Skip to main content

v0.0.1 — MVP foundation

Initial platform build. Establishes the full database schema, authentication, AI integration, product management, DPP lifecycle, certificate monitoring, team roles, CSV import, supplier invitations, and GDPR tooling.

Added

Data model

A comprehensive multi-tenant database schema covering all core platform entities: products and DPP records across all five battery categories, suppliers and their material libraries, verification tasks and decisions, certificates with expiry tracking, audit logs, team members and roles, data requests, and GDPR consent records. Enum types cover all battery category classifications, product lifecycle states, verification outcomes, and regulatory compliance statuses required by EU Regulation 2023/1542.

Authentication — email + OTP

Secure authentication using email and password combined with one-time password (OTP) verification on every login. Sessions are managed via secure, HTTP-only cookies with server-side validation. OTP delivery is handled via transactional email.

AI integration — nine flows

Nine AI-powered workflows built on the Anthropic Claude API:

  • Document extraction — extract structured DPP field values from uploaded compliance documents (test reports, certificates, declarations)
  • Supply chain due diligence — generate a structured due diligence summary from uploaded supplier data
  • Carbon footprint analysis — analyse carbon footprint figures and flag values that appear anomalous relative to battery category benchmarks
  • Sustainability narrative — generate a plain-language sustainability summary for the DPP public viewer from structured data
  • Data request drafting — generate a structured data request message to a supplier, prefilled with the specific fields being requested
  • Certificate review — extract key fields from uploaded certificate documents for pre-population into the certificate record
  • Compliance gap analysis — identify DPP fields that are missing or incomplete relative to the requirements for the product's battery category
  • Email refinement — improve clarity and tone of operator-to-supplier communication drafts
  • Campaign generation — generate structured recall or notification campaign content from product and operator details

Product management

Full product lifecycle management: create battery products across all five regulated categories (EV, LMT, Industrial, SLI, Portable), populate DPP fields through a structured wizard, manage version history, and control publication state.

DPP immutable snapshots

Each time a DPP is published, an immutable snapshot of its data is captured. The snapshot record links the published content to the operator's identity, publication timestamp, and DPP version number. Published DPPs cannot be modified — updates require creating a new version.

Certificate expiry monitoring

Certificates linked to products and materials are tracked against their expiry dates. A background job runs daily, identifies certificates within 30 days of expiry, and notifies the relevant operator or supplier so renewals can be initiated before a DPP becomes non-compliant.

Multi-user team roles

Operator accounts support multiple team members with distinct roles: Administrator (full account control), Manager (product and supplier management), and Viewer (read-only). Role assignments are managed by account administrators and take effect immediately.

Bulk CSV import

Products can be imported in bulk via CSV upload. The import validates each row against the DPP field schema for the specified battery category, reports errors per row, and creates all valid product records in a single operation.

Supplier invitation and onboarding

Operators can invite suppliers directly from the Company Portal. Invitees receive an email with a secure invitation link. Clicking the link creates a Supplier Portal account pre-linked to the inviting operator, with no separate registration required.

GDPR compliance tooling

  • Data export (Article 20) — operators and individual users can request a machine-readable export of all personal data held against their account, delivered as a structured JSON file.
  • Erasure requests (Article 17) — account deletion requests trigger a 30-day erasure workflow covering all personal data, audit-logged for administrator visibility.
  • Consent management — per-feature AI processing consent is captured and stored per user, with a toggle available in account settings.