Home
/
Case studies
/
Startmatch

AI-powered grant application platform for a Viennese fintech startup

Cost-free consultation

About the project

Client:

Startmatch.ai is a Viennese fintech startup offering a platform that helps B2B companies apply for government funding. Starting with Austria (Forschungsprämie), with planned expansion into the DACH market. The client came to fireup.pro through a referral. Internal team: one person in sales, two developers.

Project goal:
Rewriting the MVP into a production-ready platform.
The client had a working proof of concept in Svelte. After confirming the product's market potential, they decided to rewrite it in Next.js — a framework better suited for scale. The scope covered migration, redesigning existing features, and building new ones from scratch. fireup.pro developers joined from day one.
Automating the grant application process.
The core vision was to reduce manual work in the funding application process - from finding the right grants, through generating application content, to managing costs in line with legal requirements, using AI agents, collaborative editing, and a structured cost module.
From challenge

Key Challenges

1

Low competition, high complexity

The Austrian grant market has almost no good tools. None of the existing ones offered the level of automation Startmatch had in mind. The challenge was to build something genuinely new - not digitizing paperwork, but automating a legally regulated process where calculations had to be accurate to the cent per government requirements.

2

A small, fast-moving team with enterprise ambitions.

The entire product team, client-side and fireup.pro combined, was five people. The pace was relentless, requirements shifted constantly, and the margin for error was narrow. Developers had to make sound architectural decisions quickly, often leaning on AI tools to keep up.

3

Rewriting the platform without halting product development

The migration from Svelte to Next.js ran in parallel with building new features. The AI-powered grant search engine, originally written in Svelte, had to be rewritten from scratch without interrupting work on the rest of the product.

4

Supabase as a bottleneck at scale

As the platform grew and requirements became more complex, custom authentication, asymmetric JWT, access control for sensitive data - Supabase's standard capabilities proved insufficient. This required custom workarounds and deliberate architectural decisions.

Key functional and non-functional requirements

Functional

  • AI agent editor — generating application content based on user-provided context: files, presentations, images, notes, and videos.
  • Grant search engine - natural language queries, results matched to the company profile.
  • Cost module - four categories of eligible costs, bulk import, calculations compliant with grant legal requirements.
  • Employee management - working hours, payroll data, project assignment for application purposes.
  • White-label - reselling the platform under B2B clients' own branding.
  • Compliance checker - verifying the project description against Forschungsprämie criteria.
  • FP report export - complete application data as a .docx file.
  • Admin panel - managing organizations, users, and subscriptions.

Non-functional

  • Data security - MFA, asymmetric JWT, custom REST endpoint protection, dedicated access role for sensitive HR data.
  • Access control (RBAC) - permissions at the component, route, and data layer level.
  • Document archive - long-term storage on GCP for regulatory audit purposes.
  • AI cost optimization - performance and cost optimization of external AI service calls.
  • Backup and cleanup - automated archiving and cleaning of editor data in the cloud.
  • Subscription system - resource access limits per plan.
Through the solution

Collaboration, not outsourcing.

No formal sprints, but a daily standup and bi-weekly retrospectives. fireup.pro developers acted as an integral part of the Startmatch product team, sharing responsibility for technical decisions and delivery pace, not as an external contractor accountable for scope.

    Product development approach

    The project combined rewriting existing code with building new features in parallel. Every technical decision had to account for both dimensions at once.

    • Grant search engine migration from Svelte to Next.js carried out in parallel with new feature development.
    • Custom Tiptap extensions written from scratch. The library did not support suggestion mode or advanced section locking out of the box.
    • AI tools (Claude Code, LLMParse) embedded in the daily development workflow, not as an experiment, but as a permanent part of the delivery process.

    Security and compliance

    The platform processes sensitive HR data and application documents subject to regulatory audit, requiring a security approach that went beyond standard measures.

    • R&D before implementing asymmetric JWT in Supabase. First, evaluating possible approaches, then implementing the chosen solution.
    • Custom token-based REST endpoint protection in Supabase, as a workaround for platform limitations.
    • Dedicated access role for sensitive data (salaries, leave) implemented at the component, route, and data layer level.
    To the success

    Technological outcomes

    Rewrite completed, product extended

    The platform was successfully rewritten from Svelte to Next.js. All key features from the original MVP were migrated, redesigned, and extended with new functionality.

    White-label adoption by enterprise clients

    Conda and Bergfürst (two companies operating in the grant consulting space) adopted the Startmatch editor as their own white-label solution. A direct result of the editor's quality and flexibility: they integrated it into their client-facing operations.

    Reliable AI agent workflow

    The integration of external AI services was optimized for performance and cost. The editor's context system, handling files, presentations, images, and notes as agent input, was designed to give the agent a sufficient foundation for generating application content tied to the grant's legal requirements, rather than generic text.

    Security architecture tailored for regulated data

    9:51 AMClaude responded: The platform processes sensitive HR data (salaries, leave) and long-term legal documents.The platform processes sensitive HR data (salaries, leave) and long-term legal documents. The implemented security stack - asymmetric JWT, RBAC with a sensitive data access role, MFA, custom Supabase endpoint protection, and a dedicated document archive, addresses each of these requirements individually.

    Business hypothesis validated

    Startmatch entered the collaboration with an MVP. They left with a functional, scalable web application adopted by enterprise clients. The product is ready for monetization and expansion into further grant programs in the DACH region.

    Business benefits

    MVP transformed into a commercially mature product with paying enterprise clients

    Two white-label deployments confirmed market demand for the editor as a standalone product

    A product significantly outperforming existing market alternatives in terms of automation depth.

    End-to-end compliance of the application process with regulations, a legally sensitive requirement, addressed in full, reducing risk for Startmatch's B2B clients.

    Technical benefits

    Scalable Next.js architecture replacing the Svelte proof of concept.

    Collaborative editor extended far beyond default Tiptap capabilities with custom extensions for suggestions, comments, images, and section locking.

    Performance and cost optimization of AI service calls, reducing operational costs at scale.

    Comprehensive access control system covering routes, components, and data-level permissions.

    Cloud storage architecture with automated backup, versioning, and cleanup, reducing costs and data bloat.


    Project team
    Abstract background
    Szymon
    Jakub

    Szymon

    Full stack developer

    Authentication architecture and the entire application security infrastructure
    Securing Supabase REST endpoints with a custom token-based mechanism
    Cost views and calculations validated against grant legal requirements
    Bulk file uploads (costs, employee data) and processing through an external AI service
    Performance and cost integration and optimization of external AI services
    Rewriting the grant search engine from Svelte to Next.js
    Designing the subscription system with resource access limits
    Landing page

    Tech stack

    Next.js

    React

    TypeScript

    Node.js

    Supabase

    PostgreSQL

    Google Cloud Platform

    Tiptap

    Claude Code

    Your success is our success

    See how we can build a technological advantage for your company together.

    Book free consultation!

    We have a team that truly knows its stuff — we'll help you find a solution that works.

    Conclusions & recommendations

    AI in the development workflow, not just in the product

    9:53 AMClaude responded: The team used AI tools throughout the entire duration of the project.The team used AI tools throughout the entire duration of the project. At that pace of work, it wasn't a choice, more like a condition for keeping up with requirements. This is a workflow worth standardizing for every fast-moving product team.

    Next.js holds up in complex web applications

    The migration confirmed the right choice: server actions, middleware, and the overall Next.js architecture handled complexity that would have been problematic in Svelte at that scale.

    Supabase has its ceiling

    It works well at an early stage of development. As requirements grew, particularly around auth customization and access control, it required increasingly complex workarounds. Projects with advanced permission models or enterprise auth should evaluate this limitation early.

    Small team, large scope - it works when the culture fits.

    Five people at a fast pace only works when everyone communicates openly, adapts quickly, and trusts their decisions. fireup.pro developers embedded themselves in Startmatch's culture instead of acting as an external vendor. That made the difference.

    Background

    Time for your project.

    Turn your ideas into real solution and...

    ...Get in touch with us!

    Your vision, our realization
    Want to discuss the details?
    Let us know!

    I agree to the processing of my personal data by Fireup Software ...