Compliance, IoT and Sovereign AI: From Product to a Robust Platform

How LITEWERKS GmbH (Konstanz) modernised and extended the digital platform for the intelligent LITE BLOX starter battery — together with IntegrIT Solutions and studio hak — and what architectural decisions industrial manufacturers can apply today.

View architecture

Client: LITEWERKS GmbH (Konstanz)
Sector: Industry · Motorsport · Performance
Our role: Software architecture & end-to-end development
Co-creation: studio hak (Rottweil) — Marken- & Interface-Design
Stack: FlutterNestJSNext.js 16PostgreSQLRedis
Active units: ≈ 6,000 in the field
Infrastructure: Own cloud · EU region
Status: Live since 2020 · Refactor + rollout 2026

Refactor and extension of an established system

Since 2014, LITEWERKS has established itself as a Mittelstand specialist for intelligent LiFePO4 starter batteries. A first digital platform for connecting LITE BLOX batteries has been live since 2020 — five years of growth, proven in the market, but not built for the regulatory and AI-driven demands of 2026.

The task was therefore not a greenfield build but a complete refactor with targeted extension: moving beyond manual Excel sheets and email attachments to a fully integrated platform with real-time telemetry, a self-service customer portal, and an admin cockpit for service and fleets. At the same time, regulatory pressure intensified — EU Data Act in force since September 2025, EU Battery Passport mandatory from February 2027 — and data sovereignty has become a hard selection criterion in the DACH Mittelstand.

The core architectural question wasn't "which features" but "which building blocks need to be re-thought now so that the existing fleet stays intact while compliance, scaling, and a future AI layer carry without another rebuild".

Four components, one platform

The platform live today — a complete refactor of the system that grew since 2020 — covers manufacturer, service, and end customer within a unified data architecture.

Mobile App (iOS/Android)

Flutter app with BLE real-time telemetry, live diagnostics, anti-theft control (A.V.A.T.), remote shutdown (I.K.O.S.), and notification center. Multilingual, Firebase auth, Sentry monitoring. Telemetry over HTTPS.

Backend & API

NestJS backend with PostgreSQL and Redis. HTTPS telemetry ingestion, service-request workflow, webhooks, OpenAPI-driven types for the frontends. MQTT bridge exclusively for the soft migration of the legacy app.

Admin dashboard

Next.js 16 with Authentik OIDC. Service requests, device and customer management, fleet overview, firmware releases, Bull Board for background jobs, webhook configuration.

Self-service customer portal

Next.js 16 with Firebase Auth, multilingual (DE/EN). Customers manage their devices, view telemetry and service history, export their data — ready to fulfil Data-Act-style data access rights.

Mobile App

Admin & Portal

LITE BLOX Dashboard — Telemetry & Service

See it live: App Store (iOS) Customer Portal Product website

What runs in production

≈ 6.000

active units in the field

since 2020

in the field · refactor 2025–2026

24/7

Telemetry ingestion

DE/EN

multilingual portal

The system has been in the field since 2020; today's platform is a complete refactor and extension of the historically grown installed base. Nearly 6,000 active units run on the new platform; the lifecycle data model is currently being rolled out across the installed base. Sentry and Grafana Cloud monitor the entire stack.

Architecture at a glance

Four clean layers with clear responsibilities. What is shown here at high level transfers to nearly any industrial product with service and compliance obligations.

Edge / Device layer

BLE telemetry · HTTPS

Bidirectional link to units in the field — offline-capable. New app over HTTPS; MQTT bridge exclusively as a transition layer for the legacy app.

Backend & API layer

NestJS · OpenAPI

Telemetry ingestion, service workflows, background jobs, webhooks to third-party systems. OpenAPI spec as the single source of truth for the frontends.

Data layer

PostgreSQL · Redis

Structured lifecycle data with ACID guarantees for regulatory evidence. Redis for caching and queues. Append-only event log for immutable audit trails, rollout 2026.

Presentation layer

Flutter · Next.js 16

Three frontends (Mobile, Admin, Portal), three roles, one OpenAPI type definition. Authentication via Authentik OIDC (staff) and Firebase Auth (end customers), multi-auth guard in the backend.

Operations & compliance

Sentry · Grafana Cloud

Own cloud infrastructure in the EU. Rolling Docker deployments for zero-downtime releases, platform-wide monitoring and metrics. GDPR and EU Data Act anchored in the data pipeline and audit layer.

Tech stack — and why

Technology	Rationale
Flutter (app) + Next.js 16 (admin & portal)	One codebase per platform with native performance; shared OpenAPI type definition across all three frontends.
NestJS + PostgreSQL + Redis	Structured TypeScript architecture with ACID guarantees for regulatory evidence; Redis for caching and background queues.
Authentik OIDC + Firebase Auth	Clean separation of staff and end-customer authentication. Multi-auth guard in the backend with auto-linking by email.
Sentry + Grafana Cloud	Platform-wide error tracking and metrics on own EU cloud infrastructure with rolling Docker deployments — the prerequisite for stable live operations and auditable history.

Behind each row above is a concrete tradeoff against a serious alternative — NestJS over Spring Boot, PostgreSQL over MongoDB, Authentik over Keycloak. Which choice fits which project depends on the compliance profile and the scaling assumption.

Compliance & sovereignty

The regulatory pillars are anchored in the data model and API layer — as part of the platform architecture, not as an additional layer on top of the product.

GDPR

Privacy by design across all frontends, cookie consent with Consent Mode v2, GDPR-compliant logging, self-service data export in the customer portal.

EU Data Act (since 09/2025)

Main driver for the self-service customer portal: end customers see and export their device and telemetry data in a structured way — data access rights built in.

ISO 9001 (LITEWERKS-certified)

Platform supports identification, traceability, documented information, and release processes. Lifecycle data model with append-only event log is rolling out.

EU Battery Passport 2027

LITE BLOX is below the 2 kWh threshold. The architecture nonetheless follows the standard — birth snapshot per unit, role-based QR access.

Data sovereignty in every layer of the architecture

Data and models stay under own sovereignty. The next phase — AI-driven analysis of production and telemetry data on-premise in own infrastructure — is part of the roadmap. No third-party models, no compromises on data protection, IP protection, or quality records.

Live status & roadmap

Live today

Mobile app (iOS/Android) with BLE real-time telemetry
NestJS backend with telemetry ingestion and service workflow
Admin dashboard with device, customer, and fleet management
Multilingual self-service customer portal (DE/EN)
OIDC auth (staff) + Firebase auth (customers) with auto-linking
Platform-wide monitoring with Sentry and Grafana Cloud

Currently rolling out (May/June 2026)

Lifecycle data model with immutable birth snapshot per unit
Append-only event log for lifecycle history
Role-based QR access replacing the printed password
Preparation for the EU Battery Passport 2027

Next phase

AI-driven analysis of production and telemetry data on-premise in own infrastructure
Multi-tenant capability for subcontractor manufacturing
Extended tagging and correlation tools for engineering and service

What this architecture carries to other industries

The architectural pattern is not battery-specific. It solves problems that arise today across many industrial products with service and compliance obligations.

Mechanical engineering

Predictive maintenance, remote diagnostics, ERP/MES integration through a structured API layer. Lifecycle data from commissioning through service.

Medical technology

Audit-trail-ready telemetry, MDR-compliant traceability, self-service patient portal with GDPR data export.

Industrial sensing

Scalable telemetry ingestion, edge-cloud hybrid, real-time alerts with configurable thresholds.

Energy & mobility

BLE/IoT connectivity to mobile units, OIDC staff auth plus end-customer auth, EU Data Act data access.

Three Mittelstand specialists from Baden-Württemberg

A fully integrated IoT platform without a corporate apparatus — through focused specialist collaboration.

LITEWERKS GmbH

Konstanz · Hardware, product, engineering

Manufacturer of the intelligent LiFePO4 starter battery. ISO 9001 and VDE certified, sister company WeightWorks Engineering for carbon fibre composites. Founded 2014.

litewerks.de

studio hak

Rottweil · Brand & interface design

Interdisciplinary design studio focusing on strategic design and brand building. Founded 2001.

www.hakdesign.de

IntegrIT Solutions

Rottweil · Software architecture & development

Mobile, backend, cloud, and AI development. bwcon member, founder Felix Maier. End-to-end responsibility from architecture to operations.

integritsol.de

Lessons learned — transferable

Refactor beats greenfield. A system that has grown over five years can be modernised in a targeted way — by re-thinking the data model, API contracts, and auth layer cleanly, you keep the installed base and live operation while gaining future readiness, without losing the market.
Compliance belongs in the data model, not in later migrations. Birth snapshots, append-only event logs, and role-based tokens save more long-term than they cost initially.
Three frontends, one type definition. With OpenAPI as the single source of truth, the API contract between mobile, admin, and portal stays consistent — without manual upkeep on each side.
Own cloud infrastructure is more maintainable than its reputation. Rolling Docker deployments on own EU infrastructure can be operated cleanly where hyperscaler patchwork demands specialised knowledge per service — data sovereignty emerges as a side effect.
The order matters: capture the problems, derive a concrete vision, cut it into stages — ship step by step, without losing the big picture. This is how platforms emerge that are enterprise-grade from day one and can still start small. At LITE BLOX: from Excel sheets and a grown installed base came the vision of a sovereign IoT platform with on-premise AI and EU Battery Passport readiness. Stages: refactor, lifecycle data model (in rollout), on-premise AI.