Project: Complete Design, Development & Compliance for Leafcross Dispensary
Role: Designer, Full-stack Developer, DevOps
Years: 2013–2016
Introduction
As the Canadian cannabis landscape began shifting toward legalization, dispensaries found themselves facing a new set of challenges: a complex regulatory environment, rapidly changing compliance requirements, and a wary public who needed assurance of safety, privacy, and legal operation.
Leafcross emerged as one of the first digital-first dispensaries—seeking to create a compliant, trustworthy, and user-friendly online store where adults could safely access regulated cannabis products.
The Challenge
Launching in a time of legal uncertainty, Leafcross needed to:
- Rigorously verify customer age and identity in line with evolving laws.
- Build robust, secure infrastructure that could handle sensitive data and payments.
- Deliver an e-commerce experience as seamless as other consumer categories—but with much higher stakes for security and privacy.
- Stay nimble, allowing new compliance rules and product requirements to be quickly reflected in the platform.
It wasn’t enough to simply “go online”; Leafcross had to set the gold standard for ethics and safety, or risk being shut down.
The Solution
Working closely with legal and product stakeholders, I architected and launched a custom e-commerce platform purpose-built for the cannabis industry. Key elements included:
Custom Registration and Age Verification Workflows
- Built-in, multi-step onboarding with automatic age and ID checks, collecting and verifying government-issued identification before purchase.
- Fail-safe logic to block access, but also provide clarity and support to users rejected by automated compliance systems.
Headless Architecture—Drupal + JavaScript Front-End
- Chose a headless Drupal architecture for maximum flexibility, separating secure data handling from the interactive client experience.
- Developed a mobile-responsive front end (Vue/React hybrid) to ensure rapid, seamless shopping on any device.
Compliance-First Admin Tools
- Designed back office tools to simplify order management, track regulatory compliance, and support audits as rules shifted.
- Admin workflows provided transparency for fulfilling, shipping, and verifying each transaction.
Secure Payments and Shipping Integration
- Integrated with payment solutions optimized for high-risk, regulated industries.
- Automated shipping compliance—only verified adults could receive packages, with tracked courier handoff at every stage.
The Approach
Every design and engineering choice was made through the lens of compliance, trust, and customer dignity. My responsibilities included:
- Branding and UX: Created a welcoming, modern visual identity to reduce stigma and foster loyalty.
- User Testing: Conducted scenario testing with real customers to ensure frictionless, accessible, and secure shopping.
- DevOps: Managed cloud infrastructure for high uptime, redundancy, and encrypted data storage.
Extensive documentation and training were provided to the Leafcross team, enabling smooth day-to-day operations and equipping staff to respond to regulatory audits or support requests.
Impact
- Secure Platform: Leafcross became recognized in its region for transparent, compliant sales—building a loyal customer base and passing regulatory reviews.
- Customer Confidence: Visitors experienced a seamless, respectful journey from onboarding to checkout, with clear privacy messaging at every step.
- Business Agility: The maintainable, modular backend let Leafcross react swiftly to law changes—adding new product categories or updating requirements without major overhauls.
Reflections & Lessons Learned
Compliance-centric industries are often defined by fear—fear of rules, restrictions, and complexity. The Leafcross project proved that great UX and solid engineering can make compliance invisible, empowering both customer and operator. The success of the platform set a template for other dispensaries to follow, balancing the needs of the market, regulators, and real people seeking safe access.
