Building an HR SaaS Alone: Flat Pricing vs Per-User Billing

2026-05-18

It will be a short story about a side project that grew from a simple question: why does HR software charge per user instead of a flat monthly price? Most HR tools - BambooHR, Personio, Factorial - bill per employee, so every hire pushes your invoice up. After 15+ years in backend development - PHP, Laravel, Symfony, WHMCS - I decided to build my own answer in my free time. The result is HREvio, an HR platform for small EU teams with one fixed monthly price and no per-user fees. I shipped the MVP in about 4 months, working evenings and weekends.

The per-user math sounds fair until you do it. A 20-person team can easily pay 100+ euro a month just to track vacations. Hire one more person and the invoice goes up again. Annoying for big companies, painful for small ones. The bigger problem is that this model penalizes exactly the segment that needs HR tooling the most - SMBs in the 5-100 employee range, where every hire is already a real budgeting decision.

So I built a simple BambooHR alternative for Europe with three plans and a flat fee. Starter is 29 euro per month for up to 25 people. Standard is 49 euro per month for up to 100 people. The price you sign up for is the price you pay. No surprises in the next invoice when you onboard a new colleague.

How a single developer ships a SaaS in 4 months

Five years ago this would have been a team project. Today, one person can do it. Two reasons:

  • Good open-source packages. Multi-tenancy, permissions, audit logs, encryption - all already solved by mature libraries. You just need to put them together properly.
  • AI as a second pair of hands. It writes boilerplate, helps with tests, drafts docs. The boring 60% of the work gets a lot faster.

The other 40% is still on you - architecture, edge cases, security, business logic. That is where experience matters. AI is fast, but it does not understand your product.

The stack

I will not list exact version numbers here on purpose - no need to give attackers a free map of my dependencies. But the shape of the system is no secret:

  • Backend: Laravel with strict types in every file, simple Action classes instead of huge services.
  • Frontend: Livewire in CSP-safe mode, Tailwind CSS, a bit of Alpine.js. No React SPA, no extra build complexity.
  • Database: PostgreSQL.
  • Permissions and audit log: role-based access control and a full audit trail of important actions - both built in from day one.
  • Infrastructure: Docker + Traefik in production, per-subdomain Let's Encrypt certificates, all behind Cloudflare. The whole stack is easy to manage, and when traffic grows I can scale the number of request-handling containers up without rewriting anything.

No Kubernetes, no microservices, no event-sourced anything. One app, one database, one Redis. That is enough for SMB SaaS and will be enough for a long time. Adding complexity before you have paying customers is the easiest way to waste your own time.

Multi-tenancy in one database

I went with the boring solution: every company is fully isolated inside one shared database. It is the most reliable approach for SMB SaaS - cheap to run, simple to back up, easy to reason about. The tricky part is making absolutely sure that data from company A can never end up in front of a user from company B. That guarantee is the line you do not cross, and I treat it as a hard rule that the test suite has to prove on every change.

GDPR by default

The product processes EU employee data, so GDPR has to be built in from day one, not bolted on later:

  • Salary and other sensitive fields are encrypted at rest.
  • The activity log automatically hides encrypted fields, so the audit history cannot be used as a side channel to leak PII.
  • Legal acceptance (terms, privacy, DPA) is tracked with IP and timestamp on every accept.
  • Self-hosted fonts, no Google Fonts CDN. reCAPTCHA loads only when the user actually clicks into the form.

Nothing fancy here. It is just what any HR product selling in the EU should be doing in 2026. The basics of online security have not changed that much over the years. They still hold, and they still get skipped by people who should know better.

Tests - the not-so-secret weapon

The codebase has around 90% test coverage, and it is not just unit tests. Three layers:

  • Unit tests for every Action and value object.
  • Feature tests for every Livewire component, booting the full Laravel stack against a real PostgreSQL container (not SQLite - "test passes, production breaks" is one of the most expensive bugs you can write).
  • E2E tests for the key user journeys (signup, invite, leave request, approval flow), running through a real browser against the full app.

Tenant isolation is asserted explicitly: "user from company A cannot see data of company B" is a test, not a hope. This is the boring part nobody brags about, and it is the main reason I can refactor without fear and let AI touch the code without panic.

What is left - the "small" part

The product works. The tests are green. The infrastructure is solid. The encryption is encrypting. What is left is technically very minor: I just need to find customers, convince them to give me money, support them, write content, do marketing, answer emails, run sales calls, fix the things they will inevitably break in ways I did not anticipate, and somehow keep them so happy that they tell their friends.

Honestly, after building the whole thing alone, this part felt like a small detail at first. Then I sat down with a cup of coffee, opened the marketing tab, and realized that "small" was doing some of the heaviest lifting in the entire project. Turns out you cannot composer require customers. I checked.

One thing I do believe though: the gap between what a senior solo developer can ship in 2026 and what a 50-person SaaS company can ship has shrunk a lot. Honest pricing and lean products are about to put serious pressure on per-seat billing. The old "charge per user forever" model is not going to age well.

FAQ

How long did it take to build HREvio?
About 4 months from first commit to a usable MVP, working evenings and weekends around a day job. The product launched with full multi-tenancy, role-based permissions, encrypted PII, an audit trail, and a 90% test suite covering unit, feature and E2E layers.

Why flat pricing instead of per-user billing?
Per-user pricing punishes the customers who need HR tooling the most - small and growing teams. Flat pricing tied to tier-based employee caps gives SMBs a predictable budget line and removes the disincentive to hire. It is also hard for big incumbents to copy without cannibalising their main revenue model.

Can a solo developer really build a SaaS in 2026?
Yes, if you respect what AI is good at (boilerplate, scaffolding, repetitive tests) and what it is not good at (architecture, edge cases, security trade-offs, business judgement). Mature open-source packages plus AI tooling have collapsed the work needed to ship a credible MVP.

Which HR tools is HREvio an alternative to?
HREvio is a direct alternative to BambooHR, Personio, Factorial and similar HR SaaS products, with a sharper focus on EU small businesses (5-100 employees) and flat monthly pricing instead of per-user fees.

If you run a 5-100 person team in the EU and per-user HR pricing has been bothering you, take a look at HREvio - flat-price HR software. Three plans, fixed monthly price, 30-day free trial, no credit card needed. Honest feedback from a real human (me) included.

Read 42 times Last modified on 2026-05-18

Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.

back to top