Operations & Audit
Role-based access control, data imports, consent tracking, and audit logs.
Role-Based Access Control
HQ AdminFull access
All modules including RBAC, audit, and system configuration
Store ManagerStore-scoped
Customer lookup, transaction recording, and local reporting
MarketerCampaigns only
Segmentation, campaign creation, message logs, and content
Kiosk OperatorCheck-in only
Point-of-sale lookup, purchase capture, and kiosk check-in
Accounting & SQL export import
Map CSV columns → fields. Phones normalized to 60… for matching.Member fields: phone, firstName, lastName, email, gender, age, city, birthday, tier, preferredStoreId, tags, marketingOptIn. Invoice fields: reference, phone, amount, purchasedAt, storeId. Use exact CSV headers as JSON keys.
Paste CSV
Column map (JSON)
Data Imports (legacy)
Use panel above for CSVCustomer CSV Bulk member registration | Ready |
POS Connector Live transaction sync | Configured |
Bulk Points Upload Manual bulk adjustment | Available |
Reward Sync Catalog import via CSV | Manual |
Consent & Compliance
| Marketing opt-in tracking | Per member |
| SMS consent | Channel-specific |
| WhatsApp consent | Channel-specific |
| PDPA compliance | Enabled |
| Consent withdrawal | Self-serve via portal |
| Audit log entries | 2 sample entries |
System Configuration
DATABASE_URL set (admin process)API Server
Expected port4000 (see PM2 / nginx)
DataPrisma when API has DATABASE_URL
This rowReflects admin app env only
Messaging
SMS Provider—
DEMO_MODEfalse
YCLOUD_API_KEY—
Points Engine
Earn RateRM 10 = 1 point
ExpiryConfigurable
RoundingFloor to nearest integer