Skip to main content

Bookkeeping Exchange - User Roles & Permissions

Bookkeeping Exchange - User Roles & Permissions

2. User Roles, Permissions & Workflows

Document Version: 1.0 Last Updated: 2025-12-26

2.1 User Role Overview

The platform supports three primary user roles:

  1. Business Owner (Lead Submitter)
  2. Bookkeeper (Lead Purchaser)
  3. Administrator (Platform Manager)

2.2 Business Owner Role

2.2.1 Registration & Authentication

Account Creation:

  • Account automatically created upon lead form submission
  • Required fields:
    • Business owner name
    • Email address
    • Phone number
    • Business name
  • Password set during submission or via email verification link
  • Email verification required before account activation

Authentication:

  • Standard email/password login
  • Password reset via email
  • Optional: Remember me functionality

2.2.2 Permissions

Business Owners can:

  • ✅ Submit lead forms
  • ✅ View their submitted leads
  • ✅ Edit/update their lead information
  • ✅ See lead status (pending, purchased, inactive)
  • ✅ See which bookkeeper purchased their lead (if purchased)
  • ✅ Request lead reactivation
  • ✅ Request account/data deletion
  • ✅ Update account profile information

Business Owners cannot:

  • ❌ View other business owners' leads
  • ❌ Access bookkeeper information (beyond purchased lead)
  • ❌ See lead pricing information
  • ❌ Access admin functions

2.2.3 Account Dashboard

Dashboard Elements:

  • Lead submission status
  • Purchased by: [Bookkeeper name] or "Pending Purchase"
  • Date submitted
  • Last updated date
  • Edit lead button
  • Contact support link

Lead Status States:

  • Pending: Submitted, visible to bookkeepers, not yet purchased
  • Purchased: Bookkeeper has purchased exclusive access
  • Inactive: Manually deactivated by admin or business owner
  • Reactivated: Was purchased, now available again

2.2.4 User Flow - Lead Submission

1. Business owner visits landing page
2. Clicks "Submit Your Business Needs" CTA
3. Fills out lead form (see PRD_3 for fields)
4. Checks consent checkbox for information sharing
5. Agrees to Terms of Service
6. Submits form
7. Account automatically created
8. Email verification sent
9. Confirmation email sent with:
   - Submission details
   - Login credentials/link
   - What happens next
10. Redirected to "Thank You" page

2.2.5 Email Notifications (Business Owner)

Business owners receive emails for:

  • ✉️ Submission confirmation (immediate)
  • ✉️ Email verification (immediate)
  • ✉️ Lead purchased by bookkeeper (within 1 hour)
  • ✉️ Bookkeeper contact information (within 1 hour of purchase)
  • ✉️ Lead reactivation confirmation (if requested)
  • ✉️ Account updates/changes

2.3 Bookkeeper Role

2.3.1 Registration & Onboarding

Registration Process:

1. Bookkeeper visits "Join as a Bookkeeper" page
2. Completes registration form:
   - Personal/business name
   - Email address
   - Phone number
   - Business name (if applicable)
   - Service area (city, state, radius OR "nationwide")
   - Certifications (CPA, EA, QB ProAdvisor, etc.)
   - Specializations (industry focus, business size, etc.)
   - Optional services (payroll, CFO, tax prep, etc.)
   - Business website
   - Years of experience
3. Creates password
4. Agrees to Terms of Service
5. Email verification sent
6. Status: "Pending Admin Approval"
7. Admin reviews and approves/rejects
8. Approval email sent with login link
9. Bookkeeper logs in → prompted to start free trial

Admin Approval Criteria:

  • Complete profile information
  • Valid business email (preferred over personal email)
  • Professional appearance
  • No red flags in provided information

2.3.2 Subscription Management

Free Trial:

  • Duration: Configurable (default 30 days)
  • Full access to limited lead previews
  • Can bookmark leads
  • Cannot purchase leads until payment method added
  • Trial expiration warnings:
    • Email at 7 days remaining
    • Email at 3 days remaining
    • Email at 1 day remaining
    • Banner in dashboard when < 7 days

Paid Subscription:

  • Monthly recurring via Stripe
  • Auto-renewal enabled
  • Price: Configurable in admin panel
  • Payment method required
  • Can purchase leads immediately upon payment

Subscription States:

  • Trial: Free trial period, limited functionality
  • Active: Paid subscription, full access
  • Past Due: Payment failed, grace period (7 days)
  • Expired: Subscription lapsed, no access to leads

Expiration Handling:

  • Immediate loss of access to lead previews
  • Previously purchased leads remain accessible
  • Can still log in to reactivate subscription
  • Bookmarked leads preserved for 90 days

2.3.3 Permissions

Bookkeepers can:

  • ✅ View limited lead information (previews)
  • ✅ Bookmark leads for later
  • ✅ Purchase leads (if active subscription + payment method)
  • ✅ View full information for purchased leads
  • ✅ Download/export their purchased leads (future)
  • ✅ Update their profile information
  • ✅ Manage subscription and payment methods
  • ✅ View purchase history
  • ✅ Request support/refunds

Bookkeepers cannot:

  • ❌ View other bookkeepers' information
  • ❌ See which bookkeepers bookmarked/viewed leads
  • ❌ Access purchased leads from other bookkeepers
  • ❌ Purchase same lead twice
  • ❌ Purchase unlimited leads without payment
  • ❌ Access admin functions

2.3.4 Bookkeeper Dashboard

Dashboard Sections:

  1. Lead Feed

    • Sortable table of available leads
    • Columns: Date, Industry, Location, Revenue Range, Services Needed, Price
    • Default sort: Newest first
    • Bookmark icon for each lead
    • "Purchase" button for each lead
    • Lead detail modal on click

  2. My Bookmarks

    • Saved leads for later review
    • Same table format as lead feed
    • Remove bookmark option

  3. Purchased Leads

    • Full access to all lead information
    • Contact details revealed
    • Purchase date
    • Amount paid
    • Export option (future)

  4. Account Settings

    • Profile information
    • Service area settings
    • Payment methods
    • Subscription status
    • Change password

  5. Subscription Status Widget

    • Current plan
    • Renewal date
    • Payment method on file
    • Upgrade/change plan (future)

2.3.5 User Flow - Lead Purchase

1. Bookkeeper browses lead feed
2. Clicks on lead to view preview modal
3. Preview shows limited information + price
4. Clicks "Purchase Lead" button
5. Confirmation modal:
   - Shows lead preview
   - Shows price
   - Confirms exclusive access
   - "Confirm Purchase" button
6. Payment processed via Stripe
7. Lead immediately appears in "Purchased Leads"
8. Lead removed from public feed
9. Full lead information revealed
10. Confirmation email sent with lead details

2.3.6 User Flow - Bookmark Lead

1. Bookkeeper viewing lead feed
2. Clicks bookmark icon on lead row
3. Icon changes to "bookmarked" state
4. Lead appears in "My Bookmarks" tab
5. Can unbookmark anytime
6. Bookmarks persist across sessions
7. Bookmarked leads can still be purchased by others

2.3.7 Email Notifications (Bookkeeper)

Bookkeepers receive emails for:

  • ✉️ Registration confirmation (immediate)
  • ✉️ Admin approval notification (when approved)
  • ✉️ Trial expiration warnings (7, 3, 1 days before)
  • ✉️ Subscription renewal confirmation (monthly)
  • ✉️ Payment failure notice (immediate)
  • ✉️ Lead purchase confirmation (immediate)
  • ✉️ New leads matching criteria (future - optional notification)
  • ✉️ Subscription expired (immediate)

2.4 Administrator Role

2.4.1 Admin Access

Admin Capabilities:

  • Full CRUD operations on all entities
  • User management (all roles)
  • Lead management
  • Payment oversight and refunds
  • Configuration management
  • Analytics and reporting (future)

Admin Panel Sections:

  1. Dashboard (summary metrics)
  2. User Management
  3. Lead Management
  4. Payment Management
  5. Configuration
  6. Support/Disputes

2.4.2 User Management

Bookkeeper Management:

  • View all bookkeepers (active, trial, expired)
  • Approve/reject pending registrations
  • View bookkeeper profiles
  • Edit bookkeeper information
  • Suspend/deactivate accounts
  • View purchase history per bookkeeper
  • Send direct messages/emails
  • Reset passwords
  • Manually extend trials
  • Manually apply discounts/credits

Business Owner Management:

  • View all business owners
  • View submitted leads per owner
  • Edit business owner profiles
  • Deactivate accounts
  • Handle data deletion requests
  • View lead submission history
  • Contact business owners

2.4.3 Lead Management

Lead Operations:

  • View all leads (all statuses)
  • Create leads manually
  • Edit lead information
  • Delete leads
  • Change lead status
  • Set custom pricing (override automatic pricing)
  • Reactivate purchased leads
  • Assign leads to bookkeepers (manual matching)
  • Mark leads as inactive/archived

Lead Pricing Configuration:

  • Set base pricing rules by revenue range
  • Override pricing for individual leads
  • Configure pricing tiers (future: shared vs exclusive)

Pricing Rule Examples:

Annual Revenue Range → Lead Price (Exclusive)
$0 - $50,000         → $50
$50,001 - $100,000   → $100
$100,001 - $250,000  → $150
$250,001 - $500,000  → $250
$500,001 - $1,000,000 → $400
$1,000,000+          → $600

Quality Multipliers:
- Incomplete form (< 50% fields) → 0.5x
- Complete form (100% fields)    → 1.0x
- Urgent need                    → 1.2x

2.4.4 Payment Management

Stripe Integration:

  • View all transactions
  • Issue refunds (full or partial)
  • View subscription statuses
  • Handle failed payments
  • Generate financial reports
  • Export payment data

Refund Workflow:

1. Bookkeeper or business owner contacts support
2. Admin reviews dispute/request
3. Admin determines refund eligibility:
   - Full refund: Lead was invalid/duplicate
   - Partial refund: Some issues but lead was viable
   - No refund: Lead was valid, business decision
4. Admin issues refund via Stripe
5. Lead reactivated if applicable
6. Notification sent to both parties

2.4.5 Configuration Management

Configurable Settings:

Setting Type Default Description
Monthly subscription price Currency $199 Bookkeeper monthly fee
Free trial duration Days 30 Trial period length
Lead pricing rules JSON See 2.4.3 Revenue-based pricing
Grace period for expired Days 7 Days before hard cutoff
Bookmark retention Days 90 Keep bookmarks after expiration
Email sender name String Bookkeeping Exchange From name in emails
Support email Email support@... Contact email
Terms of Service URL URL /terms Link to ToS
Privacy Policy URL URL /privacy Link to Privacy Policy

2.4.6 Support & Disputes

Support Ticket System (Manual for MVP):

  • Receive support emails at configured address
  • Track via email or simple ticketing system
  • Common scenarios:
    • Lead quality disputes
    • Refund requests
    • Reactivation requests
    • Technical issues
    • Account problems

Dispute Resolution Process:

1. Support request received
2. Admin reviews details
3. Admin contacts relevant parties (business owner/bookkeeper)
4. Admin makes decision based on:
   - Terms of Service
   - Fairness to both parties
   - Business best practices
5. Admin takes action (refund, reactivate, close ticket)
6. Admin sends resolution email
7. Ticket closed

2.4.7 Admin User Flow - Approve Bookkeeper

1. Bookkeeper registers
2. Admin receives notification email
3. Admin logs into admin panel
4. Navigates to "Pending Approvals"
5. Reviews bookkeeper profile:
   - Contact information
   - Business details
   - Certifications
   - Service area
6. Makes decision:
   → Approve: Bookkeeper activated, email sent
   → Reject: Account denied, email sent with reason
   → Request more info: Email sent requesting clarification
7. Status updated in database
8. Notification sent to bookkeeper

2.4.8 Admin User Flow - Manual Lead Creation

1. Admin receives lead via phone/offline channel
2. Admin navigates to "Create Lead" in admin panel
3. Fills out lead form with business owner information
4. Sets custom pricing (or uses automatic)
5. Sets lead status (active/inactive)
6. Saves lead
7. Lead appears in bookkeeper feed (if active)
8. Optional: Admin can assign directly to specific bookkeeper

2.5 Permission Matrix

Action Business Owner Bookkeeper (Trial) Bookkeeper (Paid) Admin
Submit lead
Edit own lead
View lead preview
Bookmark lead N/A
Purchase lead
View full lead details Own only Purchased only
Manage subscription
Issue refunds Request only Request only
Edit any user
Configure pricing
Approve bookkeepers
Access analytics Own data only Own data only

2.6 Authentication & Security

Password Requirements

  • Minimum 8 characters
  • Must contain: uppercase, lowercase, number
  • Optional: Special character

Session Management

  • Session timeout: 30 days (remember me) or browser close
  • Secure cookies with HttpOnly and Secure flags
  • CSRF protection on all forms

Two-Factor Authentication

  • Not required for MVP
  • Roadmap item for admin accounts

Account Security Features

  • Password reset via email
  • Email verification required
  • Login attempt limiting (rate limiting)
  • Account lockout after failed attempts (future)

2.7 Data Privacy & Consent

Business Owner Consent

Upon lead submission, business owners must:

  • ✅ Agree to Terms of Service
  • ✅ Consent to information sharing with bookkeepers
  • ✅ Acknowledge their information will be "sold" to bookkeepers

Upon registration, bookkeepers must:

  • ✅ Agree to Terms of Service
  • ✅ Acknowledge purchased lead information is confidential
  • ✅ Agree not to resell or share lead information

Terms Clause (Placeholder):

By purchasing leads, you agree to:
- Use lead information solely for the purpose of providing
  bookkeeping services
- Not share, sell, or distribute lead information to third parties
- Maintain confidentiality of business owner information
- Contact leads in a professional manner

Data Deletion Requests

Both business owners and bookkeepers can request:

  • Account deletion
  • Data removal from database
  • Admin must process within reasonable timeframe
  • Purchased lead information may be retained for business records

Next Document: PRD_3_DATA_MODELS.md - Database schema and data structures

Back to top