AI & Modernisation · Sandbox-verified · 19 June 2026

Xapti CRM:
a technical & product review

A first review of the Xapti CRM, from a live walk-through of the sandbox. What it's built on, how much runway the platform has, where the UI stands, and where AI and modernisation can take it.

ASP.NET MVC 5 .NET Framework 4.x Telerik Kendo UI SQL Server
The short version

Xapti is a mature, multi-tenant CRM. It's broad, it works, and the screens are internally consistent. The dated feel is cosmetic. One Kendo theme drives every screen, so a re-skin lifts the whole app at once. The real question sits underneath: it runs on .NET Framework, Microsoft's frozen and final generation. There's runway (security-patched into 2034 on Windows Server 2025), so nothing's on fire. But moving off it is a when, not an if. So: re-skin now (cheap, weeks), migrate the platform gradually (strangler, 12 to 24 months), and don't rewrite 10+ years of donation, SEPA and segmentation logic from scratch.

On AI: skip the chatbot. Ship first-party-data predictions (churn, storno, periodieke-gift) that protect donor revenue and stay AVG-safe. Build the AI as a separate .NET 10 service, so it doubles as the first step of the migration. And use the market gap: AVG-proof, Dutch-hosted AI is a position Salesforce can't easily match.

Backend
ASP.NET MVC 5.2
Runtime
.NET Framework 4.x
Frontend
Telerik Kendo
Runway
to 2034
UI verdict
Re-skin
What it actually is

The current tool, confirmed

Read straight off the sandbox's HTTP response headers and page assets. Not guesswork. The public site gives none of this away.

Server evidence (HTTP headers)
Server:              Microsoft-IIS/10.0
X-AspNet-Version:    4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By:        ASP.NET
Set-Cookie:          ASP.NET_SessionId=…

→ Classic ASP.NET MVC 5 on .NET Framework 4.x, on IIS 10 (Windows-only). Razor views, not Web Forms. That's one notch better than the worst case.

Frontend stack (page assets)
  • Telerik Kendo UI widgets (licensed), the whole grid/form layer
  • Telerik Reporting 17 report viewer
  • jQuery 3.7.1 (current) + custom Bootstrap theme
  • Knockout.js, a client-side MVVM layer already exists
  • Dutch locale wired in; Google reCAPTCHA on login

The Telerik licence and Knockout MVVM are assets that carry forward into any modernisation.

Why this matters: the runtime decides the whole approach. .NET Framework means a Windows-only backend on a frozen platform. But MVC5 with Razor (not Web Forms) makes the path to modern .NET a lot easier.
How old, and how long can it last

The runway on .NET Framework

The CLR build stamp 4.0.30319 dates to April 2010. ASP.NET MVC 5 to 2013. And 4.8.1 is the final version. No 4.9 is coming, and no "Framework 5". Everything new moved to modern .NET, now at .NET 10.

DimensionReality
Keeps running & patched?Yes. It's a Windows component, security-patched for the life of its Windows host (Server 2022 to 2031, Server 2025 to ~2034). It won't suddenly stop.
New framework featuresNone, ever. Frozen and maintenance-only since ~2019.
Library ecosystemEroding. The modern floor is .NET 8/10, and new packages increasingly skip Framework.
HostingWindows and IIS only. No Linux, no cheap containers, no cloud-native autoscaling.
Hiring & performanceHarder to staff new work on it. Modern .NET is much faster at SaaS scale.
Technically: 5+ years of runway. Nothing forces a move before ~2030. Not an emergency.
Strategically: a frozen, Windows-locked platform that adds a bit of liability every quarter. Plan the move, don't rush it.
The live walk-through

The UI, reviewed

I logged into the sandbox and walked the core screens. The two that carry the product, the dashboard and the contact record, are well built. The back-office screens are all the same Kendo pattern, so the app is internally consistent. It reads as a 2018-era enterprise CRM: solid, a bit dense, and dated in specific, fixable ways.

Xapti dashboard
Dashboard ("Xapti Vandaag"). Clean card layout, KPI tiles, donut chart.
Contact card
Relatiekaart (contact record). The strongest screen. Accordion sections, icons, blue accent. Opens as a modal over the dashboard.
Data grid
Data grids. Solid, but the saturated-blue Kendo header is the most dated thing on screen.
Workflow manager
Workflow Manager. A batch scheduler for donations, SEPA, reminders, subscriptions. A natural AI hook.
Datamodel
Datamodel. A configurable custom-field engine per tenant. Real extensibility.
Login
Login. Clean and current.
What reads as dated (all cosmetic)
  • Saturated-blue Kendo grid headers everywhere (the 2015 default)
  • Modal-in-modal record cards, a desktop-app pattern
  • High density, nested boxes, little whitespace
  • Orange-vs-blue accent clash across buttons
  • Default, un-branded Kendo widgets and plain typography
What the app actually does
  • Multi-tenant; configurable Datamodel (custom fields)
  • Selecties (segmentation) + Workflow Manager (automation)
  • Full SEPA / incasso, invoices, payment matching, ledger
  • Email templates, web-form builder, newsletters
  • Role-based auth + API keys ("Stekkerdoos")
The key reframe

Two separate problems, don't conflate them

"Modernise the UI" and "the platform is old" feel like one job. They aren't. Separating them is what makes the cheap win possible.

 What it isEffortUrgency
Visual refresh A re-skin of the existing MVC5/Kendo app. New Kendo theme plus CSS, lighter grid headers, kill the modal-in-modal, unify the accent, more whitespace Weeks to months · low risk Do now · no backend change
Platform migration .NET Framework 4.x → ASP.NET Core (.NET 10), via the strangler pattern 12 to 24 months Deliberate · not urgent
The point: the look can jump a generation cheaply, on the current stack, with no backend change. "Modernise the UI" sounds like the big rebuild. It isn't.
The thought experiment

If we rebuilt it today, what stack?

Answered as a target to migrate toward, not a big-bang rewrite (that's the trap with 10+ years of domain logic). Optimised for their reality: a small .NET team, no dedicated frontend/UX, EU/GDPR-first, SEPA-heavy.

LayerChoiceWhy
BackendASP.NET Core (.NET 10), C#, modular monolithKeep their language and people. No microservice overhead for 2 to 3 FTE
DatabasePostgreSQL + EF Core (+ pgvector)EU-hostable and free. pgvector gives AI/search in the same DB. SQL Server stays viable to cut risk
FrontendBlazor Web App (.NET 10)
render modes: static SSR + interactive server/WASM
Keeps a frontend-light team in C# end to end, and the Telerik licence carries over (Telerik UI for Blazor). React+TS only if they hire frontend talent
Batch jobsHangfire / Quartz.NETFor SEPA runs, reminders, the existing Workflow Manager logic
Auth / tenancyASP.NET Core Identity or Keycloak (EU) + Finbuckle.MultiTenantSSO/2FA, clean multi-tenancy
AI layerAzure OpenAI (EU) or Mistral (FR) behind a thin serviceAVG-safe, matches the EU-hosting brand promise
InfraDocker on EU hosting (TransIP / Hetzner / Scaleway / Azure-EU)GDPR positioning intact

The through-line: stay in the .NET/C# world and carry the Telerik investment forward. The big decision isn't the language. It's Blazor (stay all-C#) vs a React SPA (higher ceiling, needs frontend hires). For a 7-person, frontend-light team, bias to Blazor.

The plan

A two-track roadmap

Visible value early, strategic safety underneath. The tracks run in parallel and intersect deliberately so the UI isn't redone twice.

Track A · ship value now

Re-skin the existing app

  • Phase 0: quick CSS wins in days. Lighten grid headers, unify the accent, add breathing room
  • Phase 1: custom Kendo theme plus design tokens (the tokens carry into a future Blazor UI)
  • Phase 2: interaction fixes. Replace modal-in-modal, responsive pass
Track B · de-risk the platform

Strangle toward ASP.NET Core

  • Spike: a new ASP.NET Core app in front, YARP proxying the rest back to MVC5
  • Bridge: System.Web adapters share session and auth, so users never see a seam
  • Reuse: move routes a few at a time. A shared .NET Standard 2.0 domain library runs on both sides
This is Microsoft's official path, not a bespoke one. Microsoft calls incremental migration "an implementation of the Strangler Fig pattern" and ships the tooling for it: YARP + the System.Web adapters (GA) + GitHub Copilot app modernization for .NET (GA Sept 2025, a paid Copilot tier, covers MVC/Web API which is what Xapti runs). Checked against current Microsoft docs, June 2026.
The deep dive · 6-analyst synthesis

AI opportunities, market & a 90-day plan

A research pass on the three advisory questions. The mental model: make it look good now (re-skin), ship AI that protects donor revenue (first-party predictions, not a chatbot), and replace the engine quietly over 2 to 3 years (strangler).

The single biggest insight: build the AI as a separate .NET 10 service. The AI roadmap then becomes the first step of the migration instead of competing with it. The AI work and the re-skin both seed the new stack, so you pay for modernisation once.
Answer 1

Team productivity with AI

The governing rule (the brand depends on it): customer personal data, so donor/relatie records, NAW, IBANs, transactions, ticket bodies naming a donor, may only touch a model under a signed DPA with EU processing and a no-training guarantee (business/enterprise tiers, never free consumer ChatGPT/Gemini). Code, internal docs and marketing drafts are low-risk. Sign one DPA this week. Hard red line: never paste a real production donor export into a prompt to "help debug". Anonymise or synthesise.
AreaToolHighest-value workflowV/E
Engineering
2-3 devs
GitHub Copilot Business + 1-2 Claude Code seatsPoint Claude Code at the undocumented Workflow Manager/SEPA module → your first real internal docs. Copilot .NET app-modernization on one library to feel how mechanical the migration is. AI-generated unit tests on SEPA/selecties for a regression net before migrating.High/Low
SupportM365 Copilot or Le Chat EnterpriseStanding Dutch reply-draft prompt (human reviews before send). Batch de-identified resolved tickets into a knowledge base, the compounding win that feeds in-app help.High/Low
Sales / onboarding
Edwin
M365 CopilotMeeting transcript → Dutch follow-up. Proposal/quote drafting from a winning template. RFP/aanbesteding answers with a "flag what we can't answer" rail against hallucinated compliance.High/Low
Content / marketingLe Chat / Claude (no PII)Newsletter cadence against a "Xapti voice" brief. Case studies from calls (with sign-off). SEO and AI-search for "CRM voor goede doelen".Med/Low
Ops / adminM365 CopilotContract/DPA summarisation. Data-cleanup rules designed on synthetic samples, then run in-house on real data.Med/Low
Start this week
  • 1. Turn on GitHub Copilot for the engineers. Code only, zero risk
  • 2. Run Claude Code over the Workflow Manager/SEPA module for first documentation
  • 3. Give support a standing Dutch reply-draft prompt (strip-PII-or-use-DPA-tool rule)
  • 4. Batch resolved tickets into a knowledge base
  • 5. Hand Edwin a meeting-notes-to-follow-up and proposal-draft workflow, and sign one DPA
Answer 2

Product AI worth building

The spine: predictive scores trained on each tenant's own CRM history, not bought-in US wealth data (that would break the EU brand). The score features need no LLM. They're in-house models on data already in the database, so they carry the lowest AVG risk. Ship those first. Below: 28 features across six clusters, tagged by engine (Rules = deterministic, ML = in-house model, LLM = generative, the only ones that send text off-box).

Do first (one of each engine type, so each pipeline gets built once): #2 Storno-redder · #1 Stille-stopper-radar · #19 formulier-validatie · #11 betrokkenheids-score · #22 trigger-gegronde concept-mail · #13 NL→Selectie.

1 · Revenue protection

#FeatureWhat it doesEngineEffortGDPR
1Stille-stopper-radar
silent-lapser radar
Predicts recurring donors/members about to silently lapse. Catch churn before the storno, not after.MLMLow
2Storno-redder
SEPA storno triage
Classifies each R-transaction and routes the right recovery. Stops treating "no money" and "revoked mandate" the same.Rules→MLS-MLow
3Contributie-verlooprisico
non-renewal risk
Scores non-renewal probability per member. Targeted retention before the contributie window.MLMLow
4Mandaat-gezondheid
mandate-health monitor
Flags mandates likely to fail before the SEPA batch runs. Fewer R-transactions, lower bank cost.RulesSLow
5Toezeggings-nakoming
pledge-fulfilment watcher
Flags promised-but-never-collected pledges. Recovers committed money that slipped through.RulesSLow

2 · Donor & member intelligence

#FeatureWhat it doesEngineEffortGDPR
6Grote-gift opwaardeerkans
major-gift upgrade propensity
Scores upgrade likelihood. The fundraiser targets the right 30, not 3,000.MLMMed
7Periodieke-gift-kans
5-yr ANBI propensity
Predicts conversion to a 5-year notarised gift. Unlocks the highest-LTV move in NL fundraising.MLMMed
8Nalatenschap-signalen
legacy signals · DPIA-gated
Surfaces soft legacy-giving signals. Big income for NL goede doelen, but profiling here is sensitive.MLMHigh · DPIA
9Volgende-beste-actie
next-best-action
One recommended next step per relatie. Turns a wall of scores into one clear action.ML/RulesMLow
10Relatie-LTV
lifetime-value forecast
Expected multi-year value per relatie/segment. Board view of durable value vs one-off spikes.MLMLow
11Betrokkenheids-score
engagement score (RFM++)
One 0-100 number from RFM + Mailjet + forms. One legible number everyone understands.ML/RulesSLow
12Beste-moment/-kanaal
send-time & channel
Best send time and channel per relatie. Higher response, less fatigue and postage waste.MLMLow

3 · In-product productivity

#FeatureWhat it doesEngineEffortGDPR
13NL→Selectie opsteller
schema-only, no PII
Plain-Dutch request drafts a Selectie the user reviews. Collapses the steepest learning curve.LLMMLow
14Brief-me / donateur-samenvatting
"brief me on this donor"
One-paragraph Relatiekaart summary plus a next step. Informed in 5 seconds, not 3 tabs.LLMMMed
15Gespreksnotitie-capture
meeting-note capture
Rough notes into a clean summary plus follow-up tasks. Notes get logged and turned into tasks.LLMSMed
16Semantisch zoeken
semantic relatie search
Meaning-based search over relaties and notes. Finds people by intent, not exact match.LLM+MLLMed
17Rapport-uitleg
plain-language report explainer
A narrative reading off existing Telerik report data. The board gets the story, not just the chart.LLMMLow

4 · Data quality & enrichment

#FeatureWhat it doesEngineEffortGDPR
18Slimme-ontdubbelaar
AI dedup & merge
Fuzzy-matches duplicate relaties, human-approved merges. The #1 data-quality complaint, beats rule-based dedup.ML/RulesMLow
19Formulier-validatie + fraude-vlag
form validation + fraud flag
Validates IBAN/address and flags suspicious submits. Stops bad mandates at the front door.RulesSLow
20Adres-/relatie-verval-detectie
address & relation decay
Flags stale, moved or deceased signals and proposes fixes. Mailings hit real addresses, dignity on "overleden".Rules/MLSMed
21Veld-anomalie-detectie
field anomaly detection
Outliers in the per-tenant Datamodel (a €50k incasso, an 1850 birthdate). Catches errors before a SEPA run.Rules/MLSLow

5 · Communication & marketing

#FeatureWhat it doesEngineEffortGDPR
22Trigger-gegronde concept-mails
the honest generative one
Drafts grounded in a trigger plus facts, and never auto-sends. Removes the blank-page tax for a tiny team.LLMMMed
23Onderwerpregel-/segment-optimalisatie
subject-line & segment
Subject variants plus the best Selectie, learning from Mailjet results. Higher opens without a marketing specialist.LLM+MLSLow
24Sentiment & intentie inkomend
inbound sentiment & intent
Classifies inbound: complaint, cancel, thanks, opt-out. At-risk messages and opt-outs auto-routed.LLMMMed
25Opzeg-reden tekst-mining
churn-reason text mining
Clusters free-text cancel reasons into themes. Tells the org why it loses donors.LLM/MLMMed

6 · AVG & compliance automation

Turn the brand promise into a feature. These three double as guardrails for everything above.

#FeatureWhat it doesEngineEffortGDPR
26Inzageverzoek-assistent
DSAR assistant
Auto-assembles a relatie's full export plus a deletion-impact preview. Makes the time-boxed DSAR a product feature.RulesMMed
27Bewaartermijn-bewaker
retention watcher
Flags records past per-tenant retention and proposes anonymise/delete. Keeps tenants AVG-compliant automatically.RulesSLow
28Toestemming-/opt-out-bewaker
consent & opt-out guard
Verifies every Selectie and mailing run against consent flags. One opt-out leak can cost an AVG brand its reputation.RulesSLow
Avoid as gimmicks: an open "chat with your CRM" assistant (high GDPR surface, low value, hard to keep accurate). Autonomous send of any donor-facing message (always draft-then-approve; one wrong email to a grieving legacy donor is existential). AI wealth-screening or external data-broker enrichment (contradicts the AVG brand, legally fraught in NL). Generative "insights" with invented numbers (the LLM may only narrate numbers SQL already computed). And an "AI" badge slapped on everything.
How to build it

Building this on the current .NET Framework stack

None of this needs the migration first. Most of it ships on the stack that's there today. Split it in two. Generative features (draft, summarise, NL→Selectie) are stateless calls to an EU LLM endpoint from the existing MVC5 controllers. Predictive features (the scores) are a model trained on Xapti's own data, scored nightly in a small sidecar that writes the score back into SQL Server. Rules features are plain .NET and SQL. The feasibility below was checked against current vendor docs and NuGet (June 2026).

Generative · LLM

Stateless EU REST from MVC5. Runs on Framework today. No model to host. The only features that send text off-box, so they get the strictest guardrails.

Predictive · ML

A model on Xapti's own data, batch-scored nightly and written back into SQL Server. Lives in a sidecar, not the web request. Nothing leaves the EU box.

Deterministic · Rules

Plain .NET and SQL. No model, no call. Several of the do-first wins (storno, validation, watchers) are pure rules.

Does it run on .NET Framework?

ComponentOn Framework?Note
Azure.AI.OpenAI SDKYesTargets netstandard2.0, runs on 4.6.2+. The official Azure OpenAI client, no raw HttpClient needed.
Semantic KernelYesnetstandard2.0. Optional orchestration if you want it.
Microsoft.Extensions.AINoNeeds .NET 8+. The trap: Microsoft's newest abstraction is off-limits on Framework. Don't depend on it in the MVC5 app.
Mistral (Paris)YesRaw HttpClient + System.Text.Json. An LLM call is one POST. Strongest AVG fit, zero-retention on request.
ML.NET in-processRiskyRuns on 4.6.1+, but x64-only (fails in a 32-bit app-pool), and you don't want training in the IIS pipeline.
Out-of-process AI service (.NET 10)RecommendedReads the same SQL Server, scores in batch, returns over REST. Also the migration's first new-stack component.

The integration loop (the whole point)

A score is just a number in a custom field. Xapti already has the three things that make a number useful: the configurable Datamodel, Selecties and the Workflow Manager. The AI feeds those, and builds no new UI.

Nightly batch (Workflow Mgr / SQL Agent / Hangfire) → AI service reads SQL
  → ML produces churn_score per relatie (per tenant)
  → WRITE-BACK into the existing Datamodel custom field      ← the linchpin
        relatie."AI_verlooprisico" = 0.87
  → SELECTIE   "Hoog verlooprisico"  =  AI_verlooprisico > 0.8
  → WORKFLOW   that Selectie fires a win-back action
  → RELATIEKAART shows the score + a plain-Dutch reason
Worked example. The nightly job writes AI_verlooprisico = 0.87 onto Jan. The tenant's standing Selectie > 0.8 (built in the normal UI, no code) catches him. A Workflow rule fires a trigger-grounded draft mail to the approval queue. A human clicks send, it goes via Mailjet. The fundraiser opening the Relatiekaart sees "Verlooprisico: hoog (0,87). 8 mnd geen gift, laatste 2 mails niet geopend." The AI added one custom field. Everything else is Xapti's existing machinery.
Vector / semantic search

SQL Server 2025 ships a native VECTOR type (GA Nov 2025, on-prem, not Azure-only). If the DB can move to 2025, that's the win: embeddings next to relational data, same backup, same EU and tenant boundary. Re-verify Xapti's edition and version first. Legacy CRMs run several versions behind, and that upgrade is the gating item. Fallback: self-hosted Qdrant on TransIP next to the AI service.

AVG guardrails (engineered in)
  • EU endpoints only, DPA, zero-retention switched on
  • Predictions stay in-house. Only generative touches an external endpoint
  • Schema-only or minimum-necessary for anything generative
  • Per-tenant isolation on every read, score and vector row
  • DPIA before legacy signals and any patient-org health data
  • Audit log of every AI call, write-back and approval. Consent checked before every send

Build sequence on the current stack

Open questions for the friend (these gate the plan): the app's exact targetFramework (needs to be ≥ 4.6.2 to use the SDKs cleanly, the one number that matters most), the current SQL Server version and edition (for the jump to 2025 native vectors), whether they're on Microsoft 365 (decides the team-AI tooling), and the Telerik licence tier.
Market & positioning

A wide-open lane in the affordable Dutch band

Procurios is the benchmark (markets AI dedup only). Peers like Regas, Eudonet, e-Captain, Congressus and Stamhoofd are essentially AI-silent in mid-2026. Salesforce Agentforce Nonprofit sets the narrative, but not the price for Xapti's €99-799/mo buyer. AI-assisted writing is becoming table-stakes. AI that makes the CRM smarter about the donor relationship is wide open, which is exactly where Xapti's datamodel, selecties and workflow engine are an unfair substrate (a score can trigger a workflow).

Angle 1 · lead with this

"AVG-proof AI. Verwerkt in Nederland." Lead with trust. Goede Doelen Nederland made verantwoord AI-gebruik a 2026-2029 policy pillar and is teaching members to ask "is this EU-hosted and privacy-safe?". That's the answer Salesforce can't match.

Angle 2

"Je CRM die je donateurs écht begrijpt." Predictive lapse/upgrade scoring on first-party data, then close the loop: high lapse-risk auto-fires a win-back workflow. The open white space, and the workflow engine is the moat.

Angle 3 · on-ramp

"Praat met je data." Natural-language selecties plus Dutch-native drafting. Drafting is the easy on-ramp (table-stakes). NL-segmentation is the differentiator.

Angle 4

"AI binnen handbereik voor élk goed doel." Enterprise outcomes, right-sized and affordable. No ML hire, no consultant. Owns the middle the frontrunners priced out.

Recommended stance, combine Angle 1 and 2: "The AVG-safe, Dutch CRM that predicts which donors you're about to lose, and acts on it, without a data team." (Verify Regas, AFAS-nonprofit, King and e-Captain AI roadmaps before quoting the competitive set externally. The conclusion holds regardless.)
Execution

The 90-day plan

The product roadmap keeps running. AI and modernisation slot in as small, bounded, killable bets. At most one product-AI experiment and one migration spike in flight.

WeeksWorkstreamActionOwner
1-2GovernanceSign one EU-LLM DPA (Mistral/Paris or Azure OpenAI EU) plus a 1-page AI-use policy.CTO + Edwin
1-2Team AIPilot A: coding assistant for both engineers. Pilot B: support-reply drafter on de-identified tickets.E1 / Edwin
1-2UIPhase 0 CSS re-skin. One global Kendo theme override, live on 1 pilot tenant. Before/after screenshots Edwin can demo.E2
1-2PlatformScope only. Pick a read-mostly, self-contained strangler slice. No code yet.CTO + E1
3-6Team AIMeasure pilots, keep what sticks. Add a docs/onboarding bot only if A/B land.CTO
3-6UIRoll the re-skin to all ~100 tenants. Fix the top 5 density offenders.E2
3-6Product AIBuild one prototype in the sandbox on anonymised data behind a flag (churn/storno preferred, draft-emails the easier fallback).E1 + CTO
3-6PlatformMigration spike: minimal .NET 10 app plus a YARP proxy in front of IIS, passing 100% through unchanged.E1 + CTO
7-12Product AIValidate cheaply: Edwin rates ~20 anonymised outputs send/edit/unusable. 60%+ usable means productize, else kill or narrow. Go/kill memo.Edwin + CTO
7-12PlatformRebuild the chosen slice natively on .NET 10, served through YARP in real traffic. The real strangler proof.E1 + E2
7-12UIRelatiekaart polish. Begin replacing modal-in-modal with tabbed/inline.E2
7-12Decision90-day readout: costed platform path, product-AI verdict, UI roadmap.CTO
Day-90 success: the team runs on GDPR-safe AI with a written playbook. The tool visibly looks modern to every customer. A validated go/kill on the first product-AI feature. And the migration path proven on one real slice, turning the .NET dead-end from an existential unknown into a costed plan. The product roadmap never stopped.
Everything, ranked

Prioritized roadmap

One ranked list tying it together. Effort: S = days, M = weeks, L = months+.

#Do thisWhy it's ranked hereEffort
1Sign one EU-LLM DPA + 1-page AI-use policyUnblocks every AI move safely. Protects the brand.S
2Phase 0 CSS re-skin → 1 tenant, then allCheapest, fastest, customer-visible win. Tokens carry into the migration.S
3Copilot for engineers + Claude Code on the SEPA moduleDaily velocity, first real docs, and bus-factor capture.S
4Support reply-drafter + KB; Edwin's proposal/RFP workflowHigh-ROI, low-risk, and a compounding KB.S-M
5Product-AI prototype: churn or storno-redderHighest-value, AVG-safe, no-LLM revenue protection. Easiest to sell to a board.M
6Phase 1 proper Kendo theme + tokens (token spec FIRST)Makes the re-skin real and migration-portable.M-L
7Migration foundations: YARP + System.Web adapters + shared auth + extract domain to .NET Standard 2.0 libs + characterization testsThe make-or-break phase. Reuses proven C#, captures tribal knowledge.L
8Build AI as an out-of-process .NET 10 service via StekkerdoosThe AI service is the migration's first new-stack step.M-L
9Periodieke-gift bewaker + dedup + upgrade-kompasDutch-specific moat, data hygiene, and near-free propensity reuse.S-M
10Phase 2 UI: full-page tabbed RelatiekaartThe "feels modern" change. Doubles as the first Blazor port unit.L
11Strangler Wave A (read screens) on .NET 10 + BlazorCustomer value on the new stack inside year one. Proves the pattern.L
12Forecast, ledenadmin-assistent, draft-emails, web-form fraude-remStrong second-tier AI. Needs the EU-endpoint plumbing battle-tested first.M
13Strangler Waves B then C (CRUD, then finance LAST)Finance migrates only once everything else is proven. Engine stays shared C#.L
14Nalatenschap-signalen, only with a completed DPIAHighest upside per donor but ethically and AVG-gated.M+
15(Deferred) Postgres evaluation; React frontendOnly after the migration is stable, never coupled to it.n/a