Back to Selected Work
Insivo.ai marketing site on iMac display — calm research-tool aesthetic, indigo accents on cream wall
100/100Lighthouse
84msTTFB
Static · MDX · Edge

Insivo.ai

Marketing site for an AI-powered employee-research SaaS. A static export with a sandboxed live demo — visitors press a record button on the hero and see synthesis return in real time. The pitch is the product.

Scroll

Most SaaS marketing sites lead with claims. Insivo.ai leads with the actual interaction — a sandboxed call to the same Whisper + Claude pipeline that powers the product, gated behind a friendly captcha and rate-limited to keep cost bounded. The site is a static export of Next.js, MDX-authored, deployed to Vercel's EU edge.

Services

SaaS MarketingStatic ExportMDXSandboxed DemoEdgeSEO

Year · Role

2026 · Designer & Developer

Live at

insivo.ai →
Insivo.ai marketing site floating on warm plaster wall with blurred palm-frond shadows

01 · Architecture

Static export + sandboxed demo proxy.

The marketing site builds to fully static HTML and CSS via next export — no server runtime on the marketing surface itself. Every page is pre-rendered, hashed, and served from Vercel's EU edge. TTFB stays under 90ms globally.

The interactive demo lives on a separate edge function with its own subdomain. It proxies to the real product backend with a throwaway tenant context, rate-limited per IP, gated by a friendly captcha. The demo and the marketing build are entirely decoupled — one deploy can't break the other.

12sbuild time
89kb shipped JS
0runtime servers

02 · The Demo Proxy

Rate-limited. Tenant-throwaway. Cost-bounded.

Every demo invocation hits an edge function that injects a throwaway tenant ID, enforces a token budget, and propagates the captcha token. If any check fails, the function short-circuits before reaching the model — no wasted spend on bots.

// edge function: demo.insivo.ai/api/transcribe
export const runtime = 'edge';
export const regions = ['fra1', 'cdg1', 'arn1'];

export async function POST(req: Request) {
  // 1. Captcha enforcement
  await assertCaptcha(req.headers.get('x-turnstile'));

  // 2. Per-IP rate limit (3 requests / 10 min)
  await ratelimit.check(getIP(req), { window: '10m', max: 3 });

  // 3. Throwaway tenant + token budget guard
  const ctx = makeDemoTenant({ budgetTokens: 4_000 });

  // 4. Proxy to real backend with demo context
  return await proxyToBackend(req, ctx);
}

Demo traffic stays under €30/month in model spend at current visitor volumes. The marketing team can A/B which CTAs lead to most demo activations through a tiny event log that writes to the analytics pipeline — no third-party trackers on the marketing surface.

< €30monthly demo spend
3 req / 10 min
4Ktoken budget

/ The principle

Simulate, don't describe.

Visitors press a record button on the hero, ask a question, and see a synthesised theme card return. The pitch is the product — not a screenshot of it.

Aa

Inter Display + Inter

Simulate, don't describe.

Regular 400Medium 500Display 600

Palette

Indigo on paper.

Indigo Trust#4F46E5
Indigo Mist#A5B4FC
Paper#FAFAFA
Lavender Wash#EEF2FF
Ink#0A0A0A
Insivo Synthesierte Insights card — 3 quote excerpts with Positiv / Neutral / Negativ sentiment indicators, indigo accents on white

Stack

Marketing team owns content, no devs in the loop.

  • 01Next.js 14Static export, no Node runtime on the marketing surface
  • 02MDXPages authored in MDX, ships via GitHub PR + preview deploy
  • 03Vercel EU EdgePre-rendered HTML served from fra1 · cdg1 · arn1
  • 04Edge FunctionDemo proxy on its own subdomain with rate limit + captcha
  • 05Cloudflare TurnstileCookie-less captcha, friendly to compliance posture
  • 06Upstash RatelimitSliding-window rate limits keyed by hashed IP
  • 07Schema.org JSON-LDStructured markup per page for AI-search readiness
  • 08Playwright VisualSnapshot tests on each marketing page before ship

03 · Engineering Decisions

Boring stack, sharp edges.

  • Static export over SSR

    Marketing sites don't need per-request rendering. Static + edge cache gives 84ms TTFB globally and a recurring hosting cost of zero. Loses ISR flexibility — accepted because the marketing team prefers explicit deploys.

  • Demo on a separate subdomain

    If the demo function breaks under load, the marketing site keeps serving from cache. If a marketing deploy fails, the demo keeps working. Independent SLOs, independent rollout cadences.

  • MDX over a headless CMS

    Headless CMS systems trade implementation speed for ongoing cost and lock-in. MDX in the repo means content lives next to the code, ships through the same review process, and survives infrastructure migration.

  • Cookie-less analytics

    No GA, no Plausible, no third-party trackers. Demo activations log to a first-party endpoint that only stores anonymous event types. The compliance block in the footer doesn't have to lie.

84msTTFB at EU edge
MDX > headless CMS
"Independent SLOs."Architecture note
Compliance · Evidence

DSGVO posture, ready for procurement.

AVV (DPA) PDF · per tenant
DSGVO Art. 17 erasure
EU Hosting fra1 · cdg1 · arn1
No data leaves the EU. Postgres row-level security · tenant-scoped consent before recording · one-click subject-access export.

Trust as a UI element

The most-screenshotted section.

Logos of pilot customers, evidence cards (AVV PDF download, DSGVO badge, EU hosting graphic), and an explicit "no data leaves the EU" promise rendered as a structured block. Sales prospects forward this section to their procurement team. We render it on the page rather than tucking it into a /security route because the procurement step often happens before someone bothers to click around.

Performance you can ship to procurement.

0/100Lighthouse all categories
0msTTFB at EU edge
0kbJS shipped to browser
0Third-party trackers
Insivo.ai marketing site long-scroll overview — hero, features, comparison table, testimonial sections stacked on light wall

Next case study

PBA&B GmbH