Sail JADA — Engineering Log

Technical work on sailjada.com and the JADA booking systems

```html

Implementing Privacy-First Marketing Automation: Removing PII from Public-Facing Campaign Templates

What Was Done

This session focused on a critical privacy directive: removing all personally identifiable information (specifically, founder names) from public-facing marketing materials while maintaining full campaign functionality. The work involved auditing multiple repositories, updating email templates, deployment scripts, and demo sites across three distinct infrastructure environments.

The core requirement was straightforward but comprehensive: ensure that no personal names appear in any outward-facing marketing collateral, replacing them with team-oriented or brand-centric messaging instead.

Repository Audit and File Inventory

The first phase involved systematic discovery of PII exposure across the codebase:

  • /Users/cb/Documents/repos/tools/jada_blast.py — The primary email campaign automation tool; underwent 4 iterations to remove name references and refactor cadence logic
  • /Users/cb/Documents/repos/sites/queenofsandiego.com/ — Multiple Google Apps Script files (FuneralOutreach.gs, CrewDispatch.gs, CrewScheduler.gs, WorshipRsvp.gs, ViatorApiFollowUp.gs) required sanitization
  • /tmp/sdcc-hotel-outreach-2026.html — SDCC (San Diego Comic-Con) campaign email template with 7 edit passes to remove PII
  • /Users/cb/Documents/repos/sites/dangerouscentaur/demos/ — Two demo sites (demo.dangerouscentaur.com and 3028fiftyfirststreet.92105.dangerouscentaur.com) with index.html files requiring updates
  • /Users/cb/Documents/repos/sites/progress.queenofsandiego.com/index.html — Dashboard progress tracker with founder references

Technical Implementation Strategy

Email Template Sanitization (SDCC Campaign)

The SDCC hotel outreach campaign served as the primary test case. The email had already been deployed with boat imagery and was verified to have working image URLs (HTTP 200 responses). Rather than recreate the template, we performed surgical text replacements:


# Pattern: "I'm C.B. Ladd, owner of JADA"
# Replacement: Team-centric messaging emphasizing JADA brand and Queen of San Diego collective

# Original structure preserved:
# - All image URLs and inline CSS intact
# - Campaign tracking parameters maintained
# - CTA buttons and links untouched
# - Only text nodes containing PII modified

The cleaned template was then re-uploaded to S3, with CloudFront cache invalidation to ensure immediate propagation.

Apps Script Audit (Google Apps Script Files)

The Queen of San Diego site infrastructure relies heavily on Google Apps Script for automation:

  • FuneralOutreach.gs — Handles outreach campaign management; 4 edits to remove founder attribution in generated messages
  • CrewDispatch.gs — Crew scheduling and dispatch coordination; 4 edits to ensure no founder names in automated communications
  • CrewScheduler.gs — Calendar and scheduling orchestration; systematic scan for PII references
  • WorshipRsvp.gs and ViatorApiFollowUp.gs — Event management scripts requiring similar sanitization

These scripts generate user-facing messages and confirmations, making them critical audit points. The approach was to identify where founder names appeared in concatenated strings or email templates and replace with JADA brand references or generic "our team" language.

Demo Site Updates (dangerouscentaur)

The dangerouscentaur.com demo sites serve as proof-of-concept showcases for potential clients:

  • /Users/cb/Documents/repos/sites/dangerouscentaur/demos/demo.dangerouscentaur.com/index.html
  • /Users/cb/Documents/repos/sites/dangerouscentaur/demos/3028fiftyfirststreet.92105.dangerouscentaur.com/index.html

Both underwent text audits for PII, with updates deployed to S3 and CloudFront invalidation triggered for immediate cache clearing across all edge locations.

Infrastructure and Deployment

S3 and CloudFront Integration

The deployment chain followed this pattern for each modified asset:


1. Audit file locally
2. Remove PII references
3. Upload to S3 bucket (specific paths preserved)
4. Invalidate CloudFront distribution cache
5. Verify asset propagation with curl or browser inspection

Two distinct CloudFront distributions were involved:

  • dangerouscentaur.com CloudFront distribution (demo sites)
  • progress.queenofsandiego.com CloudFront distribution (dashboard)

Cache invalidation used wildcard patterns to ensure comprehensive refresh without overcomplicating invalidation quotas.

Blast Script Refactoring (jada_blast.py)

The primary email automation tool required deeper structural changes beyond simple text replacement. Four iterations addressed:

  • Iteration 1-2: Template reference updates and contact list integration
  • Iteration 3: Widening-gap cadence implementation for multi-touch sequencing
  • Iteration 4: SES suppression list integration and bounce handling

The script integrates with AWS SES (Simple Email Service), pulling suppression list data to avoid re-mailing bounced addresses. Contact deduplication was implemented to prevent duplicate messaging within the same cadence run.

Key Decisions

Brand Messaging Over Personal Attribution

Rather than using generic "The Team" or removing context entirely, we opted to emphasize JADA brand identity and Queen of San Diego collective branding. This maintains campaign authenticity and relationship-building while removing individual PII.

Preserve Template Integrity

Email templates were modified minimally—only text nodes changed, never HTML structure, image URLs, or tracking parameters. This reduced regression risk and ensured existing campaign analytics remained valid.

Staged CloudFront Invalidation

Rather than a single multi-path invalidation, we executed separate invalidations per distribution to maintain clarity on what was cleared and why, improving debuggability if cache issues arose.

What's Next

  • Continuous Audit: Establish a pre-deployment checklist scanning any outward-facing content generation for PII references
  • Apps Script Template Library: Centralize email and message templates used by Google Apps Script files to enforce consistent messaging across all automations
  • Marketing Copy Guidelines: Document approved messaging patterns for team/brand references to ensure consistency across future campaigns
  • Platform Integration Monitoring: As new platform tasks (GetMyBoat, WeddingWire, etc.) move to implementation, audit their template and API response handling for PII leakage

This initiative establishes a foundational privacy-first approach to marketing automation—ensuring that infrastructure supports brand objectives without exposing individuals to unnecessary public scrutiny or criticism.

```