate <0.1%, fraud rate unchanged
- Advance to 25% only after PM and Engineering Lead both sign off
 
Sarah noted that the public launch date of May 5 is still achievable if Sprint 47 completes on schedule and the 5% canary runs during the week of April 28.
 
### Topic 4: Design Sign-Off Process
Diana proposed a lightweight solution: for any frontend story, design sign-off should be listed as a sub-task in Jira with Diana assigned and a due date of Sprint Day 4. Engineering should not mark the story "In Review" until design is signed off. Sarah agreed to update the sprint planning template before Thursday's planning session.
 
---
 
## Action Items
 
| # | Action | Owner | Due Date | Priority | Status |
|---|--------|-------|----------|----------|--------|
| A-01 | Update consent checkbox copy: "your account" to "Account Settings" | Tom Delacroix | April 15 | High | Open |
| A-02 | Update sprint planning Jira template to include Design sign-off sub-task | Sarah Chen | April 16 | High | Open |
| A-03 | Confirm DevOps staging environment slot for k6 load test (Wednesday April 23, 6–10 PM) | Marcus Webb | April 15 | High | Open |
| A-04 | Send decision summary to David Park (VP Eng) | Sarah Chen | April 14 EOD | High | Open |
| A-05 | Document internal canary go/no-go checklist in Notion runbook | Marcus Webb | April 18 | Medium | Open |
| A-06 | Schedule EU consent copy review with Legal for Q4 EU expansion | Sarah Chen | April 30 | Low | Open |
 
---
 
## Parking Lot (items to address in a future meeting)
 
- Should we allow users to name their saved payment methods (e.g., "Work Card", "Personal Visa")? Customer Support requested this — defer to Q3 roadmap discussion.
- Debit vs. credit card differentiation in UI — raised by Marcus, no clear business requirement yet — flag for Q3 PRD.
 
---
 
## Next Meeting
 
**Date:** April 21, 2026 (Sprint 47 mid-sprint check-in)
**Proposed Agenda:**
1. CHK-220 progress check — is checkout integration on track?
2. Load test results (if completed by April 23 slot)
3. Canary launch readiness review

[
  {
    "id": "A-01",
    "action": "Update consent checkbox copy: 'your account' to 'Account Settings'",
    "owner": "Tom Delacroix",
    "dueDate": "2026-04-15",
    "priority": "high"
  },
  {
    "id": "A-02",
    "action": "Update sprint planning Jira template to include Design sign-off sub-task",
    "owner": "Sarah Chen",
    "dueDate": "2026-04-16",
    "priority": "high"
  },
  {
    "id": "A-03",
    "action": "Confirm DevOps staging environment slot for k6 load test",
    "owner": "Marcus Webb",
    "dueDate": "2026-04-15",
    "priority": "high"
  }
]