# Data Model: Customer-safe Review, Evidence & Decision Story This feature has no persisted data model. The entities below are static website content structures used to render a public product-story route. They must remain content-only unless a later spec introduces runtime review workspace, review-pack export, or Evidence persistence truth. ## Review Story Page **Represents**: The localized public page explaining Review Packs, Evidence, Findings, Accepted Risks, Decision Summaries, customer-safe review content, and follow-up actions. **Fields**: - `locale`: `de` or `en` - `pageTitle`: localized metadata title - `metaDescription`: localized metadata description - `heroTitle`: main H1 - `heroSubtitle`: core product-story paragraph - `supportingLine`: short context line for governance outcomes - `primaryCta`: primary CTA label and route - `secondaryCta`: supporting CTA label and route - `problemCards`: list of governance pain cards - `workflowSteps`: list of governance workflow steps - `reviewPackCards`: list of review-pack anatomy cards - `evidenceCards`: list of evidence-type cards - `decisionCards`: list of decision-summary cards - `boundaryColumns`: customer-safe versus internal-detail comparison content - `audienceValueCards`: MSP and Enterprise IT value cards - `comparisonRows`: raw export versus Tenantial review story comparison rows - `trustTeaser`: optional trust-summary block with real destination - `finalCta`: final conversion block with real destinations only **Validation rules**: - `pageTitle` and `metaDescription` must not claim compliance certification, automatic remediation, automatic restore, real-time drift, or unsupported providers. - Every CTA destination must be a real route or real contact destination. - The page must contain the hero, problem, workflow, review-pack anatomy, Evidence, decision-summary, customer-safe boundary, audience value, differentiation, and final CTA sections. - The page must not contain `href="#"`. ## Governance Workflow Step **Represents**: One visible step in the path from policy truth to reviewable decision. **Fields**: - `key`: stable content key - `title`: visible step label - `content`: buyer-facing explanation **Required rows**: - policy-state capture - drift recognition - Evidence linkage - finding evaluation - risk decision - review-pack preparation **Validation rules**: - Steps must explain governance flow in buyer language, not internal runtime vocabulary. - The workflow must show why status, reason, impact, Evidence basis, and next action matter. ## Review Pack Card **Represents**: One card in the review-pack anatomy section. **Fields**: - `key`: stable content key - `title`: visible card title - `content`: buyer-facing description - `availabilityTone`: `hard-available` or `soft-availability` **Required rows**: - executive-summary - evidence-basis - findings - accepted-risks - decision-summary - review-pack-status - download-export-context **Validation rules**: - Download/export wording defaults to `soft-availability` unless implementation verifies a harder product truth. - Cards must describe governance deliverables, not raw exports or fake PDFs. ## Evidence Card **Represents**: One buyer-facing Evidence type on the page. **Fields**: - `key`: stable content key - `title`: visible label - `content`: description of what the Evidence type helps explain **Required rows**: - policy-evidence - change-evidence - finding-evidence - recovery-evidence - review-evidence **Validation rules**: - Evidence must stay framed as reviewable proof context. - Cards must not imply court-proof or complete evidence coverage. ## Decision Facet Card **Represents**: One visible dimension inside the Decision Summary section. **Fields**: - `key`: stable content key - `title`: visible label - `content`: buyer-facing explanation **Required rows**: - status - reason - impact - evidence - next-action - review-context **Validation rules**: - The set must explain what was found, why it matters, what supports it, what remains open, and who acts next. - Cards must not claim automatic decision-making or automatic risk acceptance. ## Disclosure Column **Represents**: One side of the customer-safe boundary comparison. **Fields**: - `title`: visible column heading - `items`: list of included or excluded content bullets - `mode`: `customer-safe` or `internal-only` **Validation rules**: - `customer-safe` content must emphasize executive summary, review status, findings summary, Evidence basis, Accepted Risks, Decision Summary, and next actions. - `internal-only` content must exclude raw provider payloads, internal job IDs, debug traces, stack traces, internal fingerprints, low-level operation URLs, secret context, internal reason-family names, and unredacted diagnostics by default. ## Audience Value Card **Represents**: One buyer-facing value block for MSPs or Enterprise IT. **Fields**: - `audience`: `msp` or `enterprise-it` - `title`: short visible heading - `content`: buyer-facing explanation **Validation rules**: - MSP value cards must frame Review Packs as repeatable governance deliverables. - Enterprise IT value cards must frame the story around management review, audit preparation, security review, and recovery context. ## Discovery Link **Represents**: A contextual public-site link to the new route. **Fields**: - `label`: visible link label - `href`: localized route - `placement`: homepage, platform page, use-case page, or footer **Validation rules**: - `href` must resolve to a real route. - Links must follow the current locale strategy. - Discovery surfaces must stay light and must not require a main-nav refactor. ## Metadata Contract **Represents**: The route title and description for the new public page. **Fields**: - `title` - `description` - `canonicalPath` **Validation rules**: - Metadata must mention Review Packs, Evidence, Findings, Accepted Risks, and Decision Summaries safely. - Metadata must not claim `DSGVO-konform`, `ISO-zertifiziert`, `automatic remediation`, `automatic restore`, `real-time drift`, or unsupported providers.