Expertise

From shop floor to working software

We dive into how people really work, figure out where it hurts and translate that into a concrete solution — which we build end-to-end and run in production ourselves. This is what we bring to make that happen.

frontend

Frontend

  • React & Next.js (RSC) with our own design system — tokens and reusable components
  • Responsive and mobile-first, with dark mode and micro-interactions
  • PWA with offline support, accessible to WCAG 2.1 AA
  • Data-rich dashboards with drag-and-drop and real-time updates
backend

Backend

  • API-first with type-safe endpoints and server actions
  • Multi-tenant data isolation at the database level (PostgreSQL RLS)
  • Role-based access (RBAC), SSO/OAuth with JWT verification
  • Schema-driven data via Prisma and Zod, caching and real-time pub/sub
security

Security & compliance

  • Encryption of sensitive data, MFA, security headers and CSP
  • Tamper-evident, hash-chained audit logging
  • HMAC-signed integrations and rate limiting
  • Data separation, access control and backups in line with GDPR, BIO, NEN 7510 and ISO 27001
devops & ai

DevOps & AI

  • Automated deployment (CI/CD), containers and zero-downtime releases
  • Infrastructure under our own management — cloud and self-hosted
  • Our own AI and OCR integrations on self-hosted GPU
  • Observability, monitoring and proven point-in-time recovery
Delivered in line withGDPRNEN 7510ISO 27001BIO
1 Analysis2 Design3 Build4 Test5 Secure6 Launch7 Maintain
How we work

The full journey under one roof

No handovers between agencies — every step happens under one roof, from first analysis to years of maintenance.

  1. 1

    Analysis

    We watch the work happen on the floor and find out where it really hurts.

  2. 2

    Design

    The process translated into clear requirements and a workable design.

  3. 3

    Build

    Working software in short iterations, with demos along the way.

  4. 4

    Test

    Automated tests and reviews before every release.

  5. 5

    Secure

    Security-by-design: access control, encryption, audit logging.

  6. 6

    Launch

    Zero-downtime releases on infrastructure we manage ourselves.

  7. 7

    Maintain

    Monitoring, measuring and continuing to develop.

Infrastructure & architecture

Self-managed, deliberately designed

infrastructure & devops

Self-managed

  • Cloud (Azure EU) and self-hosted — the client chooses where the data lives
  • Containers and CI/CD with zero-downtime releases and point-in-time recovery
  • Secret management (Vault) and a private mesh network (WireGuard)
  • Monitoring, backups and infrastructure-as-code (OpenTofu)
architecture signature

How we build

  • Multi-tenant isolation at the database level via PostgreSQL RLS — not with app filters
  • Tamper-evident, hash-chained audit logging
  • HMAC-signed integrations and security-by-design
  • Type-safe end-to-end: API-first, Prisma and Zod validation
Technical toolbox

What we work with every day

Languages & frameworks
TypeScriptReactNext.js (RSC)Node.jsTailwind CSSPrismaZodPythonSQL
Data & backend
PostgreSQLRow-Level SecurityValkey / RedisOAuth / OIDCRBACREST / API-firstReal-time pub/sub
Infra, DevOps & AI
Azure EUContainer AppsDockerCI/CDProxmoxOpenTofuSelf-hosted GPUAI / OCRWireGuard
Security & tooling
HMACJWTMFACSP / headersAudit loggingGit
Frequently asked questions

About our expertise

Do you build everything yourselves, or do you outsource?

Everything under one roof: frontend, backend, infrastructure and security we build ourselves and run in production ourselves. No handovers between agencies.

What about security and compliance?

Security-by-design: multi-tenant isolation at the database level (PostgreSQL RLS), MFA, encryption, security headers/CSP and tamper-evident, hash-chained audit logging — delivered in line with GDPR, NEN 7510, ISO 27001 and BIO.

Does it run in the cloud or on your own servers?

Whatever you want. We run on Azure EU or fully self-hosted on your own server — the client chooses where the data lives, always within the EU.

Which technology do you work with?

TypeScript, React and Next.js on the front end; Node.js, PostgreSQL and Prisma on the back end; Docker, CI/CD and our own AI/OCR on self-hosted GPU for infrastructure and automation.

Can you take over or extend existing software?

Yes. We analyze what's there, secure and document it, and extend it purposefully — without you having to start over.

Compliance

GDPR · NEN 7510 · ISO 27001 · BIO

We build security-by-design and audit-ready — data separation, access control and backups are part of the design, not a reference document tacked on afterwards.

Discuss your situation