Highline Adventures — Unified Guest-Centric Platform

Comprehensive Application Overview, Strategy, and Development Blueprint

Document Version: 2.0 Date: February 11, 2026 Prepared for: Lead Developer & Stakeholders Classification: Internal — Strategic Development Document

Executive Summary
Platform Vision and Philosophy
System Architecture Overview
The Guest-Centric Core — The Unified Guest Profile
The CMS and Visual Site Builder
The Guest Portal
Category Modules — Guest-Facing
Operations and HR Modules — Business-Facing
The Category-of-One Marketing Engine
Multi-Tenant SaaS Architecture — White-Label Packaging
Tiered Subscription Model
User Journeys and Use Case Scenarios
Technology Stack Recommendations
Security, Compliance, and Data Standards
Integration Ecosystem
Development Roadmap and Phasing
Critical Questions for the Lead Developer

1. Executive Summary

Highline Adventures is a premier outdoor adventure park located in the Santa Ynez Valley, California, offering California's biggest and fastest ziplines, a multi-level Adventure Park (ropes course), the Skynet Playground, Protea flower tours, and specialized experiences like Moonlight Ziplines and Hike & Fly Tours. The company operates on a 1,200-acre ranch and has rapidly established itself as a regional tourism leader since its launch in September 2023.

This document outlines the architecture, strategy, and feature set for a Unified Guest-Centric Platform — a single application that consolidates every dimension of the guest experience and back-office operations into one system. The platform is designed with three parallel mandates:

Mandate 1 — Serve Highline Adventures as the reference implementation, replacing the current patchwork of booking tools (Peek Pro), manual processes, and disconnected systems with a single operating platform that puts the guest at the center of every transaction. A guest creates one account, receives one folio, and can charge any activity, dining experience, equipment rental, accommodation, or amenity to that account for the duration of their stay.

Mandate 2 — Own the Entire Digital Surface. The platform includes a fully integrated CMS and visual site builder so that the client-facing website — where discovery, booking, and reservation happen — is not a separate system stitched onto the backend via plugins. Every category module (Activities, Dining, Properties, Equipment, Instructors, Amenities, Rooms) renders natively into the website through embeddable, visually editable components. Subscribers build and manage their entire web presence from within the platform, eliminating the disconnect between "the website" and "the booking system." Guests interact with a unified Guest Portal where they create an account, manage bookings, view their folio, track loyalty, and re-engage — all without leaving the subscriber's branded domain.

Mandate 3 — Package for Market as a multi-tenant SaaS product that other adventure hospitality, resort, and outdoor recreation businesses can subscribe to. The product will be offered via tiered pricing based on the number of category modules, CMS features, operational tools, and HR capabilities a subscriber activates.

The platform's competitive moat is the Category-of-One Marketing Engine — a built-in system that uses guest data, behavioral triggers, and the Acquisition.com "Grand Slam Offer" methodology to position each subscribing business as a unique, incomparable experience rather than a commodity competing on price.

2. Platform Vision and Philosophy

2.1 The Guest-Centric Imperative

The hospitality industry is undergoing a fundamental shift from operationally-focused systems to guest-centric intelligence platforms. Traditional property management and booking systems treat each department — reservations, dining, activities, equipment — as an isolated silo. The guest is forced to authenticate, re-enter payment information, and manage separate confirmations at every touchpoint.

The Highline Platform eliminates this fragmentation. Drawing from the architectural philosophy used by enterprise hospitality systems like Oracle OPERA, Mews, and Agilysys, the platform establishes a single Guest Data Platform (GDP) as the foundational layer. Every module — Activities, Properties, Dining, Rooms, Instructors, Equipment, and Amenities — reads from and writes to this central guest profile.

The core principle is: One guest. One account. One folio. One website. Every touchpoint.

When a guest arrives at Highline Adventures, they check in once. From that moment, they can charge a zipline tour, a lunch at the on-site dining facility, a Skynet session for their kids, an equipment rental, and a merchandise purchase — all to their unified account. At checkout, they receive a single, itemized folio. During their entire journey, the system is learning their preferences, behaviors, and spending patterns to deliver personalized recommendations and build long-term loyalty.

2.2 The Owned Digital Surface

Most hospitality businesses operate with a fractured digital presence: a WordPress or Squarespace website for marketing, Peek Pro or FareHarbor embedded via widget for bookings, OpenTable or Resy for dining, a separate guest Wi-Fi login, and maybe a Mailchimp account for email campaigns. Each system owns a piece of the guest's data. No single system has the full picture.

The Highline Platform collapses this stack. The CMS and visual site builder is not an afterthought — it is the front door of the entire system. The website that a guest visits, the booking flow they complete, the account they create, the portal they return to — all of it is rendered from the same platform that manages the back-office operations. This means:

Every page on the website is a live surface connected to the booking engine, the guest profile, and the marketing engine.
A "Book Now" button isn't a third-party widget — it is a native component reading real-time availability from the Activities module.
A "View Menu" section isn't a static PDF — it is the Dining module's live menu, complete with allergen tags and reservation availability.
The guest's "My Account" portal isn't a separate app — it is an authenticated section of the same website, showing their bookings, folio, loyalty points, and personalized recommendations.

This architecture ensures that the business owns 100% of the guest data — no data leaks to OTAs, no dependency on third-party booking platforms that charge per-cover fees, and no fragmentation across disconnected tools.

2.3 The Category-of-One Philosophy

The platform is not merely an operational tool. It is a growth engine built on the strategic frameworks from Acquisition.com's 100M Offers and 100M Leads methodologies. The core insight is that most adventure and hospitality businesses operate in a commodity trap — guests compare them on price, proximity, and basic specifications. The platform is designed to break this trap by:

Structuring offers as "Grand Slam Bundles" rather than individual line items, making price comparison impossible.
Automating scarcity signals using real-time inventory from the booking engine (e.g., "Only 2 seats left for the Sunset Tour").
Triggering urgency through seasonal, biological, or time-based constraints (e.g., Protea bloom season).
Enabling price anchoring through super-premium VIP packages that make standard packages feel affordable.
Building a "Value Equation" into every guest touchpoint — maximizing Dream Outcome and Perceived Likelihood while minimizing Time Delay and Effort/Sacrifice.

This philosophy is baked into the platform's architecture so that every subscribing business, not just Highline Adventures, can implement Category-of-One positioning.

3. System Architecture Overview

3.1 High-Level Architecture

The platform is organized into four architectural tiers:

Tier 1 — The Guest Core (GDP) The Guest Data Platform is the central nervous system. It manages identity resolution, unified guest profiles, folio management, authentication, and the charge-to-account capability. Every module connects to the GDP via internal APIs.

Tier 2 — The CMS & Website Layer The visual site builder and content management system that powers the client-facing website. It renders all category modules as embeddable, visually editable components and hosts the authenticated Guest Portal. This is the digital front door — where guests discover, book, pay, and manage their relationship with the business.

Tier 3 — Category Modules (Guest-Facing) These are the seven primary business domains that guests interact with:

Module	Domain	Core Function
Activities	Booking & Reservations	Manages all bookable experiences — ziplines, ropes courses, Skynet sessions, Protea tours, specialized experiences.
Properties	Accommodation Management	Manages on-site and partner accommodations — cabins, glamping, partner hotel integrations.
Dining	Food & Beverage Operations	Manages restaurant reservations, on-site food service, catered events, bar tabs.
Rooms	Guest Room/Unit Intelligence	Manages room assignments, housekeeping status, amenity stocking, per-room preferences.
Instructors	Guide & Staff Scheduling	Manages instructor/guide profiles, certifications, scheduling, priority assignment, guest-facing bios.
Equipment	Rental & Asset Management	Manages all physical assets — harnesses, helmets, GoPros, bikes — including utilization, maintenance, and billing.
Amenities	Ancillary Services	Manages merchandise, photo packages, spa, Wi-Fi, gift cards, passes, loyalty programs.

Tier 4 — Back-Office Modules (Business-Facing)

Module	Domain	Core Function
Operations Hub	Day-to-Day Execution	Time tracking with GPS/geofencing, job scheduling, digital forms, safety logs, manifest management.
HR & Skills Hub	Employee Lifecycle	Onboarding/training, document management, compliance monitoring, recognition/rewards, payroll prep.
Communications Hub	Internal Messaging	Secure team chat, company newsfeed, knowledge base, employee directory.
Marketing Engine	Growth & Retention	Grand Slam Offer builder, abandoned booking recovery, dynamic pricing, scarcity/urgency, Core 4 lead gen.
Analytics & Reporting	Business Intelligence	Dashboards, LTV calculations, revenue by category, equipment utilization, NPS tracking.

3.2 The Charge-to-Account Workflow

The technical workflow for the universal charge-to-account capability follows a controlled sequence modeled on enterprise hospitality standards:

Phase 1 — Authentication and Pre-Authorization: At check-in (physical or digital), the guest's payment method is tokenized via PCI-DSS compliant processing. A pre-authorization hold is placed covering the estimated stay cost plus an incidental buffer. The token is stored in the GDP and linked to the guest's active reservation ID.

Phase 2 — On-Property Transaction Execution: When the guest makes a purchase at any category touchpoint (restaurant POS, activity booking kiosk, equipment rental desk, mobile app, or the Guest Portal), the following sequence fires:

The POS or app sends an inquiry to the GDP with the guest's ID (room number, wristband RFID, QR code, or app session).
The GDP verifies the guest's check-in status and post privileges (valid card, within pre-auth limit).
Upon verification, the charge is posted to the guest's unified folio with a category-specific transaction code.
The folio updates in real-time, visible to the guest in their Guest Portal and mobile app.

Phase 3 — Final Settlement: At checkout, the GDP compiles all charges from every category into a single, itemized folio. The final capture occurs as one transaction against the pre-authorized card. The guest can review, dispute, or split charges before finalizing.

3.3 Unified Data Flow Diagram

                    ┌──────────────────────────────┐
                    │      CLIENT-FACING WEBSITE     │
                    │   (CMS + Visual Site Builder)  │
                    │                                │
                    │  ┌──────────┐  ┌────────────┐  │
                    │  │ Public   │  │  GUEST     │  │
                    │  │ Pages    │  │  PORTAL    │  │
                    │  │ (CMS)   │  │  (Auth'd)  │  │
                    │  └────┬─────┘  └─────┬──────┘  │
                    └───────┼──────────────┼─────────┘
                            │              │
                    ┌───────▼──────────────▼─────────┐
                    │         API GATEWAY             │
                    │    (Auth / Rate Limit / CDN)    │
                    └───────┬──────────────┬─────────┘
                            │              │
         ┌──────────────────┼──────────────┼──────────────────┐
         │                  │              │                  │
┌────────▼────────┐ ┌──────▼──────┐ ┌─────▼───────┐ ┌───────▼───────┐
│  GUEST DATA      │ │  CMS ENGINE │ │  CATEGORY    │ │  BACK-OFFICE  │
│  PLATFORM (GDP)  │ │             │ │  MODULES     │ │  MODULES      │
│                  │ │ • Page Mgr  │ │              │ │               │
│ • Identity Res.  │ │ • Block Sys │ │ • Activities │ │ • Operations  │
│ • Unified Profile│ │ • Theme Eng │ │ • Properties │ │ • HR & Skills │
│ • Folio Engine   │ │ • Media Lib │ │ • Dining     │ │ • Comms Hub   │
│ • Payment Vault  │ │ • SEO Mgr   │ │ • Rooms      │ │ • Marketing   │
│ • Preference Str │ │ • Form Bldr │ │ • Instructors│ │ • Analytics   │
│                  │ │ • Blog/News │ │ • Equipment  │ │               │
│                  │ │             │ │ • Amenities  │ │               │
└────────┬────────┘ └──────┬──────┘ └──────┬──────┘ └───────┬───────┘
         │                 │               │                 │
         └─────────────────┼───────────────┼─────────────────┘
                           │               │
                    ┌──────▼───────────────▼──────┐
                    │      SHARED SERVICES         │
                    │                              │
                    │  • Payment Processing        │
                    │  • Notification Service      │
                    │  • File/Media Storage (CDN)  │
                    │  • Search / Indexing          │
                    │  • Event Bus                 │
                    │  • Caching Layer              │
                    └──────────────────────────────┘

4. The Guest-Centric Core — The Unified Guest Profile

4.1 Identity Resolution Engine

Guests interact with businesses through multiple channels — direct website, OTAs (GetYourGuide, Viator), phone calls, walk-ins, partner referrals. They may use different email addresses, name variations, or phone numbers across these channels. The GDP uses an AI-powered identity resolution engine to reconcile these fragments into a single "Rich Guest Profile."

The engine evaluates multiple data fields beyond simple name/email matching — it unmasks OTA email addresses, identifies associations across typos or name changes, and corrects misaligned PMS fields. The result is a single source of truth for each human being who has ever interacted with the business.

4.2 Rich Guest Profile — Data Model

Data Category	Specific Fields	Operational Purpose
Identity	Full name, address, phone, unmasked OTA emails, social handles, biometric/ID verification status	Guest recognition at any touchpoint
Booking Behavior	Lead time, booking channel origin, rate type, cancellation history, no-show rate	Channel optimization and pricing strategy
On-Site Spend	Folio totals by category (Activities, Dining, Equipment, Amenities), per-visit average	Guest Lifetime Value (LTV) calculation, targeted upselling
Preferences	Activity preferences (thrill level, nature vs. adrenaline), dietary restrictions, accommodation type, special occasions	Personalization of experience and operational readiness
Engagement	Email open rates, SMS click-through, push notification response, survey sentiment, NPS score	Marketing segment refinement and service improvement
Website Behavior	Pages viewed, time on site, booking funnel drop-off point, return visit frequency, device type	CMS personalization, retargeting, conversion optimization
Fear/Comfort Profile	First-time vs. repeat, activities completed vs. skipped, feedback on fear/comfort level	Instructor assignment and personalized encouragement
Group/Social Graph	Travel companions, family members, corporate affiliations, group booking history	Group pricing, family package targeting, B2B relationship management

4.3 The Guest Folio Engine

The folio engine is the financial backbone of the guest-centric model. It aggregates all charges from every category module into a single, real-time ledger per guest per stay — accessible at all times through the Guest Portal. Key capabilities include:

Real-time charge posting from any POS terminal, kiosk, mobile app, or Guest Portal self-service
Itemized breakdown by category with linked transaction codes
Support for split billing (e.g., corporate pays activities, individual pays dining)
Pre-authorization management with automatic limit monitoring
Multi-currency support for international guests
Tax calculation and jurisdictional compliance automation
Refund and credit processing with full audit trail
Digital folio delivery via email/SMS at checkout and always available in the Guest Portal

5. The CMS and Visual Site Builder

This is one of the platform's most critical differentiators. Rather than building a booking engine that integrates into a third-party website (the Peek Pro / FareHarbor model), or building a website on WordPress and bolting on booking widgets, the Highline Platform ships with its own CMS and visual site builder. The website IS the platform. The booking flow IS the website. They are the same system.

5.1 Architecture: Why a Built-In CMS?

The current CMS landscape in 2026 is defined by three open-source architectures (WordPress at ~43% market share, Joomla at ~3%, Drupal at ~1-5%) and a growing tier of SaaS visual builders (Webflow, Wix, Squarespace). Each has strengths, but all share a critical limitation when used for hospitality: they are content systems, not business systems. Booking, payments, guest profiles, and operational data must be added via plugins, widgets, or third-party integrations — creating the exact fragmentation the Highline Platform is designed to eliminate.

Our CMS takes inspiration from the best of the 2026 landscape:

Concept	Inspiration Source	Our Implementation
Block-based editing	WordPress Gutenberg / Full Site Editing	A modular block system where every element — text, image, hero section — is a draggable, configurable component.
Live visual editing	Webflow, Drupal Canvas	True WYSIWYG on-page editing. What you see in the builder is what the guest sees. No "preview" toggle.
Component reusability	Drupal Single Directory Components (SDC)	Components are self-contained units (template + styles + logic) that can be reused across pages and across tenants.
Recipe/Template system	Drupal Recipes	Pre-built "site recipes" for common business types — adventure park, resort, restaurant, equipment rental — that auto-configure pages, navigation, and module integrations.
Global style system	WordPress theme.json / Style Book	A centralized design panel controlling typography, colors, spacing, and brand tokens across the entire site. Tenant branding is applied here.
Headless capability	Decoupled WordPress / Headless Drupal	API-first content delivery for tenants who want to use their own frontend (React, Next.js) while still leveraging the platform backend.
Performance by default	WordPress Core Web Vitals focus	Server-side rendering, automatic image optimization, lazy loading, CDN-first delivery. No "speed plugins" needed.
SEO management	WordPress Yoast / RankMath patterns	Built-in SEO controls per page — meta titles, descriptions, OG tags, structured data, sitemap generation, canonical URLs.

5.2 The Block System — Category-Aware Components

The core innovation of our CMS is that the block library includes category-connected components — blocks that are not just visual elements but live data surfaces connected to the platform's backend modules. These sit alongside standard content blocks (text, images, video, galleries) in the same visual editor.

Standard Content Blocks:

Rich text, headings, lists, quotes
Image, gallery, video, audio
Hero sections, call-to-action banners
Columns, grids, spacers, dividers
Testimonial carousels, team member bios
FAQ accordions, tabbed content
Custom HTML / embed blocks
Map blocks (Google Maps / Mapbox)
Social media feed embeds
Contact forms, newsletter signup forms

Category-Connected Blocks (the differentiator):

Block	Connected Module	What It Renders	Live Data
Activity Card	Activities	A bookable experience card with image, description, price, and "Book Now" CTA.	Real-time availability, dynamic pricing, scarcity counters ("Only 3 spots left").
Activity Calendar	Activities	An interactive calendar showing available dates/times for a specific activity or all activities.	Live slot availability. Clicking a date enters the booking flow.
Bundle / Offer Card	Marketing Engine	A Grand Slam Offer bundle with stacked value breakdown, anchor pricing, and urgency timer.	Price anchoring, countdown timers, seasonal urgency flags.
Dining Menu	Dining	A live, browsable menu with categories, allergen tags, dietary filters, and pricing.	Current menu (synced from the Dining module). Seasonal rotations auto-update.
Reservation Widget	Dining	An inline dining reservation form — date, party size, time slot selector.	Real-time table availability from the Dining module's floor plan engine.
Property Listing	Properties	An accommodation listing with photos, amenities, pricing, and availability calendar.	Live rates, availability, and booking CTA connected to the Properties module.
Room Gallery	Rooms	Visual showcase of room types with photo carousels, amenity lists, and comparison views.	Real-time pricing and availability per room type.
Instructor Profile	Instructors	A guide/instructor bio card with photo, certifications, specialties, and guest rating.	Live rating scores. Optional "Request this guide" CTA.
Equipment Catalog	Equipment	Browsable equipment rental catalog with images, specs, pricing, and availability.	Real-time inventory status and rental pricing.
Gift Card Purchase	Amenities	An inline gift card purchase widget — denomination selector, recipient info, payment.	Charges processed through the payment vault. Delivered digitally.
Pass / Membership Card	Amenities	Display and purchase interface for punch passes, season passes, memberships.	Current pricing, remaining punches (for logged-in guests), purchase CTA.
Photo Package Gallery	Amenities	Post-activity photo previews (watermarked) with one-click purchase.	Guest-specific photos linked from their activity session.
Review / Testimonial Feed	Analytics	Auto-populated stream of recent guest reviews, filterable by activity type.	Live feed from the reputation management module.
Scarcity / Urgency Banner	Marketing Engine	A dynamic banner showing real-time scarcity or urgency messages.	"Only 2 seats left for the 10 AM tour" — live from the manifest.
Weather Widget	External API	Current conditions and forecast for the property's location.	Live weather data. Reduces "should I go?" friction.
Guest Portal Login	GDP / Auth	A login/signup block that grants access to the authenticated Guest Portal area.	Connected to the unified authentication system.

5.3 The Visual Editor Experience

The visual editor is the admin-facing tool where subscriber staff build and maintain their website. It is designed for non-technical users — marketing managers, front desk staff, or business owners — following the "visual-first" philosophy that defines the 2026 CMS landscape.

Editor Features:

Drag-and-Drop Page Building: Add blocks from a categorized sidebar panel, drag them into position, and configure via inline or sidebar property panels.
Live Preview Editing: All changes render in real-time on the actual page layout. No separate "preview" mode. What you edit is what the guest sees.
Responsive Controls: Per-block visibility toggles for desktop, tablet, and mobile viewports. Stack, hide, or reorder blocks per breakpoint.
Global Design System: A centralized "Brand Panel" controlling primary/secondary colors, fonts, button styles, spacing scale, and border radius. Changes propagate instantly across every page.
Page Templates: Pre-designed page layouts (Homepage, Activity Detail, Dining, About Us, Contact, Blog Post) that can be customized. New templates can be created and saved.
Block Patterns / Sections: Pre-composed multi-block sections (e.g., "Hero + 3 Activity Cards + CTA Banner") that can be inserted as a unit and customized.
Reusable Blocks: Save any configured block or section as a "Reusable Block" — editing the master updates every instance across the site (equivalent to WordPress Reusable Blocks or Drupal SDC).
Media Library: Centralized image/video management with automatic optimization (compression, responsive sizing, WebP conversion), alt text prompting, and folder organization.
Blog / News Manager: Full blogging capability with categories, tags, author profiles, featured images, and SEO fields. Content is managed through the same block editor used for pages.
Form Builder: Drag-and-drop form creation for contact forms, event inquiries, corporate group requests, and custom data collection. Submissions are routed to configurable email addresses and stored in the CRM.
Navigation Manager: Visual menu builder with support for mega menus, dropdowns, and mobile hamburger configuration.
Site Recipes: One-click site templates for common business types that pre-populate pages, navigation, sample content, and module connections. A new subscriber can have a functional, branded website live within hours.
Version History: Page-level version history with one-click rollback. Prevents accidental content loss.
Role-Based Editing Permissions: Configurable access controls — e.g., marketing staff can edit blog posts and landing pages but cannot modify the booking flow or pricing blocks.
SEO Manager: Per-page meta title, meta description, OG image, canonical URL, and noindex controls. Global sitemap generation. Structured data (JSON-LD) auto-generated for activities, events, and local business schema.
Performance Optimization: Automatic lazy loading, image compression, above-the-fold critical CSS extraction, CDN-first asset delivery. Designed to meet Core Web Vitals benchmarks out of the box.
Custom Domain & SSL: Each tenant operates on their own custom domain with automated SSL certificate provisioning.
AI Content Assistance: Optional AI-powered tools for generating page copy, SEO meta descriptions, blog post drafts, and image alt text — following the 2026 trend of AI as a core editorial workflow component.

5.4 CMS Architecture Decision: Build vs. Integrate

A critical architectural decision is whether to build a CMS from scratch, fork an open-source CMS, or use a headless CMS as the content layer.

Approach	Pros	Cons	Recommendation
Build from scratch	Total control. Perfect integration with category modules. No third-party dependencies.	Massive engineering effort. Years to reach parity with mature CMS platforms.	Only viable if the team is large and the timeline is long.
Headless CMS backend + custom frontend	Leverage a proven content engine (Strapi, Directus, Sanity, Contentful). Focus engineering on the visual builder and category blocks.	Content layer is separate from the booking/guest layer — some integration overhead. SaaS options (Sanity, Contentful) add per-tenant costs.	Strongest option for v1. Use an open-source headless CMS (Strapi or Directus) as the content engine, build the visual editor and category-connected blocks as a custom frontend layer.
Fork WordPress / Drupal	Mature ecosystem, massive plugin/extension library, proven at scale.	Heavy legacy code. WordPress's PHP architecture may conflict with a modern JS stack. Plugin dependency creates security surface area.	Viable if the team has deep WP/Drupal expertise, but creates long-term maintenance burden.
Embedded page builder library	Use an open-source visual editor framework (e.g., GrapesJS, Craft.js, Editor.js) as the page builder UI layer, backed by our own data model.	Less mature than full CMS platforms. Still requires building content management (media, blog, SEO) around it.	Best hybrid approach. Use a proven editor framework for the drag-and-drop experience, build the category-connected blocks as custom components, and manage content in our own database.

The recommended approach for v1 is a hybrid: use a proven headless CMS or visual editor framework as the foundation, then build the category-connected blocks, the Guest Portal, the SEO manager, and the brand/theme system as custom layers deeply integrated with the platform's backend modules. This lets us ship a functional CMS much faster than building from scratch while maintaining total control over the guest-facing experience.

6. The Guest Portal

The Guest Portal is the authenticated area of the website where guests manage their entire relationship with the business. It is not a separate app or a third-party service — it is a section of the CMS-powered website that becomes available after the guest logs in or creates an account. Every data point displayed in the portal is pulled from the GDP, the category modules, and the Marketing Engine.

6.1 Portal Access & Authentication

Account Creation: Email + password, or social login (Google, Apple, Facebook). Optional phone number for SMS notifications. Identity verification (for activities with age/weight requirements) can be completed during signup or at first booking.
Login: Standard email/password, social login, or "Magic Link" (passwordless email login). Session persistence with secure token management.
Guest vs. Member: A "Guest" account is created the moment someone makes their first booking (even without explicit registration). A "Member" account is an explicit registration that unlocks loyalty features, saved preferences, and rebooking convenience.

6.2 Portal Sections & Features

Dashboard (Home) The landing page after login. Provides a summary view:

Upcoming bookings with date, time, activity, and guide assignment
Active folio balance (if currently on-property or within a stay)
Loyalty points / membership status
Personalized recommendations ("Based on your zipline experience, try the Moonlight Zipline")
Weather at the property for upcoming visit dates
Quick actions: "Book Again," "View Folio," "Update Preferences"

My Bookings A comprehensive booking management center:

Upcoming: All future reservations across all categories — activities, dining, accommodations. Each card shows date, time, location, confirmation number, and status. Options to reschedule, cancel (per cancellation policy), or add to calendar (iCal/Google Calendar export).
In Progress: If currently on-property, shows the day's itinerary — what's checked in, what's coming up, and real-time folio charges.
Past: Full history of all visits and activities. Linked to photos/videos from each session (if the Paparazzi Package was active). Option to rebook the same experience.
Waivers: View and manage signed digital waivers. Sign pending waivers for upcoming bookings (completing this pre-arrival speeds up check-in).

My Folio The financial hub:

Active Folio: If currently on a stay, real-time view of all charges posted across all categories, itemized by department (Activities, Dining, Equipment, Amenities, Accommodation).
Past Folios: Downloadable, itemized invoices from previous stays. Useful for corporate guests needing expense reports.
Payment Methods: Manage saved cards (tokenized — no raw card numbers stored). Set a default payment method.
Receipts & Invoices: Generate formal invoices on demand (for corporate/B2B guests).

My Preferences The personalization center — data stored in the Rich Guest Profile:

Dietary restrictions and allergies (synced to the Dining module)
Activity comfort level (thrill-seeker vs. nature-lover vs. balanced)
Accommodation preferences (room type, bed config, floor, view)
Communication preferences (email, SMS, push notification opt-in/out)
Special occasions (birthdays, anniversaries — triggers automated amenity dispatch)
Group/family profiles (add travel companions with their own preferences)

Loyalty & Rewards

Current loyalty tier and points balance
Points history (earned and redeemed)
Available rewards and redemption options
Referral program: unique referral link, tracking of referred guests, and reward status
Passes and memberships: view active passes (e.g., 10-punch Skynet pass with 7 remaining), purchase new passes, renew memberships

Photos & Memories

Gallery of all photos and videos captured during activities (linked from the Amenities module's photo system)
Watermarked previews for unpurchased packages; full-resolution for purchased
One-click social sharing with branded watermarks (drives the viral loop from the Marketing Engine)
"Scream Cam" highlight reels per visit

Messages & Notifications

Inbox for communications from the property: booking confirmations, pre-arrival information, post-departure follow-ups, promotional offers
AI Concierge chat interface: ask questions about upcoming visits, request changes, get recommendations
Notification preferences management

Account Settings

Profile information (name, email, phone, address)
Password and security settings (change password, enable 2FA)
Connected accounts (social logins)
Data privacy: download personal data (GDPR/CCPA), request account deletion
Language and currency preferences

6.3 Portal Design Principles

Mobile-First: The portal is fully responsive and optimized for mobile. Most guests will access it from their phone, especially while on-property.
Two-Tap Rule: Any critical action (view booking, check folio, sign waiver) should be reachable within two taps from the dashboard.
Real-Time Updates: Folio charges, booking status changes, and loyalty point accruals update in real-time via WebSocket or Server-Sent Events.
Brand-Consistent: The portal inherits the subscriber's branding from the CMS Global Design System — same colors, fonts, and visual language as the rest of the website.
Progressive Disclosure: Don't overwhelm. Show the most relevant information first (upcoming bookings, active folio) and let the guest drill deeper as needed.

7. Category Modules — Guest-Facing

7.1 Activities Module

This module replaces the current reliance on Peek Pro as the booking engine and builds a proprietary reservation system tailored to adventure hospitality. It draws from the best capabilities of platforms like Peek Pro, FareHarbor, and Bókun while eliminating their commission-based cost structures. Critically, the Activities module renders directly into the CMS-powered website via category-connected blocks — there are no embedded iframes or third-party widgets.

Core Features:

Booking Engine: Real-time availability calendar with dynamic scheduling, last-minute reservations, and "Smart Cutoff" logic that keeps bookings open until minimum thresholds are met. The booking flow is rendered natively on the website via Activity Card and Activity Calendar blocks.
Activity Catalog: Configurable listing system supporting all experience types. Each activity has its own CMS-powered detail page with the visual editor, plus structured data (duration, price, requirements) managed in the backend.
Manifest Management: Real-time operational manifest showing guide assignments, guest counts, equipment requirements, and special notes per session.
QR-Based Check-In: Mobile-native check-in with digital waiver signing, discreet weight verification (reframed as "Flight Calibration"), and harness assignment.
Dynamic Pricing Engine: AI-driven price adjustments based on demand, day of week, weather, season, and capacity. Prices update live on the website via the connected blocks.
Group & Corporate Booking: Dedicated workflow for groups 8+, corporate team-building events, field trips, and private tours with custom pricing rules. The CMS includes a "Group Inquiry" form block that routes to the B2B pipeline.
Multi-Channel Distribution: API-based connections to OTAs (GetYourGuide, Viator, TripAdvisor) with centralized inventory sync to prevent double-booking.
Digital Waivers: Native digital waivers with indefinite storage, pre-trip signing (via the Guest Portal), and automatic association with the guest profile.
Post-Activity Triggers: Automated photo/video delivery, review request, rebooking nudge, and referral incentive — all fired based on activity completion events and surfaced in the Guest Portal.

Highline-Specific Configuration:

Activity	Duration	Price Range	Capacity	Key Requirements
Zipline Tour (3 lines)	1.5–2.5 hrs	$139–$175	8 per group	75–275 lbs, min age 10
Adventure Park	2 hrs	From $40	Variable	48" tall, 70" reach, <275 lbs
Skynet Playground	1–2 hrs	From $25	Variable	48" tall, 70" reach
Protea Tour	1–1.5 hrs	$50	Variable	Closed-toe shoes, walk up to 1 mile
Moonlight Zipline	1.5–2 hrs	$175	8 per group	Same as zipline + nighttime briefing
Hike & Fly	3+ hrs	~$125+	Variable	2-mile uphill hike capability

7.2 Properties Module

Manages all accommodation inventory — both owned properties and partner properties. The CMS renders Property Listing blocks and Room Gallery blocks directly on the website, allowing guests to browse, compare, and book without leaving the site.

Core Features:

Property Listing Engine: Rich media listings built in the visual editor with professional photography, virtual tours, amenity tags, and category filtering.
Calendar & Availability Management: Real-time availability sync rendered via the Activity Calendar block pattern.
Rate Management: Dynamic pricing based on season, occupancy, day of week, and event calendar. Support for promo codes, loyalty discounts, and package pricing.
Partner Property Integration: API or manual integration with partner hotels for "Adventure & Stay" packages.
Review & Rating System: Dual-sided reviews with sentiment analysis, surfaced on the website via the Review Feed block.
Housekeeping Integration: Real-time room/unit status synced with the Rooms module.

7.3 Dining Module

Manages all food and beverage operations. The CMS renders the Dining Menu block and Reservation Widget block directly on the website — guests can browse the live menu and book a table without any third-party service (no OpenTable or Resy dependency).

Core Features:

Reservation System: Table management with visual floor plan, shift configuration, and AI-driven seating optimization.
POS Integration: Full point-of-sale with charge-to-room/account capability.
Menu Management: The live digital menu rendered on the website auto-updates when the kitchen changes items. Allergen tagging and dietary filters are synced from the guest profile.
Event/Catering Booking: Ticketed dining experiences (e.g., "Winemaker's Dinner in the Protea Fields") sold via the Bundle/Offer Card block.
Kitchen Display System: Order routing to kitchen stations.
Dietary Preference Memory: The system remembers a guest's dietary needs from previous visits and proactively communicates them to kitchen staff.

7.4 Rooms Module

The per-unit intelligence layer. The CMS renders Room Gallery blocks for the public site, while the Guest Portal shows the guest their assigned room details, preferences, and digital key access.

Core Features:

Room Assignment Engine: AI-assisted assignment based on guest preferences synced from the Guest Portal's "My Preferences" section.
Housekeeping Management: Real-time status tracking, automated task assignment, mobile checklists.
In-Room Amenity Management: Stocking lists synced with guest profile preferences.
Digital Key / Access Control: Mobile key capability accessible through the Guest Portal.
Maintenance Tracking: Work order creation and resolution tracking.
Guest Preference Sync: Bidirectional sync with the GDP — room-level preferences are stored and restored for returning guests.

7.5 Instructors Module

Manages the human capital that delivers the guest experience. The CMS renders Instructor Profile blocks on the website — guests can browse guide bios, see ratings, and even request specific guides during booking.

Core Features:

Instructor Profile Engine: Comprehensive profiles including certifications, experience level, guest rating history, and specialties. Rendered as rich bio pages via the CMS.
Smart Scheduling: Priority-based assignment logic — seniority, guest rating, certification match, and availability.
Certification & Compliance Tracking: Expiration date monitoring with automated renewal alerts.
Guest-Facing Bio Pages: CMS-powered pages accessible from the public site and linked from the Guest Portal's booking confirmations ("Your guide today is Carlos — [View Profile]").
Performance Analytics: Per-instructor satisfaction scores, safety incident rate, upsell conversion.
Training & Onboarding: Mobile-first training courses with video, quizzes, and progress tracking.

7.6 Equipment Module

Manages every physical asset. The CMS renders Equipment Catalog blocks for rental-focused businesses, and the internal system tracks utilization and maintenance for all asset types.

Core Features:

Asset Registry: Complete inventory with barcodes/RFID, purchase date, warranty, and depreciation.
Utilization Tracking: Real-time asset status — available, in-use, in-maintenance, retired.
Maintenance Scheduling: Preventive maintenance calendars with automated work orders. Digital safety inspection checklists.
Rental Billing: Time-based and flat-rate pricing with automatic charge posting to the guest folio.
Checkout/Return Workflow: Barcode/RFID-scanned checkout and return with condition assessment.
Compliance & Safety: Integration with ASTM safety standards. Automatic flagging when assets exceed rated lifecycle.
Kitting & Assembly: Pre-assembled gear kits assigned and tracked as a unit.

7.7 Amenities Module

A catch-all for supplementary services. Many of its features surface through the Guest Portal and dedicated CMS blocks on the website.

Core Features:

Merchandise/Retail POS: Full retail POS with charge-to-account. Inventory management with reorder alerts.
Photo & Video Packages: Automated delivery to the Guest Portal's "Photos & Memories" section post-activity. Watermarked preview with one-click purchase.
Gift Cards & E-Vouchers: The Gift Card Purchase block on the website allows guests to buy, send, and redeem digital gift cards.
Passes & Memberships: The Pass/Membership Card block on the website displays and sells punch passes, season passes, and recurring memberships. Status is tracked in the Guest Portal.
Concierge / AI Assistant: Guest-facing chat accessible in the Guest Portal and optionally as a floating widget on the website.
Spa/Wellness Services: Booking and billing for massage, personal training, or other wellness services.

8. Operations and HR Modules — Business-Facing

8.1 Operations Hub

Modeled on the tri-modular architecture of platforms like Connecteam, the Operations Hub manages the logistics of running an outdoor adventure business with a primarily deskless workforce.

Time Tracking & Geospatial Verification:

GPS-stamped clock-in/clock-out with geofencing.
"Breadcrumbs" real-time tracking for mobile staff.
Automated break deduction rules for labor law compliance.

Job Scheduling & Dispatching:

Visual calendar board for all shifts across all departments.
Open Shift mechanic with manager-approval workflow.
Shift templates and conflict detection.

Digital Forms & Checklists:

Safety inspection forms with rich media, e-signatures, GPS timestamps.
Pre-flight equipment checklists per activity session.
Incident report forms with automated escalation.

Manifest Management:

Daily operational manifests auto-generated from the booking engine.
Per-session manifests with guest names, special requirements, guide assignments.

8.2 HR & Skills Hub

Manages the full employee lifecycle with emphasis on certification compliance and mobile-first training.

Onboarding & Training: Mobile-first courses (video, quizzes). Role-specific paths. Pre-Day-1 capability.
Document Management & Compliance: Secure file cabinet for certifications with expiration tracking and automated renewal alerts.
Recognition & Rewards: Digital badges, spotlight posts, gift card rewards, employee timeline.
Payroll Integration: Timesheet review/approval workflow. Payroll export to ADP, Gusto, Paychex. Digital tipping management.

8.3 Communications Hub

Replaces insecure personal messaging with an encrypted, company-owned environment.

Team Chat: 1:1 and group messaging with admin controls.
Company Newsfeed: Announcements with read receipts and targeted distribution.
Knowledge Base: Searchable SOP repository available 24/7.
Employee Directory: Searchable staff directory filtered by role/department.

9. The Category-of-One Marketing Engine

9.1 Grand Slam Offer Builder

A guided workflow that helps operators construct bundled offers following the Value Equation:

Value = (Dream Outcome × Perceived Likelihood) / (Time Delay × Effort & Sacrifice)

The builder walks operators through defining the Dream Outcome, stacking bonuses, naming the offer, and setting the anchor. Offers are then rendered on the website via the Bundle/Offer Card block in the CMS — making the marketing strategy and the website a single integrated system.

Example — Highline "Sky-Conquest Expedition":

Component	Description	Perceived Value
Core Mechanism	3 Dual Ziplines — California's Longest/Fastest	$149
Bonus 1 — Transport	VIP 4x4 Humvee Summit Ascent	$50
Bonus 2 — Memories	"Paparazzi Package" — Unlimited Digital Photos	$39
Bonus 3 — Nature	Post-Flight Protea Flower Field Walk	$25
Bonus 4 — Gear	Pro-Grade Harness Fitting & Safety Orientation	$20
Bonus 5 — Souvenir	Exclusive "Flight Crew" Lanyard or Patch	$15
Total Perceived Value		$298
Grand Slam Price		$169

9.2 Automated Revenue Optimization

Abandoned Booking Recovery: Automated follow-ups when a guest starts but doesn't complete a booking on the website (17.5–18% recovery benchmark).
Dynamic Pricing: AI-driven adjustments rendered live on the website via category-connected blocks.
Upsell Engine: Context-aware add-on prompts during the checkout flow.
Digital Tipping: Integrated at POS and mobile checkout.

9.3 Scarcity & Urgency Automation

The system pulls real-time data from the booking engine and renders it through the CMS's Scarcity/Urgency Banner block:

Real-Time Scarcity: "Only 2 seats left for the 10:00 AM Ascent" — live from the manifest.
Seasonal Urgency: "Peak Bloom Warning: The Protea fields are at maximum color for the next 14 days."
Social Proof Counters: "347 guests flew this week."

9.4 Lead Generation — The Core 4

Warm Outreach: Automated reactivation campaigns. Guest Portal re-engagement triggers.
Cold Outreach (B2B): CRM tools with template scripts and "Scout Pass" tracking.
Content Marketing: Blog managed through the CMS. "Scream Cam" video delivery. UGC tracking. The CMS's blog system and social sharing features power the content strategy directly.
Paid Ads Integration: Pixel/conversion tracking, geo-fencing, retargeting audiences built from website visitor behavior (captured by the CMS analytics layer).

9.5 Loyalty & Retention

LTV Dashboard: Per-guest revenue tracking across all categories.
Lifecycle Campaigns: Pre-arrival, on-property, post-departure, rebooking triggers.
Referral Program: Trackable codes managed in the Guest Portal.
OTA Winback: Direct-booking incentives for OTA-originating guests.

10. Multi-Tenant SaaS Architecture — White-Label Packaging

10.1 Tenant Isolation and Configuration

The platform is designed as a multi-tenant application where each subscribing business operates within an isolated data environment but shares the underlying infrastructure.

Database Strategy: Shared database with tenant-level row isolation, with optional dedicated instances for Enterprise-tier subscribers.
Configuration Engine: Each tenant configures categories, pricing, workflows, and CMS branding through their admin dashboard.
White-Label CMS: Full brand customization — the subscriber's website is built and hosted entirely within the platform. Custom domain, SSL, logos, color schemes, fonts, email templates, and Guest Portal theming.
Site Recipes: Pre-built website templates for common business types (adventure park, resort, restaurant, rental company) that auto-configure pages, navigation, and module connections. A new subscriber can be live within hours.
Module Activation: Tenants only pay for and access the modules they activate.

10.2 Tenant Types and Use Cases

Tenant Type	Example Businesses	Modules Likely Activated
Adventure Park / Activity Provider	Zipline parks, ropes courses, ATV tours	CMS, Activities, Equipment, Instructors, Marketing, Guest Portal
Boutique Resort / Lodge	Mountain lodges, glamping resorts	CMS, All guest-facing modules, Operations, HR, Guest Portal
Restaurant Group	Multi-location dining operations	CMS, Dining, Amenities, Operations, HR, Guest Portal
Equipment Rental Business	Bike, ski, camera gear, event rentals	CMS, Equipment, Activities (if guided), Marketing, Guest Portal
Outdoor Guiding Company	Fishing guides, hiking outfitters	CMS, Activities, Instructors, Equipment, Marketing, Guest Portal
Multi-Property Hospitality Group	Hotel chains, vacation rental portfolios	CMS, All modules, multi-property analytics, Guest Portal

11. Tiered Subscription Model

Tier	Target	Monthly Price	Included Modules	Transaction Fee
Starter	Solo operators, single-activity	$99–$199/mo	CMS + Guest Portal + up to 2 guest-facing modules + basic Analytics	3–5%
Growth	Multi-activity, small resorts	$299–$499/mo	CMS + Guest Portal + up to 5 guest-facing modules + Operations Hub + Marketing Engine	2–3%
Professional	Full-service resorts, multi-location	$699–$999/mo	CMS + Guest Portal + All guest-facing + All back-office modules	1–2%
Enterprise	Hospitality groups, franchises	Custom	All modules + dedicated DB + custom SLAs + API access + headless CMS option	Negotiated

Add-Ons:

Add-On	Price
Additional Properties	$99–$199/property/mo
HR & Skills Hub	$149/mo
Advanced Analytics / AI	$199/mo
RFID / Wristband Integration	Custom
OTA Channel Manager	$99/mo
AI Concierge	$149/mo
Headless CMS API Access	$99/mo
Custom Site Recipe Development	One-time fee, custom

12. User Journeys and Use Case Scenarios

Scenario 1: The Weekend Family Visit (Highline Adventures)

Actors: Sarah (mom), Mike (dad), Emma (12), Jake (8)

Discovery (Day -14): Sarah sees a TikTok of someone screaming on the zipline. She clicks the watermarked Highline logo, lands on highlineadventures.com — the CMS-powered website. The homepage hero shows a "Scream Cam" video loop. Below it, Activity Card blocks display the "Sky-Conquest Expedition" at $169/person with a live scarcity counter: "Only 4 seats left for Saturday 10 AM."
Booking: Sarah clicks "Book Now" on the Activity Card. The booking flow opens inline (no redirect, no iframe, no third-party) — date picker, group size, participant details. She books 3 zipline bundles (Jake is too light at 60 lbs). The checkout flow's upsell engine suggests a Skynet Playground session for Jake ($25) and an Adventure Park add-on for $29/person. Total: $576.
Account Creation: During checkout, Sarah creates a Guest Portal account. She enters payment (tokenized via Stripe), signs digital waivers for all family members, and completes a preferences form (Emma has a nut allergy).
Pre-Arrival: Sarah logs into the Guest Portal. Her Dashboard shows the upcoming booking with a countdown. She receives the "Digital Flight Manual" PDF. The day before, a weather notification confirms blue skies. Waivers are green-checked. She sees "Your guide is Carlos" with a link to his instructor profile page on the website.
Arrival & Check-In: The family scans a QR code at basecamp (generated from the Guest Portal). The system recognizes their booking, confirms waivers, and initiates Flight Calibration. Wristbands are issued as charge-to-account identifiers.
On-Property: Mike and Emma zipline. Jake does Skynet. Sarah and Emma do Adventure Park. Lunch at the café — wristband tap to charge. The kitchen's display flags Emma's nut allergy. Mike buys two "I Conquered California's Fastest Zipline" shirts — charged to account.
Post-Visit: Sarah logs into the Guest Portal. "Photos & Memories" shows watermarked preview photos (already paid for via the bundle). She shares a Scream Cam clip on Instagram Stories — Highline-branded watermark drives viral loop. Her Dashboard shows 150 loyalty points earned. A "30-Day Flight Anniversary" email triggers with a Moonlight Zipline offer.

Scenario 2: Corporate Team Building

Actor: Jessica (HR Director, 45 employees)

Outreach: Jessica receives a cold email with a "Scout Pass" offer. She visits the Highline website. A Group Inquiry Form block on the corporate page collects her details and routes to the B2B pipeline.
Scout Visit: Jessica visits solo, loves it. System creates her Guest Portal account tagged as "B2B Lead — Corporate."
Proposal: Jessica requests a group quote via the Guest Portal. The system generates a custom "Corporate Expedition Package" with a branded PDF proposal.
Event Day: 45 employees arrive with individual check-in QR codes generated from the system. The manifest auto-assigns groups and guides.
Post-Event: Jessica's Guest Portal shows a "Highlight Reel," NPS results from her team, and a professional invoice. Auto-generated rebooking offer for next fiscal year.

Scenario 3: The Multi-Day Resort Guest (Future State)

Actor: David and Maria (couple, 3-night glamping stay)

Booking: David browses the website. The Property Listing block shows the glamping cabin with live pricing. He adds a "Sky-Conquest Expedition" via the Activity Card and a "Winemaker's Dinner" via the Reservation Widget. Single checkout.
Guest Portal Pre-Arrival: David completes a preference survey. Indicates Maria's birthday. The system dispatches a birthday amenity to housekeeping.
During Stay: All charges (GoPro rental, bike rental, sunset cocktails, spa treatment) post to the unified folio in real-time, visible in the Guest Portal.
Checkout: Single itemized folio in the Guest Portal. One card charge. NPS survey triggers 24 hours later.

Scenario 4: Subscriber Onboarding (Multi-Tenant — "Coastal Kayak Co.")

Actor: "Coastal Kayak Co." — a kayak rental business subscribing to the Starter tier.

Signup: Owner creates a subscriber account. Selects "Equipment Rental" Site Recipe. The CMS pre-populates a homepage, rental catalog page, about page, and contact page with placeholder content and Equipment Catalog blocks.
Customization (Day 1): Owner opens the visual editor. Updates the logo, colors, and fonts in the Brand Panel. Replaces placeholder photos with kayak images. Configures kayak types, rental durations, and pricing in the Equipment module — these auto-populate into the Equipment Catalog block on the website.
Go Live (Day 2): Connects custom domain (coastalkayak.com). SSL auto-provisions. Site is live. The "Book a Kayak" button on the homepage connects directly to the booking engine.
Guest Experience: A tourist books a 2-hour tandem kayak. Creates a Guest Portal account during checkout. Signs a digital waiver. On the day, kayak is checked out via barcode scan. Returned and condition-assessed. Charge posted.
Portal: The guest's Guest Portal shows their booking history, a review request, and a "10% off your next paddle" code.

Scenario 5: The Website Manager (CMS User Journey)

Actor: Lisa (Marketing Manager, Highline Adventures)

Monday Morning: Lisa logs into the admin dashboard. She needs to create a landing page for a "Summer Solstice Moonlight Zipline" event.
Page Creation: She creates a new page, selects the "Event Landing" page template. The template pre-populates a hero section, event details block, and a booking CTA.
Visual Editing: Lisa drags in a Bundle/Offer Card block. She selects the "Solstice Expedition" offer from the Marketing Engine. The block auto-renders the stacked value breakdown with a dynamic "Book Now" CTA showing live availability.
Content: She writes event copy in the rich text block, uploads hero photography to the Media Library (auto-compressed, WebP converted), and adds a Scarcity/Urgency Banner block: "Limited to 24 guests. Selling fast."
SEO: She fills in the meta title ("Summer Solstice Moonlight Zipline | Highline Adventures"), meta description, and OG image via the SEO Manager sidebar.
Blog Post: She writes a companion blog post using the same block editor, embeds an Activity Card for the Moonlight Zipline, and schedules it for Wednesday publication.
Publish: Previews the page on desktop and mobile viewports. Publishes. The page is live on highlineadventures.com within minutes. No developer needed.

Scenario 6: Deskless Workforce (Carlos the Zipline Guide)

6 AM: Push notification: "Shift starts 8 AM. Assignment: Zipline Tour Group Alpha — 8 guests."
Arrival: Clocks in via app. GPS confirms geofence. System logs time.
Pre-Tour: Opens manifest. Guest #3 (Emma) is first-timer, noted "nervous." Guest #7 has a birthday.
Tour: Completes pre-flight digital checklist. Takes guest photos (auto-uploaded and tagged to profiles).
Post-Tour: Completes equipment inspection. Flags Harness #22 for wear — maintenance work order auto-generated.
End of Day: Clocks out. 8.5 hours logged, 30-min unpaid break auto-deducted. $45 in digital tips.
Friday: Notification: "CPR certification expires in 30 days."

13. Technology Stack Recommendations

⚠️ STATUS: UNDER REVIEW. The technology stack below represents initial recommendations and has not been finalized. A key open question is whether the backend should be built in Node.js (NestJS) as proposed here, or in Python (Django/FastAPI). This decision impacts the entire stack and must be resolved before Phase 1 development begins. See Question 35 in Section 17 for the full discussion.

13.1 Core Stack

Layer	Recommended Technology	Rationale
CMS Frontend	Next.js (React) + Tailwind CSS	Server-side rendering for SEO/performance. React component model aligns with the block system. Tailwind for rapid, consistent styling.
Visual Editor	GrapesJS or Craft.js (customized)	Proven open-source visual editor frameworks. Custom category-connected blocks built as React components.
Guest Portal	Next.js (same app, authenticated routes)	Shares the same frontend stack as the public site. Auth state managed via JWT/session tokens.
Headless Content Engine	Strapi or Directus (self-hosted)	Open-source headless CMS for content management (blog posts, pages, media). API-first. No per-tenant licensing fees.
Mobile App	React Native	Cross-platform guest + staff apps sharing logic with the web stack.
Backend / API	Node.js (NestJS)	TypeScript alignment with the frontend. Modular architecture. Strong for API-first design.
Database	PostgreSQL + Redis	PostgreSQL for relational data with ACID compliance. Redis for caching, sessions, real-time pub/sub.
Search	Meilisearch	Full-text search across guest profiles, activities, blog content, and knowledge base.
Event Bus	RabbitMQ or Apache Kafka	Asynchronous cross-module events (booking confirmed → guide notified → equipment reserved → marketing triggered).
File/Media Storage	AWS S3 + CloudFront CDN	Photos, videos, documents. CDN for global asset delivery with automatic image optimization pipeline.
Infrastructure	Docker + Kubernetes (AWS EKS)	Containerized microservices with auto-scaling for seasonal demand.
CI/CD	GitHub Actions	Automated testing, build, deployment.
Monitoring	Datadog or Grafana + Prometheus	Performance tracking, alerting, system health.
Email / SMS	SendGrid + Twilio	Transactional and marketing communications.
Payments	Stripe Connect	Multi-tenant payment processing with per-tenant payouts. Tokenization, PCI compliance.

13.2 CMS-Specific Technology Decisions

Component	Approach	Notes
Page rendering	Server-Side Rendering (SSR) via Next.js	Critical for SEO and Core Web Vitals. Each page request is rendered server-side with live data from category modules.
Block rendering	React components with data fetching hooks	Each category-connected block is a React component that calls the relevant module API on render. Cached aggressively via Redis/CDN.
Visual editor	GrapesJS (canvas-based) or Craft.js (React-native)	GrapesJS is more mature with drag-and-drop; Craft.js integrates more naturally with React. Needs evaluation.
Image pipeline	Sharp (Node.js) + S3 + CloudFront	On-upload: auto-compress, generate responsive sizes, convert to WebP. Serve via CDN with cache headers.
SEO	Next.js `<Head>` + JSON-LD generation	Per-page meta tags managed in CMS. Structured data auto-generated from activity/property/dining module data.
Multi-tenant routing	Custom domain mapping via Kubernetes Ingress + automated SSL (Let's Encrypt)	Each tenant gets their own domain. Routing layer maps domain → tenant config → render.

14. Security, Compliance, and Data Standards

14.1 Payment Security

PCI DSS Level 1: All card handling delegated to Stripe. No raw card data in our systems.
Tokenization: Secure tokens for recurring charges and charge-to-room.
Pre-Authorization Management: Automated hold management with configurable buffers.

14.2 Data Privacy

GDPR / CCPA Compliance: Right-to-access, right-to-delete, and data portability. Guest Portal includes self-service data download and account deletion.
Data Isolation: Strict tenant-level separation.
Encryption: TLS 1.3 in transit, AES-256 at rest.

14.3 Industry Standards

HTNG Express: Compliance with AHLA standardized data fields for PMS/POS interoperability.
OCTO API: OTA distribution standard.
ASTM F2959 / F770: Adventure park safety compliance tracking.

14.4 CMS Security

Role-Based Access Control: Granular permissions for CMS editing (who can edit pages, who can modify booking flows, who can change pricing).
Content Versioning: Full audit trail of every page edit with one-click rollback.
XSS/CSRF Protection: All user-generated content sanitized. CSRF tokens on all form submissions.
Rate Limiting: API gateway rate limiting on all public endpoints (booking engine, form submissions, login attempts).
DDoS Protection: CDN-level DDoS mitigation (CloudFront, Cloudflare).

15. Integration Ecosystem

15.1 API-First Architecture

Comprehensive REST and GraphQL API for all core functions:

Booking API: CRUD reservations across all activity types.
Guest Profile API: Query and update profiles, preferences, engagement.
Folio API: Post charges, query balances, process settlements.
Content API (Headless CMS): For tenants who want to use their own frontend while leveraging the platform backend. Delivers pages, blocks, and module data as structured JSON.
Inventory API: Real-time equipment and room availability.
Webhook Events: Subscribe to real-time events (booking confirmed, guest checked in, charge posted, review submitted, page published).

15.2 Priority Integrations

Peek Pro (Migration): One-time import of historical bookings, customers, and waivers.
Stripe Connect: Multi-tenant payments and payouts.
Twilio / SendGrid: SMS and email.
Google Maps / Mapbox: Property maps, directions, geofencing.
QuickBooks / Xero: Accounting sync.
Meta Pixel / Google Analytics / GA4: Conversion tracking embedded in the CMS.
Google Search Console: Sitemap submission and indexing monitoring from the CMS SEO manager.
Cloudflare / CloudFront: CDN and DDoS protection.

16. Development Roadmap and Phasing

Phase 1 — Foundation + CMS Core (Months 1–5)

Objective: Build the GDP, authentication, Activities module, CMS with visual builder, and Guest Portal MVP.

GDP: Guest profiles, identity resolution (basic), unified auth
Payment Vault: Stripe Connect integration, tokenization, pre-authorization
CMS Engine: Page manager, block system (standard content blocks), visual editor, media library, SEO manager, blog, navigation manager, global design system, custom domain + SSL
Category-Connected Blocks (v1): Activity Card, Activity Calendar, Scarcity Banner, Guest Portal Login
Guest Portal (MVP): Dashboard, My Bookings, My Folio, Account Settings, waiver signing
Activities Module: Booking engine, availability, dynamic pricing, manifests, QR check-in, waivers
Admin Dashboard: Tenant config, activity catalog, CMS admin, basic reporting
Site Recipes (v1): "Adventure Park" recipe for Highline reference implementation

Milestone: Highline Adventures website and booking system live on the platform. Guests book, create accounts, and manage bookings via the Guest Portal. Marketing team manages the website via the visual editor.

Phase 2 — Expansion (Months 6–9)

Objective: Add Equipment, Instructors, Operations Hub, and expand CMS + Portal.

Equipment Module + Equipment Catalog block
Instructors Module + Instructor Profile block
Operations Hub: Time tracking, scheduling, digital forms
Guest Portal additions: Photos & Memories, My Preferences, Loyalty & Rewards
Charge-to-account workflow live across Activities, Equipment, Amenities
Staff Mobile App: Clock in/out, manifests, checklists
CMS additions: Form builder, testimonial/review feed block, weather widget block
Site Recipes (v2): "Equipment Rental" and "Outdoor Guide" recipes

Milestone: End-to-end charge-to-account operational. Instructor and equipment modules live on the website.

Phase 3 — Full Suite (Months 10–15)

Objective: Complete all modules, full CMS block library, full Guest Portal.

Dining Module + Dining Menu block + Reservation Widget block
Properties Module + Property Listing block
Rooms Module + Room Gallery block
Amenities Module + Gift Card, Pass/Membership, Photo Gallery blocks
HR & Skills Hub
Communications Hub
Marketing Engine: Grand Slam Offer builder + Bundle/Offer Card block, abandoned booking recovery, Core 4 tools
Guest Portal (full): Messages, AI Concierge chat, referral program, full loyalty system
CMS additions: AI content assistance, version history, reusable blocks library

Milestone: Highline Adventures fully operational on the platform. All modules, full website, full Guest Portal.

Phase 4 — Multi-Tenant Launch (Months 16–19)

Objective: Package for external subscribers.

Multi-tenant infrastructure: Tenant isolation, domain mapping, module activation
Site Recipe marketplace: Adventure Park, Resort, Restaurant, Equipment Rental, Guiding Company
Onboarding wizard: Guided setup with recipe selection, brand configuration, module activation
Subscription billing via Stripe
Documentation, API portal, developer guides
Sales website and live demo environment
First 3–5 beta subscribers

Milestone: First external subscriber live with their own branded website, booking engine, and Guest Portal.

Phase 5 — Intelligence Layer (Months 20–24)

Objective: AI, predictive analytics, headless capabilities.

Causal AI upselling, predictive staffing, demand forecasting
Advanced analytics dashboards and LTV prediction models
AI Concierge (full NLP-driven guest assistant)
Headless CMS API for tenants with custom frontends
Channel Manager with OCTO API compliance
CMS: AI-powered page layout suggestions, auto-generated landing pages from offer data
Internationalization: Multi-language CMS, multi-currency pricing, timezone-aware scheduling

17. Critical Questions for the Lead Developer

Architecture & Infrastructure

Monolith-first or microservices from Day 1? Given the number of modules, should we start with a modular monolith (faster to build, easier to debug) and extract services later, or invest in microservices upfront? What is the breakpoint?
Decision: Modular Monolith.
For a platform this ambitious in scope but still pre-market-fit, microservices from Day 1 would multiply complexity (inter-service communication, distributed tracing, deployment orchestration, data consistency) at a stage when we need speed and the ability to refactor domain boundaries easily.
The key is to build it modular — clean domain boundaries between Guest Profile, Activities, Dining, CMS, etc. using well-defined internal interfaces and contracts. This means when we do need to extract a service, the seams are already there.
The breakpoint for extraction would likely come when:
- A specific module (e.g., the booking/availability engine or the marketing engine) has dramatically different scaling needs than the rest.
- The team grows large enough that independent deployability becomes a productivity gain (roughly 15–20+ engineers).
- The multi-tenant SaaS launch (Phase 3–4) creates load patterns that demand independent scaling.
The first candidate for extraction would probably be the real-time availability/booking engine, since it has the highest concurrency demands and the strictest latency requirements.
Database per tenant or shared database? What is the trade-off between shared database with row-level isolation versus schema-per-tenant versus database-per-tenant? How does this affect query performance, backups, and onboarding speed?
Decision: Shared Database with Row-Level Isolation (Option A), plus a "whale tenant" escape hatch.
There are three options on the table, each with distinct trade-offs:
Option A: Shared Database with Row-Level Isolation — Every tenant's data lives in the same tables, distinguished by a tenant_id column. Postgres Row-Level Security (RLS) policies enforce filtering at the database layer so even buggy application code can't leak data across tenants. Onboarding a new tenant is fast (an insert into a tenants table plus seed data). One schema, one migration path, one backup schedule — operational overhead stays flat as tenants are added. Cross-tenant analytics are simple queries, not fan-outs. The risk is "noisy neighbor" scenarios where one tenant's heavy queries impact others, mitigated with connection pooling (PgBouncer), per-tenant query timeouts, and rate limiting.
Option B: Schema-per-Tenant — Each tenant gets their own Postgres schema within the same database. Provides stronger logical isolation and easier per-tenant backups, but migrations become N operations instead of 1, connection pooling gets complicated (each connection needs the correct search path), onboarding is slower, and cross-tenant reporting requires querying across schemas.
Option C: Database-per-Tenant — Maximum isolation for performance, security, and failure domains. Easy data residency compliance. But operational overhead scales linearly (connections, monitoring, migrations, patching all multiplied by N), cost is significantly higher, cross-tenant analytics require a separate data warehouse, and onboarding is the slowest path.
Why Option A fits Highline specifically:
- We are launching with one tenant (Highline Adventures itself) and will onboard others gradually. The overhead of schema-per-tenant or DB-per-tenant doesn't pay for itself until there are many large tenants.
- The modular monolith decision from Q1 pairs naturally with a shared database — we are already choosing simplicity and speed over premature distribution.
- Postgres RLS is battle-tested and gives us database-level enforcement of tenant isolation, not just application-level. This is the key — it is not just a WHERE tenant_id = ? in the app code that someone could forget.
- One connection pool, one set of migrations, one backup schedule. Cost-efficient at this stage.
The "Whale Tenant" Escape Hatch: If an enterprise customer later demands dedicated infrastructure (for compliance, performance, or data residency), we can route them to their own database as a premium tier feature. Since the app already filters by tenant_id everywhere, pointing a tenant to a different connection string is a configuration change, not a rearchitecture. This preserves optionality without paying the cost of Option C upfront.
Critical Day 1 requirement: Ensure tenant_id is on every table and every query path from the start. Retrofitting tenant isolation is painful and error-prone.
Real-time vs. eventual consistency: The charge-to-account and Guest Portal folio require real-time updates. The marketing engine can tolerate eventual consistency. How do we design the event bus to support both?
Decision: Dual-Channel Event Bus — PostgreSQL LISTEN/NOTIFY for real-time + Redis-backed job queue for eventual consistency (Option 1), with a clear migration path to Redis Streams when volume demands it.
The core tension is that different parts of the platform have fundamentally different freshness requirements, which fall into two tiers:
Tier 1 — Real-time (must be immediate):
- Folio charges — A guest charges a zipline to their wristband, opens the portal 5 seconds later, and expects to see it. This is a trust issue. If the charge isn't visible, they'll question whether the system works.
- Availability/inventory — When a booking fills up, every surface showing that time slot needs to reflect it immediately or we risk overbooking.
- Check-in/check-out status — Staff at activity stations need to know in real-time who's checked in and who's cleared safety requirements.
Tier 2 — Eventual consistency (seconds to minutes is fine):
- Marketing engine — Behavioral triggers, segment recalculations, loyalty point accruals. If a guest's "adventure seeker" tag updates 30 seconds after their third zipline booking, that's perfectly fine.
- Analytics/reporting — Dashboard metrics, revenue rollups, operational reports.
- CMS content updates — A menu change or new blog post propagating to cached pages.
Three options were evaluated:
Option 1 (Selected): PostgreSQL LISTEN/NOTIFY + Redis Job Queue. For Tier 1 (real-time), use PostgreSQL's built-in LISTEN/NOTIFY to push changes instantly. When a folio charge is written, a database trigger or application-level event fires a notification. The Guest Portal subscribes via WebSocket/SSE and reflects the change immediately. This keeps the real-time path inside existing infrastructure. For Tier 2 (eventual), use a lightweight Redis-backed job queue (BullMQ or Graphile Worker) to publish domain events asynchronously. The marketing engine, analytics pipeline, and cache invalidation all consume from this queue at their own pace. No new infrastructure beyond Redis, which is already needed for caching and session management. Simple to debug. Fits the monolith philosophy. The trade-off is that PostgreSQL NOTIFY isn't durable — if the listener is disconnected, messages are lost — but this is acceptable for real-time UI updates since the client reconnects and re-fetches.
Option 2 (Future Scaling Path): Redis Streams. Redis Streams provide both pub/sub (real-time) and persistent consumer groups (eventual) in one system. Tier 1 consumers read from the stream in real-time with low latency. Tier 2 consumers use consumer groups, processing at their own rate with acknowledgment and retry semantics. More complex than LISTEN/NOTIFY but durable and handles backpressure naturally. This is the recommended migration target when event volume outgrows Option 1.
Option 3 (Deferred): Full Message Broker (RabbitMQ / NATS). Maximum flexibility and durability with exchange/queue routing, dead-letter queues, and delivery guarantees. However, this introduces new infrastructure to operate and monitor, and is overkill at this stage given the monolith approach. Only becomes justified when extracting microservices.
Why Option 1 fits now:
- It matches the decisions already made — modular monolith, shared Postgres database. No new distributed system to manage.
- The real-time path (folio updates, availability) flows through WebSocket/SSE connections on the frontend, fed by Postgres NOTIFY on the backend. Fast, simple, debuggable.
- The eventual path runs through a Redis-backed job queue that marketing, analytics, and cache invalidation workers consume from. If a worker falls behind, events queue up and get processed in order. No data loss.
- When event volume outgrows this, migrating to Redis Streams is a swap of the transport layer, not a rearchitecture of event schema or consumer logic.
Critical Day 1 design principle: Every state change in the system must emit a domain event (e.g., folio.charge.created, booking.confirmed, guest.checked_in). The event schema is the contract. Whether that event travels via Postgres NOTIFY, Redis, or eventually a full broker is an infrastructure concern, not an application concern. If we define the events well from Day 1, the transport is swappable.
Mobile strategy: Native (Swift/Kotlin), cross-platform (React Native/Flutter), or PWA first? Should guest and staff apps share a codebase?
Offline capability: Highline's 1,200-acre ranch may have spotty coverage. What is our offline-first strategy for check-ins, checklists, and equipment scans?

CMS & Visual Builder

Build vs. integrate the CMS? The document proposes a hybrid (headless CMS + custom visual editor + category blocks). Is this the right approach, or should we evaluate a full custom build or a fork of an existing open-source CMS? What are the engineering effort estimates for each path?
Which visual editor framework? GrapesJS (canvas-based, mature, CMS-agnostic) vs. Craft.js (React-native, newer, better component model alignment) vs. a fully custom editor. We need a prototype evaluation sprint.
How do we handle multi-tenant theming at the CSS level? Each tenant needs a unique visual identity from the same codebase. Do we use CSS custom properties (variables) scoped per tenant, do we generate per-tenant CSS at build time, or do we use a runtime theming engine?
How do we ensure CMS performance at scale? If a tenant's website gets 100K visitors during a promotional push, the category-connected blocks are making API calls on every render. What is our caching strategy — full-page cache with cache invalidation on booking changes? Edge caching via CDN? Stale-while-revalidate?
How do category-connected blocks handle stale data? If a booking fills up between the time the page is cached and the time a guest clicks "Book Now," what is the user experience? Do we use optimistic UI with server validation? WebSocket-driven live updates on high-demand pages?
SEO implications of a single-page app vs. server-rendered pages? Next.js SSR handles this well, but we need to ensure that Google can fully crawl and index category-connected blocks with their dynamic data. Do we need to implement pre-rendering or incremental static regeneration for key pages?
Content API for headless mode: Enterprise tenants may want to use our backend but bring their own frontend. How deeply do we design the Content API from Day 1? Is it a Phase 5 concern, or does it need to be foundational?

Guest Portal

Portal as part of the main site or a subdomain? Is the Guest Portal served at highlineadventures.com/portal (same Next.js app, authenticated routes) or at my.highlineadventures.com (separate deployment)? The first is simpler; the second allows independent scaling.
Real-time folio updates in the portal: If a guest charges lunch to their wristband and opens the portal 5 seconds later, is the charge visible? This requires WebSocket or SSE infrastructure. What is the latency target?
Guest Portal as a Progressive Web App? Should the portal be installable as a PWA on the guest's phone (home screen icon, push notifications, offline access to booking details) rather than requiring a native app download?
Data privacy in the portal: Guests can see their full profile, folio history, and preferences. How do we handle the "right to be forgotten" — cascading deletes across all modules while maintaining financial audit trail integrity?

Payments & Financial

Stripe Connect model: Do we use Stripe Connect Standard (tenants onboard their own Stripe accounts) or Stripe Connect Express/Custom (we control the flow)? This has major UX and compliance implications.
Pre-authorization lifecycle for multi-day stays: How do we manage incremental authorizations when a guest charges beyond the initial hold? What happens when a card declines mid-stay?
Settlement schedule for multi-tenant subscribers: Daily, T+1, T+2, or weekly payouts? How do chargebacks propagate across tenants?

Safety & Compliance

Digital waiver legal defensibility: How do we ensure waivers are timestamped, IP-logged, identity-verified, and stored with tamper-proof audit trails? Do we need adventure industry legal counsel?
ASTM/regulatory enforcement: Are there mandatory inspection intervals or staff-to-guest ratios that the system must programmatically enforce?

Product & Market

Competitive positioning against Peek Pro + WordPress? Most competitors use "booking engine + separate website." Our pitch is "everything in one system." How do we communicate this advantage without overwhelming prospects?
Multi-tenant from Day 1 or retrofit? Building for multi-tenancy now adds complexity to every feature. Retrofitting later risks rewrites. What is the pragmatic middle ground?
Feature parity expectations: Subscribers coming from WordPress will expect certain CMS capabilities (plugin ecosystem, theme marketplace). How do we set expectations that our CMS is purpose-built for hospitality, not a general-purpose WordPress replacement?
Pricing validation: The proposed tiers ($99–$999/mo) need market testing. How do we validate before committing to public rate cards?

Operations & Team

Team composition for Phase 1: How many frontend, backend, mobile, and DevOps engineers? Do we need a dedicated CMS/visual-editor specialist? Should we hire or contract?
Technical debt strategy: With a system this ambitious, how do we track, prioritize, and schedule debt repayment?
Peek Pro migration without downtime: Highline is live on Peek Pro now. We need a parallel-run strategy, data sync, and rollback plan.
Testing safety-critical features: Equipment checklists, waiver enforcement, weight/height checks, and certification verification are safety controls. How do we test these to a higher standard?
CMS content migration: Highline's current website content needs to be migrated into the new CMS. Is this a manual process, or can we build a scraper/importer?

Scalability & Future

Internationalization timeline: Multi-language CMS, multi-currency pricing, and timezone scheduling — architect from Day 1 or Phase 5+?
Seasonal scaling: Adventure businesses have 10x summer-to-winter traffic swings. How does infrastructure auto-scale cost-effectively?
Build or buy AI/ML? Identity resolution, dynamic pricing, causal AI upselling, predictive staffing — in-house, pre-built services (SageMaker, Vertex AI), or vendor partnership?
CMS plugin/extension ecosystem: Should we build a marketplace where third-party developers can create custom blocks and integrations? If so, when does this become a priority?

Technology Stack

Node.js/NestJS or Python (Django/FastAPI) for the backend? The current document recommends a full TypeScript stack (Node.js/NestJS backend + Next.js frontend) for language alignment. However, a Python backend (Django or FastAPI) is also under consideration. Key trade-offs include: (a) TypeScript top-to-bottom gives a single language across frontend and backend with shared types and API contracts; (b) Django brings batteries-included capabilities (ORM, admin panel, auth, migrations) that could accelerate back-office module development significantly; (c) FastAPI is async-native and excellent for API-first design with strong typing via Pydantic; (d) Python is stronger for the data/ML pipeline planned in later phases (marketing engine, dynamic pricing, predictive staffing, causal AI), whereas Node would likely require a separate Python service for those anyway; (e) Django's multi-tenancy libraries (django-tenants) are mature and well-proven. Either path still likely uses React/Next.js on the frontend for the CMS site builder and Guest Portal. The deciding factors should be team expertise, hiring pipeline, and which language the team ships fastest in. This decision cascades into the visual editor framework choice, the CMS architecture, and the mobile strategy, and must be resolved before Phase 1 begins.

This document is a living blueprint. It should be revised as architectural decisions are made, market feedback is received, and the Highline Adventures reference implementation matures. The next step is to prioritize the questions in Section 17, schedule architecture decision records (ADRs) for the critical choices — particularly the CMS engine and visual editor framework selection — and begin detailed technical design for Phase 1.

Highline Adventures — Unified Guest-Centric Platform ​

Comprehensive Application Overview, Strategy, and Development Blueprint ​

Table of Contents ​

1. Executive Summary ​

2. Platform Vision and Philosophy ​

2.1 The Guest-Centric Imperative ​

2.2 The Owned Digital Surface ​

2.3 The Category-of-One Philosophy ​

3. System Architecture Overview ​

3.1 High-Level Architecture ​

3.2 The Charge-to-Account Workflow ​

3.3 Unified Data Flow Diagram ​

4. The Guest-Centric Core — The Unified Guest Profile ​

4.1 Identity Resolution Engine ​

4.2 Rich Guest Profile — Data Model ​

4.3 The Guest Folio Engine ​

5. The CMS and Visual Site Builder ​

5.1 Architecture: Why a Built-In CMS? ​

5.2 The Block System — Category-Aware Components ​

5.3 The Visual Editor Experience ​

5.4 CMS Architecture Decision: Build vs. Integrate ​

6. The Guest Portal ​

6.1 Portal Access & Authentication ​

6.2 Portal Sections & Features ​

6.3 Portal Design Principles ​

7. Category Modules — Guest-Facing ​

7.1 Activities Module ​

7.2 Properties Module ​

7.3 Dining Module ​

7.4 Rooms Module ​

7.5 Instructors Module ​

7.6 Equipment Module ​

7.7 Amenities Module ​

8. Operations and HR Modules — Business-Facing ​

8.1 Operations Hub ​

8.2 HR & Skills Hub ​

8.3 Communications Hub ​

9. The Category-of-One Marketing Engine ​

9.1 Grand Slam Offer Builder ​

9.2 Automated Revenue Optimization ​

9.3 Scarcity & Urgency Automation ​

9.4 Lead Generation — The Core 4 ​

9.5 Loyalty & Retention ​

10. Multi-Tenant SaaS Architecture — White-Label Packaging ​

10.1 Tenant Isolation and Configuration ​

10.2 Tenant Types and Use Cases ​

11. Tiered Subscription Model ​

12. User Journeys and Use Case Scenarios ​

Scenario 1: The Weekend Family Visit (Highline Adventures) ​

Scenario 2: Corporate Team Building ​

Scenario 3: The Multi-Day Resort Guest (Future State) ​

Scenario 4: Subscriber Onboarding (Multi-Tenant — "Coastal Kayak Co.") ​

Scenario 5: The Website Manager (CMS User Journey) ​

Scenario 6: Deskless Workforce (Carlos the Zipline Guide) ​

13. Technology Stack Recommendations ​

13.1 Core Stack ​

13.2 CMS-Specific Technology Decisions ​

14. Security, Compliance, and Data Standards ​

14.1 Payment Security ​

14.2 Data Privacy ​

14.3 Industry Standards ​

14.4 CMS Security ​

15. Integration Ecosystem ​

15.1 API-First Architecture ​

15.2 Priority Integrations ​

16. Development Roadmap and Phasing ​

Phase 1 — Foundation + CMS Core (Months 1–5) ​

Phase 2 — Expansion (Months 6–9) ​

Phase 3 — Full Suite (Months 10–15) ​

Phase 4 — Multi-Tenant Launch (Months 16–19) ​

Phase 5 — Intelligence Layer (Months 20–24) ​

17. Critical Questions for the Lead Developer ​

Architecture & Infrastructure ​

CMS & Visual Builder ​

Guest Portal ​

Payments & Financial ​

Safety & Compliance ​

Product & Market ​

Operations & Team ​

Scalability & Future ​

Highline Adventures — Unified Guest-Centric Platform

Comprehensive Application Overview, Strategy, and Development Blueprint

Table of Contents

1. Executive Summary

2. Platform Vision and Philosophy

2.1 The Guest-Centric Imperative

2.2 The Owned Digital Surface

2.3 The Category-of-One Philosophy

3. System Architecture Overview

3.1 High-Level Architecture

3.2 The Charge-to-Account Workflow

3.3 Unified Data Flow Diagram

4. The Guest-Centric Core — The Unified Guest Profile

4.1 Identity Resolution Engine

4.2 Rich Guest Profile — Data Model

4.3 The Guest Folio Engine

5. The CMS and Visual Site Builder

5.1 Architecture: Why a Built-In CMS?

5.2 The Block System — Category-Aware Components

5.3 The Visual Editor Experience

5.4 CMS Architecture Decision: Build vs. Integrate

6. The Guest Portal

6.1 Portal Access & Authentication

6.2 Portal Sections & Features

6.3 Portal Design Principles

7. Category Modules — Guest-Facing

7.1 Activities Module

7.2 Properties Module

7.3 Dining Module

7.4 Rooms Module

7.5 Instructors Module

7.6 Equipment Module

7.7 Amenities Module

8. Operations and HR Modules — Business-Facing

8.1 Operations Hub

8.2 HR & Skills Hub

8.3 Communications Hub

9. The Category-of-One Marketing Engine

9.1 Grand Slam Offer Builder

9.2 Automated Revenue Optimization

9.3 Scarcity & Urgency Automation

9.4 Lead Generation — The Core 4

9.5 Loyalty & Retention

10. Multi-Tenant SaaS Architecture — White-Label Packaging

10.1 Tenant Isolation and Configuration

10.2 Tenant Types and Use Cases

11. Tiered Subscription Model

12. User Journeys and Use Case Scenarios

Scenario 1: The Weekend Family Visit (Highline Adventures)

Scenario 2: Corporate Team Building

Scenario 3: The Multi-Day Resort Guest (Future State)

Scenario 4: Subscriber Onboarding (Multi-Tenant — "Coastal Kayak Co.")

Scenario 5: The Website Manager (CMS User Journey)

Scenario 6: Deskless Workforce (Carlos the Zipline Guide)

13. Technology Stack Recommendations

13.1 Core Stack

13.2 CMS-Specific Technology Decisions

14. Security, Compliance, and Data Standards

14.1 Payment Security

14.2 Data Privacy

14.3 Industry Standards

14.4 CMS Security

15. Integration Ecosystem

15.1 API-First Architecture

15.2 Priority Integrations

16. Development Roadmap and Phasing

Phase 1 — Foundation + CMS Core (Months 1–5)

Phase 2 — Expansion (Months 6–9)

Phase 3 — Full Suite (Months 10–15)

Phase 4 — Multi-Tenant Launch (Months 16–19)

Phase 5 — Intelligence Layer (Months 20–24)

17. Critical Questions for the Lead Developer

Architecture & Infrastructure

CMS & Visual Builder

Guest Portal

Payments & Financial

Safety & Compliance

Product & Market

Operations & Team

Scalability & Future