Testimonial Collection & Consent Tracker

The problem this kills

You use customer testimonials everywhere - the homepage, sales decks, case studies, ad creative. But when legal or a nervous executive asks "Did this customer actually agree to us using their name and logo?", you go quiet. The consent lives in a forwarded email from two years ago, a Slack thread that's gone, or nowhere at all. Sometimes the quote got lightly "improved" by marketing and the customer never re-approved the final wording.

That's a real risk. Using a name, title, company, or logo without provable permission can mean an angry customer, a takedown demand, or worse. And the day-to-day pain is just as bad: testimonials are scattered across spreadsheets, decks, and inboxes, so nobody can quickly find "a quote from a manufacturing customer about onboarding speed."

This tool fixes both. Every testimonial is captured with the exact consent wording the customer agreed to and a timestamp. Nothing is publishable until a human reviews it, confirms the final wording with the customer, and approves it. And the approved library is searchable by theme and industry, so the right quote is always one filter away.

What you'll build

A private, login-protected web app where:

• Customers (or your team on their behalf) submit a testimonial: the quote, their name, title, company, an optional headshot and logo, and a consent checkbox with clear permission wording.
• The exact consent text they agreed to is stored word-for-word, with the date and time.
• Each submission lands in a review queue. A marketer reviews it, makes any edits, confirms the final wording and consent with the customer, then approves it into the library.
• The approved library is searchable and filterable by theme and industry - ready for the website and decks.
• Any quote being used without "approved" status is flagged so it never slips out unchecked.
• You can import your existing pile of quotes from a CSV and export the approved library back to a clean CSV.

What's inside the Implementation Plan

The plan is a step-by-step runbook you paste into an AI coding agent (Claude Code). It does the building; you answer questions and review.

It opens by interviewing you about your business - how you collect testimonials today, which systems and spreadsheets hold them, the exact fields and naming you use, your real consent wording, your approval rules, and your messy edge cases. It then reads back a short tailored spec for your thumbs-up and builds the tool around your answers, not a generic template. From there it walks through setup, the database, the submission form, the review-and-approve gate, the searchable library, and the CSV import/export - each step ending with a ready-to-paste prompt.

The governance it includes (this is the point)

This is not a loose Google Form. The plan bakes in real controls:

• Login so only your team can see the queue and library.
• Row-level security so each organization only ever sees its own testimonials.
• A complete audit trail - who submitted, who edited, who approved, and exactly when.
• A hard human-in-the-loop approval gate - nothing reaches the publishable library until a person reviews it and confirms consent and wording with the customer.
• Verbatim consent capture - the exact permission wording plus a timestamp, stored per testimonial.
• Duplicate guards - the same customer + quote can't be logged twice.
• A "used without approval" flag so unapproved quotes never quietly go live.

Who it's for

Marketing and customer-marketing operations people who rely on testimonials but can't always prove consent. If you've ever scrambled to find the email where a customer said "yes, you can use that," this is for you. No coding experience needed - if you can fill out a form and answer questions about how your team works, you can build this.

You've got this - paste the first prompt and let's build it.