feat: Architektur & Tech-Stack Dokumentation

📐 Architektur:
- Cloud-basiert (SaaS) Entscheidung
- Multi-Tenancy Konzept
- Architektur-Diagramm

🛠️ Tech-Stack:
- Deno + Oak Backend
- PostgreSQL Datenbank
- Vue 3 + PrimeVue Frontend
- Hetzner Hosting (DSGVO)

📁 Projektstruktur:
- src/ mit routes, middleware, services
- docs/ mit Architektur-Doku
- Basis main.ts mit Health Check

docs/TECH-STACK.md

@@ -0,0 +1,121 @@
+# Pulse CRM - Tech Stack
+
+## Backend
+
+| Komponente | Technologie | Version | Begründung |
+|------------|-------------|---------|------------|
+| Runtime | **Deno** | 2.x | Sicher by default, TypeScript nativ, moderne APIs |
+| Framework | **Oak** | 17.x | Express-ähnlich, bewährt für Deno |
+| Datenbank | **PostgreSQL** | 16.x | ACID, JSON-Support, Row-Level Security |
+| ORM | **Drizzle ORM** | Latest | Type-safe, leichtgewichtig, gute DX |
+| Auth | **JWT** | - | Stateless, skalierbar |
+| Hashing | **Argon2** | - | Sicherster Passwort-Hash-Algorithmus |
+| Validation | **Zod** | 3.x | Runtime type validation |
+| Email | **Resend** | - | Moderne E-Mail API |
+
+## Frontend
+
+| Komponente | Technologie | Version | Begründung |
+|------------|-------------|---------|------------|
+| Framework | **Vue 3** | 3.5.x | Composition API, TypeScript, reaktiv |
+| UI Library | **PrimeVue** | 4.x | Enterprise-ready, umfangreich |
+| State | **Pinia** | 2.x | Offizieller Vue Store |
+| Router | **Vue Router** | 4.x | SPA Navigation |
+| HTTP | **Axios** | 1.x | HTTP Client |
+| Build | **Vite** | 5.x | Schnell, HMR, optimiert |
+| CSS | **TailwindCSS** | 3.x | Utility-first |
+| i18n | **vue-i18n** | 9.x | Mehrsprachigkeit (DE/EN) |
+
+## Infrastruktur
+
+| Komponente | Technologie | Begründung |
+|------------|-------------|------------|
+| Hosting | **Hetzner Cloud** | DSGVO, Deutschland, günstig |
+| Container | **Docker** | Portabilität, Reproduzierbarkeit |
+| Reverse Proxy | **nginx** | Performance, SSL Termination |
+| SSL | **Let's Encrypt** | Kostenlose Zertifikate |
+| CI/CD | **Gitea Actions** | Self-hosted, integriert |
+| Monitoring | **Prometheus + Grafana** | Open Source, bewährt |
+
+## Datenbank Schema (Übersicht)
+
+```sql
+-- Multi-Tenant Core
+organizations (id, name, settings, created_at)
+users (id, org_id, email, password_hash, role, ...)
+
+-- CRM Core
+contacts (id, org_id, first_name, last_name, email, phone, company_id, ...)
+companies (id, org_id, name, industry, website, ...)
+deals (id, org_id, title, value, stage_id, contact_id, owner_id, ...)
+pipelines (id, org_id, name, stages JSONB, ...)
+
+-- Activities
+activities (id, org_id, type, contact_id, deal_id, note, due_at, ...)
+
+-- System
+audit_logs (id, org_id, user_id, action, entity, entity_id, changes, ...)
+```
+
+## API Design
+
+### RESTful Conventions
+
+```
+GET    /api/v1/contacts          # Liste
+GET    /api/v1/contacts/:id      # Detail
+POST   /api/v1/contacts          # Erstellen
+PUT    /api/v1/contacts/:id      # Update
+DELETE /api/v1/contacts/:id      # Löschen
+
+# Nested Resources
+GET    /api/v1/contacts/:id/activities
+POST   /api/v1/deals/:id/move    # Custom Action
+```
+
+### Response Format
+
+```json
+{
+  "success": true,
+  "data": { ... },
+  "meta": {
+    "page": 1,
+    "limit": 20,
+    "total": 150
+  }
+}
+```
+
+### Error Format
+
+```json
+{
+  "success": false,
+  "error": {
+    "code": "VALIDATION_ERROR",
+    "message": "Invalid email format",
+    "details": [...]
+  }
+}
+```
+
+## Security
+
+- **Authentication:** JWT (Access Token 15min, Refresh Token 7d)
+- **Password:** Argon2id, min 8 chars
+- **Rate Limiting:** 100 req/min per IP, 1000 req/min per User
+- **CORS:** Whitelist allowed origins
+- **Input Validation:** Zod schemas for all inputs
+- **SQL Injection:** Parameterized queries via ORM
+- **XSS:** Content-Security-Policy headers
+- **HTTPS:** Enforced, HSTS enabled
+
+## DSGVO Compliance
+
+- ✅ Hosting in Deutschland (Hetzner)
+- ✅ Verschlüsselung (Transit + Rest)
+- ✅ Audit Logging
+- ✅ Datenexport (Art. 20)
+- ✅ Löschkonzept (Art. 17)
+- ✅ AVV-Vorlage für Kunden