• Built in Flutter, tested+deployed across Windows and Mac

When opened, it’ll have a Privacy Bee “Incident Response Team” welcome page (simple design), with a login button that opens a browser canvas to our universal login (https://auth.privacybee.com), which returns an auth token for API usage. On success, the login will then disappear and the app will change to it’s main screen. This is the same flow as used in our browser extension. Once logged in, the app switches to the main screen.

Main loop:

• Use auth token to query our API, pulling the next Task Wizard job (inside the flutter app).
  • It should gracefully handle any unexpected responses or connectivity issues.
  • If a Not Authorized response is returned, log the person out and delete the auth token (return to welcome screen)
• There should be a right sidebar (~20%) which will render information returned about the job, such as the customer’s first name, last name, email address, date of birth, age (calculated), and any addresses they have. All fields should be clickable to copy to clipboard.
• Under the customer data in the right sidebar should be some details on the exposing site (name+logo+URL) with “Open Opt-Out Form” and “Open Homepage” buttons. All this data is also returned from the API in the get next Task Wizard job call (URLs route back to the API for built-in proxying). If either data is missing, disable the respective button.
• When one of those open buttons are clicked, the app should render a brand new webkit canvas navigating to that URL on the left/main ~80% of the screen.
  • If there was already a previous webkit panel, it should be destroyed first (along with any history, cache, cookies, LocalStorage, etc). 100% fresh start each time.
• Below this, there should be a button for “Deletion Guide”, which when clicked will slide out a right-side drawer (same width as sidebar, overlapping it), and render HTML content from another API endpoint (called on open). These are instructions for that particular site. There should be an X or close button in the top of this drawer, where when clicked will hide it again.
• In the bottom right corner of the app (anchored to the bottom of the right sidebar) there should be a button called “Capture Screenshot”, which screenshots whatever is currently within view on the webkit frame (only), and POSTs it to an API endpoint (multipart upload). It should have a “Proof Saved” counter beside this button of how many screenshots were captured and successfully uploaded for this job (counter resets with each new job). Upload errors should be reported gracefully.
• Under the screenshot row (button+counter), the last row on the right sidebar should be two side-by-side buttons: “Submit Success” (green) or “Failed to Submit” (red). These buttons are disabled until at least one screenshot has been captured+uploaded. Once the buttons are clicked, it’ll POST the success or error result to the API, then immediately request a new Task Wizard job, restarting the main loop.

Additional considerations:

• Add code to prevent taking a screenshot in any platform where possible (flag_secure)
• The auth token returned from login should only be stored in memory (variable), never persisted to disk. This means when the app is closed, it’s lost of course, so next launch they’ll need to login again.
• Clear the clipboard when the app is closed
• There’ll be one more block (top right of the right sidebar, above the job info, probably a slightly different background color), which contains that analyst’s full name, a logout link, and stats (refreshed each main loop iteration):
  • Submissions (Today)
  • Submissions (Yesterday)
  • Submissions (This Week)
  • Submissions (Last Week)
  • Success Rate (Last Month)
• Should support centralized, forced auto-updating: https://pub.dev/packages/auto_updater