Retail security reports

B

BEWIT

bewit.love

57

BEWIT is a small retail business specializing in the manufacture and supply of essential oils, cosmetics, and dietary supplements with a focus on natural products containing 0% synthetics. The company has established a niche market presence since its domain registration in 2015 and targets a general audience interested in therapeutic-grade natural products. The website demonstrates a good level of digital maturity with modern technologies such as Google Fonts, Tiny Slider, Cookiebot for consent management, and Google Tag Manager for analytics. Payment processing is handled by reputable partners Klarna and Stripe, enhancing trust and security for customers. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, although some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the absence of terms of service and explicit security policies indicates areas for legal and security enhancement. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

Bovys s.r.o is a Czech Republic based medium-sized wholesale distributor specializing in fresh fruit and vegetables. Established in 1994, the company supplies a wide range of clients including retail stores, restaurants, hotels, school canteens, and other gastronomy operations. It holds a leading position as a supplier for school projects such as 'Ovoce a zelenina do škol' and 'Mléko do škol'. The company emphasizes quality control through HACCP systems and sustainability initiatives including a photovoltaic power installation co-financed by the EU. Technically, the website is built on WordPress with modern plugins and includes security features like HTTPS and Google reCAPTCHA. However, the absence of WHOIS registration data raises some concerns about domain legitimacy. Overall, the website is professional, well-structured, and compliant with privacy regulations, but could improve security headers and domain transparency.

L

Luděk Vašek

bike-sport-shop.cz

58

Bike Sport Shop is a Czech Republic-based retail business specializing in cycling, running, cross-country skiing, and outdoor equipment. With over 25 years of experience, the company operates both a well-stocked physical store in Chrudim and an e-commerce platform offering a wide range of bicycles, e-bikes, sportswear, and accessories. The business emphasizes customer service, professional advice, and after-sales support including servicing and repairs. Their market position is that of a trusted local specialist with a loyal customer base and positive reputation as evidenced by external review platforms like Heureka.cz. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, and responsive design frameworks such as Foundation. The site is mobile-optimized and provides a good user experience with clear navigation and product presentation. Payment processing is handled securely via GoPay with multiple payment options displayed. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. From a security perspective, the site uses HTTPS and enforces cookie consent but lacks visible security headers such as CSP or HSTS, which could be improved. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data for the domain reduces the trust score somewhat, but the website content and business information appear legitimate and professional. Overall, the website is a solid e-commerce platform with good content quality, technical implementation, and privacy compliance. Strategic improvements in security headers and domain registration transparency would enhance trust and security posture further.

J

Judapest

judapest.store

65

Judapest Store is a small e-commerce retailer specializing in Jewish gifts, Judaica, and cultural products based in Budapest, Hungary. The website is built on the Shopify platform using the Canopy theme, offering a professional and user-friendly shopping experience with multilingual support. The business targets Jewish communities, tourists, and gift buyers interested in Jewish heritage. The store also offers Jewish Budapest walking tours, enhancing its cultural engagement. Technically, the site leverages modern e-commerce technologies and integrates multiple analytics and marketing tools, including Google Analytics and Facebook Pixel. Security is adequate with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is addressed with a cookie consent banner and a privacy policy, but no terms of service or vulnerability disclosure pages are found. Overall, the site is trustworthy and professionally maintained, with room for security enhancements and expanded compliance documentation.

P

Promaledobrodruhy.cz

promaledobrodruhy.cz

63

Promaledobrodruhy.cz is a specialized Czech retailer focused on providing high-quality outdoor clothing and equipment primarily for children and families. The business operates both an e-commerce platform and a physical store located in Prague, offering a wide range of products including exclusive brands like WeeDo. Their services extend to a loyalty program, a second-hand bazaar for used outdoor gear, and a blog providing advice and community engagement. The company targets families with children who enjoy outdoor activities, positioning itself as a trusted specialist in this niche market. Technically, the website employs a custom CMS with modern JavaScript libraries, integrates multiple analytics and marketing tools, and maintains good mobile responsiveness and SEO practices. Security-wise, the site uses HTTPS and error monitoring but lacks explicit security policies and vulnerability disclosure mechanisms. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable, which slightly impacts domain trust assessment.

ALPSPORT s.r.o. operates the website Alpsport.cz, specializing in retail sales of outdoor equipment including gear for skialp, freeride, telemark, climbing, camping, and hiking. The company positions itself as a leading provider in the Czech Republic with a broad product range and services such as equipment rental and climbing courses. The website is built on ASP.NET Web Forms technology, utilizing several JavaScript libraries including jQuery and Owl Carousel, and integrates Google Tag Manager and Smartsupp Live Chat for analytics and customer support. While the technical infrastructure is functional, some components like jQuery are outdated, and security headers could be improved. The site enforces HTTPS and includes a cookie consent mechanism, but lacks an explicit privacy policy and terms of service pages in the provided content. Overall, the security posture is moderate with room for enhancement in compliance and technical modernization. The domain WHOIS data is unavailable, likely due to privacy protection, but the website content and business information indicate a legitimate and established retail business. Strategic recommendations include updating libraries, enhancing security headers, and publishing comprehensive privacy and terms policies to improve trust and compliance.

Algida.cz is the Czech Republic localized website for Algida, a globally recognized ice cream brand under the Unilever umbrella. The site offers a comprehensive portfolio of ice cream products and accessories, targeting general consumers interested in frozen desserts. The website is professionally designed using Adobe Experience Manager, ensuring a modern and responsive user experience. It features multiple international partner domains linked through hreflang tags, indicating a well-integrated global brand presence. Security-wise, the site employs HTTPS and cookie consent mechanisms but lacks explicit privacy and terms of service pages, which are important for compliance and user trust. WHOIS data is unavailable, likely due to privacy protection, which is common for large brands but reduces transparency. Overall, the site is secure, well-branded, and user-friendly but could improve privacy disclosures and contact transparency.

A

ASP Group s.r.o.

aspgroup.cz

61

ASP Group s.r.o. is a well-established distributor specializing in branded ATVs, motorcycles, and related accessories across Central and Eastern Europe. With over 24 years of market experience, the company holds a strong position as one of the largest distributors in its sector. The website reflects a professional and comprehensive digital presence, offering detailed product categories, brand partnerships, and dealer support services. The multilingual approach and dedicated e-commerce platforms further enhance its market reach. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates essential marketing and analytics tools such as Google Tag Manager and Google Analytics. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital infrastructure. Cookie consent and privacy policies are implemented in compliance with GDPR, reflecting a commitment to privacy and regulatory adherence. From a security perspective, the site uses HTTPS and cookie consent management but lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data slightly reduces domain trustworthiness, but the overall professional presentation and contact transparency mitigate concerns. Overall, ASP Group's website demonstrates a solid business and technical foundation with good security hygiene and privacy compliance. Strategic improvements in security headers and transparency around incident response would further strengthen its posture.

P

Palác Pardubice

palacpardubice.cz

46

Palác Pardubice is a prominent retail shopping center located in the heart of Pardubice, Czech Republic. It offers a wide range of services including retail stores, gastronomy, entertainment options such as a cinema and gaming areas, and convenient facilities like underground parking. The center actively engages its visitors through events and a loyalty application, positioning itself as a key destination for shopping and leisure in the region. The website reflects a professional and consistent brand image with clear business information and active social media presence. Technically, the website employs a modern JavaScript stack including jQuery, Swiper, and Google Tag Manager for analytics and marketing. It is mobile-optimized with good SEO practices and accessibility basics. Cookie consent and privacy policies are implemented, indicating compliance with GDPR requirements. However, some security best practices such as security headers and a security.txt file are missing. From a security perspective, the site uses HTTPS with no visible exposed sensitive data or vulnerabilities in the HTML content. The absence of WHOIS data limits domain registration insights, but the overall trustworthiness is supported by the professional presentation and external references. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website scores well in content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen security and trust.

S

Spolek milců čaje s.r.o.

tea.cz

40

The website www.tea.cz represents a specialized Czech e-commerce business focused on the sale and direct import of fine teas under the brand Dobrá čajovna, operated by Spolek milců čaje s.r.o. It targets tea enthusiasts and consumers interested in premium tea products, offering a curated selection of teas from various countries. The business model is retail e-commerce with community engagement and franchise opportunities. The site is well-branded and consistent, with clear contact information and social media presence, positioning it as a niche market player in the tea retail sector. Technically, the website is built on the PrestaShop platform, leveraging modern web technologies including jQuery, Bootstrap, Google Tag Manager, and PayPal integration. The site is mobile-optimized with good SEO practices and moderate performance. Security is enforced via HTTPS with secure forms, though some security headers are missing. Privacy compliance is partially addressed with a GDPR policy page, but lacks a visible cookie consent mechanism. Security posture is generally good with no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and incident response information suggests room for improvement. The WHOIS data is not publicly available, indicating privacy protection, which is typical for small retail businesses. Overall, the website is professional, trustworthy, and safe for general audiences. Recommendations include implementing cookie consent banners, adding security headers, publishing a security policy and incident response contacts, and improving WHOIS transparency if possible to enhance trust and compliance.

S

SPORTISIMO s. r. o.

loap.cz

63

LOAP.CZ is a Czech Republic based e-commerce retailer specializing in outdoor and sportswear products. The company positions itself as a pioneer in the Czech outdoor fashion and equipment market with over 25 years of experience. The website offers a broad range of products including clothing, footwear, camping gear, and accessories targeting outdoor enthusiasts. The business model is direct-to-consumer retail with a focus on quality and affordability. The website is professionally designed, mobile optimized, and provides clear navigation and relevant content for its target audience.

P

Prima Obchod s.r.o.

prima-obchod.cz

9

Prima Obchod s.r.o. operates an e-commerce website specializing in textile haberdashery, fashion and clothing accessories, and crafting supplies primarily targeting consumers in the Czech Republic. The website presents a professional and well-structured online retail platform with a broad product catalog and clear navigation. The business appears to be a medium-sized retail entity with a strong local market presence and positive customer trust indicators such as a high recommendation rate. Technically, the website employs modern tracking and marketing technologies including Google Tag Manager, Facebook Pixel, and Bing UET, alongside consent management mechanisms to comply with privacy regulations. The site is mobile-optimized and SEO-friendly, offering a good user experience. Security-wise, the site enforces HTTPS and uses cookie consent scripts but lacks advanced security headers and explicit security policies or incident response information, which could be improved. The absence of WHOIS data for the domain is a notable concern, reducing the trust score for domain legitimacy. Overall, the website is functional, professional, and safe for general audiences, but would benefit from enhanced transparency in domain registration and security practices.

L

Los Kachlos s.r.o.

loskachlos.cz

49

Los Kachlos s.r.o. is a well-established Czech company specializing in the import and retail of premium design tiles and coverings from Spain and Italy since 1996. The company operates multiple physical showrooms across Czech Republic and Slovakia and offers a comprehensive product range including retro, vintage, large format, and technical tiles for various interior and exterior applications. Their business model combines retail, wholesale, e-commerce, and design consultancy services, positioning them as a market leader in their niche. Technically, the website is built on a mature platform (iCard.cz) using Bootstrap and Vue.js, with modern analytics and marketing integrations. The site is mobile optimized and provides a good user experience with clear navigation and rich content. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and policies are missing. The absence of WHOIS data limits domain trust analysis, but the website content and business information appear professional and credible. Privacy policy and terms of service pages are not found, indicating room for compliance improvement.

S

Strom - shop

stromshop.cz

71

Stromshop.cz is an established e-commerce platform specializing in the sale of John Deere branded products in the Czech Republic. Founded in 2013, it serves as the official John Deere online shop offering a wide range of products including garden machinery, clothing, toys, and accessories. The website demonstrates a consistent brand presence and targets consumers interested in John Deere merchandise. Technically, the site uses ASP.NET WebForms with Kentico CMS, integrates Google Tag Manager and reCAPTCHA for tracking and security, and shows moderate performance with good mobile optimization. Security practices include HTTPS and CSRF protection, though some security headers are not explicitly confirmed. Privacy and cookie policies are present, indicating basic GDPR compliance, but no explicit security policy or incident response information is found. Overall, the site is professional, trustworthy, and safe for general audiences.

A

Antonín Fára

prazenakava-yemenites.cz

48

The website www.prazenakava-yemenites.cz represents a small Czech e-commerce business specializing in the retail of freshly roasted coffee, teas, coffee machines (notably Jura brand), and related accessories. The company, identified as Antonín Fára, operates both an online store and a physical café and roasting facility. The site targets coffee and tea consumers primarily within the Czech Republic, offering a curated selection of specialty products with detailed descriptions and images. The business model is retail-focused with a niche market position emphasizing quality and local roasting expertise. Technically, the website is built on the BohemiaSoft Webareal platform, utilizing legacy JavaScript libraries such as jQuery 1.8.3 and various plugins for UI enhancements. The site is moderately optimized for performance and mobile responsiveness, with good SEO practices and basic accessibility features. Cookie consent mechanisms are implemented with clear user controls, and privacy and terms of service pages are present, indicating a reasonable level of privacy compliance. From a security perspective, the site lacks visible HTTP security headers and uses outdated JavaScript libraries, which may expose it to vulnerabilities. The absence of WHOIS data limits domain trust verification, although the website content and contact information appear legitimate. No advanced security policies or incident response contacts are found. Overall, the security posture is moderate but requires improvements to align with best practices. The overall risk assessment suggests a functional and trustworthy small business website with room for technical and security enhancements. Strategic recommendations include updating JavaScript libraries, implementing security headers, verifying SSL/TLS configurations, and conducting regular security audits to mitigate potential vulnerabilities and enhance user trust.

K

KOSMAS.cz

kosmas.cz

62

KOSMAS.cz is a well-established Czech online bookstore offering a wide range of products including physical books, e-books, audiobooks, music, and games. The company operates 35 physical stores and maintains a strong online presence with a user-friendly website. Their market position is solid within the Czech retail book sector, supported by customer reviews and recognized certifications such as 'Zelená firma' and 'Ověřeno Heurekou'. The website targets Czech-speaking book buyers and readers, providing comprehensive product information and a smooth shopping experience. Technically, the website employs modern JavaScript libraries and tracking tools such as Google Tag Manager, Google Analytics, Bing Ads, and Typekit fonts. The site is mobile-optimized and demonstrates good SEO practices. However, some security headers are missing, and no explicit security policy or incident response pages are published, which could be improved to enhance security posture. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, indicating compliance with GDPR. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces transparency but does not significantly impact the overall trustworthiness given the website's professional presentation and contact information. Overall, KOSMAS.cz presents a trustworthy and professional e-commerce platform with good content quality and business credibility. Strategic improvements in security headers and transparency policies would further strengthen their security posture and compliance.

N

Najdi svého zemědělce

najdizemedelce.cz

51

Najdi svého zemědělce is a Czech Republic-based online platform dedicated to connecting consumers with local farmers offering fresh and quality agricultural products. The website serves as a marketplace and informational hub, providing categorized listings of products such as potatoes, meat, dairy, beverages, fruits, bakery items, seedlings, and vegetables. It targets consumers interested in local, fresh food and supports direct sales from producers to buyers. The platform maintains an active blog and regional segmentation to enhance user engagement and service relevance. Technically, the website is built on WordPress CMS, utilizing common plugins for performance optimization, GDPR compliance, and user experience enhancements. The tech stack includes jQuery, Owl Carousel, FontAwesome, and image optimization services. The site is mobile-optimized with good navigation clarity and SEO practices, though accessibility features are basic. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and does not provide visible incident response or security policy information. No vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data is privacy-protected, which is typical for small business websites. Overall, the website presents a professional and trustworthy front for a niche agricultural marketplace. Strategic improvements in security headers, incident response transparency, and expanded contact information would enhance its security posture and user trust.

T

Tišnovská spižírna

tisnovskaspizirna.cz

46

Tišnovská spižírna is a small, environment-focused social enterprise operating a zero-waste retail store in Tišnov, Czech Republic. The business emphasizes local, organic, and ecological products, serving both members and the general public. The website reflects a well-structured, content-rich platform built on WordPress with the Divi theme, incorporating GDPR-compliant cookie consent mechanisms. The technical infrastructure is modern and adequate for the business scale, hosted by WEDOS, a reputable Czech hosting provider. Security posture is good with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong with clear cookie policies and consent mechanisms, but lacks explicit privacy or security policies. Overall, the website is professional, trustworthy, and well-aligned with the business mission.

Zerlina s.r.o. operates a small family ecological goat farm located in Rožnov pod Radhoštěm, Czech Republic. The business focuses on producing high-quality organic goat dairy products including fresh and aged cheeses, yogurts, kefir, and ice cream. Additionally, the farm offers agrotourism experiences, farm tours, and accommodation services, targeting families, individuals, and groups interested in sustainable farming and local gastronomy. The company positions itself as a trusted regional player with a strong emphasis on tradition and ecological sustainability. Technically, the website is built on WordPress with a modern tech stack including JavaScript libraries, Google reCAPTCHA for form security, and Google Analytics for visitor tracking. The site is well-optimized for mobile devices and provides a good user experience with clear navigation and professional design. Cookie consent and privacy policies are implemented in compliance with GDPR requirements. From a security perspective, the site uses HTTPS with a valid SSL certificate and integrates reCAPTCHA to protect forms. However, it lacks some recommended security headers which could enhance protection against common web threats. The absence of WHOIS registration data reduces domain trustworthiness, but the website content and business information appear legitimate and professional. Overall, Zerlina's website demonstrates a solid digital presence for a small ecological farm with good privacy compliance and user experience. Strategic improvements in security headers and domain registration transparency would further strengthen trust and security posture.

K

KVĚTOMLUVA

kvetomluva.cz

55

KVĚTOMLUVA operates a Czech-language e-commerce website specializing in organic and bio herbal products, including teas, herbal mixtures, and hypoallergenic items. The company targets health-conscious consumers interested in natural and farm-produced goods. The website is professionally designed with clear navigation, product categorization, and a shopping cart system, indicating a mature digital presence for a small retail business. Technical infrastructure leverages the Shoptet e-commerce platform, jQuery, and integrates analytics tools such as Matomo and Google Analytics, reflecting a modern but not cutting-edge tech stack. Security posture is solid with HTTPS, CSRF protection, and cookie consent mechanisms, though additional security headers could enhance protection. Privacy compliance is well addressed with accessible GDPR and cookie policies. Overall, the site presents a trustworthy and professional front with moderate tracking and marketing tools in use.

A

Agrofyto, spol. s r.o.

agrofyto.cz

44

Agrofyto, spol. s r.o. is a certified organic farm located in Lidečko, Valašsko, Czech Republic, specializing in the production and online retail of organic beef and dairy products. The company targets consumers interested in high-quality, natural food products and operates an e-commerce platform to facilitate direct sales. The website is built on WordPress with WooCommerce, leveraging popular plugins for page building and sliders, and integrates Google Analytics and reCAPTCHA for analytics and security. The site is well-structured, mobile-optimized, and includes essential privacy and cookie policies, reflecting compliance with GDPR requirements. Security posture is good with HTTPS enforced and cookie consent implemented, though additional security headers could enhance protection. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts transparency but does not detract from the overall legitimacy of the business. The website presents a professional and trustworthy image suitable for its niche market.

M

Markol Food s.r.o.

markol.net

59

Markol Food s.r.o. is a small Czech company specializing in the production and sale of various healthy snack bars including Bio Bars, Protein Bars, RAW Bars, Tiger Bars, and Baked Assortment. Originating from a home-based production in Jevíčko, the company has expanded to export products internationally and offers private label and customized promotional bar manufacturing. The website reflects a professional e-commerce platform powered by Webnode CMS and hosted via AWS Cloudfront CDN, featuring modern technologies and good mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and headers are lacking. WHOIS data is unavailable, which raises some concerns about domain registration transparency but does not directly contradict the business legitimacy. Overall, the website is trustworthy, well-structured, and compliant with privacy regulations.

G

Gloobe corp. s.r.o.

superpotraviny-naturalis.cz

57

Naturalis is a Czech-based small retail company specializing in natural superfoods and cosmetics, operating primarily through an e-commerce platform. The company emphasizes high-quality natural products recognized across Europe with multiple quality certifications. Their product range includes health supplements, natural cosmetics, eco-friendly household products, and gift sets. The website is professionally designed with good SEO and mobile optimization, supporting a positive user experience. Technically, the site runs on PrestaShop CMS with modern web technologies and integrates analytics and marketing tools such as Google Analytics, Microsoft Clarity, and SmartEmailing. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are lacking. Privacy and cookie policies are not explicitly found, which is a compliance gap. WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses. Overall, the website is trustworthy and well-positioned in its niche, but could improve transparency and compliance documentation.

V

VINO CIBULKA | Rodinné BIO vinařství

vinocibulka.cz

54

VINO CIBULKA is a family-owned BIO winery based in the Czech Republic, operating an e-commerce platform offering organic and low-histamine wines and sparkling wines. The business emphasizes sustainable production and local heritage, managing 16 hectares of vineyards. Their market position is regional with a focus on quality and environmentally conscious products. The website supports online sales, local sales points, and event hosting, targeting mature consumers interested in organic wines. Technically, the site uses the Shoptet e-commerce platform with modern JavaScript libraries and integrates Google Analytics and Facebook SDK for marketing and analytics. Security posture is good with HTTPS and CSRF protections, though some security headers are missing. Privacy compliance is well addressed with cookie consent and privacy policies. WHOIS data is unavailable, limiting domain trust assessment, but the website content and business presence appear legitimate and professional. Overall, the site is well designed, user-friendly, and compliant with GDPR, with moderate user tracking and good marketing transparency.

B

Baobab

baobab-books.net

50

Baobab Books is a Czech-based publisher specializing in illustrated children's books, offering a curated catalog of books, authors, and literary events. The website targets children, educators, and book enthusiasts within the Czech Republic, operating primarily as an e-commerce platform for book sales and event promotion. The business appears to be a small-sized entity focused on niche publishing and retail within the Czech market. Technically, the website is built on Drupal 8 CMS, leveraging modern frontend libraries such as Slick Carousel and Google Analytics for user insights, with a moderate performance profile and good mobile optimization. Security posture is generally good with HTTPS enforced and privacy-conscious analytics settings; however, the absence of security headers and cookie consent mechanisms are areas for improvement. The lack of WHOIS data for the domain is a notable anomaly that reduces trustworthiness, though the professional presentation and comprehensive privacy and terms policies support legitimacy. Overall, the website is safe, well-structured, and suitable for its target audience, but the domain registration inconsistency warrants further verification.

Ghorban Global is a German-based company specializing in the supply and export of premium gourmet foods, including fresh meat, fish, and shellfish. With over a decade of experience since its domain registration in 2009, the company positions itself as a passionate provider of high-quality fresh food products, targeting both business clients and discerning consumers. The website reflects a professional and consistent brand image with clear contact channels and social media presence, supporting its market credibility. Technically, the website employs modern front-end technologies such as Swiper.js for sliders, AOS for animations, and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well, though no explicit CMS or backend platform is detected. Hosting and domain registration are consistent with the business location in Germany. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and important security headers like CSP and HSTS. There is no visible security or incident response policy, and no cookie consent mechanism is implemented, which may pose compliance risks under GDPR. The WHOIS data aligns well with the website content, indicating legitimacy and trustworthiness. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced security headers, privacy compliance improvements, and explicit security policies to strengthen its security posture and regulatory adherence.

ZEMAN maso - uzeniny, a.s. operates a regional retail business specializing in fresh meat, traditional smoked meats, and delicacies sourced from their own production facility in Příbram, Czech Republic. The company targets general consumers seeking quality meat products through physical butcher shops and an online e-shop. Their market position is that of an established regional player with a focus on quality and tradition. Technically, the website employs modern web technologies including HTML5, CSS, JavaScript, Google Fonts, Google Tag Manager, Facebook Pixel, and Smartlook for analytics and user behavior tracking. The site is moderately optimized for mobile devices and SEO, with a good user experience and clear navigation. However, some accessibility and security header improvements are recommended. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and an explicit privacy policy page. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain trustworthiness, though the website content and business presence appear legitimate. Overall, the website scores well in content quality and business credibility but should improve privacy compliance and security best practices. Strategic recommendations include adding a privacy policy, enhancing security headers, and verifying domain registration details to strengthen trust and compliance.

L

LUKON BULBS

lukon-bulbs.eu

56

Lukon bulbs is a Czech-based e-commerce business specializing in the sale of plants, particularly lilies and irises, boasting over 60 years of experience in plant breeding and sales. The website offers a large catalog of over 500 varieties of lilies and irises and more than 2000 plants in total, targeting gardening enthusiasts and professional horticulturists. The business model is focused on direct online sales with additional customer support and catalog distribution. Technically, the website uses a custom-built platform with jQuery, bxSlider, and Fancybox libraries, integrated with Google Analytics and advertising tools. The site is mobile-optimized and provides a cookie consent mechanism compliant with GDPR. Security posture is adequate with HTTPS and consent banners, but lacks explicit security policies and modern security headers. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

B

Badec Store s.r.o.

badec.store

51

Badec Store s.r.o. operates an e-commerce website specializing in professional badminton equipment, targeting badminton players and enthusiasts primarily in the Czech Republic. The company offers a range of products including rackets, clothing, shoes, shuttlecocks, and accessories from well-known brands. The website presents a professional and user-friendly interface with clear navigation and relevant content. Technically, the site uses common web technologies such as jQuery, Google Analytics, Facebook Pixel, and custom scrollbar plugins, but does not rely on a widely known CMS, indicating a custom or proprietary platform. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. No explicit security or incident response policies are published. Overall, the domain registration data aligns well with the business, supporting legitimacy and trustworthiness.

A

ACTIVA spol. s r.o.

activacik.sk

55

ACTIVA spol. s r.o. operates the website activacik.sk, an established e-commerce platform specializing in school and office supplies primarily targeting Slovak and Czech markets. The company has a strong market presence since 1992 and offers a wide range of products including creative toys, school backpacks, and stationery. The website is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the site uses modern web technologies such as Google Tag Manager, React components, and AWS hosting, ensuring reliable performance and scalability. Security posture is strong with HTTPS enforced and cookie consent mechanisms implemented, although some security headers could be improved. Privacy policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the site is trustworthy, well-maintained, and aligned with business goals.

N

Nakladatelství JOTA, s.r.o.

jota.cz

52

Nakladatelství Jota, s.r.o. is a Czech publishing company operating an e-commerce platform specializing in a wide range of books including fiction, non-fiction, audiobooks, and e-books. The company targets Czech-speaking readers with diverse literary interests and maintains a professional online presence with clear contact information and active social media engagement. The website is well-designed, mobile-optimized, and provides comprehensive product information and customer engagement features such as newsletters and event calendars. Technically, the site employs modern tracking and advertising technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and Leadhub Pixel, indicating a mature digital marketing strategy. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers suggests room for improvement. Privacy and cookie policies are present and GDPR compliant, reflecting attention to regulatory requirements. The lack of WHOIS data limits domain trust assessment, but the overall professionalism and transparency of the site support a positive legitimacy evaluation.

Nakladatelství TRITON operates an established Czech-language e-commerce platform specializing in the sale of books across various categories including medicine, science fiction, fantasy, and general literature. The website presents a clear business model focused on direct online sales to Czech and Slovak readers, with a niche market positioning as a specialized publisher. The platform is built on the Zoner InShop system and utilizes legacy JavaScript libraries alongside modern web fonts and carousel plugins. While the site is functional and professionally designed with good navigation and content relevance, some technical debt is evident in the use of outdated libraries that may pose security risks. Security posture is moderate, with HTTPS enforced and cookie consent implemented, but lacking advanced security headers and explicit security policies. Contact information is primarily via a contact form, with no direct emails or phone numbers publicly listed. Overall, the website is legitimate and trustworthy, with a domain age consistent with the business history. Strategic improvements in security and privacy compliance would enhance the platform's resilience and user trust.

C

Covitar s. r. o.

covitar-velkoobchod.cz

49

Covitar s. r. o. operates a Czech-based wholesale and retail e-commerce platform specializing in dried fruits, vegetables, nuts, and other ingredients for healthy nutrition. The company supplies both organic (Bio) and non-organic products and has expanded retail distribution under the brand "Fruits du Paradis." The website targets wholesale buyers and retail customers interested in health food ingredients, positioning itself as a niche supplier in the Czech market. Technically, the website is built on the Shoptet e-commerce platform, leveraging jQuery and integrating Google Analytics and Facebook SDK for marketing and analytics purposes. The site is mobile-optimized with good navigation and content relevance. Security-wise, the site enforces HTTPS, uses standard security headers, and implements CSRF protection on forms, though it uses an outdated jQuery version which could pose risks. Privacy and cookie policies are present and GDPR compliant, enhancing trust. However, the absence of WHOIS registration data reduces domain trustworthiness and warrants further verification. Overall, the site presents a professional and secure e-commerce presence with moderate technical maturity.

J

JIP Východočeská a.s.

jip-potraviny.cz

54

JIP Východočeská a.s. operates a comprehensive food supply business serving both gastronomy professionals and the general public across the Czech Republic. The company maintains a strong nationwide presence with wholesale and retail outlets, supported by its own distribution network. Their website reflects a professional and well-branded digital presence, offering clear navigation and relevant content tailored to their target audiences including B2B partners and retail customers. The business model focuses on wholesale supply, retail sales, and customer loyalty programs, positioning JIP as a key player in the Czech food retail and hospitality sectors. Technically, the website is built on WordPress with modern SEO practices via the Yoast plugin. It demonstrates good mobile optimization and accessibility, though performance is moderate. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks some advanced security headers and explicit incident response information. The absence of WHOIS data limits full trust verification, but the site’s content and business information appear legitimate and consistent. Security-wise, the site shows good baseline practices but could improve by adding security headers and publishing a vulnerability disclosure policy. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR. Overall, the site is trustworthy and professional, though domain registration transparency should be verified to enhance legitimacy. Strategically, JIP should focus on enhancing security transparency and verifying domain registration details to strengthen trust. Continued investment in digital maturity and compliance will support their market position and customer confidence.

A

ACTIVA spol. s r.o.

potrebyprokancelar.cz

10

ACTIVA spol. s r.o. is a well-established Czech retail company specializing in office supplies, school and art materials, hygiene products, and refreshments. Founded in 1992, it operates multiple e-commerce platforms serving both B2B and B2C customers primarily in the Czech Republic and Slovakia. The company has a strong market presence with a broad product portfolio and recognized trust signals such as verified customer reviews and industry awards. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, and responsive design, ensuring a good user experience across devices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers and explicit incident response contacts are absent. The lack of publicly available WHOIS data slightly reduces trustworthiness but does not detract from the professional presentation and operational legitimacy of the business.

A

ACTIVA spol. s r.o.

activacek.cz

10

ACTIVA spol. s r.o. operates the e-commerce website Activacek.cz, specializing in school and office supplies primarily targeting B2C customers such as students and parents in the Czech Republic. The company has a strong market presence with a history dating back to 1992 and operates multiple related online stores. The website is professionally designed with good content quality, clear navigation, and mobile optimization. It integrates modern technologies including Google Tag Manager, Bing Ads, and React components, hosted on AWS infrastructure. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers and incident response information are absent. Overall, the website demonstrates a mature digital presence with strong business credibility and trust indicators.

A

ACTIVA spol. s r.o.

activa.sk

56

ACTIVA spol. s r.o. is a well-established Slovakian company founded in 1992, specializing in the supply of office, school, and art supplies. It operates multiple e-commerce platforms targeting both business and consumer markets, offering a broad product range with a significant market presence in Slovakia. The website is professionally designed, mobile-optimized, and provides comprehensive product catalogs and customer services. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and Bing Ads for marketing and analytics, with good performance and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The domain registration data aligns well with the business claims, supporting high legitimacy. Overall, the site demonstrates a mature digital infrastructure and trustworthy business operations.

A

AOM CZ s.r.o.

aom.cz

43

AOM CZ s.r.o. operates an e-commerce platform specializing in industrial coatings, paints, lacquers, adhesives, and spraying technology primarily targeting professional and industrial customers in the Czech Republic. The website presents a professional catalog of products with clear navigation and customer account features, supporting both B2B and B2C sales models. The company maintains a consistent brand presence with comprehensive legal and privacy documentation in Czech language, indicating compliance with GDPR regulations. Technically, the site is built on Prestashop 1.7.6.1 with modern modules and includes a cookie consent mechanism and live chat support, reflecting a moderate level of digital maturity.

P

PromoTron Solutions a.s.

reda.cz

53

REDA.cz is a Czech Republic-based e-commerce platform specializing in promotional products and corporate gifts with custom printing services. The company, operated by PromoTron Solutions a.s., has an established market presence since 1997, offering a wide range of product categories and fast production times. The website is professionally designed with clear navigation and mobile optimization, targeting business clients seeking promotional items. Technically, the site uses modern JavaScript libraries including jQuery, Bootstrap, and Stripe for payment processing, hosted likely with Active24. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and vulnerability disclosures are missing. Overall, the site is trustworthy and compliant with GDPR, with clear contact information and a consistent brand presence.

F

Fishmonger

fishmonger.hu

57

Fishmonger.hu is a Hungarian seafood retail and wholesale business offering fresh fish, fillets, shellfish, and related products through multiple physical locations and an online webshop. The company emphasizes freshness, quality, food safety, and sustainability, serving both consumers and businesses in Hungary. Technically, the website is built on modern frameworks such as Next.js and React, with integrations for marketing and analytics tools like Google Tag Manager and Facebook Pixel, managed with GDPR-compliant cookie consent via Cookiebot. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and well-structured, supporting a medium-sized business with a strong market position in the Hungarian seafood sector.

L

Libri Könyvkereskedelmi Kft.

libri.hu

65

Libri Könyvkereskedelmi Kft. operates Libri.hu, a leading Hungarian online bookstore offering a wide range of books, e-books, audiobooks, music, films, and gift items. The website targets general consumers interested in literature and cultural products, positioning itself as a major retail player in Hungary's book market. The business model is e-commerce retail with additional services such as preorder options and loyalty programs.

B

Bortársaság

bortarsasag.hu

65

Bortársaság is a Hungarian wine retailer operating both online and through physical stores, offering wine sales, tasting events, and a membership club. The website targets wine enthusiasts and consumers in Hungary, providing curated wine selections and educational content. Technically, the site is built on modern frameworks such as Next.js and integrates multiple third-party services for analytics, marketing, and user experience enhancement. The presence of Google reCAPTCHA and Cookiebot indicates attention to security and privacy compliance, although explicit privacy and terms of service pages are not found in the analyzed content. Security posture is strong with HTTPS and security headers, but there is room for improvement in publishing formal security policies and incident response contacts. Overall, the website is professional, mature-content appropriate, and trustworthy with a good balance of business and technical maturity.

R

Rossmann Magyarország Kft.

rossmann.hu

71

Rossmann Magyarország Kft. operates a comprehensive online drugstore platform offering a wide range of products including cosmetics, personal care, and household items. The company holds a strong market position in Hungary as a leading retailer with a well-established brand and parent company support from Dirk Rossmann GmbH. The website demonstrates a mature technical infrastructure leveraging modern frameworks such as Next.js and React, integrated with advanced analytics and marketing tools like Google Tag Manager and Cookiebot for GDPR compliance. Security posture is robust with HTTPS enforcement, security headers, and bot protection via reCAPTCHA, although there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the platform is professional, trustworthy, and compliant with relevant privacy regulations.

A

ACTIVA spol. s r.o.

bibelot.sk

57

Bibelot.sk is an e-commerce platform operated by ACTIVA spol. s r.o., specializing in luxury writing instruments, branded diaries, and notebooks. The company has a strong market presence in Slovakia and the Czech Republic, leveraging its long-standing history since 1992. The website targets B2C customers and business partners seeking premium stationery products. The business model focuses on retail sales supported by value-added services such as engraving and loyalty programs. Bibelot.sk maintains consistent branding and offers a comprehensive product catalog with a professional online shopping experience. Technically, the website uses modern JavaScript libraries and tracking tools, hosted on AWS infrastructure, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. WHOIS data confirms domain legitimacy and alignment with the parent company. Overall, Bibelot.sk presents a trustworthy and professional online retail presence with room for enhanced security transparency.

A

ACTIVA spol. s r.o.

actva.cz

49

ACTIVA spol. s r.o. is a well-established Czech company specializing in the supply of office, school, and art supplies since 1992. It operates a professional e-commerce platform targeting both business and individual customers, with a strong market presence supported by multiple subsidiary online stores. The company offers a broad product range including office equipment, furniture, and consumables, serving a diverse customer base including firms, schools, and private individuals. Technically, the website employs modern web technologies such as Google Tag Manager, Bing Ads, and React-based search suggestions, ensuring a responsive and user-friendly experience. The site is well-optimized for SEO and mobile devices, with a clear navigation structure and professional design. The presence of cookie consent mechanisms and privacy policies indicates a good level of digital maturity and compliance with data protection regulations. From a security perspective, the site uses HTTPS and implements secure login forms and cookie consent banners. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly detected and could be improved. No critical vulnerabilities or exposed sensitive data were found. The lack of WHOIS data reduces transparency but does not detract significantly from the overall trustworthiness given the professional presentation and trust signals. Overall, ACTIVA presents a credible and professional online presence with solid business and technical foundations. Strategic improvements in security headers and incident response disclosures would enhance its security posture further.

V

Víno Přistál

vinopristal.cz

55

Víno Přistál is a small family-owned winery based in Znojmo, Czech Republic, specializing in traditional and modern wine production. The company offers a range of wines through an online e-shop and organizes wine tastings, targeting wine enthusiasts and consumers seeking authentic regional products. The website is built on WordPress with Elementor, leveraging Cloudflare for DNS and CDN services, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and Cloudflare usage, but lacks some security headers and formal privacy/cookie policies, indicating room for improvement in compliance and security best practices. Overall, the site is professional and trustworthy, with clear business information and social media presence.

L

Látky Mráz

latky.cz

51

Látky Mráz is a well-established Czech retailer specializing in fabrics, textiles, haberdashery, sewing patterns, and related accessories. With approximately 33 years in the market and eight physical stores, the company also operates an e-commerce platform primarily through a partner domain (dumlatek.cz). The website presents a professional and consistent brand image, targeting sewing enthusiasts and professionals. The business model combines retail and wholesale services, supported by a loyalty discount program and active social media presence. Technically, the website uses modern web technologies including Google Analytics with consent management, FontFaceObserver for fonts, and Swiper.js for product carousels. The site is mobile-optimized with good SEO practices and basic accessibility features. However, no CMS or hosting provider details were detected, and some security headers are missing. From a security perspective, the site enforces HTTPS and provides cookie consent mechanisms aligned with GDPR. No critical vulnerabilities or exposed sensitive data were found. The absence of WHOIS data for the domain reduces trustworthiness and suggests possible privacy protection or registration issues. No explicit security or incident response policies are published, which could be improved. Overall, the website is functional, trustworthy, and professionally maintained, but domain registration transparency and enhanced security headers would strengthen its security posture and credibility.

A

ACTIVA spol. s r.o.

stockist.cz

56

Stockist.cz is an established Czech e-commerce and retail business specializing in design furniture, lighting, carpets, and home accessories. Operated by ACTIVA spol. s r.o., founded in 1992, the company offers a broad product range through its online platform and physical showrooms in Prague. The website demonstrates a professional digital presence with modern technologies and good user experience. Structured data and metadata are well implemented, supporting SEO and business transparency. Privacy and cookie policies comply with GDPR requirements, and multiple contact points enhance customer trust. However, the absence of WHOIS data limits domain trust assessment, and explicit security headers are not detected, suggesting room for security improvements.

A

ACTIVA spol. s r.o.

bibelot.cz

57

Bibelot.cz is an established Czech e-commerce retailer specializing in luxury writing instruments, branded diaries, and notebooks. Operated by ACTIVA spol. s r.o., a company with a history dating back to 1992, the site targets B2C customers and business partners seeking premium stationery products. The business maintains a strong market position with multiple physical stores and a broad product portfolio including engraving services and gift sets. The website demonstrates a mature digital presence with modern JavaScript frameworks, structured data, and comprehensive SEO optimizations. Privacy and cookie policies are clearly implemented, reflecting GDPR compliance. Security posture is solid with HTTPS enforced and secure forms, though some security headers could be improved. Overall, Bibelot.cz presents a professional, trustworthy, and user-friendly platform for its niche market.

Ž

Žufánek.cz

zufanek.cz

65

Žufánek.cz is a family-owned fruit distillery established in 2000 in the Czech Republic, specializing in the production of high-quality fruit distillates, liqueurs, absinths, and gins. The company emphasizes ecological farming and local terroir, positioning itself as a premium brand with a strong presence in the spirits market, particularly known for award-winning absinths. The website reflects a mature business with a focus on product quality and customer engagement through auctions and custom production services. Technically, the site is built on WordPress with WooCommerce and multilingual support, leveraging modern web technologies and third-party integrations such as Google Analytics and reCAPTCHA. Security posture is generally good with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit privacy and security policies. Overall, the site is professional and trustworthy, targeting adult consumers interested in premium spirits. Strategic improvements in privacy transparency and security hardening would enhance compliance and trust.