Maintenance & Updates

We use AI assistants as technical partners to diagnose issues faster and generate solutions more accurately. Every output is reviewed and tested before deployment.

AI accelerates critical work in two ways: First, it helps us pattern-match against thousands of known scenarios, narrowing diagnosis time from hours to minutes. Second, it generates code that we verify against your specific tech stack. You're paying for expertise in using AI well—knowing when to trust it, when to override it, and how to test thoroughly.

Think of it like an experienced mechanic using diagnostic software. The tool speeds things up, but the human expertise determines the actual solution.

Yes. We use external AI providers (like OpenAI, Anthropic) with strict privacy modes enabled. Your code is processed but never used to retrain their models and is not retrievable by anyone else.

Here's how we protect your information: All major AI providers offer enterprise privacy settings that prevent your data from being stored long-term or used for model improvement. We work exclusively with these privacy-enabled modes. For sensitive data (API keys, credentials, personal information), we sanitize or exclude it entirely before any AI processing. We also sign NDAs for confidential projects.

For authentication systems, payment handlers, and personal data processing, we often write critical sections manually with zero AI involvement. Security isn't negotiable—we balance AI efficiency with your privacy requirements.

We review every line of AI-generated code before it reaches production. No AI output goes live without human verification, testing, and security review.

Our workflow: AI suggests solutions, we evaluate them against your requirements, test for edge cases, check for security vulnerabilities, and verify the code integrates properly with your existing system. We treat AI suggestions like junior developer output—useful starting points that require experienced oversight.

What we check: Security flaws (SQL injection, XSS, authentication bypasses), performance issues (N+1 queries, memory leaks), maintainability (is this code readable in 6 months?), and business logic correctness (does it actually solve your problem?). Insecure or poorly architected code gets rewritten or rejected, regardless of whether AI or humans wrote it first. You're protected by our review process, not blind trust in AI output.

We're transparent about this: AI tools are integrated into our development workflow, and we believe that benefits you directly. Modern development assistants help us write cleaner code faster, catch bugs earlier, and maintain consistency across your project — which means better quality at fair prices.

But here's what matters: Your project data, business logic, and sensitive information stay private. We use AI the same way we use any professional tool — strategically, with full control over what gets processed and how. Think of it like spell-check for code, not outsourcing your project to a black box.

If you have specific privacy requirements (healthcare data, proprietary algorithms, regulated industries), we work within those constraints. We can discuss exactly what tools are used where and adjust our approach for sensitive components.

What we won't do is pretend the industry hasn't evolved. AI-assisted development is now standard practice at serious software houses — the difference is whether your provider is honest about it and uses it responsibly. We are, and we do.

It won't, because we back up everything before touching your site. Full database dump, complete file system copy, stored off your server. We test upgrades in staging environments first—never directly on your live site. Only after verifying everything works do we touch production.

Our safety protocol includes complete database and file backups stored offsite, staging environment testing where we run the upgrade on an exact copy first, data validation after migration by comparing database records and testing critical functionality, and documented rollback procedures.

Data loss happens when people skip backups, upgrade production directly without testing, ignore compatibility warnings in custom code, or rush without verification. We don't do any of those things.

Version upgrades: Typically 30 minutes to 2 hours for Contao or PHP upgrades. Depends on how much custom code needs compatibility fixes. Clean installations with minimal customization are faster. Heavily customized sites with old extensions take longer.

Hosting migrations: 2-6 hours total, mostly waiting for DNS propagation and SSL certificate setup. The actual file and database transfer is quick—DNS changes take time to spread across the internet.

We schedule work during your lowest-traffic windows, usually 2-6 AM. Examples: Small Contao 4→5 upgrade on clean code: under 1 hour. Large Contao 3→5 upgrade with custom extensions: 4-8 hours staging work, then 1-2 hours production downtime.

We roll back to the pre-upgrade backup, you're back online within minutes. Then we investigate what failed in our staging environment, fix it, and retry when ready. This is exactly why we test in staging first and maintain rollback procedures.

Common issues we prepare for include custom extensions breaking after version updates, performance problems from inefficient code on newer PHP versions, third-party integrations needing updates, and edge-case bugs not caught during staging tests.

When problems occur, we roll back immediately so you're back online fast, diagnose the root cause in staging (not on your live site), fix it completely, and retry when ready. Professional upgrades expect problems and plan for them.

Version upgrade: Updating your software to a newer version. Contao 3→5, PHP 7→8, Next.js 12→14. Same hosting provider, same server, just newer software versions. Main challenge: ensuring custom code still works with breaking changes in new versions.

Hosting migration: Moving your entire site from one hosting provider to another. Same software versions, different server infrastructure. Main work: transferring files and database, configuring DNS records, setting up SSL certificates, testing everything works on the new host.

Sometimes you need both—old hosting with old software versions. We can handle them separately or combined, depending on your situation and risk tolerance.

No. We work on-demand—you contact us when you need security patches applied or when it's time to upgrade versions. No monthly fees for services you're not actively using.

Why on-demand works better: Security patches don't happen on a predictable monthly schedule. They happen when vulnerabilities are discovered. Version upgrades happen every 6-18 months typically, not continuously. Paying monthly for sporadic work doesn't make sense.

How it works: When Contao, PHP, or TastyIgniter releases an important update, you contact us. We assess if the update is critical or can wait, quote the work if custom code needs testing, and handle the upgrade. Simple updates on clean code are quick and affordable. Complex updates on heavily customized sites take more time and cost more.

We handle version upgrades and hosting migrations for:

Contao CMS: All versions (3.x, 4.x, 5.x). We have deep expertise with complex Contao installations and custom extensions.

TastyIgniter: Restaurant ordering and delivery systems. Framework updates, extension compatibility, performance optimization.

Next.js / React: Modern front-end applications and websites. Version upgrades, dependency updates, build optimization.

PHP / Symfony: Core framework updates. PHP version upgrades (7.x→8.x), Symfony component updates, dependency management.

If your platform isn't listed—WordPress, Drupal, Joomla, Magento—we don't maintain it. We specialize deeply in fewer platforms rather than spreading ourselves thin across everything.

Yes, we do this regularly. Old Contao 3 sites, ancient PHP 5.6 installations, outdated TastyIgniter systems—we upgrade them to modern, secure versions.

Typical rescue scenarios: Hosting provider demanding PHP upgrade or threatening to shut down your account, security audit revealed critical vulnerabilities in old software versions, previous developer disappeared and your site is years behind on updates, custom extensions only work on ancient versions and need modernization.

The process: We audit your current setup to understand what version you're running, what custom code exists, and what will break during upgrade. We test the upgrade path in staging and fix compatibility issues with custom code. We execute the upgrade with minimal downtime. We verify everything works correctly.

Honest assessment: Sometimes rescue costs more than rebuilding from scratch. If your site is so heavily customized and outdated that upgrade complexity is extreme, we'll tell you directly. But usually upgrading is cheaper than rebuilding—especially if your content structure and custom functionality are valuable.