Jonas Forshell

Senior Product Owner

Vard CRM: A Focused CRM for a Freelance Photographer

Built a focused CRM for one freelance photographer to test scope discipline, AI-assisted delivery, security learning, and practical product ownership.

Problem

A freelance photographer friend was managing client work in Trello and was tired of forcing a project workflow into a generic board.

The problem was not that he needed a heavy sales CRM. He needed a calmer way to track clients, projects, status, and next actions without adding agency-style complexity.

The name Vard comes from the Nordic "Varde", a stone cairn built to guide travellers and mark the way. That felt right for a small CRM meant to make the next practical step clearer.

Vard CRM start page showing upcoming sessions, work in progress, and awaiting payment
The start page was designed around next actions rather than forcing the user straight into a board.Open full-size image

Approach

I built Vard CRM as a focused product for solo creative freelancers, starting from one real user rather than a broad imagined market.

The core idea was simple: status drives the work. Projects move through a clear pipeline, clients stay linked to the work, and the start page focuses on what needs attention next.

I deliberately kept the scope narrow:

  • No multi-user agency workflows
  • No complex forecasting
  • No sales-team reporting
  • No heavy permission model in the main product
Vard CRM workflow board with projects grouped by pipeline status
The workflow board keeps the status progression visible and practical.Open full-size image

What I Built

The product includes:

  • A status pipeline from lead to paid
  • Project and client records with linked history
  • Next actions and recent activity on the start page
  • Keyboard shortcuts for faster daily use: E to edit, Ctrl+S to save, Esc to cancel, and Tab through fields
  • Preferences for language, startup page, theme, and checklist defaults
  • Export support and audit logging
  • A separate admin backoffice for user lifecycle, feature flags, maintenance banners, session controls, and security events
Vard CRM project detail panel with status, client, session date, checklist, and save controls
Project details open in a focused panel, with explicit save and cancel actions.Open full-size image
Vard CRM project list with project names, dates, statuses, and quick actions
The list view keeps the same records available for sorting, scanning, and quick edits.Open full-size image
Vard CRM mobile start page showing next actions and bottom navigation
I also checked the core flow on mobile so the product worked as a quick reference tool, not only as a desktop board.Open full-size image
Vard CRM preferences screen showing appearance, language, startup page, and checklist defaults
Settings stayed practical: the goal was to support the working routine, not add configuration for its own sake.Open full-size image

Security Learning

Because I am not a professional developer, I treated security as something to actively investigate rather than assume.

I used AI to map likely risks, then checked the repository with tools like Snyk and Aikido, reviewed Supabase RLS policies, kept privileged admin actions server-side, added audit logging, and separated admin concerns from the main product UI.

That does not replace a proper security review. It did make me more careful about the questions I ask, the assumptions I challenge, and the difference between a working product and something ready for wider use.

Vard CRM audit log showing recent append-only events
Audit logging became one of the clearest examples of where product, operations, and security overlap.Open full-size image

What I Learned

This project made the cost of product decisions very visible.

When AI lowers the cost of building, scope creep becomes easier. That made saying no more important, not less. It also made me appreciate how much judgement good developers bring to architecture, testing, maintainability, and security.

I also learned that AI-assisted building has its own kind of fatigue. It is exciting to write a spec, hand it to an AI tool, and see something working a few minutes later. That momentum can make it easy to keep going long after you should stop. Suddenly it is 04:00 and you have shipped five more ideas into the backlog. The work still needs judgement, rest, and a clear stopping point.

The biggest learning was that building something real for one person teaches more than building features for a vague market. It forced practical choices about what mattered, what could wait, and what would make the product safer to operate.