Client Location: United Kingdom
Project Budget: £9,000 (Fixed Price)
Implementation Timeline: 5 Weeks (120 Hours)
Role: Lead Low-Code Architect & Backend Integrator
A UK-based workplace compliance consultancy required a secure, automated, and scalable diagnostic platform to assess employers' workplace risk profiles. The platform needed to automate the entire client journey—from direct debit payment and survey intake to scoring, report generation, and annual renewals—with zero manual intervention.
To support a three-phase product roadmap, the underlying data schema, audit trail logging, and data anonymization rules had to be designed with production-grade security from day one.
Challenge A: Asynchronous Payment & Onboarding Logic
Direct Debit payments via GoCardless are asynchronous and can take several days to clear. Triggering onboarding workflows on payment creation (rather than confirmation) frequently results in premature portal access and uncollected revenue.
Challenge B: Client-Side Data Leakage (The No-Code Security Flaw)
Many no-code applications secure data (such as withholding diagnostic scores until week 6) strictly at the frontend/UI level by hiding buttons or lists. However, tech-savvy users can easily inspect the browser’s network tab to extract the raw JSON API payload, leaking sensitive, unapproved diagnostic data.
Challenge C: Outage Vulnerability in Multi-API Chains
With 9 external systems connected (Typeform, HubSpot, Airtable, GoCardless, Softr, Calendly, Dropbox Sign, Documentero, Calendly), a temporary downtime in a single downstream API could break the entire onboarding flow, leading to partial registrations and data loss.
To deliver a zero-maintenance, production-grade platform, the system is designed as an ecosystem of four interconnected, asynchronous Make.com scenarios. This architecture isolates processes, handles API rate limits independently, and prevents a single system failure from halting other platform operations.
Scenario A: Webhook-First Onboarding & Payments (Pre-Engineered)
Triggers strictly on GoCardless payments.confirmed webhooks. Creates a client profile in Airtable (Companies), provisions them in HubSpot, and dispatches a welcome email containing a personalized Typeform link with their unique Airtable_Record_ID as a hidden field.
Scenario B: The Diagnostic & RAG Scoring Engine (Fully Implemented & Active)
Captures Typeform submissions, maps answers to numerical values, calculates RAG scoring natively in Airtable, and updates HubSpot with the risk priority band.