New Design – The Blueprint for Your Product

Before a single line of production code is written, your product needs a blueprint. New Design is Step N in the ANVIL system: we design your product from the ground up – target architecture, UX/UI, the data model, and the planned EU-sovereign infrastructure. Where your data lives and under which law it is processed is decided here, not later. The principle behind it is simple: no blueprint → no control over your own product. That's why we document and justify every decision. No black boxes. The result is a blueprint you understand and that belongs to you: from the data model to the EU infrastructure.

95%

of enterprise AI pilots achieve no measurable ROI (MIT 2025)

74%

of fast-growing startups fail from premature scaling (Startup Genome)

Up to 4%

of global annual revenue – the GDPR fine for violations (Art. 83 GDPR)

From €36,000

fixed price for the complete ANVIL system – one engagement, one outcome

Why does your product need a blueprint?

An idea is not yet a product. Starting to build without a thought-through architecture means building on assumptions instead of decisions – and that is exactly where most ventures fail. According to research cited by MIT, 95% of enterprise AI pilots achieve no measurable ROI, because they start without a clear target picture. Fortune: MIT report, 95% of AI pilots with no measurable ROI (2025)

The blueprint answers the questions that get genuinely expensive later if they're left open: How is the system divided? Which data flows where? What happens under growth? Without those answers, premature scaling looms – the most common reason startups fail: according to Startup Genome, that applies to 74% of fast-growing startups. Startup Genome: Why Startups Fail, Premature Scaling (3,200+ startups)

New Design prevents this by establishing control before anything is built. You keep authority over every decision – that's the difference between a product you own and one you merely operate.

What does the blueprint cover?

We design four layers of your product together and in concert – not assembled one after another:

Target architecture: A clean separation of presentation, business logic, and data access, well-defined interfaces, and a structure that grows with your business. Pulling the architecture into shape only later costs you: McKinsey puts technical debt at 20–40% of a company's entire technology estate. McKinsey: Tech debt – Reclaiming tech equity (tech debt = 20–40% of the technology estate)
UX/UI: User flows, information architecture, and the interface are defined here – including accessibility under the BFSG (Germany's transposition of the European Accessibility Act), which is far easier to design in from the start than to retrofit. BFSG: Section 37 penalty provisions
Data model: A normalized schema with constraints, foreign keys, and well-considered data flows – the basis on which every later feature sits securely.
Planned infrastructure: Where and how your product will run is decided during the concept phase – on EU-owned infrastructure, with CI/CD and monitoring factored in from the start.

The design work is carried out with the judgment of experienced senior engineers. AI speed then comes into play during the build – in Validation and in Implementation & Hardening. AI for pace, engineering expertise for the load-bearing decisions.

GDPR and EU sovereignty: decided here, not retrofitted

Data protection and sovereignty are not features you "switch on" at the end. Building them in afterward means tearing the architecture open again. That's why the decision is made during New Design: GDPR compliance following the Privacy by Design principle (Art. 25 GDPR) and hosting on EU-owned infrastructure – from the start, not retrofitted later.

Why this isn't trivial becomes clear when you look at the cloud reality: the US CLOUD Act gives US authorities access to the data of US providers, even when the servers sit in Frankfurt. Exoscale: CLOUD Act vs. GDPR Even Microsoft has conceded that it cannot guarantee full data sovereignty for European customers. The Register: Microsoft Cannot Guarantee Data Sovereignty (2025) An internal report by the German Federal Ministry of the Interior confirms these risks to German data sovereignty. Igor's Lab: German Interior Ministry report confirms risks to data sovereignty

In the blueprint we therefore specify that your data is processed on EU-owned infrastructure (Hetzner, Germany) – with no CLOUD Act exposure and GDPR-native. Hetzner: Data Privacy FAQ That's not only legally sound but increasingly mandatory: NIS2, DORA, and the EU AI Act make sovereign infrastructure obligatory for many workloads. SoftwareSeni: DORA, NIS2 and the AI Act make sovereign cloud mandatory Building compliance in only after the fact risks fines of up to 4% of global annual revenue. GDPR Art. 83: fines up to 4% of annual revenue More on this in our guide to the CLOUD Act data risk and on sovereign hosting.

No black boxes: every decision documented

A blueprint is only useful to you if you understand it. That's why every architecture decision is not just made but justified and recorded as an Architecture Decision Record: why this data model, why this interface, why this hosting location. You can trace every fork in the road – and any other team can build on it later.

This isn't bureaucracy for its own sake; it's risk prevention. What is a deliberate decision today costs many times more later when it lies buried in the code as an implicit assumption. Martin Fowler describes how technical debt grows into the bottleneck of scaling companies when architecture decisions aren't made visibly. Martin Fowler: Bottleneck #01 – Tech Debt

The side effect: a documented blueprint is effectively a due-diligence record prepared in advance. When investors later examine the tech stack, documented decisions are already on the table – a plus in any funding round. More on this in the guide From Prototype to Production.

Who is New Design for – and who skips it?

AnvilStack recognizes four entry paths, depending on what already exists. Every path begins with the paid Analysis (Step A) – but not every one runs through New Design:

Idea → Analysis → New Design: You start with an idea; neither prototype nor concept exists yet. This path runs through New Design – here everything is created from the ground up. This is the home of Step N.
Concept or design → Validation: You already have a concept or design. The conceptual work is done, and you move straight into Validation.
Prototype → Implementation & Hardening: You've built a working prototype – with Cursor, Lovable, v0, or a freelancer. After the Analysis it's straight into Implementation & Hardening. You skip New Design and Validation.
Existing platform → Hardening or Launch: Your platform is already running but is insecure or unstable. We start at hardening, or at sovereign operations.

If you already have a prototype, that's not a loss but a head start. Your prototype is the most precise blueprint there is – it shows more clearly than any requirements document what your product really needs to do, and it saves weeks of requirements workshops. The Analysis confirms your groundwork, and you go straight to the next sensible step. New Design is meant for exactly the case where that head start doesn't yet exist: when an idea is to become a thought-through product for the first time.

How does New Design work?

New Design is focused and fast – typically 3 to 5 days. In that time we:

Define the target architecture: We design the system architecture with clear layers and interfaces, built for scale from the start.
Design UX/UI and the data model: We shape user flows and the interface and define a normalized data model with data flows.
Set sovereignty and compliance: We decide where your data lives and under which law it is processed – GDPR by design, EU hosting.
Document the decisions: Every fork in the road is justified and recorded as an Architecture Decision Record.
Hand over the blueprint: You receive a complete, comprehensible blueprint that belongs to you – the foundation for Validation and Implementation.

You decide on the basis of a thought-through concept, not on hope. That is the outcome of Step N.

Where does New Design sit in the ANVIL system?

New Design is not a separately bookable package and has no standalone price. AnvilStack delivers exactly one offering: the complete ANVIL system at a fixed price from €36,000 – from analysis through to live operations, one engagement, one fixed price, one outcome.

Every project begins with the Analysis (Step A), the paid, binding first step: an audit report, a prioritized roadmap, and a dependable cost plan. This fee is credited in full toward the engagement. Only then does New Design follow. The only free and no-obligation entry point is the intro conversation – no hidden hourly rates, no tiers, no surprises. For details on the regulatory requirements, see our guides to NIS2 for web platforms and the GDPR vendor audit.

Starting with an idea and want a product that belongs to you? In a free 30-minute intro conversation we get to know your venture and show you how the idea becomes a dependable blueprint and, in the end, a production-ready, EU-sovereign system.

Frequently asked questions

What is New Design in the ANVIL system?

New Design (Step N) is the conceptual phase: we design your product from the ground up – target architecture, UX/UI, the data model, and the planned EU-sovereign infrastructure. The result is a documented blueprint that you understand and that belongs to you. It's the foundation on which the steps that follow are built.

Do I need New Design if I already have a prototype?

No. Only projects that start from a pure idea go through New Design. If you've already built a prototype, your conceptual work is done – your prototype is the most precise blueprint there is. After the Analysis (Step A) you move straight into Implementation & Hardening (Step I) and skip New Design and Validation.

What does New Design cost?

New Design is not a separately bookable package and has no standalone price. AnvilStack delivers exactly one offering: the complete ANVIL system at a fixed price from €36,000. Every project begins with the paid Analysis (Step A); that fee is credited in full toward the engagement. The only free and no-obligation entry point is the intro conversation.

Why are GDPR and EU sovereignty decided as early as New Design?

Because data protection and sovereignty can hardly be retrofitted without tearing the architecture open again. Where your data lives and under which law it is processed is set in the blueprint – GDPR compliance following the Privacy by Design principle and hosting on EU-owned infrastructure. That way you avoid expensive rework and the risk of fines up to 4% of global annual revenue.

What do I receive at the end of New Design?

A complete, documented blueprint: target architecture, UX/UI concept, data model, infrastructure plan, and the justified decisions behind them (Architecture Decision Records). No black boxes – every decision is traceable, and the blueprint belongs to you.

Does the blueprint belong to me, or does it create vendor lock-in?

The blueprint belongs entirely to you. We rely on open standards and document every decision, so that you – or any other team – can build on it. No lock-in arises: from the data model to the EU infrastructure, you keep control.