Fill Classes. Reclaim Your Time.
ClassTap is a brandable online booking and payment platform for independent instructors and small studios (ages 25–55) that streamlines scheduling, invoices and attendee management, automates waitlist-to-payment flows, prevents double-bookings, cuts administrative time by 60%, reduces no-shows 30%, and boosts monthly revenue by 15%.
Subscribe to get amazing product ideas like this one delivered daily to your inbox!
Explore this AI-generated product idea in detail. Each aspect has been thoughtfully created to inspire your next venture.
Detailed profiles of the target users who would benefit most from this product.
- Age 35–44; owner-operator of 2–3 boutique studios - Urban/suburban mix; 8–20 instructors total - Annual revenue $500K–$1.5M across locations - Uses MacBook at HQ; iPhone on floor
Started as a solo instructor, opened a second location after waitlists exploded. Outgrew spreadsheets and single-site tools while hiring managers. Learned the hard way when two studios double-booked a room.
1. Unified multi-location calendar with conflict prevention 2. Role-based permissions and approval workflows 3. Consolidated reporting and instructor payout automation
1. Cross-location double-bookings and room conflicts 2. Manual, error-prone multi-site payouts 3. Inconsistent branding across booking pages
- Obsessed with scalable, repeatable operations - Measures success by utilization and margins - Delegates, but demands brand consistency - Chooses tools that grow with her
1. LinkedIn Groups — studio ops 2. Instagram Reels — growth tips 3. Google Search — scheduling software 4. YouTube — management tutorials 5. Apple Podcasts — small business
- Age 28–40; owner-coach of Pilates/cycle studio - 6–14 machines; 3–8 instructors rotating - 250–500 weekly bookings; evenings peak - iPad on floor; desktop for admin
Lost thousands from double-booked machines and idle seats. Tried generic calendars that couldn't assign clients to equipment. Switched focus to utilization.
1. Per-equipment seat assignment and holds 2. Auto waitlist-to-payment per seat 3. SMS reminders and late-cancel controls
1. Machines double-booked or sit empty 2. Manual seat shuffling before class 3. Late cancels leave unsold seats
- Hates idle equipment and wasted time - Prioritizes fairness in seat assignments - Lives by tight, predictable schedules - Seeks automation over manual tweaks
1. Instagram Carousels — studio ops 2. TikTok — floor walkthroughs 3. Google Maps — local discovery 4. Facebook Groups — Pilates owners 5. YouTube — equipment tips
- Age 30–48; yoga/skill coach in college town - 10–24 students per cohort; 2 programs/quarter - Evenings and weekends; classroom-style space - Uses Zoom for makeups; Stripe for payments
After drop-in churn, Casey shifted to structured cohorts to improve outcomes. Spreadsheets and scattered links caused missed payments and confusion.
1. Series packaging with fixed dates 2. Installment plans with auto reminders 3. Easy makeups and attendance rollovers
1. Chasing late installment payments 2. Linking sessions confuses registrants 3. Manual roster updates each week
- Outcome-focused, community-first mindset - Values commitment over casual attendance - Transparent pricing and expectations - Prefers structure with light flexibility
1. Instagram Stories — program launches 2. Eventbrite — discovery listings 3. Facebook Events — local reach 4. Mailchimp Campaigns — alumni list 5. Google Search — course keywords
- Age 29–44; kids yoga/gymnastics owner - Suburban strip-mall studio; school-year seasonality - 60% bookings by mobile; evenings/weekends peak - Two part-time assistants; volunteer helpers
Former school coach turned studio owner. Paper waivers and ad-hoc signups created lines and errors at check-in.
1. Guardian accounts with multiple dependents 2. Digital waivers tied to profiles 3. Automatic sibling/multi-class discounts
1. Parents book wrong child or age group 2. Lost or outdated paper waivers 3. Bottlenecks at after-school check-in
- Safety and compliance above everything - Over-communicates to keep parents confident - Community-centered, referral-driven growth - Prefers predictable, repeatable processes
1. Facebook Groups — local parents 2. Instagram Hashtags — neighborhood reach 3. Nextdoor — community events 4. Google Maps — reviews matter 5. Facebook Events — class signups
- Age 32–52; yoga/wellness educator - 10–30 attendees per event; 1–3 quarterly - Mix of domestic and international venues - Relies on Instagram and email pre-sales
An overbooked retreat with unpaid spots triggered chargebacks and chaos. Riley vowed to professionalize payments and confirmations.
1. Deposits with automated balance reminders 2. Tiered pricing and room types 3. Waitlist invites that auto-capture payment
1. Unpaid reservations after invite 2. Currency, timezone miscommunications 3. Chargeback exposure from unclear terms
- Experience curator, hospitality-minded - Risk-averse with cash flow - Values transparency and deadlines - Marketing-savvy storyteller
1. Instagram Reels — travel teasers 2. TikTok — behind-the-scenes 3. Google Search — retreat keywords 4. YouTube — vlogs and recaps 5. Mailchimp Campaigns — launch lists
- Age 27–41; nomadic instructor/coach - Mix of Zoom and pop-ups; US/EU clients - MacBook and iPhone; airport Wi‑Fi reality - Income diversified: classes, privates, workshops
Left corporate to tour coworking cities. Time-zone mix-ups and failed cross-border payments hurt trust and revenue.
1. Automatic time-zone conversion on listings 2. Multi-currency pricing and payouts 3. Calendar sync with travel itinerary
1. Clients miss sessions due to time confusion 2. Cross-border cards fail at checkout 3. Double-booked days across time zones
- Freedom-seeking, automation-first - Communicates asynchronously, promptly - Prioritizes clarity in times and prices - Comfortable experimenting with tools
1. Instagram Stories — travel updates 2. WhatsApp Broadcasts — class alerts 3. Nomad List Forum — peer advice 4. Reddit r/digitalnomad — tools talk 5. YouTube Tutorials — tool reviews
Key capabilities that make this product valuable to its target users.
Connect Calendly, Mindbody, and calendar sources in minutes, then automatically deduplicate events and unify overlapping classes into a single master schedule. Choose one‑time import or ongoing sync to keep ClassTap as your single source of truth with zero double‑entry.
Provide guided setup to connect Calendly, Mindbody, and major calendar providers (Google, Outlook, Apple/iCal) within minutes. Support OAuth and API key flows, calendar/source selection, environment selection (e.g., Mindbody site), and mapping to ClassTap entities (instructors, locations, class types). Include connection testing, timezone detection, and granular scope selection (read-only vs read/write where applicable). Persist connections securely and expose a clear summary of linked sources to establish ClassTap as the central hub for subsequent merge and sync operations.
Implement a deterministic engine that unifies overlapping or duplicate events from multiple sources into a single master class in ClassTap. Use configurable fuzzy matching and scoring across title, instructor, location, and time overlap, with tunable thresholds and tie‑breakers. Apply source priority rules and field-level merge strategies (e.g., title from Mindbody, attendee list union) to produce consistent results. Ensure idempotent processing, stable master IDs, and reversible merges, while preserving source references for round‑trip context and troubleshooting.
Offer one‑time import and ongoing sync modes with configurable backfill windows and schedules. In ongoing mode, prefer webhooks where available (Calendly, Google push notifications) with a polling fallback that respects rate limits. Detect and apply deltas (create, update, cancel, reschedule) reliably, including recurrence expansions and exceptions. Handle timezones and daylight saving transitions correctly, and ensure at‑least‑once processing with dedupe to prevent double‑entry. Provide resumable sync with pagination, checkpointing, and replay for robustness.
Define a normalized data model for master classes that references underlying source events, attendees, and metadata. Maintain a crosswalk of source IDs to master IDs to support upsert logic and traceability. Enable configurable source precedence and field-level ownership (e.g., capacity from Mindbody, description from Calendly) and automatically re-evaluate merges when source data changes. Expose clear state for each master record (source-derived vs overridden) to reinforce ClassTap as the single source of truth.
Prevent instructor and room double-bookings by evaluating merged master classes against resource availability across all connected sources. Apply conflict detection during import and on updates, with temporary holds during webhook processing to avoid race conditions. Provide automatic suggestions (e.g., alternate time, room) and safe resolution flows (skip, reschedule, split, or override with justification). Integrate with waitlist-to-payment automation so that newly freed spots from external changes promptly trigger ClassTap’s conversions.
Deliver an admin UI to preview imports, review proposed merges, and compare source fields side-by-side before committing. Allow manual overrides of merge decisions, rule tuning (thresholds, priorities), one-click unmerge/relink, and field locks to keep specific values authoritative in ClassTap. Include searchable logs of merge decisions, a dry-run mode for new connections, and role-based access controls to protect sensitive operations.
Implement comprehensive observability for sync and merge flows, including health dashboards, latency and success metrics, and per-connection status. Provide structured error handling with retries, backoff, and dead-letter queues, plus admin notifications for failures and data inconsistencies. Maintain immutable audit logs of source payloads, merge outcomes, overrides, and user actions to support troubleshooting and compliance, with PII minimization and secure storage aligned to ClassTap’s privacy standards.
An AI‑assisted mapper that reads your existing class types, instructors, locations, capacities, and time zones, then proposes precise field matches in ClassTap. Review-and-approve in one screen to eliminate tedious manual mapping and prevent setup errors.
Implement connectors to ingest existing class-related data from common sources (CSV upload, calendar ICS, direct API integrations, and manual paste). Normalize encodings and delimiters, handle headerless files, and support bulk import. Queue and chunk large files to ensure responsiveness, perform basic structural validation (required columns, date formats), and produce standardized interim objects for downstream AI mapping. Provide deduplication heuristics for near-identical rows and surface ingestion errors with actionable messages within ClassTap’s onboarding flow.
Use AI/NLP to identify and extract entities (Class Type, Instructor, Location, Capacity, Time Zone) and their attributes from heterogeneous source data. Recognize synonyms and aliases (e.g., “Teacher”→Instructor, “Room A”→Location), parse semi-structured strings (titles that bundle date/time), and standardize outputs to ClassTap’s canonical schema. Provide fallback rule-based parsing when confidence is low. Emit a normalized candidate schema with entity relationships for matching.
Generate suggested mappings from source fields to ClassTap fields with per-suggestion confidence scores and rationale. Display top alternatives for each field, allow threshold configuration (auto-accept above X%), and flag ambiguities for review. Consolidate duplicate entities (e.g., “Yoga Basics” vs “Basics—Yoga”) and propose merges. Persist interim suggestions so users can resume later, and expose an API for programmatic consumption of mapping results.
Provide a unified UI to review, edit, and approve all suggested mappings in a single screen. Support bulk-approve by confidence, inline editing, search/filter, keyboard shortcuts, and accessibility (WCAG 2.1 AA). Show live previews of how mapped data will appear in ClassTap (e.g., class cards, schedules). Include progress indicators, sticky action bar, and guardrails preventing navigation loss. On approval, commit mappings and trigger downstream setup (schedule creation, instructor assignment).
Validate proposed mappings for logical consistency before commit. Detect overlapping schedules by instructor/location, invalid capacities, timezone inconsistencies, and duplicate instructors or class types. Provide contextual error messages and auto-fix suggestions (e.g., normalize time zones, merge duplicates). Block commit on critical errors, allow waivers for non-critical warnings, and write outcomes to an audit log.
Allow users to save approved mappings as named profiles tied to a data source. On subsequent imports from the same source, auto-apply the profile and only surface deltas for review. Support versioning, cloning, and organization-level sharing of profiles. Provide export/import of profiles as JSON for migration between accounts.
Record all mapping actions, including who approved what and when, original vs final values, and system-generated suggestions. Provide a per-import timeline and the ability to rollback to a prior mapping state. Expose exportable logs for support and compliance, and integrate with ClassTap’s notifications to alert stakeholders of significant changes.
Drop in a website or logo and instantly generate an accessible, on‑brand booking theme—colors, fonts, buttons, and image treatments. See live previews as you tweak, so your booking flow looks polished from day one without a designer.
Allow users to paste a website URL or upload a logo to automatically extract brand signals (primary/secondary colors, accent hues, typography hints, favicon/logo imagery). The system crawls the homepage (robots-aware), parses CSS for declared colors and font families, analyzes uploaded logo imagery with color clustering, and consolidates candidates into a ranked brand palette and font suggestions. Handles timeouts, redirects, and CORS via a server-side fetcher with caching and rate limiting. Outputs normalized assets to the BrandSnap pipeline and stores only derived metadata (no full-site mirroring). This provides an instant on-brand starting point and reduces manual setup time within ClassTap’s theming wizard.
Generate an accessible, on-brand theme from extracted inputs by creating semantic color tokens (primary, secondary, accent, background, surface, text, muted, success/warn/error, focus, hover/active/disabled). Enforce WCAG 2.1 AA contrast for text and interactive states, offering smart adjustments that preserve brand hue while increasing contrast where needed. Produce light and dark variants, color-blind–safe options, and map tokens to ClassTap components (calendar, class card, buttons, forms, modals, checkout). Expose tokens as a versioned JSON schema consumable by web, widget, and email templates.
Provide a live, interactive preview of key booking flow screens and components (schedule list, instructor profile, class detail, cart/checkout, success screens) that updates instantly as users tweak colors, fonts, and image treatments. Include device presets (mobile/tablet/desktop), light/dark toggles, and sample content states (empty, full, error). Target <100ms perceptual latency for style updates via virtualized component playground and CSS variables. Enable snapshot comparison (before/after) and shareable preview links for stakeholders.
Recommend font pairings that align with the detected brand style (e.g., geometric sans + humanist sans, serif + sans) using a curated library (Google Fonts) and heuristics (x-height, contrast, mood). Support custom font uploads (WOFF2/WOFF) with automatic subset generation, preloading hints, and licensing acknowledgments. Configure robust fallback stacks and locale-aware font selection. Ensure performance budgets (CLS, FOUT/FOIT mitigations) and map font roles to tokens (heading, body, UI, mono).
Offer optional image treatments that harmonize photos with the generated palette: brand-tinted overlays, duotone filters, vignette/soften, corner radius and shadow tokens, and contrast-aware text overlays. Provide intensity sliders with real-time preview and ensure text-on-image meets contrast guidelines. Process transformations on demand via CDN-compatible URLs with caching and automatic WebP/AVIF output for performance.
Apply the selected theme across all ClassTap touchpoints (hosted booking pages, embeddable widgets, emails) with one action. Create immutable versioned snapshots of design tokens and assets, store audit metadata (who/when), and allow instant rollback to any prior version. Propagate changes via configuration service with safe rollout (canary) and automatic cache invalidation for CDN assets to ensure consistent customer experience.
Enable export of the finalized theme as a portable JSON of design tokens (colors, typography, radii, shadows, spacing) and image treatment presets. Support import from the same JSON or Figma Tokens format to replicate branding across locations or accounts. Provide read-only share links for collaborators to preview without login and a copy-as-new workflow to accelerate multi-brand setups.
Automatically converts passes, packs, memberships, taxes, and discounts from your old system into ClassTap equivalents. Get side‑by‑side comparisons and guidance to preserve revenue rules, minimize price drift, and launch without confusing clients.
Ingests pricing artifacts from legacy systems (passes, packs, memberships, taxes, discounts) via CSV upload, direct API, or manual entry. Performs schema detection, guided field mapping, and validation, then normalizes data into ClassTap’s canonical pricing model (product types, durations, usage limits, renewal rules, freeze/cancel policies, tax codes, discount logic). Supports multi-currency and timezone handling, deduplication, and idempotent import sessions with resumable progress, rate limiting, and audit trails. Ensures PII-safe handling and prepares clean inputs for downstream mapping and simulation components.
Translates legacy products into ClassTap equivalents using configurable, reusable mapping rules. Supports mapping for class access scopes, credit counts, validity windows, auto-renewal and cancellation policies, proration, freeze/hold options, family sharing, attendance limits, and blackout periods. Includes rule precedence and conflict resolution, template libraries for common legacy systems, and preview of proposed mappings. Ensures preservation of revenue rules and business logic while conforming to ClassTap’s product model.
Converts tax configurations and discount structures from legacy systems, handling tax-inclusive/exclusive pricing, jurisdictional tax codes, and rounding behavior. Translates discount types (percent, fixed amount, bundles, BOGO), stacking/exclusion rules, eligibility criteria, usage limits, and expiry. Applies configurable price-drift thresholds and rounding strategies per currency, raising warnings or auto-adjusting to keep deltas within tolerance. Validates compliance with ClassTap’s tax engine and produces a clear audit of converted rules.
Provides an interactive diff view comparing each legacy item to its proposed ClassTap equivalent, highlighting changes in price, benefits, limits, and policies. Surfaces drift indicators, rule mismatches, affected client counts, and projected revenue impact. Offers inline guidance, best-practice tips, and smart suggestions to resolve discrepancies. Includes filters, search, bulk actions, and exportable reports, with an approval workflow to capture sign-off before applying changes.
Runs dry-run simulations of the translated pricing over a configurable horizon (e.g., 30–90 days) to project renewals, redemptions, and revenue metrics (MRR, ARPU, discount liabilities). Detects conflicts such as over-permissioned access, broken discount stacking, invalid tax mapping, or plan overlaps that could enable double-bookings. Generates actionable remediation suggestions and risk flags prior to publishing. Produces a summary report for stakeholders and links directly to items requiring fixes.
Applies approved mappings in batches to create or update ClassTap products, taxes, and discounts with idempotency keys, transactional grouping, and partial retry on failure. Maintains a full audit trail and version history, supports scheduled cutovers, and provides a one-click rollback to the previous state if issues arise. Sends role-based notifications, enforces permissions, and ensures zero-downtime launch windows to minimize disruption to bookings and payments.
Generates segmented client communication packages (email/SMS/in-app) explaining changes, effective dates, and impacts. Supports grandfathering of existing clients to legacy pricing for a configurable period, with automatic coupon issuance or credits when drift exceeds thresholds. Provides localized templates, scheduling, and A/B variants, integrates with CRM for delivery and tracking, and records acknowledgments to reduce confusion and churn at launch.
Import and standardize cancellation windows, no‑show rules, waivers, and terms into reusable ClassTap policy templates. Auto‑attach them to classes and programs so your compliance and customer expectations carry over seamlessly.
Provide a structured template system to define cancellation windows, no‑show rules, waivers, and terms as reusable, brandable assets. Support rich text, variable tokens (e.g., {class_name}, {start_time}), required fields, categories (cancellation, no‑show, waiver, terms), and effective dates. Enable preview and validation, accessibility-compliant editing, multi-language content, and organization-wide sharing. Templates integrate with ClassTap classes and programs, powering checkout disclosures, enforcement logic, and communications while ensuring consistent application across offerings.
Allow users to import existing policies from PDF, DOCX, or public URLs and automatically extract, classify, and map content into structured fields for ClassTap templates. Provide AI-assisted parsing with confidence scoring, highlight gaps and conflicts, and enable side-by-side manual review and edits before publishing. Preserve the original file for reference, support clause-level tagging, and ensure output conforms to platform schema for seamless use in enforcement and communications.
Create a rule-based system to automatically attach policy templates to classes and programs based on attributes such as class type, location, instructor, tags, price range, and schedule. Support precedence, inheritance, and default fallbacks, with conflict detection and simulation to preview outcomes. Include bulk apply and backfill, plus audit logging of which rules applied and when, ensuring minimal manual effort and consistent policy coverage.
Integrate policy presentation and acceptance into checkout and account onboarding. Display the correct waiver/terms version, capture explicit consent via checkbox and electronic signature, and support per-attendee consent including guardian consent for minors. Record immutable evidence (policy version, timestamp, IP/device, user ID), generate a downloadable confirmation, and prompt for re-consent when a policy version changes. Ensure a mobile-first, WCAG-compliant experience.
Apply policy logic at booking, modification, and attendance events to enforce cancellation windows and no‑show rules. Calculate eligibility for refunds, fees, or credits; automate charges and refunds; prevent late cancellations when disallowed; and align with waitlist-to-payment flows. Handle edge cases like multi-session programs, drop-in vs. series bookings, time zones, and instructor overrides with audit notes, ensuring predictable outcomes and reduced disputes.
Provide full version control for policy templates with effective start/end dates and immutable snapshots applied to each booking. Offer diff views, author and timestamp metadata, and searchable history to identify which version a participant accepted. Enable rollback to prior versions, exportable audit logs for compliance reviews, and alerts when changing an active policy that impacts upcoming bookings.
Surface policy summaries and links consistently across class pages, checkout, confirmations, reminders, and receipts. Inject dynamic snippets (e.g., “Cancel up to 12 hours before start”) into email/SMS templates with correct time zone handling. Display policy badges on listings, deep-link to full policy content, and support A/B testing of summary phrasing to improve clarity and reduce no-shows and cancellations.
Run a full sandbox of the booking flow—reservation, waitlist auto‑fill, and payment with test cards—before you publish. Share a preview link with teammates to spot friction and fix it fast, ensuring a smooth first impression for clients.
Provide a fully isolated sandbox environment that mirrors production configurations (classes, pricing, taxes, capacities, policies, resources, branding, and time zones) and is clearly labeled as Test. When enabled, all bookings, payments, and data writes occur in a non-production partition; external side effects (live charges, calendar sync, marketing automations, and analytics) are suppressed or routed to safe stubs. Admins can enable sandbox per class, schedule, or account-wide prior to publishing. Visual indicators appear across admin and client views to prevent confusion. The toggle must be reversible without data leakage between environments and must preserve parity of validations, error handling, and latency characteristics to ensure realistic testing outcomes.
Allow admins to generate expiring, revocable preview URLs for the sandbox checkout that render the client-facing experience on desktop and mobile. Links can be scoped (single-use or multi-use), protected (password, email-domain allowlist), and time-bound, with full access logs (creator, viewers, timestamps, IP). Admins can invalidate links at any time. Preview users experience the end-to-end flow, including forms, policies, and upsells, but all side effects are sandboxed. Integration respects existing team roles and SSO where applicable, enabling collaboration without granting full admin access.
Enable test-mode payment processing that supports gateway-specific test cards, success and failure scenarios (insufficient funds, card declined, expired card, network error), and 3D Secure challenge simulations. Webhook events are mocked or routed to a sandbox endpoint, preserving event order and timing to validate downstream automations (confirmations, invoices, promo codes, taxes, stored methods, refunds, partial payments, and credits). Provide a selector to force specific outcomes for reproducible tests. No live tokens or charges are created, but full receipts and ledger entries are generated in test partition for verification.
Replicate the full waitlist lifecycle in sandbox: reaching capacity, collecting waitlist entries, triggering seat release, auto-promoting waitlisted customers, and requesting payment within configured time windows. Support edge cases such as simultaneous promotions, no-response expirations, cancellations, and class time changes. Provide controls to fast-forward triggers and inject events (e.g., simulate a cancellation) to validate fairness rules, notifications, and payment prompts. All actions create a sandbox audit trail to verify policy adherence and user experience.
Emulate production-grade reservation logic in sandbox, including capacity constraints, hold timers, double-booking prevention, resource conflicts (rooms, equipment, instructors), and cross-schedule linking. External calendar integrations are stubbed to avoid publishing test events while preserving conflict checks. The sandbox must honor the same validation messages, timing, and race conditions as live to ensure that fixes found in testing translate to production without regressions.
Store all sandbox entities (customers, reservations, payments, logs) in a dedicated test partition that is excluded from analytics, payouts, CRM syncs, marketing automations, and exports by default. Provide admin controls to seed sample data, clone configurations from production, and reset the sandbox to a clean state with one click. Include an audit log of resets and seeds for compliance. Ensure PII handling is GDPR-safe with synthesized or anonymized defaults for sample attendees.
Intercept and render all sandbox-triggered communications (email, SMS, and receipts) in an in-app inbox or safe email endpoints, ensuring no messages reach real customers. Messages display final templates with populated variables, attachments (e.g., PDF invoices), sender identity, and unsubscribe controls as they would appear in production. Provide delivery event simulations (queued, delivered, bounced) and allow download of artifacts for review. Integrates with branding settings so teams can verify tone, layout, and links before launch.
A preflight checklist that flags time‑zone mismatches, capacity conflicts, missing prices, and broken links. Choose a soft‑launch to a pilot group, then go live with one click and built‑in rollback for safe, confident publishing.
Scan all scheduled sessions for inconsistencies across account default timezone, instructor timezone, venue timezone, and attendee-facing display. Normalize to IANA zones and highlight DST transition risks. Provide a preview of student-facing times by locale, suggested corrective actions (e.g., align to venue zone), and configurable severity levels. Block publishing on critical mismatches and allow inline fixes and re-validation without leaving the preflight.
Detect overlapping bookings and overcapacity across instructors, rooms, and equipment, factoring setup/teardown buffers and resource constraints. Validate that session capacity aligns with membership/pack limits and parallel events. Offer auto-resolve options (adjust capacity, swap room, shift start time) and surface the impact on waitlists. Provide a hard-stop for critical conflicts and a warning for soft conflicts, fully integrated with the scheduling calendar to prevent double-booking.
Verify that each published session has at least one purchasable option (drop-in, pack, membership), with currency, taxes/fees, and payment processor connectivity configured. Check discount code validity windows, visibility by channel (soft-launch vs public), and presence of refund/cancellation policy links. Present direct links to remediate gaps and block publishing when no viable purchase path exists.
Crawl and validate all hyperlinks used in event descriptions, instructor bios, assets, buttons, and transactional emails. Check HTTP status codes, redirect chains, SSL, and UTM parameter integrity; flag broken, slow, or non-HTTPS targets. Support whitelisting of private or environment-restricted links and provide inline edit and one-click recheck to confirm fixes before launch.
Enable selection or creation of pilot audiences from tags, membership tiers, past attendees, geolocation, or uploaded emails. Generate private access links or gated landing pages with an optional password. Schedule the soft-launch window, send invite templates, and track opens, clicks, and conversions. Allow rapid iteration on content, pricing, and capacity during soft-launch before escalating to public availability.
Provide an atomic publish action that promotes a validated draft to live, capturing a versioned snapshot of settings, content, pricing, and visibility. Support one-click rollback to the prior stable version with options to preserve or cancel bookings made since publish per policy. Include idempotent retries, alerting on failure, and a complete audit log of publish and rollback events.
Consolidate all checks into a severity-ranked report showing pass/fail status, impacted sessions/resources, and recommended fixes. Allow waiver of non-critical items with justification, and enforce configurable blockers that prevent publishing on critical failures. Provide an exportable/shareable summary and keep the report visible in both soft-launch and final publish screens.
Define primary and secondary guardians, pickup-only contacts, and emergency backups per child. Fine-grained permissions control who can book, pay, sign waivers, and receive communications. Reduces front-desk confusion and keeps kids safe with clear, auditable authorization.
Enables admins to create and manage multiple guardian roles per child—primary, secondary, pickup-only, and emergency backup—with relationship labels, contact methods, verification status, and validity dates. Supports linking existing ClassTap accounts or creating profile-only contacts, sets role precedence for decision-making, and prevents duplicates with deduplication and merge rules. Ensures consistency across programs for the same child, exposes streamlined web/mobile UI for add/edit/suspend/revoke, and provides APIs for syncing with external SIS/CRM systems to keep records current.
Provides a configurable permission model mapping roles to capabilities such as booking classes, making payments, managing payment methods, signing waivers/consents, managing subscriptions/passes, viewing attendance/history, and receiving communications. Includes default policies per role with per-child overrides and effective-permission resolution when a guardian has multiple roles. Enforces permissions consistently across calendar booking, waitlist-to-payment flows, invoicing, waiver capture, and messaging via server-side checks and clear UI indicators explaining allowed and blocked actions.
Delivers a secure pickup workflow validating authorized contacts at check-out using PIN codes, QR passes, or photo/ID verification, with time-bound authorization windows and optional two-factor confirmation to the primary guardian. Integrates with attendee lists and kiosk modes to prevent release to unauthorized contacts, records pickup attempts, and stores time-stamped check-in/out logs per child for auditability. Supports temporary pickup delegates with expiration and special-instructions notes for staff.
Controls which guardians may sign required waivers and medical/emergency consents per child and program, capturing legally valid e-signatures with relationship and identity verification. Automatically prompts for re-consent on version changes, blocks participation until required signatures are on file, and stores signed artifacts with versioning for legal audit. Integrates with booking and enrollment so only signing-authorized guardians can complete checkout.
Routes confirmations, reminders, schedule changes, and emergency alerts to appropriate guardians based on role and channel preferences, supporting multiple recipients and per-message visibility rules. Allows admins and guardians to configure email, SMS, and push preferences at the child and program level, consolidates duplicates to avoid spam, and suppresses sensitive billing details for pickup-only contacts. Manages bounces, opt-outs, and fallback routing to maximize delivery reliability.
Captures an immutable audit trail of guardian-related actions including role assignments, permission changes, bookings, payments, waiver signatures, communications, and pickups, with timestamps, actor identity, IP/device metadata, and the affected child. Provides filters and exportable reports to resolve disputes and satisfy compliance, includes retention policies and privacy redactions, and surfaces inline explanations when actions are blocked by policy to increase transparency.
Automatically match children to age-appropriate classes based on date of birth, school grade, and prerequisites. Ineligible sessions are hidden or clearly labeled with reasons; upcoming birthdays trigger move-up suggestions. Prevents misbookings, saves staff time, and ensures kids land in the right level every time.
Implements a centralized, configurable engine that evaluates a child’s eligibility for each class using multiple criteria: date-of-birth age ranges (min/max), school grade, prerequisite completions, instructor assessments, and custom flags. Supports “age on date” policies (class start date, end date, or fixed cutoff), effective date windows (terms/seasons), AND/OR logic, rule precedence, and reusable rule templates. Delivers consistent, real-time eligibility results across search, class detail, cart, waitlist, and payment flows. Designed for low-latency evaluation and horizontal scalability, with structured reason codes for failed checks to power UI messaging and analytics.
Extends child profiles to capture and validate date of birth, current school grade, and prerequisite evidence (e.g., completed classes, skill evaluations, uploaded certificates). Includes timezone-aware DOB handling, school-year configuration (start month), and grade calculation helpers. Prevents incomplete or inconsistent data entry with field validation and duplicate detection. Stores prerequisite fulfillment with source, date, and verifier to feed the eligibility engine. Ensures data privacy by minimizing exposure of sensitive fields on public surfaces and encrypting PII at rest and in transit.
Provides an admin UI on each class to configure eligibility criteria: min/max age or grade bands, required prerequisites, evaluation/approval requirements, and the policy for age determination (e.g., age on start date). Supports per-class cutoff overrides, season templates, and cloning from existing classes. Validates configurations to prevent contradictory rules and displays the resultant eligibility policy summary. Integrates with scheduling so recurring series inherit policies, with the option to alter by occurrence when needed.
Applies eligibility evaluation consistently at all booking touchpoints: search/browse (filtering and badges), class detail (eligibility status), add-to-cart, waitlist join, payment, and automated waitlist-to-seat promotions. Re-checks eligibility at promotion and payment time to account for birthdays or changed prerequisites. Provides webhook/API hooks so external integrations can request eligibility before creating bookings. Handles edge cases for multi-child carts, mixed eligibility, and time-sensitive holds without degrading performance.
Controls how ineligible classes appear: fully hidden, shown but disabled, or labeled with clear reason tags (e.g., “Too young until Oct 12” or “Prerequisite not met”). Displays actionable guidance (what’s missing and when eligibility changes) and offers a “Show only eligible” toggle. Computes “eligible in X days” using configured cutoff rules. Ensures messages are accessible, localized, and consistent across web and mobile. Feeds analytics with standardized reason codes to quantify blocked attempts and guide schedule adjustments.
Detects upcoming birthdays that change eligibility before or within a selected term and proactively suggests move-up classes or levels. Surfaces suggestions in dashboard, class detail, and via email/push with deep links to eligible options. Considers series dates, instructor-defined grace windows, and seat availability to avoid dead-end suggestions. Includes a one-click replace/upgrade from current booking with proration rules respected. Tracks acceptance and conversion for optimization.
Allows authorized staff to bypass eligibility checks for specific children and classes with required reason, scope (single session, series, or program), and expiration date. All overrides are logged with who/when and are visible on the booking and learner profile. Safeguards include optional second-approver workflow and policy alerts when overriding safety-critical prerequisites. Reporting surfaces override rates and reasons to inform rule tuning and training.
Store each child’s allergies, medications, and emergency details in a secure profile that surfaces to instructors on rosters and at check-in. Time-bound documents (doctor’s notes, immunizations, waivers) include expiry reminders and one-tap update requests. Gives staff crucial info when it matters—without repeating forms every session.
Implement a unified child health profile that stores allergies, medications (with dosage and administration instructions), conditions, emergency contacts, physician details, and action plans. Data must be encrypted in transit and at rest with field-level protection for highly sensitive items, support version history with change tracking, and persist across all classes/locations under the studio’s brand. Integrate with ClassTap attendee records, support multiple children per account, enable CSV import for legacy data, and define retention/erasure policies to honor parent requests.
Surface key health indicators to instructors within class rosters and the check-in flow via prominent badges (e.g., Severe Allergy, EpiPen, Medication Today). Provide tap-to-expand quick view with critical details, color-coded severity, and acknowledgment prompts. Cache a minimal offline snapshot for on-site access, and auto-sync when connectivity returns. Optionally gate check-in if required health info is missing. Integrate with existing roster UI components and daily class summaries.
Enable upload and tracking of required documents (immunizations, waivers, doctor’s notes) with per-document expiry dates and status. Support configurable lead-time notifications (e.g., 30/14/7 days) to parents and admins, bulk reporting for missing/expiring docs, and class-level requirements that block enrollment or check-in when not satisfied. Integrate reminders via email/SMS/push, and maintain versioned document history for audits.
Allow staff to trigger one-tap requests for parents to update profiles or replace expiring documents directly from rosters, profiles, and reports. Deliver magic-link notifications that open a pre-filled, mobile-friendly form supporting camera upload and e-signature. Track request status (sent, viewed, completed), auto-close upon submission, and re-notify on non-response based on configurable cadence.
Provide a parent-facing portal to create and manage multiple children’s HealthPass Profiles, upload documents, set medication administration permissions, and e-sign studio waivers and policies. Show real-time status and expiry timelines, reuse profiles across bookings within the studio brand, and let parents manage notification preferences. Ensure accessibility, mobile-first UX, and secure authentication with MFA options.
Provide a single-tap Emergency Card accessible from rosters and check-in with offline availability, showing top risks, action steps, medication location/dosage, and emergency contacts. Include quick-call buttons and a guided incident report that timestamps events, collects actions taken, and allows sharing with parents and admins. Support PDF export and secure attachment of photos or documents to the incident record.
Define granular access controls so only authorized roles (owner, admin, instructor, front desk, parent) can view or edit specific health fields, with least-privilege defaults. Implement field-level access logs capturing who viewed/changed what and when, plus consent history for document signatures. Provide masked views for lists, session timeouts for sensitive screens, and exportable audit reports to support compliance and parent requests.
Shared family wallet with per‑child spending limits, class‑type restrictions, and optional auto‑reload at chosen thresholds. Refunds and credits route back to the wallet and can be earmarked for a specific child. Clear transaction history and alerts help parents stay in control while kids stay consistently enrolled.
Enable a parent (guardian) to create a shared SpendGuard Wallet, add child profiles, and link existing learner accounts under a household with owner and co-manager roles. Support identity and payment method verification, default funding source selection (card/ACH), and secure access controls so only guardians can view and manage wallet settings. Surface wallet balance and quick actions across ClassTap (dashboard, checkout, invoices, class details) and ensure the wallet is selectable as a tender in all booking and payment flows. Preserve historical transactions when adding/removing members and allow transfer of wallet ownership to another guardian. Provide a robust data model for household, members, roles, balances, and earmarked funds to integrate cleanly with existing booking and invoicing services.
Allow guardians to configure per-child spending caps (weekly, monthly, or custom period) with hard blocks or soft caps requiring approval. Provide class-type/category restrictions based on studio-defined tags (e.g., sport, art, advanced) and age/level flags, enforced during discovery and checkout. Display remaining allowance to the child and at checkout, with clear messaging when a limit or restriction is hit and a path to request guardian approval. Support multi-currency handling consistent with the account’s currency, prorate caps across periods, and include audit trails of limit changes for compliance and support.
Provide threshold-based auto-reload rules (e.g., top up $50 when balance drops below $20) at the wallet level with optional per-child earmarks. Support multiple funding sources with prioritization and fallback; handle preauthorization, retries, and failure notifications. Include manual top-ups, one-time boosts, and pause/resume controls. Tokenize payment methods for PCI-DSS compliance and store minimal PII. Expose auto-reload status and upcoming reload projections in the wallet UI and alert guardians before and after reload events.
Route refunds and credits from cancellations, no-shows, and studio-issued adjustments back into the SpendGuard Wallet by default, with automatic earmarking to the originating child. Allow guardians to reallocate credits between children, respecting studio policies, expirations, and non-refundable fees. Support partial refunds, split payments, and tax handling, and synchronize credit balances with studio invoices and payout ledgers. Provide clear refund reason codes and event timelines in the wallet ledger to simplify support and reconciliation.
Deliver a searchable, filterable transaction history that shows wallet debits, credits, holds, auto-reloads, approvals, and refunds with per-child tags and class metadata. Include running balances, downloadable CSV export, and reconciliation views for studios. Send real-time alerts via push/email/SMS for low balance, auto-reload events, limit thresholds reached, blocked booking attempts, waitlist promotions, and refunds. Provide per-guardian notification preferences and quiet hours to reduce alert fatigue.
Integrate the wallet with ClassTap’s waitlist workflow to automatically secure a seat when a child is promoted, drawing from available wallet funds while honoring per-child limits and earmarks. Place a temporary hold on promotion offers, define acceptance windows, and notify guardians (and optionally the child) with accept/decline actions. On acceptance, convert the hold to a charge; on expiry or decline, release holds and notify the next waitlisted attendee. Include safeguards to prevent overspending and provide clear status updates in the ledger and alerts.
When a booking is initiated with wallet funds, place an authorization hold or earmark amount to prevent the same child from being double-booked across overlapping classes or multiple studios. Release the hold on confirmation, cancellation, or timeout according to studio policies. Display hold status and release timestamps in the ledger and ensure holds count toward per-child limits during the pending period to avoid accidental overspend. Provide edge-case handling for concurrent sessions, retries, and network failures.
Flexible sibling discounts that auto‑apply across drop‑ins, packs, and memberships with caps and stacking rules you set. Savings show transparently during checkout and on invoices, reducing support questions and encouraging multi‑child enrollments.
Enable guardians to create and manage family profiles that link multiple dependents under a single household while supporting multiple guardians, blended families, and shared custody scenarios. Define sibling eligibility based on shared guardian account/household ID with configurable validation rules and duplicate child detection/merging. Provide secure storage and permission controls so only authorized guardians and studio staff can view and modify family relationships. Expose performant server-side lookups to resolve eligible siblings in real time during cart, waitlist conversion, and invoice generation. Allow admins to manually override or correct family links with an auditable trail.
Provide an admin interface to create flexible sibling discount rules that support percentage or fixed-amount discounts across drop-ins, class packs, and memberships. Allow targeting by product, class, instructor, schedule, location, and membership tier with effective dates, time zones, and blackout periods. Support tiered discounts by child count (e.g., 2nd child 10%, 3rd child 15%) and define caps per line item, per order, and per family per billing period. Define stacking precedence with other promos and gift credits, conflict-resolution policies, and exclusions (e.g., already-discounted items). Include rule versioning, draft/publish, and rollback for safe changes.
Implement a server-side engine that evaluates cart contents and family context to automatically apply the optimal sibling discounts at checkout, on invoices, and during waitlist-to-payment conversions. Enforce deterministic stacking rules with other discounts, respect configured caps and eligibility, and prevent double-discounting across product types. Ensure idempotent calculations for retries and asynchronous flows, with clear error handling and fallbacks to manual adjustments by admins. Cache intermediate computations for performance while maintaining accuracy with real-time inventory and pricing changes.
Show clear, itemized sibling savings throughout the customer journey including cart, checkout, confirmation, receipts, and invoices. Display per-child labels, original price vs discounted price, applied rule names, and remaining cap usage to reduce confusion and support questions. Provide accessible tooltips and help text explaining how savings were calculated, and ensure consistent formatting across web, mobile, email, and downloadable invoices. Include an admin view that mirrors the customer breakdown for quick support resolution and adjustments.
Apply sibling discounts to memberships with accurate first-cycle proration, future-dated starts, and mid-cycle joins, ensuring recurring invoices respect per-family monthly caps. Recalculate discounts on upgrades, downgrades, pauses, and cancellations with appropriate credits and refunds. Ensure compatible tax, fee, and surcharge calculations post-discount and produce balanced ledger entries for accounting and revenue recognition. Support multi-location and multi-currency scenarios consistent with existing billing infrastructure.
Offer a configuration workspace where admins can draft rules, simulate carts for households with different numbers of children, and preview discount outcomes before publishing. Include stage vs production toggles, rule-effective date previews, and scenario testing for waitlist conversions and mixed carts (drop-ins, packs, memberships). Maintain an audit log of rule changes, previews, and publish actions with actor identity and timestamps to support compliance and troubleshooting. Provide role-based access controls for who can create, approve, and publish rules.
Deliver reports that track sibling discount usage, revenue impact, average savings per family, and top discounted products over time, with CSV export and API access. Provide per-family and per-period limit enforcement with configurable alerts for unusual activity (e.g., frequent relinking of guardians or abnormal discount totals). Generate webhook events for discount-applied and cap-reached to integrate with downstream systems, and allow authorized admins to override with required notes for audit. Implement basic anomaly detection and rate limits to reduce abuse without hindering legitimate families.
When policies change, new waiver versions roll out to all linked guardians and dependents with a single e‑sign flow. Smart reminders and class gatekeeping ensure only compliant families can book or check in, maintaining studio compliance without repetitive paperwork.
Enable studios to create, version, schedule, and target waiver/policy templates with clear state transitions (Draft, Scheduled, Active, Retired). Each version includes an effective date, scope (all locations/classes or selected cohorts), change summary, and backward-compatibility rules determining when prior signatures are invalidated. Provide safe rollout options (preview, limited audience, rollback), and link each policy version to affected classes, bookings, and families. Ensure seamless migration for existing users and clear mapping of which bookings require re-consent.
Establish a robust data model linking guardians to dependents with support for multiple guardians per child, primary/secondary roles, custody preferences, and per-dependent consent requirements. Include age-of-majority rules by locale to determine self-consent for adults, and ensure that consent applicability propagates across classes and locations under the same studio brand. Provide privacy-safe management for adding/removing dependents and updating relationships, and compute real-time eligibility flags used by booking, check-in, and reminders.
Deliver a single signing session that aggregates all pending policies for the guardian and selected dependents, applying signatures across the family in one pass. Provide responsive web and kiosk modes, prefill known data, and support identity verification (email/SMS OTP) as configured by the studio. Ensure legal compliance (ESIGN/UETA/eIDAS), accessible inline policy viewing, per-dependent acknowledgments when required, and branded UI. Generate a signed artifact per signer/dependent/policy version and store it securely with tamper-evident hashing.
Automate multi-channel reminders (email, SMS, in-app) for outstanding consents with configurable cadence based on time-to-class and policy criticality. Pause reminders upon completion, and escalate to stronger messaging as deadlines approach. Provide studio-configurable templates, localization, quiet hours, and unsubscribe logic where applicable. Surface analytics on reminder effectiveness and deliver admin actions to resolve issues (resend, change guardian, remove dependent). All reminder events are logged for audit.
Enforce real-time consent checks during booking, waitlist-to-payment automation, and class check-in. Block or warn based on studio rules and policy severity, and present an inline path to complete signing without abandoning the flow. Support staff override with reason codes and time-bounded grace periods, all fully audited. Provide offline-tolerant behavior at kiosks using last-known compliance status with queued sync. Offer QR links for on-the-spot signing to minimize front-desk delays.
Maintain an immutable, exportable audit trail capturing consent events (who signed, for whom, policy version, timestamp, IP, device), reminders sent, overrides granted, and gating decisions. Generate and store signed PDFs with cryptographic hashes and provide search/filter by family, class, date, and policy version. Deliver dashboards showing compliance coverage at studio, class, and family levels, plus CSV exports and read-only API endpoints for insurers and regulators. Support data retention and subject rights (GDPR/CCPA) with secure, encrypted storage.
One QR covers the whole family: scan once to mark the right kids present for the right classes, even across rooms. Late/absence notes and pickup codes capture in seconds, reducing lines and attendance errors while syncing to each child’s roster instantly.
Issue a single, brandable QR code per family account that encodes a secure, rotating token linked to all enrolled children and their upcoming classes. Support automatic regeneration on membership changes, configurable expiration/rotation, and revocation. Provide distribution via email, SMS, and wallet pass, with admin controls to view/regenerate and families able to add to device wallets. Enforce multi-tenant isolation, rate limiting, and tamper detection to prevent reuse or forgery. Include environment support (staging/production), versioning, and analytics on scans.
Upon scanning a family QR at any check-in device, display all children with classes within a configurable time window, grouped by class and room. Allow one-tap marking of Present, Late, or Absent per child per class, with visual confirmation, sound, and prevention of double-bookings. Instantly sync updates to each class roster and instructor view, resolving cross-room attendance without switching screens. Support concurrent classes, capacity checks, and debounced repeat scans. Enforce role-based permissions and configurable cutoff rules.
Enable fast capture of standardized late/absence reasons, expected arrival times, and optional free-text notes during check-in. Store notes on the attendance record with timestamps, surface them to instructors and guardians, and include them in daily rosters and exports. Provide configurable reason templates, keyboardless quick-pick UI, and localization. Support editing with audit logging and notifications when lateness exceeds defined thresholds.
At check-in, generate or validate per-child pickup codes tied to authorized guardians for the session. Support numeric and QR pickup codes, one-time or daily validity, and quick lookup at pickup. Log verification events with staff, device, and time, and flag mismatches with override workflows and reasons. Expose codes in parent portal, and integrate with instructor and front-desk views for end-of-class release. Provide APIs/webhooks for door access or third-party security systems.
Validate enrollment, passes, and payments for each child’s class at scan time. When eligibility is missing or expired, present streamlined options to charge a drop-in, apply a pass, or send a mobile payment link without blocking the line. Respect studio policies (allow/deny pending check-in), record pending balances, and reconcile automatically once payment clears. Update roster and billing in real time and log all decisions for compliance and reporting.
Allow check-in devices to operate without connectivity, caching family tokens and today’s rosters locally with encryption. Queue scan events, notes, and status changes for background sync with conflict resolution and user prompts on reconnection. Provide clear offline/online indicators, prevent duplicate or out-of-window check-ins, and safeguard PII. Include administrative tools to purge local data and monitor sync health.
Record an immutable, searchable history of all check-in actions, including scan source, staff/device identifiers, timestamps, pre/post values, notes, payment gates, and overrides. Provide filters, exports, and a reconciliation view to correct errors with permissioned rollbacks that retain audit entries. Surface KPIs such as no-show rate, late arrivals, average queue time, and error rates, and enable scheduled reports to stakeholders.
Generate accurate seat maps in minutes using templates for reformer, cycling, mat, and row layouts. Drag-and-drop equipment, set aisles and mirrors, and auto-number rows so every room matches reality. Reduces setup time and prevents seating mistakes across locations.
Provide pre-built templates for reformer, cycling, mat, and rowing configurations. Users can start from a template matching their modality, with defaults for spacing, equipment dimensions, row and column patterns, and standard aisle placements. Templates are customizable and saveable as organization presets, accelerating map creation while ensuring consistency across locations.
Offer an interactive canvas for placing equipment, aisles, mirrors, and labels via drag-and-drop. Include magnetic grid snapping, rotation increments, alignment guides, spacing equalization, bulk select and duplicate, undo and redo, zoom, and pan to enable rapid, precise layout construction with minimal errors.
Enable definition of aisles, mirror walls, doors, and structural obstructions that constrain seat placement and numbering. Support non-bookable zones to prevent placing seats in blocked areas and maintain safe egress. Allow mirror orientation toggles to align left and right perspectives for modalities like cycling and reformer.
Automatically generate row and seat labels with configurable sequences, starting corner, direction, and skip logic for aisles. Support prefixes and suffixes per modality, seat aliases, and visibility controls for staff-only or hidden seats to ensure booking labels match in-room placards and client communications.
Capture room length and width in feet or meters and apply equipment footprints to calibrate scale. Support wall offsets and minimum clearance rules, and provide real-time validators that flag overlaps or spacing below thresholds to ensure physically accurate layouts that mirror the real environment.
Synchronize seat counts and availability with class capacity so that adding or removing seats updates capacity in real time. Trigger existing waitlist-to-payment automations when seats are published, lock seats during edits to prevent double-booking, and validate before publish to ensure referential integrity.
Provide draft and publish states, change logs, and rollback for map versions. Implement role-based permissions for editing and approval. Allow pushing approved templates to multiple locations with local overrides, ensuring consistency across studios while accommodating room-specific variations.
A policy-aware auto-fill engine that places clients for optimal vibe and capacity—front-to-back, checkerboard, or spread-out—based on your rules. Respects blocked seats, member priority, ADA holds, and buddy reservations so instructors don’t have to reshuffle. Maximizes utilization while keeping client preferences intact.
A deterministic engine that assigns clients to spots based on instructor-selected fill strategies (front-to-back, checkerboard, spread-out) and studio policies including member tier priority, ADA holds, blocked seats, and capacity constraints. Supports per-class and per-location rule sets, weighted tie-breakers (booking timestamp, membership status, attendance history), and configurable fallbacks when constraints conflict. Integrates with ClassTap’s booking and waitlist services to produce seat assignments that maximize utilization while honoring constraints, and persists assignments for downstream notifications and check-in.
Tools to create and manage room layouts with labeled rows/columns, zones, and spot metadata (ADA, blocked, instructor view, mirrors). Supports templates per class type, versioning, and layout activation schedules. Allows import/export (CSV/JSON) and visual editing, with validation to ensure seat counts match class capacity. Exposes layout data to the rule engine and check-in UI, and maintains compatibility with mobile and desktop instructor dashboards.
Event-driven processing that runs PerfectFill on booking, cancellation, waitlist promotion, hold release, and payment confirmation. Ensures atomic seat assignment and prevents double-bookings under concurrency. Provides instant feedback in the booking UI, updates attendee rosters, and sends seat confirmation notifications. Includes rate limiting and debouncing to batch rapid changes without sacrificing responsiveness.
Support for client placement preferences (e.g., front row, aisle, near mirror), saved per profile and adjustable per booking, with opt-in privacy controls. Buddy reservations allow grouping multiple attendees to adjacent or same-zone spots, with intelligent relaxation of preferences when perfect adjacency is impossible. Honors ADA and blocked seats, member priority, and class-specific restrictions while balancing utilization and satisfaction.
Interactive drag-and-drop reassignment in the roster view with real-time rule validation, soft/hard constraint warnings, and the ability to lock placements for VIPs or ADA needs. Provides undo/redo, change history with who/when/why, and safe previews before publishing changes. Ensures downstream systems (notifications, check-in, attendance) stay in sync after manual adjustments.
A transactional workflow that handles simultaneous bookings and modifications with optimistic locking, idempotency keys, and deterministic tie-breakers. Implements retry queues for transient failures and guarantees exactly-once seat assignment. Detects and resolves conflicts arising from last-minute cancellations, no-shows, and overrides without disrupting the class roster.
REST/GraphQL endpoints and webhooks to retrieve and subscribe to seat assignments, changes, and rule evaluation results. Enables integrations with studio displays, CRM, email/SMS, and partner apps. Includes pagination, filtering by class/session, auth via API keys/OAuth, and versioning. Emits events such as seat_assigned, seat_changed, and rule_violation_warning for external automations.
Seat-level maintenance controls let you mark equipment as Out of Service or Needs Attention. The optimizer excludes those spots, rebalances the map, and logs a task for follow-up, preventing last-minute scramble and protecting client safety and trust.
Enable per-seat status controls with standardized states (Operational, Needs Attention, Out of Service) accessible from class maps, inventory views, and mobile. Capture structured metadata including reason codes, freeform notes, photos/videos, timestamp, staff ID, and optional effective and auto-expiry times. Support bulk updates, validation against active bookings, and propagation to all upcoming classes that reference the affected seat. Persist status across sessions, reflect changes in real-time UI with clear visual badges and tooltips, and maintain cross-location asset identity for studios with multiple rooms or branches.
Automatically exclude flagged seats from availability and trigger the seating optimizer to rebalance class layouts while preserving constraints such as ADA accessibility, buddy/group preferences, instructor-defined formations, and capacity limits. For existing bookings, perform intelligent reseating to the nearest equivalent seat and, if none are available, initiate a manual resolution flow. Ensure waitlist auto-promotion respects updated capacity and constraints. Deliver sub-200ms response for seat-state changes, guarantee idempotency and rollback on failure, and emit events for downstream consumers.
On status change to Needs Attention or Out of Service, auto-create a linked maintenance task with prefilled asset, location, severity, attachments, and SLAs. Assign to role or user, set due dates, and provide checklists, comments, and status transitions (Open, In Progress, Blocked, Resolved, Verified). Send notifications to assignees, allow escalations and recurring inspections, and integrate with calendars and external tools via webhooks/API. Maintain a complete audit trail and ensure bidirectional linking between the task and the seat for traceability.
Notify affected clients when their seat is changed or when class capacity is adjusted due to maintenance, using brandable templates across email, SMS, and push. Include clear explanations, the new seat assignment, and options to manage preferences or switch classes when applicable. Show in-app badges indicating maintenance in progress without exposing sensitive details. Provide localization, rate limiting, and delivery tracking, and log all communications for reference.
Implement permissions that restrict who can change seat status, edit or close maintenance tasks, and override optimizer decisions. Support roles such as Owner, Manager, Instructor, Front Desk, and Maintenance, configurable per location. Offer optional approval for returning equipment to service, including approver identity, timestamp, and notes. Enforce authorization checks in UI and API, and present read-only indicators to unauthorized users.
Provide dashboards and exports showing seat downtime, mean time to repair, issue frequency by asset, impact on capacity and revenue, no-show correlation, and SLA adherence. Include filters by location, instructor, class type, and date range. Maintain immutable audit logs for all seat status changes, reseating events, optimizer actions, and client communications with timestamps and actor IDs. Support CSV export and read-only API endpoints for BI tools.
Allow clients to reserve adjacent seats for a friend with a temporary hold link that auto-expires. Keeps groups together, increases conversions, and reduces manual seat swaps—while still protecting inventory with timed releases if the friend doesn’t confirm.
Enable clients to reserve one or more adjacent seats for a friend by generating a unique, signed, single-use link that holds inventory for a configurable duration (e.g., 5–20 minutes). The system creates a hold at booking time via the reservation service, displays a visible countdown, and prevents double-booking across web, widget, and mobile apps. Hold parameters (duration, max buddy seats, per-user/day limits) are configurable at studio, location, or class level. The link deep-links to the BuddyLink landing screen, is compatible with logged-in and guest flows, and supports localization/branding. API endpoints and webhooks expose create/cancel/expire events for integration with invoices and attendee management. Audit logs capture all hold lifecycle events for compliance and support.
Provide a frictionless claim experience where the invitee opens the BuddyLink, sees class details, seat(s) on hold, price breakdown, and a countdown timer, then confirms via login, sign-up, or compliant guest checkout. Support payments via saved cards, Apple Pay/Google Pay, passes/memberships, and promo codes with tax/fee calculation. On success, convert the hold to a confirmed booking, attach the attendee to the class roster, and generate receipts/invoices. Handle edge cases: insufficient funds, expired link, already-booked user, capacity changes, and duplicate clicks with idempotency. Optionally allow the host to pay for the buddy (configurable). Emit analytics and conversion events, and update both parties in real time.
Automatically allocate and hold contiguous seats next to the host for seated classes using the venue’s seating chart. If perfect adjacency isn’t available, choose the nearest viable cluster based on studio-defined rules (e.g., same row preferred, minimize distance). Respect accessibility and restricted seats, and disallow holds that violate accessibility policies. For open-floor classes without assigned seating, reserve capacity slots instead. Provide deterministic, thread-safe allocation under concurrency and expose seat suggestions to the UI before hold confirmation. Support reallocation if better adjacency becomes available before claim, without displacing confirmed bookings.
Enforce hold expiration with precise timers and atomic release of seats back to the inventory pool when the countdown ends or the host cancels. Invalidate links after use or expiry, display clear status messaging, and prevent oversells through idempotent claim endpoints and optimistic locking. Handle concurrency scenarios (simultaneous claims, capacity changes, or host cancellations) with deterministic outcomes and user-safe error states. Broadcast real-time updates to all affected clients via WebSocket or SSE so the host sees when a friend claims or when a hold expires. Persist complete lifecycle events for reconciliation and customer support.
Send branded invite messages containing the BuddyLink via email, SMS, and push (where available), with delivery tracking and link click analytics. Provide optional “expiring soon” reminders and post-claim confirmations to both host and invitee. Allow studios to customize templates, sender profiles, and throttle rules; honor user communication preferences and regulatory requirements (e.g., SMS opt-in, unsubscribe). Ensure time zone–aware scheduling and deduplicate messages when the link is claimed or canceled to reduce noise. Expose notification events to the timeline in ClassTap and support resends from the host and admin views.
Provide a centralized admin panel to enable/disable BuddyLink globally or per location/class, configure default hold durations, max buddy seats, per-user/day limits, allowed payment options (e.g., host-pay), and adjacency preferences. Allow eligibility constraints (e.g., members only, packages required) and channel controls (which notification types are allowed). Include preview of invite templates and live countdown behavior. Surface key metrics (invites sent, claim rate, time-to-claim, revenue attributed) and export/reporting hooks. Enforce role-based access and audit logging for configuration changes. Support feature flags, environment toggles, and safe rollout (beta cohorts).
Extend BuddyLink to waitlisted scenarios: allow a host to predefine a buddy intent while on the waitlist. When two adjacent seats become available, automatically generate and send a BuddyLink to the invitee and notify the host, starting a shorter hold timer. Respect waitlist order and promotion rules without leapfrogging other clients. If only one seat opens, offer the host a solo promotion while preserving buddy preference for a future opening (configurable). Ensure clean rollback if the buddy doesn’t claim in time and return both users to appropriate waitlist positions based on studio policy. Update rosters, invoices, and notifications accordingly.
When a premium seat opens, the system offers one-tap upgrades to the right clients in priority order (membership tier, booking time, preferences) and automatically backfills the vacated seats. Keeps front rows full, delights clients with upgrades, and removes staff juggling.
Implements a deterministic, configurable ranking model that orders eligible clients for upgrade offers using membership tier, booking time, class and seating preferences, attendance history, and opt-in status. Supports tunable weights, tie-breakers, exclusion rules (e.g., already seated in premium zones), minimum eligibility windows, and studio-defined cohorts. Provides an API to fetch the next N candidates with real-time conflict checks. Integrates with ClassTap user profiles, memberships, bookings, and preference services, and enforces fairness via per-user and per-class throttle limits.
Delivers upgrade invitations via push, SMS, and email with secure, expiring deep links enabling one-tap accept or decline. Includes customizable templates, localized content, and response timers before auto-advancing to the next candidate. Presents seat preview, price delta, payment method to be charged, and policy notes. Respects user communication preferences and quiet hours, de-duplicates across channels/devices, tracks delivery/open/conversion events, and provides a responsive web fallback if the app is not installed.
Orchestrates the end-to-end cascade when a premium seat frees up: locks inventory, sends offers in priority order, upgrades the acceptor, releases and immediately backfills the vacated seat to the next eligible attendee, and repeats until no seats remain or candidates are exhausted. Guarantees atomicity and idempotency to prevent double-bookings using short-lived seat locks and transaction fences. Handles concurrency, retries, race conditions, cutoff times before class, capacity changes, and instructor overrides. Emits structured events for observability at each cascade step.
Calculates and processes any price differences resulting from upgrades, supporting membership entitlements, comp rules, credits, taxes, and promotional limits. Performs pre-authorization or instant charges against stored payment tokens with SCA where required, and issues refunds or credits when moving from paid to included seats. Creates itemized ledger entries, updates invoices/receipts, syncs to accounting exports, and handles failures by skipping to the next candidate with appropriate notifications. Complies with PCI-DSS; no raw card data stored.
Adds a studio-facing settings panel to enable SwapCascade, define eligible classes/seat zones, set priority weights and tie-breakers, choose notification channels and response windows, cap upgrades per class/day, set blackout dates, and enable opt-in defaults (e.g., auto-upgrade up to a chosen price delta). Includes seat map tools for marking premium zones and front rows. Provides preview/simulation to test cascades and see candidate order before enabling. All changes are audited, versioned, and can have effective dates.
Provides dashboards and exportable reports showing upgrade offer volume, acceptance rate, time-to-claim, revenue lift from upcharges, seat occupancy by zone, reduction in staff interventions, and impact on no-shows. Breakdowns by class, instructor, time, and membership tier. Captures a tamper-evident audit log of offers created, delivered, accepted, expired, skipped, and payment outcomes for compliance and support. Streams structured events to analytics for cohort analysis and A/B testing.
Visual analytics reveal which seats and rows fill fastest, churn most, or carry higher no-show risk by time and class type. Get layout and pricing recommendations—like premium front-row pricing or incentives for cold spots—to lift revenue and reduce empty equipment.
Provide tools to define, edit, and version seat layouts per room and class type, including seat IDs, rows, labels, and equipment mapping (e.g., bike numbers, reformers, mats). Support layout templates, seat capacity constraints, and validation for unique identifiers. Enable applying different layouts to schedules and specific class instances, and ensure layout data syncs with booking capacity to prevent double-bookings and maintain accurate analytics foundations.
Implement a reliable, real-time data pipeline that captures seat-level events across the booking lifecycle, including selection, booking, cancellations, waitlist promotions, check-ins, and no-show flags. Normalize events to a unified schema keyed by seat ID, class instance, and user, and store history for time-series analysis. Include data quality rules, deduplication, backfill for migrated bookings, and privacy-safe aggregation to power metrics like fill rate, churn, and attendance without exposing PII.
Deliver an interactive, color-coded heatmap UI that visualizes seat- and row-level metrics such as fill speed, churn rate, and no-show probability over selectable date ranges. Provide filters for class type, instructor, room, daypart, and weekday/weekend, plus toggles for per-seat vs per-row views. Include tooltips with metric definitions and values, legends, accessibility-compliant color contrasts, responsive design for desktop and mobile, and export options (image/PDF) while maintaining performant rendering for large layouts.
Create a predictive scoring service that estimates no-show risk at the seat and class-instance level using historical attendance, time of day, class type, and recent booking behavior. Provide a fallback heuristic when data is sparse, expose confidence levels, and explain key drivers to build trust. Store scores per instance for auditing, refresh them on schedule changes, and integrate with reminder and overbooking policies so operators can target interventions for high-risk seats.
Offer algorithmic recommendations for premium pricing on high-demand seats and incentives (discounts, credits, bundles) for low-demand seats, with guardrails for maximum deltas, member-specific rules, and brand constraints. Provide a preview of estimated revenue and utilization uplift, allow selective application to future classes or schedules, and integrate with the existing pricing engine, checkout, invoicing, and audit logs with easy rollback.
Enable controlled experiments and post-implementation tracking to attribute changes in revenue, utilization, and no-show rates to applied seat pricing or layout recommendations. Provide dashboards with control vs treatment comparisons, cohort filters, and statistical significance indicators, plus scheduled reports and CSV exports. Tie results back to specific recommendations and classes to inform future optimization.
Designate accessible paths and priority seats; capture mobility needs at booking; and auto-assign suitable spots first. Instructors see clear badges on the roster, ensuring inclusive, compliant seating without last-minute reshuffles.
Add an optional accessibility section to the booking flow to capture mobility needs and preferences (e.g., wheelchair user, limited stairs, aisle preference, companion seat, service animal, extra time to enter), plus a free-text note. Store responses at the booking level with an attendee opt-in to save as a reusable profile preference. Ensure fields are accessible, localized, and mobile-friendly; expose via API/webhooks for studio CRMs. Respect data minimization and only surface relevant details to instructors and front-desk roles. Enable per-organization toggles and default prompts, and validate inputs without blocking checkout. Synchronize captured needs with roster views and seat assignment logic in real time.
Provide a layout builder to define class seating/spot maps per location and template, including rows, zones, entrances, and pathways. Allow instructors to tag seats/spots with attributes such as Accessible, Aisle, Companion, Near Entrance, Extra Space, and Priority Row, and to mark accessible paths and obstructions. Support import of a floor image for reference, template cloning, and versioning with effective dates. Validate that a configurable minimum number of accessible and companion seats are available relative to capacity. Persist layouts to classes and sessions, expose tags to the assignment engine and roster UI, and handle capacity changes without breaking existing assignments.
Implement an assignment engine that, at booking and check-in, matches attendees’ declared needs to tagged seats/spots and auto-assigns the most suitable available option. Apply deterministic rules with tie-breakers (booking time, membership tier, proximity preferences) and support instructor overrides with safeguards and warnings. Lock assignments to prevent accidental reassignment, and re-balance when cancellations occur. Provide real-time updates to attendee confirmations and instructor rosters, with notifications on assignment or changes. Fail gracefully when suitable seats are unavailable by placing users in a pending state and prompting staff to resolve. Log all assignment decisions for auditability.
Display clear, non-stigmatizing badges on rosters, check-in, and attendee detail views to indicate accommodations (e.g., Wheelchair, Aisle, Companion) and current seat assignment. Provide tooltips with limited, need-to-know context and a pre-class summary that highlights counts of accessible seats, unresolved needs, and risks. Alert instructors when manual moves would violate an attendee’s needs or reduce accessible inventory below configured thresholds, offering suggested alternatives. Support printable and offline roster modes and ensure color palettes meet contrast guidelines. Respect role-based access so only authorized staff see sensitive details.
Extend waitlist promotion logic to honor accessibility needs and seat tags, offering newly available accessible/priority seats first to waitlisted attendees who require them. Support configurable hold windows, multi-seat bookings with companion seats, and fallback rules when no match exists. Provide targeted notifications that indicate the seat type being offered and expiration times. Maintain transactional integrity so seats aren’t double-allocated during concurrent promotions. Expose analytics on promotion outcomes and declines to optimize accessible seat inventory.
Add explicit consent capture for collecting and using accessibility information, with clear explanations of purpose and retention. Allow attendees to view, edit, or withdraw accessibility preferences and to choose per-booking disclosure. Implement role-based access, field-level encryption at rest, and masked views for non-privileged roles. Provide data export and deletion to meet GDPR/CCPA requirements and configurable retention windows. Log access to sensitive fields and surface privacy settings in account, booking, and roster contexts. Ensure all notifications avoid unnecessary disclosure of sensitive details.
Generate exportable reports summarizing accessible seating availability, assignments, overrides, unresolved needs, and instructor actions by class, date range, and location. Include timestamped audit logs of assignment decisions, warnings shown, overrides applied, and consent statuses without exposing excess PII. Provide CSV and PDF formats with role-based access and redaction options. Surface KPIs (e.g., percentage of needs fulfilled, accessible seat utilization, incidents avoided) to monitor inclusion outcomes and support regulatory or grant reporting.
Automatically detects each viewer’s time zone and renders class times in their precise local time with a clear “Your time” label. Honors manual overrides for traveling users and keeps conversions accurate across web, email, and embeds—eliminating mental math and reducing missed sessions.
Automatically determine the viewer’s IANA time zone using client capabilities with server-side fallback, then persist the resolved zone per device (cookie/local storage) and per authenticated profile. Initialize detection on first load of public pages, embedded widgets, and the ClassTap dashboard; re-resolve on OS time zone changes and when users sign in. Provide resilient fallbacks (studio default → UTC) when detection fails. Centralize the resolved time zone in a shared service so all components access a single source of truth, minimizing drift and preventing double-booking due to mismatched interpretations.
Offer a clear control to manually select a different time zone when traveling, with optional duration (e.g., until date or for N days) and a one-click reset to automatic detection. Display a lightweight banner that indicates the override and the selected time zone. Persist the override in the user profile when signed in and per device when anonymous, syncing across sessions. Accept tz parameters in booking and email links to pre-set the override. Ensure the override propagates through checkout, reminders, and waitlist-to-payment flows to avoid missed sessions.
Unify time rendering through a shared conversion utility that outputs formatted times in the resolved/overridden time zone for all surfaces: public booking pages, admin views, embedded schedules, transactional emails (confirmations, reminders, invoices), and calendar attachments (ICS). Ensure emails include explicit “Your time” context and that ICS events embed TZID/VTIMEZONE blocks to preserve correctness across clients. Provide API/query support (e.g., tz=America/Chicago) for partner embeds. Guarantee that the same event appears at the same local time across channels to reduce no-shows and support revenue goals.
Base all conversions on UTC + IANA TZIDs to correctly handle daylight saving transitions, historical rules, and regional quirks. Detect ambiguous/non-existent local times during DST shifts and display a subtle note if an event falls in a transition window. Lock conversions to the event’s original time zone context to prevent instructor-side drift. Add regression tests pinned to known DST boundaries and update processes tied to IANA releases. Prevent double-booking and reminder misfires by resolving times at send time with the latest rules.
Visibly annotate displayed times with a non-intrusive “Your time” label and provide a tooltip or inline toggle to view the instructor’s original time zone time. Respect locale and user preference for 12/24-hour formats and provide accessible labels for screen readers. Apply consistent formatting and labeling in lists, detail pages, checkout, and emails to eliminate ambiguity. Persist the original-time toggle per user/session to support cross-page continuity.
Resolve and apply the time zone within 100ms on first paint to avoid a flash of unlocalized content. Hydrate server-rendered pages with a placeholder time zone and reconcile client detection without visual jumps. Cache resolved zones per device and throttle re-computation. For embeds, support CDN caching that varies by a lightweight time zone key. Instrument performance metrics and error logs for detection failures and mismatches.
Store only the selected IANA time zone identifier and necessary timestamps—no precise location, IP geolocation details, or GPS coordinates. Document purposes and retention in the privacy policy, honor user deletion requests, and gate optional geolocation behind explicit consent where applicable. Ensure all processing aligns with GDPR/CCPA and internal data minimization standards while still delivering accurate conversions across ClassTap surfaces.
Prevents one‑hour surprises by detecting sessions that cross daylight‑saving changes in any region. Warns hosts at scheduling, pins reminders to the absolute start time, adjusts recurring series correctly, and sends pre‑change nudges so nobody shows up early or late.
Detects when a single session or any occurrence of a recurring series intersects a daylight-saving transition in the event’s timezone (IANA) and any attendee timezones if applicable. Surfaces inline warnings during creation/editing, previews pre- and post-change local start times, and persists DST-impact metadata (affected dates, event timezone, anchoring mode). Provides API flags for integrators, and feeds downstream services (reminders, calendar sync, double-booking checks) to prevent one-hour surprises and reschedules.
Generates recurring class instances that remain at the same local wall-clock time across DST changes by default, using RRULEs bound to the host’s selected timezone with explicit anchoring metadata. Supports an override to anchor by absolute UTC time for global livestreams. Re-materializes future instances on tzdata updates, and ensures capacity and conflict detection operate on the computed instance times. Minimizes manual edits while preserving host intent.
All confirmations and reminders (email, SMS, push) are generated from persisted UTC instance datetimes and rendered per recipient in their local timezone with clear formatting (e.g., ISO 8601 and timezone abbreviation). Ensures attendees see the precise start time that accounts for DST, regardless of device settings. ICS attachments and deep links reference the same absolute time to keep messaging, calendars, and the app aligned.
Proactively scans for upcoming DST transitions within a configurable window and sends targeted notifications to hosts and registered attendees for affected sessions. Includes per-session adjusted local times, clear impact explanations, and actions (acknowledge, reschedule, cancel). Hosts receive a consolidated digest; attendees receive session-level nudges. Optional requirement for attendee re-confirmation on high-impact changes to reduce no-shows and support tickets.
Calendar integrations (Google, Apple, Outlook, ICS feeds) encode timezone-aware start/end times with VTIMEZONE components and correct RRULEs so occurrences render correctly across DST changes. Updates maintain UID stability and sequence increments. Offers per-attendee ICS where needed for virtual classes. Handles non-existent and ambiguous times by adjusting and notifying to maintain alignment between ClassTap and external calendars.
Maintains a centralized, versioned tzdata source with automated updates, monitoring, and rollback. Exposes APIs for timezone lookup, DST transition queries, and occurrence generation. Triggers re-computation of future instances affected by tzdata changes. Covers regions without DST and non-hour offsets to ensure global correctness and platform reliability.
When a chosen local time falls into a DST gap or overlap, the UI blocks publish and guides the host to resolve it: choose first/second occurrence for overlaps, adjust to nearest valid time for gaps, or switch anchoring mode. Provides a preview of resulting times for all affected occurrences and logs the decision for auditability. Prevents silent mis-scheduling at DST boundaries.
One‑tap toggle between Local, Host, and Original time zones on schedules, rosters, and invoices—plus a handy “in X hours” relative view. Gives both staff and clients instant clarity without leaving the page, cutting confusion and support questions.
A unified, one-tap segmented control that switches between Local (viewer’s device time zone), Host (class venue/organizer time zone), Original (time zone used when the class was created), and Relative (“in X hours”) views. The control appears persistently on schedules, rosters, booking modals, and invoices without page reloads. It displays the active mode, shows the applied time zone abbreviation where relevant, and updates all visible timestamps instantly. Designed to be lightweight, responsive, and embeddable across pages, it minimizes visual clutter while providing immediate clarity. Includes graceful fallback for unsupported environments.
A centralized service that converts event times accurately using IANA time zones, accounting for daylight saving transitions, fractional offsets, and venue-based host time resolution. Provides a single source of truth for conversions on the client and server, exposes helpers for formatting (12/24‑hour), and computes continuously updating relative times (e.g., “starts in 3 hours”). Handles edge cases such as multi-day events, past events, and real-time clock drift, with unit tests and snapshot tests to guarantee correctness. Optimized with caching and memoization to ensure sub-50ms updates for typical views.
A shared time-zone context that propagates the selected view across schedules, rosters, invoices, and booking flows. Deep-link support via query parameters (e.g., tz_mode and tz) ensures consistent display when sharing URLs. Back-end and public API endpoints accept and return canonical UTC plus selected time-zone metadata, preventing discrepancies between UI and integrations. State persists during navigation without reloads, and batch updates re-render timestamps efficiently to prevent layout thrashing.
Per-user and per-organization defaults for the selected time view. Logged-in users’ preferences are stored in profile settings; guests use secure local storage with sensible TTL. Admins can set workspace-wide defaults and optional class-level overrides (e.g., always show Host for in-person). URL parameters can temporarily override defaults for campaigns and embeds. Includes a clear reset mechanism and respects privacy/consent requirements.
WCAG 2.2 AA-compliant control with full keyboard navigation, focus indicators, ARIA roles/states, and screen-reader-friendly labels (including expanded time-zone names). Supports high-contrast themes, touch targets ≥44px, and robust error states. Localizes labels and time-zone abbreviations, honors user 12/24-hour preferences, and formats times per locale conventions. Includes automated a11y tests and pseudo-localization in CI.
Ensures exports and outbound communications reflect the selected time view while remaining unambiguous. ICS files include TZID and embedded VTIMEZONE; PDFs, invoices, and printed views display the chosen mode and a clear time-zone label; emails/SMS show both the selected view and an absolute time with time-zone to avoid confusion when forwarded. All templates pull from the same conversion engine and include a header note (e.g., “Times shown in America/Los_Angeles”).
Suggests high‑performing class times across selected regions using attendee time‑zone distribution, past attendance, and quiet‑hour rules. Visual heat bands highlight “best” windows so you can pick slots that maximize conversions and minimize no‑shows.
Aggregate attendee availability across selected regions by combining user profile time zones, historical attendance timestamps, lead capture locations, and waitlist data to model local-time distributions. Normalize for daylight saving time changes, anonymize data, and provide fallbacks when historical data is sparse. Expose an aggregated distribution service that refreshes nightly and on-demand, feeding downstream scoring and visualization while maintaining low latency and data privacy safeguards.
Compute a time-slot score (0–100) for a configurable grid that blends attendee time-zone distribution, past attendance by class type, conversion rates, no-show probability, quiet-hour rules, and region-specific seasonality. Support class duration and modality (online/in-person), provide tunable weighting presets (e.g., maximize revenue vs. minimize no-shows), and return reason codes/feature attributions to explain recommendations. Deliver results via an internal API with <500ms response for weekly views and cache hot queries for responsiveness.
Render a responsive calendar with visual heat bands that map score quantiles across days and times. Provide tooltips with expected attendance range, conversion uplift, and no-show risk, plus filters for region, class type, duration, and modality. Ensure accessibility with colorblind-safe palettes, keyboard navigation, and clear legends. Enable quick interactions via client-side caching, and support export to PNG/CSV and shareable links with permission controls.
Offer a rule builder to define quiet hours by region/time zone and day of week, plus blackout dates for holidays and personal constraints. Provide market defaults from public calendars with the ability to override per class or campaign. Validate rules against existing schedules, propagate them to the scoring engine and UI masking, and maintain version history and audit logs. Support import from external calendars and respect user locale settings.
Allow users to select multiple regions/cities and assign weights reflecting audience size or strategic priorities. Auto-suggest regions from customer data, deduplicate overlapping audiences, and handle DST and region-specific holidays. For in-person classes, apply a configurable travel radius to refine demand. Persist selections by class type and pass normalized weights to the scoring pipeline.
Convert a recommended slot into a published class in one step with pre-filled details and automatic conflict checks against instructor availability, room resources, and existing bookings. Prevent double-bookings by locking the slot during confirmation, and provide smart alternatives if conflicts occur. On publish, trigger waitlist invites, payment links, calendar sync, and attendee notifications, and capture analytics for measuring impact on attendance and no-show rates.
Sends .ics calendar invites and updates with full VTIMEZONE/UTC data so Google, Apple, and Outlook render the exact same local start time. Auto‑updates on reschedules and includes join links—ending calendar drift for traveling clients and hybrid classes.
Generate RFC 5545-compliant .ics files for every booking that include VEVENT with persistent UID, DTSTAMP, and SEQUENCE; DTSTART/DTEND specified using IANA TZID plus corresponding Zulu (UTC) timestamps; and an embedded VTIMEZONE component with full standard/daylight observances so Google, Apple, and Outlook render the same local start time across regions and DST changes. Populate ORGANIZER, ATTENDEE, SUMMARY, LOCATION, and DESCRIPTION fields, support RRULE/EXDATE for recurring classes, apply correct line folding and CRLF, and set METHOD appropriately (REQUEST for new/updates). Ensure files are under size limits, are cache-safe, and carry consistent branding from ClassTap.
Automatically send calendar updates whenever a booking is edited, rescheduled, or canceled in ClassTap by reissuing the same UID with incremented SEQUENCE and appropriate METHOD (REQUEST for updates, CANCEL for cancellations). Preserve attendee list, propagate changes to SUMMARY, DTSTART/DTEND, LOCATION, DESCRIPTION, and conference details, and ensure clients replace rather than duplicate events. Support series-level updates vs single-occurrence changes for recurring bookings and handle waitlist-to-payment transitions that convert holds into confirmed invites. Provide idempotent re-send logic and guardrails to avoid spam on rapid edits.
Embed join links and location details so events are actionable across calendar clients: include clickable URL in DESCRIPTION, populate LOCATION with venue or "Online"/hybrid label, and attach conferencing metadata where supported. Add dial-in numbers and access codes when available, and surface safety notes or door codes for in-person sessions. Ensure that updates to meeting links or rooms propagate via the same UID/SEQUENCE flow. Provide fallbacks so Apple, Google, and Outlook users can always access the join method with one tap.
Resolve the correct timezone for each attendee using profile preference, class default timezone, booking context, and geolocation hints at booking time. Persist the event’s TZID and include VTIMEZONE so that if a client travels, their calendar still renders the event at the correct local time for the class location. When timezone is unknown, default to the class’s TZID with UTC fallback in DTSTART/DTEND and include a note in DESCRIPTION. Allow attendees to override their timezone in account settings and ensure consistency across reminders and reschedules.
Validate invites across major calendar ecosystems—Google Calendar (web/Android/iOS), Apple Calendar (macOS/iOS), Outlook for Windows/Mac/Web, and Exchange/Office 365—covering DST transitions, recurring rules, cancellations, attendee updates, attachments, and line folding. Establish an automated test suite that generates golden .ics fixtures and snapshot-renders key fields, plus a manual QA checklist for edge cases (e.g., leap seconds ignored, overnight classes, attendees in different timezones). Document known client quirks and bake workarounds into the generator to ensure identical local times and behavior.
Deliver invites via email using MIME multipart with text/calendar (method=request/cancel) and .ics attachment, signed with SPF/DKIM/DMARC for inbox placement, and provide a downloadable .ics link on the booking confirmation and dashboard. Implement retries, bounce handling, and rate limiting; log delivery status per attendee and expose a simple dashboard for instructors to see sent/failed invites and re-send when needed. Ensure idempotency keys prevent duplicate sends during transient errors and throttle updates to batch rapid successive edits.
Add Timeproof Invites controls in ClassTap settings: toggle feature on/off per class type, configure organizer display name and reply-to address, set default reminder VALARM times, and customize event title/description templates with variables (class name, instructor, studio address, join link, refund policy). Provide per-class overrides and preview of the generated .ics and email, ensuring brand consistency and compliance with privacy settings. Changes should take effect on new sends and future updates while preserving past event history.
Schedules SMS/email reminders to land within each attendee’s preferred local hours and respects do‑not‑disturb windows. Messages clearly display the user’s local start time and auto‑adjust for DST shifts, improving show‑up rates without overnight pings.
Determine and persist each attendee’s accurate local timezone using a prioritized resolution strategy: explicit profile timezone, device/browser settings when available, phone country/area metadata, recent login IP geolocation (privacy-respecting), and class/studio location as a last-resort fallback. Normalize to IANA identifiers, handle ambiguous regions, and re-resolve on significant signals (e.g., new login from distant region) without spamming users. Expose timezone on attendee profiles and via API, cache results, and maintain audit trails for changes. Provide deterministic conversions for scheduling and message rendering, with guardrails for stale or conflicting sources. Integrate with booking flows, waitlist promotions, and reminder templates to ensure times are computed in the attendee’s local context.
Enable attendees to define preferred send windows and do‑not‑disturb periods per channel (SMS, email), including weekday/weekend variations, temporary blackout ranges (e.g., vacation), and minimum lead-time preferences (e.g., no messages after 9pm or before 8am, at least 12h before class). Provide sensible regional defaults for new users and allow studios to set account-level templates that attendees can override. Store preferences in a timezone-aware model, validate for overlaps/conflicts, and expose management via profile UI and one-click preference links in messages. Ensure preferences versioning, auditability, and API access for integrations.
Implement a scheduling service that computes the next permissible send time per recipient by intersecting reminder timing rules (e.g., 24h and 2h before class) with each attendee’s allowed windows and legal restrictions. Queue and dispatch messages accordingly, deferring those that fall outside windows and promoting urgent ones when within grace thresholds. Support de-duplication, message coalescing (e.g., combine multiple reminders for the same day), idempotent retries, rate limiting, and backoff. Ensure horizontal scalability, high availability, and strong observability (metrics, traces, dead-letter queues). Integrate with SMS and email providers, respect per-channel throughput, and guarantee ordering where relevant. Provide configuration for cutoffs, grace periods, and exception policies.
Accurately handle daylight saving time and other calendar anomalies by computing send times and rendering class start times with the attendee’s timezone at send-time. Address edge cases like skipped or repeated hours, hemisphere differences, and transitions occurring between scheduling and dispatch. Display localized time with clear zone abbreviations and 12/24h formatting per locale. Maintain canonical UTC timestamps with timezone context snapshots for auditability, and include tests around DST boundaries. Ensure ICS attachments and calendar links reflect correct local start times.
Provide an admin-facing tool to preview reminder content and see the calculated send time for a specific attendee and class, factoring in quiet hours, DND, lead times, legal restrictions, and DST. Allow simulation of different settings (e.g., changing quiet hours or reminder offsets) and show reasons when a message is deferred or coalesced. Surface warnings for potential conflicts and show fallback channels when one is blocked. Enable export of previews for support and client communication.
Enforce per-region messaging regulations (e.g., TCPA, CASL, GDPR) by tracking per-channel consent, double opt-in for SMS, honoring STOP/START keywords, and providing clear unsubscribe mechanisms in emails. Apply jurisdiction-specific quiet hour restrictions even when user preferences are more permissive. Maintain compliant audit logs (timestamp, source, IP) and suppression lists synced with providers. Block sends when consent is missing or hours are restricted, and surface compliance reasons in logs and previews. Provide data subject request tooling and configurable retention policies.
Integrate quiet hour logic into automated waitlist promotions. When a spot opens, schedule the promotion and payment link within the recipient’s allowed window. Provide configurable hold durations that can span DND periods and extend holds appropriately to ensure fairness. Implement escalation for imminent class start times (e.g., switch channel, shorten hold with clear notice) while respecting compliance. Prevent double-bookings by atomically reserving spots during holds. Track and report conversion rates and time-to-claim segmented by quiet hour adherence.
Set tiered or percentage deposits by offer with clear deadlines and auto‑conversion into the first installment at start. Expiring deposit holds release seats to the waitlist automatically, lowering commitment friction while protecting cash flow and reducing manual follow‑ups.
Provide per-offer deposit settings supporting fixed amount, percentage of price, and tiered matrices by seat type, time-to-start, and customer segment. Define deposit due windows (absolute date or relative offsets) and policies (refundable, non-refundable, applies to balance). Auto-validate against price changes, discounts, vouchers, and taxes; compute deposit totals with currency rounding. Expose settings in the Offer editor with previews and guardrails (min/max deposit). Persist configuration and versioning for audit; apply rules to existing bookings per effective date without breaking commitments. Surface deposit terms at checkout and in invoices. Provide CRUD APIs and webhooks for deposit rule lifecycle events.
When a deposit payment or claim window expires, automatically release the reserved seat and sequentially offer it to waitlisted customers. Generate exclusive claim links with countdown timers, preventing double-booking across concurrent claims. Update capacity atomically and propagate availability to schedules, widgets, and calendars. Support configurable grace periods, number of waitlist passes, and lockout rules. Log all transitions and outcomes for support and analytics. Handle edge cases such as simultaneous expiries, multi-seat orders, and capacity changes.
On the configured trigger (e.g., class start or plan start), automatically convert paid deposits into the first installment, update invoices, and schedule or capture the remaining balance per payment plan rules. Respect cancellation/reschedule policies, credits, and tax recalculation. Provide safeguards to avoid duplicate captures and idempotent retries for failures with dunning controls. Show a payment timeline on the booking detailing deposit receipt, conversion, and remaining installments.
Deliver branded, templated notifications via email, SMS, and push for deposit due, nearing deadline, expiration, seat released, waitlist claim window, conversion, and receipts. Include dynamic tokens (amount, deadline with time zone, policy links) and secure payment links. Support per-offer templates, quiet hours, opt-outs, and localization. Track sends, opens, clicks, and conversions, and provide admin preview and test send.
Enable authorized staff to override deposit amounts, extend or shorten deadlines, manually release or assign seats, waive or refund deposits (full or partial), and apply credits. Require reason codes and capture an audit trail with before/after values, actor, timestamp, and affected booking. Enforce role-based permissions and display conflict warnings (e.g., oversell risk) before committing. Ensure all actions reconcile inventory, invoices, and ledgers consistently.
Process deposit transactions through supported gateways (e.g., Stripe, PayPal, Adyen) with tokenized, SCA-compliant flows. Support partial payments, multi-currency, tax-inclusive/exclusive pricing, fee absorption or pass-through, and instant refunds where available. Record double-entry ledger movements for deposit liabilities, conversions to revenue, refunds, and chargebacks to preserve cash flow clarity. Provide reconciliation exports and real-time webhooks for downstream accounting and CRM systems.
Provide dashboards and exports for deposit uptake, hold-to-pay conversion rate, waitlist claim rate, time-to-fill after release, no-show deltas versus non-deposit offers, revenue attributed to deposits, and refund/chargeback rates. Enable breakdowns by offer, instructor, cohort, and timeframe with filters for deposit type and deadline rules. Support A/B testing of deposit tiers and deadlines with statistically sound comparisons and flags for winning configurations.
An interactive builder that recommends optimal pay‑in‑2/3/4 schedules based on start date, program length, and client payday preferences. Shows transparent due dates and studio cash‑flow projections to boost conversions and cut support questions for higher‑ticket classes and cohorts.
Core algorithm that generates optimal pay‑in‑2/3/4 schedules using inputs such as tuition, deposit, class start date, program length, and the client’s payday cadence. Applies constraints (minimum days between payments, last installment before program end with configurable buffer, weekend/holiday shifting, and timezone awareness), rounds amounts accurately, and scores plans for conversion vs. cash‑flow impact. Produces up to three recommended options with clear labels (Best Alignment, Fastest Payoff, Lowest Monthly). Integrates with pricing/discounts, taxes/fees, and checkout APIs. Includes deterministic test coverage and guardrails for edge cases (short programs, late enrollments, partial scholarships).
Interactive step in the wizard that collects the client’s payday pattern (weekly day-of-week, biweekly next payday date, semimonthly days like 1st/15th, or monthly specific day) with a quick picker and helper text. Validates feasibility against the class start date and program length, auto-calculates the next payday, and stores preferences on the client profile for reuse. Provides sensible defaults and a fallback when payday is unknown. Includes consent text for using the preference to schedule automatic charges.
Checkout and preview UI that clearly displays deposit due now, each installment’s date and amount, applied discounts, taxes/fees, and the selected payment method. Shows timezone, late fee policy, retry schedule, and cancellation/refund terms via tooltips and inline disclosures. Supports responsive layouts, accessibility (WCAG 2.1 AA), print/shareable links, and localized date/number formats. Updates in real time when plan options or payday preferences change.
Owner-facing view that projects expected cash inflows over time per class/cohort based on selected plan mixes (pay‑in‑full vs pay‑in‑2/3/4). Provides charts and tables for monthly projections, cumulative revenue curves, and best/worst-case ranges with configurable failure/retry assumptions. Includes scenario comparison, filters by class and plan, CSV export, and performance caching. Integrates with refunds, cancellations, and late enrollment adjustments to keep projections accurate.
Flow that, when a spot opens, automatically offers the waitlisted client their selected installment plan, reserves the seat, collects the deposit immediately, and schedules remaining payments. Supports timed holds, fallback to next waitlister on expiry, and dunning if the initial payment fails. Integrates with existing waitlist logic, inventory/double‑booking prevention, and audit logging to ensure traceability.
Securely captures and tokens card/ACH payment methods with explicit authorization for automatic installment charges. Supports 3DS/SCA where applicable, ACH micro‑deposit verification, pre‑authorization for deposit, card‑expiry monitoring with proactive update prompts, and mid‑plan method updates. Ensures PCI compliance, stores consent records, sends mandated notices, and issues receipts for each charge. Provides fallback method capture on failure without losing seat reservation windows.
Automated pre‑due reminders (email/SMS/push), same‑day alerts, and structured retry schedules aligned to the client’s payday cadence. Includes editable templates, localization, quiet hours, and opt‑in/opt‑out controls to meet compliance (e.g., TCPA/GDPR). Emits webhooks/events for downstream systems, tracks delivery/engagement metrics, and summarizes recovery performance in reports.
Collect a backup payment method at checkout (card, ACH, or wallet) and auto‑switch on soft declines. Clients get a heads‑up and one‑tap confirmation while rosters stay intact—recovering revenue without staff intervention.
Collect a secondary payment method during checkout in addition to the primary method, supporting card, ACH, and mobile wallets. Present clear consent copy that explains when the backup may be used, with links to terms and studio policy. Allow customers to select and reorder backup preference, prefill from saved methods, and add new methods with real-time validation. Tokenize and securely vault all methods via the existing payment gateway, associate them to the customer profile, and make them available across web and mobile checkout. Display non-sensitive identifiers (last4, bank name, wallet type) and provide an opt-out. Ensure the flow adds minimal friction: one additional step with progressive disclosure, localized copy, and accessibility compliance. Persist the backup selection on the booking and order for later orchestration.
Detect soft-decline responses from processors in real time, normalize error codes across providers, and route payment attempts through a configurable retry and fallback policy. On a soft decline, hold the reservation and roster spot, queue retries with exponential backoff where appropriate, and automatically switch to the backup method when policy conditions are met. Maintain idempotency keys and atomic updates to avoid duplicate charges, and write machine-readable state transitions (attempted, retried, switched, captured, failed) to the payments event stream. Expose a deterministic decision log per transaction for audit and support. Respect cutoffs relative to class start time to guarantee roster integrity.
Send an immediate heads-up to the client when a soft decline occurs, including a one-tap confirm action to proceed with charging the backup method and a one-tap cancel to update the booking. Support push, SMS, and email with deep links to web and app, expiring tokens, and localization. If the policy requires explicit consent, block auto-capture until the client confirms or the timer elapses; otherwise, proceed automatically while still notifying the client. Provide real-time status in the client portal and allow method swap within the same flow. Record the client’s consent with timestamp, channel, and IP/device metadata.
Provide studio owners with a settings panel to enable Fallback Pay, choose allowed backup types (card, ACH, wallets), define retry counts and intervals, require or skip client confirmation, set message templates, and set class start cutoffs. Allow exceptions by product type (drop-in, package, membership), price threshold, and customer segment. Support test mode and sandbox transactions for validation. Surface a summary of the current policy with effective dates and versioning, and allow per-class overrides when publishing a schedule.
Use gateway tokenization for all payment methods, never storing raw PAN or bank details on ClassTap systems. Enforce PCI-DSS SAQ A scope, encrypt all sensitive metadata at rest and in transit, and implement least-privilege access to vault references. Support SCA/3DS where required and step-up authentication on fallback capture when mandated. For ACH, collect and store NACHA-required authorizations and handle micro-deposit or instant verification flows as supported by the gateway. Maintain immutable audit logs for consent, policy applied, attempts, and captures with retention aligned to legal and studio requirements.
Ensure Fallback Pay operates consistently across immediate bookings, auto-promotion from waitlists, membership renewals, package refills, and invoice-based payments. When a waitlisted client is promoted and the primary method soft-declines, hold the spot and initiate fallback per policy without breaking the waitlist chain. For recurring charges, respect billing cycles, grace periods, and proration while using stored backups. Provide safeguards to avoid double-charging when multiple automations trigger concurrently.
Deliver a dashboard and export that quantify revenue recovered by Fallback Pay, recovery rate by method type, soft-decline reasons, time-to-capture, and client confirmation engagement. Offer cohort views by studio, class type, and campaign. Emit events to the analytics pipeline and provide webhooks for recovered, switched, or failed states. Generate actionable alerts only when manual intervention is required (e.g., both methods fail, consent denied), with links to resolve in the booking or customer profile.
Brand‑safe, multi‑channel reminders that adapt tone, frequency, and timing to each client’s history. Sends via email/SMS within local quiet hours, includes one‑tap payment‑method updates, and tracks a live status page—recovering more payments without damaging relationships.
Rules-driven selection of reminder tone (friendly, neutral, firm) and send cadence per recipient using signals such as invoice age, amount, client tenure, past responsiveness, prior disputes/chargebacks, and preferred channel. Provides brand-safe guardrails via approved copy libraries, blocked phrases, and escalation limits. Exposes admin controls to configure tone boundaries, escalation steps, and per-segment strategies while defaulting to best-practice presets. Outputs a per-recipient sequence plan consumed by the delivery orchestrator, with previews and change logs for auditability. Supports template variants and lightweight A/B experiments to improve recovery without harming relationships.
Automatically determines each recipient’s local timezone from profile, booking history, or geolocation heuristics and schedules emails/SMS within configurable quiet-hour windows (e.g., 8am–8pm local). Handles daylight saving changes, regional exceptions, and business-defined rules for weekends and holidays. Includes backoff and jitter for retries, rescheduling if a planned send falls into quiet hours. Exposes org-level and segment-level overrides and integrates with the orchestration layer to ensure all sends respect frequency caps and local regulations.
Coordinated sequencing of email and SMS reminders with channel preferences, frequency caps, and deliverability-aware failover. Triggers SMS when email bounces or shows no engagement after a defined interval, and suppresses duplicate notifications across channels. Integrates with email and SMS providers via webhooks for delivery, open/click, reply, bounce, and unsubscribe events. Enforces per-recipient and global throttles, idempotency keys for safe retries, and deduplication across concurrent workflows. Provides per-tenant configuration for step timing, channel order, and maximum touches per invoice.
Generates signed, expiring magic links that deep-link to a branded, mobile-first payment update page supporting tokenized cards, Apple Pay/Google Pay, and bank debit where enabled. Performs real-time 3D Secure/SCA challenges when required and updates the customer’s default payment method on success. Automatically retries the failed charge and closes the dunning loop, writing results back to the invoice and CRM. Enforces PCI SAQ‑A boundaries with hosted fields, TLS, short-lived tokens, and device fingerprinting. Supports issuer updater where available and records audit logs for all updates.
Creates a secure, signed URL per invoice that shows amount due, reason for failure, last and next retry attempts, and available actions (update payment method, pay now). Reflects real-time changes via server-sent events or polling and inherits tenant branding and accessibility standards. Prevents indexing and sharing abuse with short-lived tokens and device-aware risk checks. Embeds contextual help and contact options, and records engagement analytics for recovery insights. Links are included in all dunning messages and respect consent and suppression rules.
Captures and enforces per-recipient consent for email and SMS, including opt-in sources, timestamps, and scope. Automatically honors STOP/UNSUBSCRIBE keywords and link-based opt-outs, immediately suppressing further sends and updating preferences across ClassTap. Applies country-specific regulations (e.g., TCPA, GDPR, CAN‑SPAM) including required disclosures, quiet-hour rules, and data retention. Maintains auditable logs of consent changes, message content, and send metadata. Provides APIs and UI for exporting/deleting personal data and for bulk suppression imports.
After a failed installment, a visible countdown holds the seat for a configurable grace window. Clients can pay now, switch methods, or request a one‑time extension; when the timer ends, the system auto‑fills from the waitlist. Preserves fairness and reduces back‑and‑forth.
On any recurring installment or scheduled partial payment failure, the system automatically creates a grace hold for the affected booking, starts a countdown based on configured policy, and locks the seat from being released or rebooked while enabling limited actions (retry, change method, request extension). It logs the failure reason, associates the hold with the invoice and class occurrence, and ensures idempotency across payment provider webhooks to avoid duplicate holds. Hold state transitions are atomic and conflict-safe with waitlist and capacity management. APIs and events expose hold lifecycle to UI and downstream systems. The outcome is a consistent, fair process that reduces manual intervention and preserves class integrity.
A visible, real-time countdown timer is displayed to the client on booking details, invoices, and payment screens across web and mobile, showing remaining grace time, available actions (Pay Now, Change Payment Method, Request Extension), and the consequences of expiry. The timer persists across sessions and devices using a server time-source with drift-safe updates, supports accessibility (ARIA live regions, sufficient contrast, screen-reader labels), and degrades gracefully with periodic sync under poor connectivity. It respects branding themes and can be embedded via share links. Edge cases are handled: pausing during manual review, instant reflection of extensions, and clear messaging when expired and the waitlist process begins.
Admins can configure default grace durations at the account level with overrides at plan, class, and occurrence levels, including blackout periods near class start and holiday calendars. Policies define eligibility, maximum concurrent holds per user, whether holds pause outside business hours, deposit thresholds, grace start conditions (first failure only vs each retry), and seat-lock behavior when capacity is limited. Settings are auditable, versioned, exportable, and ship with safe defaults and inline guidance. These controls tailor fairness and operational fit across varied studio workflows.
Clients can immediately retry the failed installment or switch to an alternate payment method within the grace window. The flow pre-fills the outstanding invoice, validates method eligibility (e.g., disallow ACH close to class start), and supports SCA/3DS challenges. On success, the hold clears and the booking is restored; on failure, the timer continues with explicit error feedback and next-step guidance. The system supports tokenized vaulting, proration if class timing requires, and integrates with PSP webhooks for definitive settlement, using idempotent retry endpoints to prevent duplicate charges.
Within the countdown, eligible clients can request a single extension of a configurable duration. Rules determine auto-approval versus manual review by staff, with SLA timers and queueing. The system tracks one-time usage per booking and per user, prevents chaining, and updates the countdown instantly on approval. Staff tools surface relevant context (payment history, attendance, notes) and provide quick actions with templated responses. Denials retain the original expiry; approvals extend the hold and adjust waitlist notifications accordingly. All actions are logged for audit and reporting.
When the countdown expires without successful payment or an approved extension, the system atomically releases the seat and offers it to the next qualified waitlisted client based on configured rules (FIFO or priority tiers). It sends a payment link with an accept-by timer, marks the original booking as lapsed with reason codes, and handles any partial funds per refund policy. The process is resilient to race conditions and ensures capacity integrity via transactional locks, supports batch processing for multiple expiries, and emits events for analytics and messaging.
The system sends templated notifications at key milestones: grace start, time-based reminders, extension request outcomes, and seat release. Channels include email, SMS, and push where available, with throttling, quiet hours, and user preferences. Messages contain deep links to pay, change method, or request extension and show the exact expiry time in the recipient’s timezone. Templates are brandable per studio with merge fields, and deliverability is monitored with retries on failures. Compliance with consent and regional regulations is enforced.
Allow mid‑stream changes between deposit, pay‑in‑X, or pay‑in‑full with automatic proration and rescheduled dues. Optional pause and catch‑up rules keep committed clients enrolled instead of canceling, stabilizing cash flow and cohort retention.
Implements the core capability to switch an active enrollment between deposit, pay‑in‑X, or pay‑in‑full plans without canceling the booking. On swap, the engine recalculates the remaining obligation, applies credits from prior payments, generates a replacement payment schedule, and preserves enrollment and attendance records. It handles immediate charges or deferred charges based on merchant policy, aligns due dates to studio preferences, maintains seat reservations, and prevents double-bookings. The flow must be idempotent, reversible by admin rollback, and fully compatible with existing booking, waitlist, and autopay subsystems to ensure continuity of service and cash flow.
Provides deterministic calculations for proration and outstanding balance during a plan swap. Supports time‑based and session‑count products, partial period usage, deposits, discounts, taxes, fees, and rounding rules. Automatically converts consumed value into earned revenue and remaining value into a new principal, applies credits/refunds where needed, and enforces minimum charge thresholds. Calculation results must be transparent via a breakdown preview, consistent across UI, API, and receipts, and audited for accuracy across gateways (e.g., Stripe).
Enables optional pause of an active plan with configurable start/end dates, freeze fees, and limits per policy. On resume, automatically recalculates the remaining payment schedule to catch up missed dues without exceeding maximum per‑installment caps or violating final due dates. Maintains enrollment during pause, updates attendance eligibility according to rules, and ensures autopay resumes correctly. Supports pro‑rated extension vs. compressed catch‑up based on studio setting.
Defines configurable policies controlling when a plan can be swapped or paused, including minimum time since start, number of attended sessions, outstanding balance limits, discount conflicts, and instructor approval. Prevents swaps that would reduce total obligation below allowed floors, violate promotion terms, or create scheduling conflicts. Includes pre‑flight checks with actionable errors and soft/hard block modes for admins vs. self‑service users.
Delivers streamlined interfaces for members and admins to initiate, preview, and confirm plan swaps or pauses. Provides a real‑time cost/schedule preview, impact on next charge, any fees or credits, policy notices, and required consents. Admins can override within permission scopes; members see only eligible options. UX integrates with booking pages and the account portal, supports mobile, and ensures accessibility (WCAG 2.1 AA).
Sends transactional notifications (email/SMS/in‑app) for swap/ pause requests, approvals, schedule changes, upcoming charges, and failures. Includes embedded summaries of proration math and new due dates, with links to detailed receipts. Captures explicit consent and time‑stamped acknowledgments for policy changes and autopay updates, stored with the enrollment for compliance and dispute resolution.
Creates immutable ledger entries and audit logs for every swap, pause, credit, fee, and schedule change. Ensures revenue recognition adjustments, tax recalculations, and gateway references are correctly recorded and exportable to accounting systems. Exposes audit events via reports and webhooks for BI and reconciliation, with traceability from original invoice to revised schedule and receipts.
One‑click templates for common ClassTap roles—Owner, Instructor, Substitute, Front Desk, Accountant, and Corporate Portal Admin—preloaded with least‑privilege permissions. Speeds onboarding, keeps access consistent across locations, and reduces costly permission mistakes.
Provide out-of-the-box templates for Owner, Instructor, Substitute, Front Desk, Accountant, and Corporate Portal Admin, each mapped to a least‑privilege permission set aligned to ClassTap capabilities (scheduling, payments, invoices, attendee management, reporting). Enable one‑click assignment during user invite, onboarding, and role updates. Ensure templates are immutable system baselines to guarantee consistency, are versioned by platform release, and are backward compatible. Support location scoping and compatible application across single or multiple studios. Enforce idempotent application so reapplying a template produces a consistent permission state.
Deliver UI and API to assign or update role blueprints for multiple users at once, with options to scope access to specific locations, resources, and calendars. Support setting a default blueprint for new invites per location, and provide safeguards to prevent unintended escalation when users belong to multiple locations. Handle conflict resolution rules when merging existing custom permissions with a blueprint application. Provide progress feedback, partial‑failure handling, and a summary of changes applied.
Allow admins to clone system blueprints or build from scratch, adjust permissions via granular toggles, and save as reusable custom blueprints. Maintain semantic versioning for each custom blueprint with diff views, change notes, and rollback to prior versions. Propagate updates to all assigned users with optional staged rollout windows and effective‑date scheduling. Validate configurations against least‑privilege guidelines and flag risky permissions with warnings. Support draft, published, and deprecated states and enforce migration rules when deprecating.
Before saving or applying a blueprint, present a preview of net changes (added, removed, or scope‑reduced permissions) with risk indicators for sensitive actions (payouts, refunds, schedule overrides). Simulate effects across selected locations and users, estimate the number of impacted accounts, and show any conflicts with existing custom permissions. Require explicit confirmation for high‑risk changes and support dry‑run mode via API. Apply changes via background jobs with progress tracking and provide a post‑apply success/failure report and undo option where possible.
Capture immutable audit events for blueprint lifecycle (create, edit, publish, deprecate, delete), assignments, removals, and scope changes, including actor, timestamp, target users, and before/after permission diffs. Provide filterable views, retention settings, and export to CSV/JSON. Offer webhooks for real‑time notifications to external compliance tooling and a signed report for attestation during audits. Ensure time‑synchronized logging and tamper‑evident storage to meet compliance expectations.
Enable corporate or franchise organizations to define org‑level standard blueprints that locations inherit. Allow location admins to apply permitted local overrides within guardrails set by corporate (e.g., cannot grant payout permissions). Provide clear inheritance visualization, per‑permission lock controls, and conflict resolution rules. Support updates at the org level that roll down automatically with optional review windows for locations, ensuring brand‑wide consistency without blocking local needs.
Implement periodic access reviews on a configurable cadence with reminders to owners or corporate admins to re‑certify user‑role assignments. Provide a streamlined review UI showing current blueprint, last change date, and activity signals (e.g., last login, bookings handled). Support bulk revoke, role change recommendations, and generation of attestation reports. Auto‑flag inactive or role‑drifted accounts for action and support policy‑based auto‑disable after non‑response.
Granular scoping that limits what each role can see and do by location, room, class type, client segment, and financial areas (e.g., view‑only payouts, no exports). Enforces need‑to‑know access, protects client PII, and fits multi‑instructor, multi‑site workflows.
Define a role-permission matrix that supports granular scopes across location, room, class type, client segment, and financial domains. Enforce a default‑deny model with capability flags (e.g., view, edit, create, delete, export) that can be independently enabled per scope. Integrate enforcement in both UI and API layers, including background jobs and webhooks, to prevent privilege bypass. Provide an admin UI to assign roles and attach one or more scopes per user, with inheritance for multi-site organizations. Ensure backward compatibility by offering a migration path from existing roles to scoped roles. Expected outcome: consistent least‑privilege access that fits multi‑instructor, multi‑site workflows without blocking legitimate tasks.
Automatically filter all list, search, calendar, and detail views so users only see entities (classes, bookings, clients, rooms, payouts) within their assigned scopes. Apply server‑side row‑level filtering with query builders and policy middleware; mirror filters in the client to minimize confusing UI elements. Ensure cross‑feature coverage: scheduler, waitlist, double‑booking checks, notifications, and reports. Handle edge cases like multi‑scope users, cross‑site bookings, and shared rooms with deterministic rules and clear UI labels. Expected outcome: scoped visibility that reduces noise, protects PII, and prevents accidental cross‑site edits.
Introduce fine‑grained permissions for financial areas: view payouts vs. view balances, create/edit invoices, process refunds, issue credits, capture payments, and export financial data. Support view‑only modes and explicit export bans per role/scope. Add action gates in UI/API that require elevated permission or owner approval for sensitive operations (e.g., refunds over a threshold). Surface audit banners and disabled states explaining restrictions. Expected outcome: minimized financial risk and clearer separation of duties without blocking day‑to‑day scheduling work.
Protect client PII by introducing field‑level permissions and dynamic masking for sensitive fields (e.g., email, phone, payment details, notes). Render masked values unless explicitly allowed by scope; allow temporary reveal on authorized action with audit trail. Apply masking across UI, exports, API responses, notifications, and logs. Provide configurable PII definitions per region to support compliance. Expected outcome: privacy‑by‑default access that reduces leakage risk while preserving operational usefulness.
Record immutable audit events for permission checks (granted/denied), data access to sensitive entities, and all role or scope changes. Include who, what, when, where (IP/device), and why (triggering action). Provide an admin audit console with filters by user, scope, entity, and timeframe, plus export for compliance. Integrate alerts for repeated denials or high‑risk actions. Expected outcome: traceability for security reviews, faster incident response, and better configuration hygiene.
Enable owners and managers to delegate scoped access to substitutes or visiting instructors with time limits and automatic revocation. Support approval workflows for temporary elevation and immediate emergency revoke. Notify stakeholders before access expires and when elevations occur. Expected outcome: flexible staffing without compromising least‑privilege controls or leaving stale access in the system.
Time‑boxed access with auto‑expire and renewal rules for subs, contractors, and auditors. Set start/end dates, tie expiry to the last assigned class, and send proactive reminders before access lapses—eliminating forgotten accounts and tightening security without manual follow‑ups.
Provide administrators with controls to set and manage access start and end dates per user and per role (e.g., substitute, contractor, auditor), with organization- and role-level defaults. Support absolute dates and relative rules such as “expire N days after last assigned class ends,” time zone selection per user or org, and optional grace periods. Include batch edit, CSV import, and API endpoints to create/update access windows. Validate for overlaps, daylight saving transitions, and conflicting policies. Persist policy metadata for auditability and apply uniformly across web and mobile surfaces
Implement a reliable scheduler and rules engine that automatically revokes permissions at the moment of expiry in the configured time zone. On expiry, disable sign-in to admin areas, block class assignment and roster access per role, and prevent booking or payout-sensitive actions as appropriate. Ensure idempotent, retry-safe operations with observability (metrics, alerts) and partial-failure recovery. Do not delete historical data or past attendance; preserve records while removing forward-looking capabilities. Provide configurable grace periods and a reversible “Reinstate” action that restores prior scopes. Enforce across APIs and UI to prevent bypass
Enable configurable reminder cadences (e.g., 14/7/3/1 days and day-of) that notify both the expiring user and designated admins via email, SMS, and in-app notifications. Include localized, templated messages with dynamic fields (name, role, expiry date, classes affected) and deep links for one-click admin renewal with tokenized security. Support snooze/dismiss, escalation rules when no action is taken, and automatic calendar holds if policy requires. Log delivery status and user actions for audit and reporting
Tie access validity to class assignments and scheduling. Prevent assigning an expiring or expired user to classes beyond their access window unless policy allows auto-extension. If allowed, auto-extend using configured rules (e.g., extend through the last assigned class plus N days) and prompt for confirmation and cost center if applicable. Handle waitlist-to-assignment flows by checking access at assignment time and at auto-promotion time. Surface conflicts inline, propose remediation options, and ensure transactional integrity so bookings and access stay consistent
Display clear access state across profiles, rosters, class modals, and assignment lists, including badges such as Active, Expiring Soon, Grace, and Expired with countdown timers. Provide contextual CTAs like Renew, Extend, or Reinstate depending on permissions. Gracefully block restricted actions with inline explanations and links to policy settings. Ensure consistent behavior on mobile and desktop, with accessibility compliance for colors and screen readers
Record an immutable audit log of access window creations, edits, renewals, expiries, auto-extensions, and notifications, including actor, timestamp, rationale, and policy snapshot. Provide filters, exports (CSV), and summary dashboards (active vs. expiring, renewal rates, exceptions). Emit webhooks for key events (about-to-expire, expired, renewed, deprovisioned) for downstream integrations. Ensure logs are retained per data retention policy and are searchable via API
Dual‑approval workflow for sensitive actions like granting financial permissions, exporting client lists, or editing policies. Capture a business reason, approve via email/Slack, and log every decision—preventing unilateral changes and strengthening accountability.
Provide an admin interface and backend policy engine to define which actions require two-key approval, including financial permission grants, exporting client lists, and editing organizational policies. Support scoping rules by role, location, amount thresholds, and action category; map approver pools by role or named users; and allow per-organization settings with defaults. Include a safe “test mode” to simulate policies, versioning of policy changes, and migration tooling to bootstrap from current settings. Integrate with ClassTap’s RBAC and action middleware so policies are enforced consistently across web, mobile, and API. Expected outcomes: flexible governance without blocking normal operations and reduced risk of unilateral sensitive changes.
Insert a standardized pre-action gate that transforms sensitive actions into approval requests. Require a structured business reason, category, and relevant fields (e.g., amount, client segment), with optional attachments. Capture a cryptographic hash of the intended change payload and a snapshot of current state to ensure the final approved action matches the request. Validate inputs, prevent bypass via direct API calls, and present a clear confirmation UI to the requester. Store drafts and support cancellation with traceability. Expected outcomes: richer context for decisions and faster, better-quality approvals.
Implement a routing engine that selects eligible approvers based on policy, excludes the requester, enforces two distinct approvers (quorum), and applies conflict-of-interest rules (e.g., same team or reporting line restrictions). Support timeouts, automatic escalation to owners or backups, and delegation/out-of-office settings. Allow reassignment by admins with a logged reason. Provide SLAs and cutoff windows (e.g., end-of-day) to keep requests moving. Expected outcomes: predictable turnaround times and fair, auditable decision-making.
Deliver approval requests via secure, actionable emails and Slack interactive messages with Approve/Deny options, comments, and a deep link to the full request. Use signed, expiring tokens and optional one-time codes to authenticate quick actions without full login. Provide message templates, localization, and per-organization branding. Support retries, rate limits, and error handling for provider outages. Expected outcomes: faster approvals and higher response rates without forcing approvers into the dashboard.
Gate sensitive actions so they cannot execute until quorum is met. Bind approvals to the exact payload hash; if the underlying data changes, require re-approval. Enforce idempotency keys and locking to prevent double execution and race conditions. Provide compensating actions/rollback if downstream steps fail after approval. Ensure enforcement at service and API layers to prevent client-side bypass. Expected outcomes: strong guarantees that no unapproved changes can slip through and consistent system state under concurrency.
Create an append-only audit log recording requester, approvers, timestamps, decisions, reasons, comments, IP/agent, payload hashes, and policy version used. Provide searchable filters, per-request timelines, and CSV/JSON export. Implement tamper-evidence via hash chaining or external timestamping, and define data retention controls. Expose summary reports (e.g., approvals by category, average time to decision) and integrate with existing ClassTap reporting. Expected outcomes: complete traceability for compliance and faster investigations of disputed changes.
Send real-time notifications to selected approvers and watchers, with configurable reminder cadences and daily digests for pending items. Surface an SLA dashboard showing request volumes, approval times, aging, and bottlenecks by category or team. Allow threshold alerts (e.g., requests pending >24h) and per-organization notification settings. Expected outcomes: reduced approval latency and operational visibility to optimize policies and staffing.
Human‑readable audit timeline that records who did what, when, where (IP/device), with before/after values for roles and settings. Fast filters by user, asset, or date, CSV export for audits, and one‑tap restore to a previous role configuration to quickly undo mistakes.
Define and implement a canonical, append-only audit event model that captures actor, action, target asset, timestamp (UTC), source (UI/API), outcome, correlation ID, and normalized before/after snapshots. Persist events in a tamper-evident, multi-tenant store partitioned by tenant and time with secondary indexes for actor_id, asset_id, action_type, and timestamp to support sub-second queries at scale. Instrument all critical ClassTap domains (scheduling, payments, invoices, roles, settings) to publish events via a durable, idempotent pipeline. Include PII tagging for selective masking/redaction, retention policies, and time zone normalization for display. Target ingestion overhead under 200ms per event and 99.9% durability.
Capture and persist contextual metadata for each event, including authenticated user ID, role at time of action, session ID, IP address (masked per policy), user agent, device fingerprint, and approximate geolocation derived from IP. Record authentication method (password, SSO), MFA status, and request origin (web, mobile, API key). Normalize and store context in a privacy-aware format with configurable masking to meet regional compliance (e.g., GDPR). Expose context consistently in the UI and exports to support investigation and anomaly detection.
Compute human-readable before/after diffs for role memberships, permission grants, and configuration settings. Normalize nested structures, arrays, and enum values to produce concise, meaningful change summaries (added/removed/modified). Store both the rendered summary and a machine-readable patch to enable future replays and restores. Handle schema evolution and migrations gracefully by versioning diff formats. Surface diffs consistently in event detail views and exports.
Deliver a responsive, paginated audit timeline UI with instant filters by user, asset, action type, outcome, and date range, plus keyword search across event summaries and metadata. Support deep linking and saved filter presets, display times in the viewer’s local time zone, and provide infinite scroll with cursor-based pagination. Include accessible UI components, empty/error states, loading skeletons, and copy-to-clipboard for event IDs. Target P95 filter response under 500ms on datasets up to 5M events per tenant.
Enable CSV export of audit events with applied filters and selected columns, generated via an async job that streams results to avoid timeouts. Offer time zone selection for timestamps, optional PII redaction based on viewer permissions, and signed, expiring download URLs. Include an export request log with requester, time, filter criteria, row count, and file hash for chain-of-custody. Enforce row limits and pagination for very large exports and send completion notifications via email/in-app.
Provide a safeguarded restore action on role-related events that re-applies a prior role/permission state. Show a preview of changes to be applied, validate current constraints (e.g., users no longer exist, conflicting assignments), and require appropriate authorization and confirmation. Execute restores as idempotent background jobs, emit a new audit event for the restore, and support rollback on partial failure. Respect scope boundaries (studio/location) and block restores that would escalate the requester’s own permissions without secondary approval.
Introduce granular RBAC for audit features, including view, filter, export, and restore capabilities. Restrict sensitive fields (e.g., partial IP, device fingerprint) to privileged roles and require MFA for export/restore actions. Enforce tenant scoping, rate limiting, IP allowlists for export endpoints, and comprehensive access logging. Provide a dedicated ‘Audit Viewer’ role template and administrative controls to delegate access safely.
Preview a user’s exact access before saving changes. Run “Can X do Y on Z?” checks and see the interface as that role would, reducing support tickets and preventing over‑permissioning or accidental lockouts.
Provide a one-click sandbox that renders ClassTap exactly as a selected user or role would see it—without persisting changes. The simulator mirrors navigation, feature flags, resource scoping (studio, class, invoice, waitlist), and time-based permissions, including mobile and web views and tenant-specific branding. All requests execute under a simulated principal with read-only semantics and no external side effects. Deep links, back/forward navigation, and component-level fallbacks are supported. The sandbox integrates with the existing RBAC/ABAC policy layer and content APIs, masking PII where configured. Performance targets: initial load under 2 seconds p95 and route transitions under 500 ms p95.
Implement a deterministic permission check service that answers actor/action/resource queries (e.g., Can Instructor A edit Class B at Time T?) with allow/deny plus a human-readable rationale (matching policies, constraints, and feature flags). Support scopes across tenants, studios, classes, invoices, payouts, and waitlists, with optional time windows and resource attributes. Provide a UI for natural-language prompts and a structured API for developer tooling, with batch queries for bulk validation. Include impact analysis suggesting the minimal policy change to grant or revoke access and surface conflicting rules. Operates against a cached policy snapshot for low latency with audit-synced refresh.
Allow admins to stage role and policy edits and preview the exact effects before saving. Present a side-by-side diff of added/removed capabilities across resources (classes, schedules, invoices, attendees, discount codes) and highlight risky changes such as over-permissioning or potential lockouts. Provide guided recommendations to achieve least privilege, including rule templates and scope narrowing. Integrate with the simulator to render the before/after UI and with validation hooks to block saving when critical access is lost (e.g., no remaining owners).
Enforce read-only behavior in simulation mode by intercepting mutating operations (create/update/delete, payments, notifications, integrations) and substituting no-op or scrubbed responses. Clearly label all simulated screens and components, disable irreversible actions, and provide realistic but anonymized data where needed. Support configurable PII masking for attendee contact details and payment instruments to meet privacy requirements while enabling support and training workflows. Ensure third-party webhooks and emails are never triggered during simulation.
Capture structured logs of each simulation session and permission query, including who initiated it, target user/role, scope, time, and results. Allow creation of time-limited, tenant-isolated snapshot links that reproduce the simulated state for reviewers without granting broad access. Store logs and snapshots for 30 days by default with export to CSV/JSON and SIEM integration. Redact sensitive fields according to tenant policy. Provide admin reports on usage to measure reductions in support tickets and permission errors.
Define and meet SLOs for the Role Simulator: simulator cold start <2s p95, route switch <500ms p95, permission query latency <250ms p95, and 99.9% monthly availability. Implement caching, incremental hydration, and circuit breakers with graceful degradation when policy or content services are unavailable. Provide observability dashboards (traces, metrics, logs), synthetic tests for key flows, and alerting tied to SLOs. Include automated load tests to validate scale across peak class scheduling windows.
Behavior‑aware alerts that flag unusual access or activity—after‑hours exports, sudden permission escalations, or bulk roster edits. Auto‑lock risky sessions, require re‑auth, and send a digest to owners so issues are caught early without babysitting the system.
Build a real‑time engine that learns normal access and activity patterns per organization, role, and user (time-of-day, IP/geo, device fingerprint, action frequency, export volumes) and flags deviations such as after‑hours data exports, sudden permission escalations, bulk roster edits, geo‑velocity (“impossible travel”), and API burst usage. Generate a severity and confidence score per event, process streams with low latency, and avoid blocking core booking and payment flows. Respect privacy via data minimization and configurable retention. Surface anomalies to downstream modules (alerts, auto‑response, audit) via internal events.
Provide a policy editor for owners/admins to define which behaviors trigger alerts and at what thresholds (e.g., export size, edit counts, after‑hours windows, role changes), with severity levels, per‑role/space overrides, trusted device/IP allowlists, and quiet hours. Offer best‑practice templates out of the box and maintain versioned, auditable changes. Policies apply across web and mobile, and propagate instantly without downtime.
Enable configurable automatic responses for high‑severity anomalies: lock or pause the active session, require step‑up re‑authentication/MFA, temporarily revoke elevated permissions, rate‑limit or pause bulk actions, and auto‑expire API tokens. Support per‑policy playbooks with safe rollback and idempotency, ensure no data loss for in‑flight bookings, and log all actions for audit and post‑mortem analysis.
Deliver real‑time alerts via in‑app notifications, email, and optional SMS/push, with deduping and batching to prevent alert fatigue. Include key context (who, what, when, where, severity, confidence) and one‑click investigation links. Provide daily/weekly digests summarizing anomalies, trends, and recommended actions. Support per‑user notification preferences and fallback routing when primary channels fail.
Create a workspace to review, filter, and search anomalies; inspect enriched context (session details, IP/geo, change diffs, related bookings/payments); and take actions (mark resolved, confirm incident, require re‑auth, whitelist, assign to teammate). Track status lifecycle (new, investigating, resolved), add notes, and export incident reports. Provide role‑based access controls so only authorized users can view sensitive details.
Capture immutable, time‑sequenced logs for all anomalies and responses, including actor, target objects, before/after diffs for permissions and rosters, IP/device fingerprints, geo, and policy version used. Support configurable retention, CSV export, webhooks, and SIEM integrations. Expose a secure API for querying incidents. Apply data minimization and access controls to meet GDPR/CCPA requirements.
Extend detection with domain‑specific rules for ClassTap: flag mass discount creation, rapid refund attempts, unusual invoice export volumes, spikes in waitlist‑to‑payment conversions, and attempts to circumvent double‑booking protections. Tie into scheduling and billing services to pause or require re‑auth on risky transactions, with clear user messaging and safe retry paths.
Continuously refreshes each attendee’s QR code every few seconds with server‑signed, short‑lived tokens tied to their device and event. Blocks screenshots and forwards while keeping lines moving—codes update automatically in the browser or mobile wallet, no app relaunch needed.
Implements a backend service that issues short-lived, event- and device-scoped tokens embedded in QR payloads and rotated every few seconds. Tokens carry claims for attendee, booking, event, device hash, iat/exp, nonce, and permitted uses, and are signed with asymmetric keys (KMS-backed, with rotation). The service enforces replay protection, clock-skew tolerance, revocation lists, and instant invalidation on refund/cancel. This ensures screenshots and forwarded codes fail server validation while keeping issuance aligned with booking and payment status.
Delivers a web/PWA and wallet-compatible client that renders the attendee’s QR and refreshes it automatically without relaunch. Supports WebSocket/SSE push or prefetch of the next signed tokens with local timers, visual countdown indicators, and seamless background/foreground handling. Includes network resilience (prefetch buffer, exponential backoff) and mobile wallet pass updates via platform push, ensuring the on-screen code stays current in browsers and mobile wallets with minimal user action.
Binds tokens to a device fingerprint (e.g., wallet pass ID, platform, UA hints) and enforces device match at scan time. Adds mitigations including one-time-use semantics, short TTLs, attendee watermark (initials/time) to discourage sharing, and optional brightness lock/fullscreen prompts. Provides a secure rebind flow with step-up verification when users switch devices, audit logging for mismatches, and admin policies for how strictly to enforce binding by event type.
Provides a low-latency validation path for the check-in scanner that verifies signatures, claims, revocation status, and reuse within <200ms. Supports offline venue mode using public-key verification, nonce/replay tracking, and short-term allowlists with later sync. Enforces single-admit or limited-use policy, rate-limits repeated failures, and propagates instantaneous revocations on refund/cancel. Includes observability for scan outcomes and latency.
Integrates RollingQR issuance and revocation with booking lifecycle events: generate on confirmed payment, hold on pending invoices, issue on waitlist promotion, and revoke on refund, cancellation, or transfer according to policy. Automatically reissues tokens on reschedule or venue change and sends attendee notifications. Ensures the displayed QR always mirrors real-time eligibility in ClassTap’s scheduling, invoicing, and attendee records.
Adds admin settings for token TTL, rotation interval, allowed clock skew, offline validation window, and device-binding strictness. Provides real-time dashboards for check-in throughput, success/failure reasons, fraud/mismatch events, and no-show reduction, with filters by event, location, and instructor. Supports exports, role-based access control, and immutable audit logs for compliance and dispute resolution.
Delivers inclusive and resilient entry alternatives: large/high-contrast QR display, screen-reader hints, haptic countdown, a 6-digit check-in PIN tied to the booking, printable passes for attendees without smartphones, and manual lookup workflows. Handles connectivity gaps by using cached last-valid tokens with a short grace window and scanner-side offline verification with later sync, ensuring check-in continuity.
Converts magic links into device‑specific passes using secure device fingerprinting and optional hardware attestation. Links only open on the enrolled device; attempts on other devices are denied or routed to a safe reissue flow—stopping link sharing without extra steps for legit clients.
Provide a lightweight SDK for web (desktop and mobile browsers) and native mobile (iOS/Android) that computes a stable, privacy-preserving device identifier using multiple signals without collecting PII. The SDK exposes an enrollment function invoked on first magic-link open to register the device, stores a signed device key in secure storage (Keychain/Keystore/IndexedDB with fallbacks), and sends a cryptographic proof to the backend for binding. It must be resilient to app updates, browser restarts, and minor OS upgrades, while gracefully degrading in private/incognito mode. Integrates with ClassTap authentication to attach a device_id to session creation and with bookings/payments APIs to enforce device checks. Includes rate limiting, anti-replay protections, and versioned telemetry for troubleshooting.
Integrate platform attestation services to strengthen device binding where available: Apple App Attest/DeviceCheck for iOS, Google Play Integrity for Android, and WebAuthn device-bound key attestation for modern browsers. The system verifies attestation server-side and couples the attested key with the device pass, falling back to fingerprint-only when attestation is unavailable. Implement configuration flags to enable per-tenant or per-campaign enforcement levels (required, preferred, off). Cache and rotate attestation as needed and surface failures to observability dashboards. Ensure minimal user friction and low-latency verification paths using asynchronous attestation renewal.
Convert single-use magic links into device-bound access passes at first open. On initial click, exchange the link token for a signed, device-scoped pass tied to the enrolled device key; invalidate the original link token immediately. Store the pass securely, auto-refresh it via short-lived rotating tokens, and require the device proof on each privileged action such as viewing booking details, presenting check-in QR, or completing payment follow-ups. Implement idempotent enrollment to handle double-taps and network retries, along with clock-skew tolerant expirations. Provide server-side enforcement middleware for all endpoints that previously trusted magic links, returning standardized error codes for non-matching devices.
Detect and block access when a magic link or bound pass is opened on a non-enrolled device. Present a safe reissue flow that verifies identity via primary channel (email/SMS OTP) and obtains explicit confirmation to transfer or add a device according to policy. Log the event, notify the original device, and throttle reissue attempts to mitigate abuse. Provide a human-friendly path for staff to assist clients with identity verification and reissue codes. Ensure all denial and reissue responses are localized, accessible, and consistent across web and mobile.
Offer a guided flow for legitimate device changes, lost device scenarios, and browser resets that minimizes friction while maintaining security. Support temporary grace windows after successful identity verification, single-use recovery codes, and studio-configurable limits on the number of transfers per booking or per month. Provide clear messaging in emails/SMS and in-app screens, with progress indicators and expected timelines. Include fallback for clients in regions with unreliable SMS by prioritizing email or authenticator-based verification where available.
Add tenant-level controls in the ClassTap dashboard to configure DeviceBind behavior: enforcement level, maximum devices per client, reissue rules, attestation preference, and exception lists such as staff devices or kiosks. Provide real-time analytics and exportable audit logs showing enrollments, denials, reissues, suspected sharing prevented, and impact on no-shows and revenue. Integrate with existing reporting and webhooks to notify studios of suspicious patterns. Ensure logs are tamper-evident and retention complies with data policies.
Enforce PII-minimizing data practices by avoiding collection of raw identifiers and hashing/salting any device signals. Document data flows and retention periods, and provide DSAR/erase hooks to purge device identifiers per user request. Conduct threat modeling for token theft, replay, and downgrade attacks; implement HSTS, TLS pinning on mobile, nonce-based proofs, and signed JWT passes with audience and expiration claims. Ensure regional compliance such as GDPR/CCPA, accessibility compliance for user-facing flows, and provide a configurable data residency option for EU tenants.
Accepts scans only within a configurable radius and time window around the venue. Prevents remote buddy check‑ins and ensures attendance reflects who actually arrived—improving payroll accuracy, capacity control, and compliance for pop‑ups and multi‑room studios.
Provide an organization- and venue-level policy engine to define check-in geofence rules, including default radius (in meters), class-level overrides, and policy templates by class type. The engine evaluates a user’s location at scan time and permits check-in only when the device is within the configured boundary for the scheduled class. It integrates with ClassTap’s scheduling, QR/scan check-in, and capacity tracking to ensure attendance reflects on-site presence, reduce double-bookings, and improve payroll accuracy. Admins can enable hard-block or warn-only behavior, configure error tolerance based on GPS accuracy, and localize messages to attendees and staff.
Implement multi-signal location verification that combines GPS, network-based location, and optional Bluetooth beacons to validate presence with accuracy thresholds. Detect and block mock-location providers, emulator usage, jailbreak/rooted devices, and time or token replay attempts. Use short-lived, signed scan tokens and server-side verification to ensure the scanning device and attendee account match the reservation. Record OS-reported accuracy and confidence to support risk scoring and enforcement decisions, minimizing remote buddy check-ins and fraud.
Allow admins to configure an open/close time window relative to each class start/end (e.g., open 15 minutes before, close 10 minutes after) with late/early arrival policies and grace periods. The window is enforced alongside the geofence at scan time and is synchronized with ClassTap’s schedule (including time zones and daylight savings adjustments). Provide attendee-facing countdown and reasoned error messages, and allow staff overrides with role-based permissions and reason codes for audit. Ensure waitlist-to-payment flows respect the window to prevent last-minute remote conversions without presence.
Support multiple geofenced zones per venue to model separate entrances, rooms, or studios, including nested or adjacent areas. Classes can be assigned to a specific zone to prevent cross-room check-ins. Pop-up events can define temporary zones with start/end validity and per-event coordinates. The system validates scans against the assigned zone while rolling up attendance to the parent venue for reporting, enabling granular capacity control and compliance in multi-room or multi-entrance environments.
Enable provisional offline check-ins when connectivity is poor by capturing the scan, local timestamp, last known location and accuracy, and policy version. Store the event securely on-device and sync when online for server-side validation against geofence and time-window rules. Apply a configurable grace period and flag exceptions that fail validation for admin review. Limit offline usage by time since last accurate fix and by number of provisional check-ins to mitigate abuse while preserving check-in continuity in low-connectivity venues.
Capture a tamper-evident audit record for each check-in including coordinates, accuracy, timestamp, device fingerprint hash, user ID, class ID, zone ID, and evaluated policy outcome. Provide an admin console to review events on a map, compare against policy, and resolve disputes with approve/deny actions and mandatory reason codes. Generate exports and reports for payroll, compliance, and insurer audits, and trigger alerts for anomalous patterns (e.g., repeated near-threshold check-ins or suspected spoofing) to help reduce abuse and support fair compensation.
Display clear just-in-time notices explaining location use at check-in and obtain consent where required. Collect only point-in-time location needed for validation, with configurable precision and retention windows (e.g., 30–90 days) and optional coordinate rounding for stored records. Encrypt data in transit and at rest, segregate by region, and support subject access/deletion requests to meet GDPR/CCPA obligations. Provide org-level settings to balance enforcement strength with privacy, ensuring GeoFence Gate enhances trust while meeting legal and brand standards.
Enables reliable check‑in when Wi‑Fi or cellular is spotty. Attendee passes carry short‑lived, cryptographically signed tokens that the scanner can verify offline; results queue and auto‑sync with exact timestamps once back online. Keeps doors flowing at parks, basements, and busy lobbies.
Provision cryptographically signed, short‑lived tokens embedded in attendee passes (QR/NFC/wallet) containing minimal identifiers (event_id, pass_id), a validity window, a nonce/token_id, and a signature. Tokens are generated server-side using rotating signing keys and configurable TTL per event, designed to be verifiable entirely offline by scanners while minimizing exposure of PII. Support multiple encodings (static offline fallback token and rotating dynamic token when the attendee device is online), backward compatibility with existing pass formats, and safeguards for clock skew. Emit tokens at purchase and refresh at configurable intervals prior to doors; ensure one-time-use semantics are enforceable via token IDs upon scan and reconciliation.
On-device verification that parses tokens, validates digital signatures using cached public keys, enforces validity windows with tolerance for local clock drift, and returns definitive pass/fail results without network calls. The engine must handle high-throughput scanning with low latency, degrade gracefully if keys are stale, and surface actionable error codes. Results are written atomically to a local, durable store for subsequent sync. Implementation should be cross-platform for iOS/Android and packaged for reuse across branded apps.
Durable local queue that records each scan outcome (accepted, rejected, override) with precise device timestamps, token_id, pass_id, operator_id, and device_id. When connectivity resumes, the client batches and transmits records in order with idempotency keys, receives server acknowledgements, and reconciles conflicts (e.g., duplicate scans across devices) to a single canonical attendance record. Includes retry with exponential backoff, back-pressure limits to protect device storage, and visibility into queue length and sync status. Server APIs must be idempotent and return authoritative check-in state per pass.
Mechanisms to prevent token replay and duplicate admissions while offline. The scanner maintains a local ledger of seen token_ids and pass_ids with bounded retention, rejects re-scans according to pass rules (single-entry vs multi-entry), and captures suspicious attempts for audit. Upon sync, the server consolidates multi-device duplicates using first-seen timestamp policy and updates pass state; the client receives resolution outcomes for transparency. Configurable policies define whether overrides are allowed and how many re-entries are permitted.
Secure distribution and caching of verification key material to scanning devices. The app periodically fetches signed key bundles, supports overlapping key rotation windows, honors key expiry, and can revoke compromised keys immediately upon reconnect. Key bundles are stored encrypted at rest, tied to organization/event scope, and exposed via a versioned interface to the verification engine. The system surfaces last-updated times, warns when keys are nearing expiry, and blocks scans if key trust cannot be established according to policy.
Operator-facing offline mode with clear status indicators, large visual affordances for pass/fail, audible/haptic feedback, and real-time counters for queued check-ins. Includes manual override with staff PIN and required reason codes, fallback manual lookup by attendee name when tokens cannot be read, and controls to enable/disable offline acceptance by event. UI must remain performant in low light and crowded conditions, support accessibility standards, and guide staff during conflict resolution after sync.
Self‑service device change with guardrails. Clients verify via email/SMS and recent‑activity checks; old passes are revoked instantly and fully audited. Optional staff approval for high‑value events. Minimizes support while preserving strong protection against pass sharing.
Provide a guided, mobile-first flow within My Passes that lets clients initiate a device change, understand the steps (verification, possible review, confirmation), and complete the process without staff intervention. The flow includes entry points from pass details, booking checkout, and help links; clear state messaging (pending verification, under review, completed); real-time validation; and immediate display of the reissued pass/QR upon success. It supports localization, accessibility (WCAG AA), and brand theming. It integrates with existing booking and attendance modules so the new device can check in and book immediately while preventing concurrent use from the old device. It exposes error handling for edge cases (expired codes, network timeouts) and offers safe retry without duplicating requests.
Implement OTP verification using both email and SMS against the account’s verified contacts, with configurable code length, expiry, resend throttling, and maximum attempts. The user must pass at least one channel, with optional policy to require both for higher-risk cases. Messages use brandable templates and regional sender settings. The service records verification events, binds them to the SafeSwap session, and gates progression to reissue. Integrates with existing comms providers (e.g., Twilio/SendGrid) via abstraction to allow provider failover and includes detailed delivery/receipt telemetry for support diagnostics.
Calculate a risk score for each SafeSwap request using recent signals: last successful login, last check-in location and time, device fingerprint change, IP reputation and geodistance, payment method changes, account age, and number of recent swaps. Based on configurable thresholds, auto-approve low-risk requests, challenge with dual verification for medium risk, or route to staff approval for high-risk/high-value passes or events. Provide an admin settings page for signal weights and thresholds, with defaults aligned to platform policy. Emit structured risk decisions for analytics and auditing.
Upon successful verification/approval, immediately revoke the old device’s access by invalidating sessions, cached QR/barcodes, API tokens, and webhooks tied to the pass. Rebind the pass to the new device with fresh credentials and rotate identifiers to prevent replay. Ensure check-in scanners perform server-side validation to reject revoked codes, including offline grace policies that minimize fraud windows. Provide idempotent operations, transactional integrity across subsystems (booking, attendance, invoicing), and user feedback confirming the old device is deactivated. Propagate revocation events to integrations and logs.
Create an approval queue for SafeSwap requests that exceed risk or value thresholds. Staff can view request context (risk signals, recent activity, upcoming high-value bookings), approve/deny with required reason codes, and set temporary holds. Include SLA timers, notifications to staff channels, and escalation rules. Provide role-based access controls, an audit sidebar, and bulk actions for event surges. On decision, notify the client and continue or halt the SafeSwap flow accordingly, preserving a seamless experience. Admins can configure which products/events require approval.
Record an immutable audit log for all SafeSwap lifecycle events: initiation, verification attempts, risk decisions, approvals/denials, revocations, token rotations, and completion. Each entry includes timestamp, actor (user/staff/system), IP/device metadata, and correlated pass/booking IDs. Provide search, filters, and export in CSV/JSON with signed hash chains to detect tampering. Respect data retention policies and PII masking rules, and integrate with existing reporting so studios can resolve disputes and demonstrate compliance.
Apply per-user, per-IP, and per-pass rate limits for SafeSwap requests and OTP attempts with cooldowns, exponential backoff, and optional CAPTCHA after repeated failures. Detect patterns such as credential stuffing or scripted swaps, auto-block abusers, and alert admins. Include configuration for limits by plan/tier, observability metrics, and safe fallbacks (support contact path) when limits are hit. Ensure concurrency controls to prevent race conditions when multiple swap attempts are made in quick succession.
If a scan detects unpaid or failed charges, present a one‑tap checkout that supports cards, wallets, and stored methods. On success, the pass activates immediately and the attendee clears the gate—converting would‑be turnaways into revenue without holding up the line.
Processes a QR or NFC scan at the gate to instantly determine entry eligibility by validating booking status, pass state, outstanding balances or failed charges, membership entitlements, and class capacity. Integrates with booking, payments, and membership services to return one of four outcomes: clear entry, present PayGate checkout, deny entry, or require staff override. Enforces idempotency and concurrency safety to prevent duplicate charges on rapid rescans. Targets sub-300 ms P95 decision latency to keep lines moving, with graceful degradation and minimal offline caching for short connectivity drops. Emits structured audit logs and analytics events for traceability and optimization.
Presents a minimal-friction payment sheet when an unpaid or failed charge is detected, prefilled with the attendee’s stored methods and supporting cards, Apple Pay, and Google Pay. Optimizes for a single confirmation tap while still handling tax, discounts, and dynamic pricing. Supports SCA/3DS where required without blocking the line by using in-sheet challenges and fast fallbacks. Provides a keypad fallback for manual card entry if wallets are unavailable. Ensures localized currency, language, and receipt preferences based on the attendee profile and venue settings.
Enables secure storage of customer payment methods using PSP tokenization and network tokens to achieve SAQ A scope, with opt-in consent and clear controls to remove or set defaults. Supports automatic card updates via account updater services, mandate capture for regions requiring SCA, and wallet passes for Apple Pay and Google Pay. Ensures per-tenant configuration for allowed methods, retry rules, and surcharge compliance. Provides device- and platform-agnostic presentation, preserving a consistent checkout regardless of who scans or which device initiates payment.
Immediately activates the attendee’s pass and booking upon successful charge capture and dispatches a gate-open signal to the scanner or turnstile. Implements idempotent success handling across client callbacks and payment webhooks to avoid race conditions. Targets sub-200 ms P95 from payment success to gate signal, with queued retries if hardware acknowledgements fail. Ensures transactional consistency between booking, attendance, and payment records, and reconciles state on late-arriving webhooks or partial failures. Surfaces clear on-screen confirmation and audible feedback for both attendee and staff.
Provides clear, actionable messaging for declines with a one-tap retry path using an alternate stored method or wallet. Applies smart throttling and timeouts to avoid blocking the line, with configurable policies for staff override and time-limited grace entry that triggers an automatic post-visit collection link. Captures decline reasons for analytics, enforces velocity and attempt limits to prevent abuse, and sets account flags for repeated delinquency. Sends optional SMS/email pay-now links and updates the booking hold or waitlist status based on outcome.
Generates itemized receipts immediately after payment and attaches them to the booking and attendee profile. Issues or updates invoices as required, applies correct tax treatment, and records entries in the studio’s ledger. Syncs transactions and refunds to connected accounting systems and supports end-of-day reconciliation reports that tie gate entries to payments and attendance. Emits analytics for conversion rate, time-to-clear, declines, and recovered revenue to inform optimization and forecasting.
Risk‑based step‑up verification at the door. Mismatched devices, unusual locations, or repeated failures trigger a quick second factor (OTP, push, or biometric on device). Adds security only when needed, preserving a fast experience for trusted attendees.
Build a real-time risk engine that evaluates authentication, booking, payment, and door check-in events to decide whether to require step-up 2FA. Inputs include device fingerprint, IP reputation, geo and studio geofence proximity, time-of-day and velocity checks, account tenure and role, historical failures, and payment-related risk signals. Provide configurable thresholds, allow/block lists, and explainable reason codes for each decision. The engine must respond in under 150 ms to preserve a fast UX, expose a policy API for other ClassTap services, and emit standardized events for analytics and auditing.
Implement an orchestrator that selects and triggers the optimal second factor per context and device, prioritizing push to the ClassTap app and WebAuthn/passkeys (biometrics) when available, then TOTP, then SMS/email OTP as fallbacks. Respect user preferences, device capabilities, and network conditions. Include deterministic fallback sequencing, challenge expiration, rate limiting, replay protection, and anti-abuse controls (e.g., SIM-swap heuristics, number recycling checks). Provide reusable UI components/SDKs for web, mobile, and kiosk, with localized copy and accessibility support.
Offer guided flows to enroll and manage second factors during onboarding and from Account Security: register passkeys/WebAuthn, link phone/email for OTP, set a default factor, and generate single-use backup codes. Enforce minimum enrollment (e.g., at least two factors) based on studio policy. Provide secure recovery options for lost devices, including backup code use, recovery contacts, and support-assisted recovery with identity proofing and full audit trail. Sensitive changes (phone/email) require re-authentication and step-up verification.
Allow users to mark a device as trusted after successful step-up, issuing signed, expiring trust tokens bound to a privacy-preserving device identifier. Honor studio-configured trust durations and revoke trust automatically on password change, risk score spikes, or admin action. Sync trust across web and mobile where appropriate, while preventing abuse via attestation signals, IP/network heuristics, and server-side checks that can override trust when risk is elevated.
Integrate Smart 2FA with the in-studio check-in experience (QR scan, kiosk, roster tap). When risk is elevated (unknown device, location mismatch, repeated failures), trigger an immediate step-up on the attendee’s device (push/passkey) or present a kiosk prompt. Provide a staff override path that captures reason and evidence, and a fallback one-time code entry if the phone is unavailable. Optimize end-to-end verification to average under 3 seconds to avoid front-desk bottlenecks and update attendee status in real time to prevent double-bookings and ghost check-ins.
Deliver a policy console for studio admins to configure risk thresholds, required/allowed factors, remember-device duration, challenge frequency, and bypass rules by role (attendee, instructor, admin). Enable geofenced studio locations and trusted networks to reduce unnecessary prompts on-site while escalating off-site anomalies. Provide policy templates (Strict, Balanced, Fast), versioning with change logs, instant propagation, and a test mode to observe impact before enforcement.
Capture structured, immutable logs for auth and check-in events, risk scores, challenges issued, outcomes, overrides, and recovery actions. Provide dashboards for challenge rate, success latency, abandonment, false-positive rate, and correlation with no-shows and chargebacks. Support CSV export, API/webhook streaming to SIEM, configurable retention windows, and user data access/deletion workflows for compliance. Add anomaly alerts for spikes in failures, geo-velocity violations, and method deliverability issues.
Innovative concepts that could enhance this product's value proposition.
Guided import from Calendly/Mindbody, auto-builds classes, prices, and branded pages in 30 minutes. Previews live booking flow before publish to cut onboarding friction.
Parents create dependent profiles, sign once, and pay from a shared wallet. Sibling discounts auto-apply and attendance syncs to each child’s roster.
Visual equipment map assigns seats, prevents conflicts, and recommends optimal fills to maximize capacity. Auto-moves waitlisted clients into exact spots.
Show every class in the viewer’s local time with automatic conversion and SMS reminders. Host sees dual-time headers to avoid embarrassing misses.
Offer deposits and pay‑in‑X plans with automatic retries, smart dunning emails, and card updater. Failed payments trigger seat holds and easy one-tap recovery.
Preset and granular permissions for owners, staff, and substitutes with expiring access. Every change logs to an audit trail for accountability.
Magic-link login and QR check‑in bind to a device, blocking link sharing. Optional 2FA at door reduces fraud and ensures only paid attendees enter.
Imagined press coverage for this groundbreaking product concept.
Imagined Press Article
San Francisco, CA — September 7, 2025 — ClassTap, the brandable online booking and payments platform built for independent instructors and small studios, today announced a comprehensive onboarding suite designed to take businesses live in hours instead of weeks. The new lineup harmonizes schedules, pricing, branding, and policies with minimal manual effort, empowering time‑strapped teams to switch tools without risking revenue or client trust. The onboarding suite is centered on a pragmatic promise: make ClassTap your single source of truth without double‑entry or post‑launch surprises. By pairing automated data import with live, risk‑free testing, ClassTap accelerates setup while reducing costly mistakes that can lead to no‑shows, billing issues, and client churn. Key capabilities launching today include: - SourceSync Merge: Connect Calendly, Mindbody, and calendar sources in minutes, then automatically deduplicate events and unify overlapping classes into a single master schedule. Choose a one‑time import to jump‑start setup or an ongoing sync to keep legacy tools in step while you transition. - AutoMap Fields: An AI‑assisted mapper reads existing class types, instructors, locations, capacities, and time zones, then proposes precise field matches for quick review‑and‑approve. This eliminates tedious manual mapping and prevents setup errors that create client confusion. - BrandSnap Palette: Drop in a website or logo to instantly generate an accessible, on‑brand booking theme—colors, fonts, buttons, and image treatments—with live previews as you tweak. - Pricing Translator: Automatically converts passes, packs, memberships, taxes, and discounts from your old system into ClassTap equivalents, with side‑by‑side comparisons and guidance to maintain revenue rules. - Policy Port: Import and standardize cancellation windows, no‑show rules, waivers, and terms into reusable templates that auto‑attach to classes and programs. - Test‑Drive Checkout: Run the full booking flow—reservation, waitlist auto‑fill, and payment with test cards—before you publish. Share a preview link with teammates to spot friction and fix it fast. - Launch Guard: A preflight checklist that flags time‑zone mismatches, capacity conflicts, missing prices, and broken links. Choose a soft launch to a pilot group, then go live with one click and built‑in rollback for safe, confident publishing. “Independent instructors and boutique studios are builders by nature—but switching systems can feel like rebuilding the plane in flight,” said Ava Lin, CEO and co‑founder of ClassTap. “This suite clears the runway. You bring your classes and brand, we bring automation and guardrails. Our goal is to let owners move in hours, not weeks, and make day one on ClassTap feel like day 101.” The suite is tailored for ClassTap’s core user types: - Solo Brand‑Builders who run everything themselves can stand up a polished, on‑brand booking page without hiring a designer—and avoid double‑bookings from day one. - Boutique Multi‑Instructor Studios gain centralized scheduling, consistent policies, and clean instructor/room assignments across locations. - Hybrid Streamers keep in‑person and virtual classes in sync, attach streaming links reliably, and reduce no‑shows with clear confirmations and reminders. - Pop‑Up Venue Coaches can import rotating events, manage capacity by location, and invoice on the go. - Corporate Wellness Coordinators standardize programs across client sites with dependable capacity controls and consolidated billing. - Admin‑First Studio Managers save time with bulk mapping, fast roster previews, and a preflight that catches what humans miss. For migration‑averse teams, ClassTap emphasizes transparency and control at every step. AutoMap Fields surfaces suggested mappings for approval, Pricing Translator shows changes before they go live, and Launch Guard provides a human‑readable checklist so owners understand the impact of each decision. Teams can soft‑launch to a pilot audience, collect feedback, and roll back with a click if needed. “In under a day we had three locations and six schedules unified—and our clients never saw the messy middle,” said Multi‑Location Maven Mia, owner of FlowHaus Studios. “SourceSync Merge pulled classes from two tools, AutoMap did 90% of the tedious work, and Test‑Drive let us check the experience on phone and desktop before we told anyone. We launched over a weekend without losing a single booked client.” During internal testing and early customer pilots, ClassTap saw setup time drop by more than half for typical studios and administrative time fall by up to 60% in the first month as teams eliminated double‑entry and manual cleanup. Studios also reported fewer no‑shows thanks to clearer confirmations and policy alignment, with some seeing a 30% reduction as automations kicked in. Availability and pricing - The onboarding suite is available today to all ClassTap plans at no additional charge. - Ongoing sync for SourceSync Merge supports popular calendar and scheduling platforms; additional connectors roll out on a published roadmap. - New migration guides and checklists, including a Best Practices Library for owners and front‑desk leads, are available in the ClassTap Help Center. “Switching platforms shouldn’t mean switching off your business,” added Lin. “With ClassTap, you can import what works, test what matters, and launch with confidence—and you don’t need a consultant to do it.” About ClassTap ClassTap is the brandable booking and payment platform built for independent instructors and small studios. ClassTap streamlines scheduling, invoices, and attendee management, automates waitlist‑to‑payment flows, prevents double‑bookings, and helps reduce no‑shows. Instructors report cutting administrative time by up to 60%, reducing no‑shows by around 30%, and boosting monthly revenue by approximately 15% after adopting ClassTap’s automations and best‑practice workflows. Media contact - Press: press@classtap.com - Phone: +1 415‑555‑0134 - Website: www.classtap.com/press
Imagined Press Article
San Francisco, CA — September 7, 2025 — ClassTap today introduced the Family Programs Toolkit, a purpose‑built set of features that makes it easy for studios to enroll children, manage guardianship, and keep safety and compliance airtight—without front‑desk chaos. The toolkit brings together guardian roles, age‑based eligibility, health profiles, family wallets, sibling discounts, and a single scan for fast multi‑child check‑in. Children’s programs operate under tougher constraints than adult classes—multiple guardians, safety notes, age limits, and school calendars. ClassTap’s Family Programs Toolkit addresses these realities so owners can welcome more families with less manual work and greater peace of mind. Core components available today include: - Guardian Roles: Define primary and secondary guardians, pickup‑only contacts, and emergency backups per child. Fine‑grained permissions govern who can book, pay, sign waivers, and receive communications. Every authorization is auditable to cut confusion and risk. - AgeSmart Eligibility: Automatically match children to age‑appropriate classes using date of birth, school grade, and prerequisites. Ineligible sessions are hidden or clearly labeled with reasons; upcoming birthdays trigger move‑up suggestions to boost retention. - HealthPass Profiles: Store allergies, medications, and emergency details in a secure profile that surfaces to instructors on rosters and at check‑in. Time‑bound documents—doctor notes, immunizations, waivers—carry expiry reminders and one‑tap update requests. - SpendGuard Wallet: A shared family wallet with per‑child spending limits, class‑type restrictions, and optional auto‑reload. Refunds and credits route back correctly and can be earmarked for a specific child. - Sibling Saver: Flexible sibling discounts that auto‑apply across drop‑ins, packs, and memberships with caps and stacking rules. Savings display transparently during checkout and on invoices. - Consent Cascade: When policies change, new waiver versions roll out to all linked guardians and dependents with a single e‑sign flow. Smart reminders and class gatekeeping ensure only compliant families can book or check in. - Family QR Check‑In: One QR for the whole family. Scan once to mark the right kids present for the right classes, even across rooms. Late/absence notes and pickup codes capture in seconds and sync to each child’s roster. “Family programming has been underserved by generic booking tools,” said Priya Nandakumar, VP of Product at ClassTap. “Parents need clarity, studios need control, and kids need safety. The Family Programs Toolkit gives each stakeholder what they need—without turning the front desk into a paper chase.” The toolkit is tailored to the workflows of Family‑Programs Frankie and cohort‑based organizers like Cohort‑Builder Casey: - Frankie can admit only age‑appropriate students, capture guardian authorizations once, and see health info at a glance—no more asking the same questions every week. - Casey can bundle 4–8 week programs, enforce prerequisites, and offer installment plans while the system handles waivers and class moves as kids age up. Early adopters report a measurable lift in operations and satisfaction: - Reduced check‑in lines as families move through with a single scan—even on busy Saturdays with mixed‑age classes. - Fewer billing disputes thanks to transparent wallet controls and itemized discounts that match what parents see at checkout. - Higher retention when AgeSmart Eligibility prompts timely move‑ups, making progress tangible and keeping kids in the right level. “Before ClassTap, we were juggling handwritten rosters and parent texts,” said Frankie Lopez, owner of Sprout Movement, a youth fitness studio in Austin. “Now, parents book for both kids in one flow, waivers live on file, and our instructors see allergies and pickup notes right on the roster. Saturday check‑in dropped from ten minutes per family to less than two.” Security and compliance are integral. Consent Cascade centralizes policy updates and tracks acknowledgment history, while HealthPass Profiles surface need‑to‑know information to the right people at the right time. Each action is logged for accountability, and permissioned roles ensure only authorized guardians can sign or pay. ClassTap’s privacy practices emphasize minimal necessary access and clear audit trails. For studios that run pop‑ups or offsite programs, Family QR Check‑In works even when connectivity is spotty, thanks to Offline Seal—short‑lived, cryptographically signed tokens that verify scans without Wi‑Fi and sync automatically when back online. Parents receive confirmations with the exact local start time, avoiding time‑zone confusion for traveling families. Availability and getting started - The Family Programs Toolkit is available today to all ClassTap customers at no additional cost. - Studios can import existing family and dependent data, waivers, and credits using Policy Port and SpendGuard Wallet migration helpers. - New templates include a Kid‑Friendly Cancellation Policy, Medication Note, and Guardian Authorization language reviewed by industry advisors. “Studios shouldn’t have to choose between a great family experience and reliable operations,” added Nandakumar. “With ClassTap, you can have both. Families feel seen, instructors feel prepared, and owners feel in control.” About ClassTap ClassTap is a brandable booking and payments platform for independent instructors and small studios. It streamlines scheduling, invoices, and attendee management; automates waitlist‑to‑payment flows; prevents double‑bookings; and helps reduce no‑shows. On average, customers report cutting administrative time by up to 60%, reducing no‑shows by around 30%, and boosting monthly revenue by approximately 15% after adopting ClassTap’s automations. Media contact - Press: press@classtap.com - Phone: +1 415‑555‑0134 - Website: www.classtap.com/press
Imagined Press Article
San Francisco, CA — September 7, 2025 — ClassTap today announced the Seat Intelligence Suite, a set of seat‑level planning, optimization, and analytics tools designed for equipment‑based studios where every reformer, bike, or rower counts. The suite helps owners fill premium spots first, keep friends together, and protect safety—while reducing manual reshuffles that drain staff time and frustrate clients. At studios where equipment is inventory, a half‑empty front row or a broken reformer can derail the vibe and the bottom line. ClassTap addresses these realities with visual room builders, policy‑aware optimizers, and data‑backed pricing recommendations that keep layouts accurate, rosters balanced, and members delighted. The Seat Intelligence Suite includes: - Smart Grid Builder: Generate accurate seat maps in minutes using templates for reformer, cycling, mat, and row layouts. Drag‑and‑drop equipment, set aisles and mirrors, and auto‑number rows so every room matches reality. - PerfectFill: A policy‑aware auto‑fill engine that places clients for optimal vibe and capacity—front‑to‑back, checkerboard, or spread‑out—based on your rules. It respects blocked seats, member priority, ADA holds, and buddy reservations. - HealthLock: Seat‑level maintenance flags mark equipment Out of Service or Needs Attention. The optimizer excludes those spots and logs follow‑up tasks so no one gets assigned to a risky station. - BuddyLink: Let clients reserve adjacent seats for a friend with a temporary hold link that auto‑expires. Groups stay together, conversions go up, and staff avoids last‑minute swaps. - SwapCascade: When a premium seat opens, eligible clients receive one‑tap upgrade offers in priority order; the system then backfills vacated spots automatically to keep front rows full. - Seat Heatmap: Visual analytics reveal which seats and rows fill fastest, churn most, or carry higher no‑show risk by time and class type—informing layout tweaks and premium pricing. - AccessAssist: Designate accessible paths and priority seats; capture mobility needs at booking; and auto‑assign suitable spots first for inclusive, compliant seating. “Equipment is the heartbeat of these studios, and it deserves the same intelligence as any e‑commerce inventory,” said Marco Silva, Head of Product Design at ClassTap. “With ClassTap, owners can tune layout strategy like a control panel—fill patterns, upgrade rules, maintenance holds—so rosters optimize themselves while instructors focus on coaching.” The suite is built for studios like Resource‑Savvy Scheduler Sam’s, where utilization drives profitability, and Boutique Multi‑Instructor Studios balancing multiple rooms and teachers. Benefits reported by pilot customers include: - Higher premium‑seat capture: Front‑row occupancy improved as PerfectFill and SwapCascade prioritized demand. - Fewer pre‑class seat swaps: BuddyLink kept friends together and reduced front‑desk intervention. - Better safety and trust: HealthLock removed faulty stations from circulation and documented equipment status. - Insight‑driven pricing: Seat Heatmap highlighted hot and cold zones, informing premium add‑ons and targeted incentives. “SwapCascade is a game‑changer—our most loyal members get surprise upgrades, and the system backfills automatically,” said Sam Bennett, owner of Kinetic Cycle in Seattle. “We stopped playing musical chairs at the desk. No more awkward ‘can we move you?’ moments.” Operationally, the Seat Intelligence Suite pairs tightly with ClassTap’s core scheduling and waitlist‑to‑payment automations. When a seat opens, the platform can move a waitlisted client into the exact spot, charge automatically, and send confirmations that include location, seat number, and any special notes. On arrival, RollingQR passes verify attendance quickly, while GeoFence Gate ensures check‑ins occur at the venue, not remotely. Accessibility and inclusion are first‑class concerns. With AccessAssist, studios can define paths, set priority seats, and mark ADA holds. Clients can note mobility needs at booking; the system auto‑assigns suitable spots and displays clear roster badges for instructors—reducing last‑minute reshuffles and ensuring a welcoming experience for everyone. Availability and how to start - The Seat Intelligence Suite is available today across ClassTap plans. - New customers can import or build seat maps during onboarding, verify with Test‑Drive Checkout, and publish with Launch Guard to catch time‑zone or capacity conflicts. - Seat Heatmap analytics are included out of the box; studios can export insights to their BI stack or use built‑in recommendations for premium pricing. “Studios invest heavily in equipment and atmosphere,” added Silva. “This suite pays that investment back by keeping premium seats full, maintaining safety, and giving members little moments of delight—like a one‑tap upgrade that makes their day.” About ClassTap ClassTap is a brandable booking and payments platform for independent instructors and small studios. It streamlines scheduling, invoices, and attendee management; automates waitlist‑to‑payment flows; prevents double‑bookings; and helps reduce no‑shows. Many instructors report cutting administrative time by up to 60%, reducing no‑shows by around 30%, and boosting monthly revenue by approximately 15% after adopting ClassTap’s automations and best‑practice workflows. Media contact - Press: press@classtap.com - Phone: +1 415‑555‑0134 - Website: www.classtap.com/press
Imagined Press Article
San Francisco, CA — September 7, 2025 — ClassTap today rolled out the Time‑Zone Trust Suite, a coordinated set of time‑intelligence features that eliminates the mental math and calendar drift that plague hybrid and global classes. With automatic local‑time rendering, daylight‑saving protections, travel‑friendly toggles, and calendar invites that actually match reality, ClassTap helps instructors grow across regions without growing support tickets. For Hybrid Streamers and global instructors like Global‑Gig Gabby, time is the invisible friction that hurts conversions and show‑up rates. Misaligned calendars, off‑hour reminders, and DST surprises can turn excited attendees into no‑shows. ClassTap’s Time‑Zone Trust Suite solves these pain points end‑to‑end. The suite includes: - Auto‑Localize: Detects each viewer’s time zone and renders class times in their precise local time with a clear “Your time” label. Honors manual overrides for traveling users and stays consistent across web, email, and embeds. - DST Shield: Prevents one‑hour surprises by detecting sessions that cross daylight‑saving changes in any region. Pins reminders to the absolute start time, adjusts recurring series correctly, and sends pre‑change nudges so nobody shows up early or late. - Quick Flip: One‑tap toggle between Local, Host, and Original time zones on schedules, rosters, and invoices—plus a handy “in X hours” relative view. - Global Time Finder: Suggests high‑performing class windows across selected regions based on attendee distribution, past attendance, and quiet‑hour rules. Visual heat bands highlight “best” times for maximum conversion. - Timeproof Invites: Sends .ics calendar invites and updates with full VTIMEZONE/UTC data so Google, Apple, and Outlook render the same local start time. Auto‑updates on reschedules and includes join links. - QuietHour Reminders: Schedules SMS/email reminders to land within each attendee’s preferred local hours and honors do‑not‑disturb windows. Messages show the user’s local start time and auto‑adjust for DST shifts. “Time shouldn’t be a guessing game,” said Elena Park, Head of Growth at ClassTap. “We built Time‑Zone Trust so a client in London, a traveler in Bali, and a host in New York all see the same reality—and get reminders that feel considerate, not intrusive. It removes the single biggest source of accidental no‑shows for hybrid programs.” The impact shows up in the metrics that matter: clearer booking decisions, lower no‑show rates, and a better first experience for new clients. Early users report fewer “what time is that in my city?” support messages, stronger attendance at cohorts that span regions, and more confident scheduling for traveling instructors. “Once we turned on Auto‑Localize and Timeproof Invites, the ‘wrong time on my calendar’ tickets basically disappeared,” said Gabby Chen, a traveling yoga instructor who teaches across time zones. “QuietHour Reminders mean I’m not waking clients at 3 a.m., and Quick Flip is my favorite host view—I can sanity‑check times in one tap.” Time‑Zone Trust also supports business growth with planning intelligence. Global Time Finder analyzes historical attendance and client locations to recommend windows that balance reach and rest. Hybrid studios can plan sessions that catch both coasts without landing in anyone’s quiet hours, and corporate wellness programs can align with employee schedules across offices. The suite is tightly integrated with ClassTap’s booking and payment flows. When a waitlist spot opens, notifications use the recipient’s local time; when a client pays, their confirmation, receipt, and .ics reflect the same time zone rules. Instructors see dual‑time headers on rosters and can message cohorts with confidence that delivery respects each attendee’s quiet hours. Availability and setup - The Time‑Zone Trust Suite is available today for all ClassTap plans. - Existing customers can enable Auto‑Localize and QuietHour Reminders from Settings and add region preferences for Global Time Finder. - Admin guides include best practices for hybrid programs, including DST‑aware recurring schedules and quiet‑hour templates. “Great classes travel further when time becomes trustworthy,” added Park. “Whether you’re streaming from your living room or staging a global cohort, ClassTap helps you show up together, on time, every time.” About ClassTap ClassTap is a brandable booking and payments platform for independent instructors and small studios. It streamlines scheduling, invoices, and attendee management; automates waitlist‑to‑payment flows; prevents double‑bookings; and helps reduce no‑shows. Customers report cutting administrative time by up to 60%, reducing no‑shows by around 30%, and boosting monthly revenue by approximately 15% after adopting ClassTap’s automations and best‑practice workflows. Media contact - Press: press@classtap.com - Phone: +1 415‑555‑0134 - Website: www.classtap.com/press
Subscribe to receive a fresh, AI-generated product idea in your inbox every day. It's completely free, and you might just discover your next big thing!
Full.CX effortlessly brings product visions to life.
This product was entirely generated using our AI and advanced algorithms. When you upgrade, you'll gain access to detailed product requirements, user personas, and feature specifications just like what you see below.