Security Directory

V

Vidzemes plānošanas reģions

vidzeme.lv

46

Vidzemes plānošanas reģions is a Latvian regional government institution focused on development and planning within the Vidzeme region. The organization actively collaborates with European partners on international projects to foster business growth and innovation. The website serves as an informational portal for stakeholders and the public, providing access to regional data and project information. Technically, the site is built on WordPress with modern plugins for SEO, multilingual support, and cookie compliance, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in publishing formal security and privacy policies. Overall, the site is professional and trustworthy, aligned with its government function.

E

Eesti Põllumajandus-Kaubanduskoda

epkk.ee

44

Eesti Põllumajandus-Kaubanduskoda (EPKK) is a well-established Estonian organization founded in 2010, serving as a key chamber representing agricultural producers, food processors, forestry, and land management enterprises. The website provides comprehensive information about the organization's advocacy efforts, events, vocational qualifications, and market information services. The target audience primarily consists of Estonian agricultural and related sector stakeholders. The business model is non-profit and focused on supporting stable development and fair competition within the agricultural sector. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Modern Events Calendar, ensuring good SEO and event management capabilities. The site is hosted by a reputable Estonian registrar and uses HTTPS, providing a secure browsing experience. However, there are gaps in privacy compliance, notably the absence of privacy and cookie policies and consent mechanisms. Security posture is moderate with HTTPS and secure forms but lacks advanced security headers and published security policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

L

Liikumisharrastuse kompetentsikeskus

liikumisaasta.ee

49

Liikumisharrastuse kompetentsikeskus is a government-affiliated non-profit organization established by the Estonian Olympic Committee in 2022 to promote physical activity and healthy lifestyles across Estonia. The website serves as a central hub for information, resources, and events related to physical movement, targeting a broad audience including youth, adults, seniors, and partners in the health and sports sectors. The organization positions itself as a leader in driving a national movement towards increased physical activity and wellness.

S

Spordimeditsiini SA

sportmed.ee

38

Spordimeditsiini SA is an established Estonian sports medicine foundation providing specialized health examinations, treatments, and consultations for amateur, youth, and professional athletes. With over 25 years of experience, it holds a strong market position in Estonia's healthcare sector, focusing on sports-related medical services including physiotherapy, cardiology diagnostics, nutrition counseling, and advanced physiotherapy procedures. The website is well-structured, multilingual, and professionally designed, reflecting the organization's credibility and service quality. Technically, it is built on WordPress with modern plugins and SEO optimizations, though some performance and security enhancements are advisable. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks explicit security headers and incident response policies. Privacy compliance is partially met with privacy and cookie policies present, but missing active consent mechanisms. Overall, the site demonstrates a mature digital presence with room for improvements in security and privacy transparency.

R

Rohelise Jõemaa Koostöökogu

joemaa.ee

39

Rohelise Jõemaa Koostöökogu is a small regional cooperative organization based in Estonia, focused on sustainable rural economic development, cultural heritage preservation, and tourism promotion. The website serves as an informational and promotional platform highlighting the organization's mission, events, and regional identity. The technical infrastructure is based on WordPress with common plugins such as Yoast SEO and Contact Form 7, supported by standard web technologies like jQuery and Bootstrap. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is functional and professional but requires improvements in privacy, security, and compliance to enhance trust and user protection.

P

Pärnu Lahe Partnerluskogu

plp.ee

39

Pärnu Lahe Partnerluskogu is a regional non-profit partnership organization based in Estonia, focused on supporting local development projects, cooperation, and dissemination of information in the Pärnu Bay area. The website serves as an information hub for local government entities, community organizations, and residents, providing updates on meetings, funding opportunities, and collaborative projects. The organization appears well-established with a domain age since 2010 and consistent regional focus. Technically, the website is built on WordPress using the Sydney theme and common plugins such as Yoast SEO and Elementor. It employs HTTPS and basic SEO optimizations, with moderate performance and good mobile responsiveness. However, accessibility features are basic, and some security best practices like DNSSEC and security headers are missing. From a security perspective, the site has a good SSL configuration but lacks advanced security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure mechanisms are evident. The absence of contact emails and phone numbers in the HTML limits direct communication channels, though physical addresses linked to local municipalities are present. Overall, the website is functional and professional for its purpose but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to strengthen trust and regulatory adherence.

A

Adrenaator Grupp

adrenaator.ee

40

Adrenaator Grupp operates the website adrenaator.ee, providing adventure and outdoor experiences such as canoe trips, hiking, and team events primarily in the Aidu quarry area in Estonia. The company targets families, friends, and corporate groups seeking unique adventure activities. The business is positioned as a niche local provider with a focus on experiential tourism and event hosting. The website is built on WordPress with modern SEO and GDPR compliance plugins, indicating a moderate level of digital maturity. Technical infrastructure includes Google Analytics and Tag Manager for tracking, and the site is hosted by Zone Media OÜ, a known Estonian registrar and hosting provider. Security posture is adequate with HTTPS enabled and cookie consent implemented, though some security headers are missing and no explicit security or incident response policies are published. Overall, the site is professional and trustworthy with room for improvement in security and contact transparency.

R

Romantiline Rannatee

rannatee.ee

38

Romantiline Rannatee is a well-established regional tourism promotion website focused on the Pärnumaa coastal area in Estonia. The site offers rich content including destination guides, events, accommodations, and virtual tours, targeting tourists interested in nature, culture, and leisure activities. The business operates primarily as a tourism marketing platform, leveraging partnerships with local organizations and maintaining a consistent brand presence. Technically, the website is built on WordPress using the Avada theme and Yoast SEO plugin, with Google Tag Manager integrated for analytics. The site demonstrates good design quality, mobile optimization, and SEO practices, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, with no blocking or WAF detected, supporting a moderate to good trust level for visitors.

V

Via Hanseatica

viahanseatica.info

42

Via Hanseatica is a regional tourism initiative promoting an international travel route through Latvia, Estonia, and Russia, focusing on cultural heritage, nature, and culinary experiences. The website serves as an informational and promotional platform supported by multiple regional tourism organizations and partners. The digital infrastructure is based on WordPress with standard SEO and analytics tools, providing a good user experience and mobile responsiveness. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is weak due to missing policies and consent mechanisms. WHOIS data is unavailable, which slightly reduces trust but does not negate the legitimacy indicated by the website content and partnerships.

E

Eesti Planeerijate Ühing

planeerijad.ee

48

Eesti Planeerijate Ühing is a professional non-profit association focused on spatial planning practices in Estonia. The organization provides certification for spatial planners, organizes events such as seminars and webinars, and engages in knowledge dissemination and international cooperation. The website is well-structured, professionally designed, and regularly updated with relevant news and events, reflecting an active and credible organization within its sector. Technically, the website is built on WordPress with modern plugins including Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. The site uses HTTPS with an excellent SSL configuration, but lacks some advanced security headers and explicit privacy and cookie policies, which are areas for improvement. No blocking or WAF mechanisms interfere with content accessibility. Security posture is solid with HTTPS and no exposed sensitive data, but the absence of published incident response or vulnerability disclosure policies and security.txt reduces transparency. Privacy compliance is weak due to missing privacy and cookie policies and consent mechanisms. Business credibility is high given the consistent domain registration, professional content, and clear organizational purpose. Overall, the site is trustworthy and functional but would benefit from enhanced privacy compliance and security transparency to align with best practices and regulatory requirements.

N

NOVOT Agentuur

novot.ee

56

NOVOT Agentuur is a well-established full-service marketing agency based in Estonia, founded in 2006. The company offers a broad range of marketing services including branding, website development, campaign management, social media, and media planning. Their website reflects a professional and consistent brand image, targeting businesses seeking comprehensive marketing solutions. The digital infrastructure is built on WordPress with modern plugins and tools such as Yoast SEO, Google Tag Manager, and CookieYes for privacy compliance. The site is mobile-optimized and demonstrates good SEO practices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. WHOIS data confirms domain legitimacy and consistency with the business history. Overall, the website presents a trustworthy and professional digital presence.

M

MTÜ Eesti Raamatukoguvõrgu Konsortsium

elnet.ee

46

MTÜ Eesti Raamatukoguvõrgu Konsortsium operates as a non-profit consortium dedicated to serving the public interests of Estonian libraries. The organization provides key shared services such as the E-kataloog ESTER, Eesti artiklite andmebaas, Eesti märksõnastik, and the E-varamu portaal, targeting libraries, researchers, and the general public interested in library resources. The website reflects a medium-sized, well-established entity with a consistent brand and a clear focus on education and information services within Estonia. Technically, the website is built on a modern WordPress platform using the Enfold theme and several plugins including Yoast SEO and Ajax Search Pro. It employs HTTPS with good SSL configuration and integrates Google Analytics with user consent mechanisms. The site demonstrates good mobile optimization and accessibility features, including options for visually impaired users. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security policies, incident response information, and vulnerability disclosure channels. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's claims, reinforcing the legitimacy of the domain. Overall, the website presents a trustworthy and professional digital presence for the consortium, with room for improvement in security transparency and incident response readiness.

I

Infohunt

infohunt.ee

41

Infohunt.ee is a government-backed Estonian youth information portal providing localized event and activity information for young people. The platform aggregates data on youth events, hobby education, and projects, supporting youth engagement and participation. It is operated under the auspices of the Estonian Ministry of Education and Research (Haridus- ja Teadusministeerium) and hosted by EENet, reflecting a strong institutional foundation. The website uses WordPress with modern SEO and accessibility features, ensuring good user experience and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though some improvements in security headers and explicit policies could enhance trust. Privacy compliance is partial, with privacy and terms pages present but lacking cookie consent mechanisms. Overall, Infohunt.ee is a credible, well-maintained portal serving the Estonian youth sector effectively.

I

Ida-Viru Ettevõtluskeskus

ivek.ee

46

Ida-Viru Ettevõtluskeskus is a regional development center focused on providing free consulting services to individuals, non-profit organizations, and entrepreneurs in Ida-Viru County, Estonia. Established in 2010, it acts as a regional development engine offering training, funding opportunities, and support services. The website is multilingual, targeting Estonian, English, and Russian speakers, reflecting the regional demographic. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates Google Maps and various plugins for SEO, multilingual support, and user interaction. Security posture is solid with HTTPS and cookie consent mechanisms, though additional HTTP security headers and published policies would enhance compliance and trust. Overall, the site presents a professional and trustworthy digital presence aligned with its business mission.

L

Lastekaitse Liidu Lastelaagrite OÜ

lastelaagrid.eu

41

Lastekaitse Liidu Lastelaagrite OÜ is a small Estonian non-profit organization dedicated to providing educational and recreational youth camps and programs aligned with the mission of Lastekaitse Liit. The organization operates recognized youth camps such as Pivarootsi and Remniku and offers educational programs during school time. Their target audience includes children, youth, schools, municipalities, and entrepreneurs within Estonia. The website is built on a modern WordPress CMS with WooCommerce integration, supporting online interactions and registrations. The technical infrastructure includes standard web technologies and third-party services such as Google Analytics and CookieYes for consent management. Security posture is solid with HTTPS and reCAPTCHA implemented, though some security headers are missing and no formal security or privacy policies are published. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, well-branded, and trustworthy, but could improve privacy compliance and security transparency.

V

Visit Harju

visitharju.ee

50

Visit Harju is the official tourism portal for Harju County, Estonia, providing comprehensive information on the region's natural beauty, cultural heritage, and leisure activities. The website targets tourists and visitors seeking to explore Harju's attractions, travel routes, and experiences. Managed by SA Harju Ettevõtlus- ja Arenduskeskus, it serves as a trusted regional resource with consistent branding and a clear focus on hospitality and cultural tourism. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, ensuring good SEO and user experience. The site is mobile-optimized and accessible, with moderate performance and integration of analytics tools like Google Analytics and Plausible. Security posture is solid with HTTPS, reCAPTCHA on forms, and no exposed sensitive data, though explicit security headers and policies are not fully documented. Privacy compliance is a notable gap, lacking visible privacy and cookie policies or consent mechanisms. Overall, the domain registration is consistent and legitimate, supporting the site's credibility as an official tourism portal.

Õ

Õigusbüroo HUGO.legal õigusabi

hugo.legal

53

Õigusbüroo HUGO.legal is an Estonian legal services platform offering fast, accessible legal advice through professional jurists. The website provides multiple consultation channels including in-office, video, web, and phone, targeting residents of Estonia. The platform also offers legal applications to help users resolve debt and other legal issues efficiently. The business is positioned as a trusted local legal aid provider with a strong digital presence and content marketing through blogs and testimonials. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WP Rocket, ensuring good performance, SEO optimization, and mobile responsiveness. The site uses HTTPS with a valid SSL certificate and integrates Google Analytics for user tracking. However, DNSSEC is not enabled, and security headers are missing, indicating room for security enhancements. From a security perspective, the site demonstrates good baseline practices including HTTPS and cookie consent mechanisms. There is no evidence of exposed sensitive data or vulnerable libraries. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure reduces transparency. The domain registration is stable but shows partial privacy in WHOIS data, which is reasonable for this business type. Overall, the website is professional, trustworthy, and well-optimized for its target audience. Strategic improvements in security headers, DNSSEC, and published security policies would enhance its security posture and compliance. The business appears credible and well-established with a medium-sized market presence in Estonia.

E

EOMAP

eomap.ee

39

EOMAP is an established Estonian technology company specializing in cartography and spatial data solutions, with a strong focus on municipal software products such as the Kovgis EVALD system. The company has a solid market position supported by integration with national information systems and a 30-year history. Technically, the website is built on WordPress using the Divi theme and Yoast SEO plugin, indicating a mature digital presence with good SEO and mobile optimization. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

I

Ida-Viru Ühistranspordikeskus

ivytk.ee

47

Ida-Viru Ühistranspordikeskus is a non-profit organization dedicated to coordinating and providing public transportation services in the Ida-Viru region of Estonia. The website serves as an information hub for passengers and transport providers, offering schedules, route maps, contact details, and ticket purchasing options. The organization is small-sized, regionally focused, and operates transparently with clear contact information and official registration details. Technically, the website is built on WordPress using a modern tech stack including Bootstrap, jQuery, and Yoast SEO for optimization. It employs Google reCAPTCHA v3 for form security and uses privacy-conscious analytics tools like Plausible. The site is hosted by Elkdata OÜ, consistent with the domain registration data, and uses HTTPS with a good SSL configuration. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and spam protection on forms. However, it lacks published security policies, security headers, and cookie consent mechanisms, which are important for compliance and enhanced security posture. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, the website is professional, trustworthy, and functional, but it would benefit from improved privacy compliance and enhanced security policies to better protect users and meet regulatory requirements.

M

MTÜ Lastekaitse Liit

lastekaitseliit.ee

46

MTÜ Lastekaitse Liit is a well-established Estonian non-profit organization dedicated to the protection of children's rights and interests. The organization actively develops and implements child protection projects, provides expert opinions on child protection legislation, supports child and youth participation, organizes training for professionals, and offers camp services and scholarships for children and youth. The website reflects a clear mission and target audience focused on children, families, and child welfare professionals. Technically, the site is built on a modern WordPress platform with WooCommerce integration, leveraging popular plugins such as Yoast SEO, WPBakery, and Slider Revolution, indicating a mature digital infrastructure. The site is mobile-optimized and uses HTTPS, ensuring secure communications. However, it lacks published privacy and cookie policies, which impacts its privacy compliance score. Social media presence is strong with official Facebook, LinkedIn, and YouTube channels linked. Overall, the website demonstrates good professionalism and trustworthiness but would benefit from enhanced privacy and security policy transparency.

MTÜ Partnerid is a small Estonian non-profit organization established in 2006, focusing on regional development and cooperation among local municipalities, NGOs, and entrepreneurs in Lääne-Virumaa. The website serves as an information hub for projects, events, and organizational details, targeting local communities and stakeholders. The digital infrastructure is based on WordPress with a moderate technical maturity, leveraging common plugins for SEO, statistics, and event management. The site is well-structured, mobile-optimized, and provides clear navigation and contact information. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies are lacking. Privacy compliance is partial, with a cookie consent mechanism present but no privacy policy or terms of service published. Overall, the website is trustworthy and professional but would benefit from enhanced compliance documentation and security policies.

Vormsi.ee is the official local government and community information portal for Vormsi island, Estonia. The website provides current news, event calendars, administrative information, and local services primarily targeting residents and visitors of Vormsi. It is positioned as a trusted source of local information with a focus on community engagement and tourism. The site is multilingual, supporting Estonian, English, and Swedish languages, enhancing accessibility for diverse audiences. The business model is informational and governmental, with no evident commercial transactions. The domain is well-established since 2010, reinforcing its credibility and local presence. Technically, the website is built on WordPress CMS using a modern tech stack including PHP, jQuery, and popular plugins such as Yoast SEO and WPML for multilingual support. The site uses Google Tag Manager for analytics and employs a responsive design optimized for mobile devices. Performance is moderate with good SEO practices implemented. However, accessibility features are basic and could be improved. From a security perspective, the site uses HTTPS with a good SSL configuration, but lacks visible security headers such as Content-Security-Policy or X-Frame-Options. There is no evidence of a published privacy policy, cookie consent mechanism, or incident response information, which are important for GDPR compliance and user trust. No security.txt or vulnerability disclosure information is present. The site does not appear to be behind a WAF or security challenge, and no critical vulnerabilities were detected in the provided content. Overall, Vormsi.ee is a credible and professionally maintained government website with good content quality and technical implementation. To enhance security posture and compliance, it should publish privacy and cookie policies, implement security headers, and provide clear contact information for incident response. These improvements will strengthen user trust and regulatory compliance.

Z

Zone Media OÜ

hiiumaa.ee

48

The website hiiumaa.ee serves as a comprehensive tourism information portal for Hiiumaa island in Estonia, providing visitors with details on events, accommodation, transport, and local attractions. It targets tourists and visitors interested in exploring the island, positioning itself as a regional tourism promotion platform. The business behind the domain is registered as Zone Media OÜ, an Estonian company, with the domain established in 2010, indicating a mature presence in the market. Technically, the site is built on WordPress 6.7.2 with a modern tech stack including Yoast SEO, Google Tag Manager, Facebook Pixel, and multilingual support via WPML. The site demonstrates good mobile optimization, accessibility, and SEO practices. Cookie consent mechanisms are implemented, reflecting awareness of privacy compliance requirements. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers such as Content-Security-Policy or X-Frame-Options. No exposed sensitive data or vulnerable libraries were detected in the HTML content. However, the absence of a published security policy or incident response contact limits transparency. Overall, the website presents a professional and trustworthy front for regional tourism promotion, with moderate tracking and advertising practices. The lack of explicit privacy and terms of service policies is a compliance gap. Strategic improvements in security headers, privacy documentation, and incident response transparency would enhance the site's security posture and user trust.

C

Caotica

caotica.eu

54

Caotica is a small technology service provider specializing in web development and online marketing, targeting medium-sized companies primarily in Estonia and internationally. The company offers a broad range of digital services including SEO, Google Ads, social media campaigns, email marketing, and content management. The website is professionally designed using WordPress with modern SEO and analytics tools integrated, reflecting a mature digital presence. Security posture is good with HTTPS enforced and a comprehensive cookie consent mechanism, although some security headers are missing and no explicit incident response or security policy pages are available. The lack of publicly available WHOIS data due to EURid privacy policies limits transparency but is common for .eu domains. Overall, the website is trustworthy and functional with room for improvement in contact transparency and security best practices.

T

Tuumik Stuudio OÜ

tuumik.ee

49

Tuumik Stuudio OÜ is an established Estonian graphic design and photography studio founded in 2007. The company specializes in visual identity, illustration, print preparation, and photography services, targeting cultural institutions and corporate clients. Their website showcases a comprehensive portfolio demonstrating professional design and consistent branding. Technically, the site is built on WordPress with modern SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal privacy or cookie policies, indicating compliance gaps. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

Ł

ŁÓDŹ MIASTO FILMU UNESCO EC1

lodzcityoffilm.com

58

Łódź Miasto Filmu UNESCO EC1 is a cultural and tourism-focused organization promoting the film heritage and film-related activities in Łódź, Poland. The website serves as a portal for film trails, festivals, events, and projects related to the city's film culture, targeting film enthusiasts, tourists, and cultural visitors. The organization leverages UNESCO branding and local government support to position itself as a regional cultural promoter. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Advanced Custom Fields, integrating Google Maps and social media for enhanced user engagement. The site is mobile-optimized and provides multilingual support, enhancing accessibility for international visitors. Security-wise, the website uses HTTPS with a valid SSL certificate and has domain transfer protections in place. However, it lacks DNSSEC and advanced security headers, and no explicit security or incident response policies are published. Privacy compliance is basic but includes a cookie consent mechanism aligned with GDPR requirements. Overall, the website is professional and trustworthy but could improve in security transparency and contact information availability.

S

Sotsiaalkindlustusamet

tarkvanem.ee

46

Tarkvanem.ee is a government-affiliated Estonian website operated by Sotsiaalkindlustusamet, providing comprehensive parenting information and resources targeted at parents of children of all ages. The site offers educational content on child development, parenting styles, health, and safety, supported by tests, videos, and expert advice. It holds a strong market position as a trusted public information portal in Estonia. Technically, the website is built on WordPress and leverages modern analytics and marketing tools such as Google Analytics, Matomo, Hotjar, and Facebook Pixel, alongside SEO optimization via Yoast. The site is mobile-optimized and accessible with good navigation and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Contact information is limited but includes a verified company email and a contact form. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures.

P

Pärnu Sadam AS

parnusadam.eu

47

Pärnu Sadam AS operates as a regional port authority and service provider located in southwestern Estonia, specifically at the mouth of the Pärnu River. The company offers essential harbor services including vessel scheduling, access permit management, and related maritime services. The website positions Pärnu Sadam as a key regional player in transportation and port services, targeting shipping companies, local businesses, and visitors. The business model revolves around providing port infrastructure and administrative services to facilitate maritime traffic and regional commerce. Technically, the website is built on WordPress 6.7.2 with a modern tech stack including Yoast SEO for search optimization, WPML for multilingual support, and integration of Google Analytics and Google Maps APIs. The site demonstrates good mobile optimization and moderate performance, with a clean and professional design. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR, enhancing user trust and legal compliance. From a security perspective, the site uses HTTPS with anonymized IP tracking in Google Analytics and provides a cookie consent banner with opt-in/out options. However, explicit security headers are not detected in the HTML content, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the analyzed content, indicating a generally sound security posture. Overall, Pärnu Sadam's website reflects a credible and professional digital presence consistent with its business operations. The site is accessible without WAF or blocking mechanisms, includes comprehensive privacy and cookie policies, and provides clear contact information. Strategic recommendations include enhancing security headers, publishing explicit security policies, and maintaining regular audits of third-party scripts to further strengthen security and compliance.

Z

Zone Media OÜ

omastehooldusest.ee

45

Omastehooldusest.ee is a specialized informational portal launched in 2024 by Zone Media OÜ, focused on providing knowledge, support, and hope for individuals requiring care and their caregivers in Estonia. The website offers comprehensive resources including guidance for care recipients, adult and child caregivers, community information, specialist resources, and multimedia content such as videos and podcasts. It targets a niche non-profit sector audience, aiming to support caregiving journeys with practical and emotional assistance. Technically, the site is built on WordPress with a modern theme and SEO optimizations, integrating analytics and chat support tools. Security posture is adequate with HTTPS enabled but lacks advanced DNS security and security headers. Privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

B

BOX Options

boxoptions.com

63

BOX Options Market LLC operates a fully automated electronic options exchange specializing in trading OCC issued standardized options on equities and ETFs. The company emphasizes technological innovation and transparency to provide a reliable marketplace for options traders. The website reflects a mature business with a domain age of approximately 8 years and a clear market presence in the financial sector. The target audience includes institutional investors, market participants, and potential members interested in options trading technology and services. The business model centers on providing exchange services, membership access, and market data dissemination.

C

Caotica OÜ

caotica.ee

49

Caotica OÜ is a specialized web design and development agency based in Estonia, operating since 2008. The company offers a comprehensive suite of digital services including website design, web development across platforms like WordPress, Webflow, and Wix, e-commerce solutions with WooCommerce and Shopify, as well as ongoing website management and SEO optimization. Their market position is that of a trusted, experienced small business serving both local and international clients, with over 200 projects completed and 80+ clients served. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, supporting their credibility. Technically, the website is built on WordPress using the Avia Framework and Yoast SEO plugin, leveraging modern web technologies such as jQuery and Google Fonts. The site is mobile-optimized and demonstrates good SEO practices with structured data and meta tags. Hosting and domain registration are managed by Zone Media OÜ, consistent with the company's Estonian base. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS with anonymized IP tracking in Google Analytics and implements a cookie consent mechanism, indicating awareness of privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no formal security or incident response policies are published. There is no vulnerability disclosure or security.txt file, which could be areas for improvement. Overall, Caotica OÜ presents a low-risk profile with a solid business foundation, professional web presence, and basic privacy compliance. Strategic enhancements in security headers, incident response transparency, and accessibility could further strengthen their security posture and trustworthiness.

T

Tervise Arengu Instituut

tubakainfo.ee

43

Tubakainfo.ee is an official Estonian government public health website managed by the Tervise Arengu Instituut (Health Development Institute). It provides comprehensive educational content on the harms of tobacco use, passive smoking, and supports tobacco cessation efforts. The site targets Estonian-speaking tobacco users, their families, and healthcare professionals, offering interactive tools, videos, and guidance. The website is well-structured, professionally designed, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Google Tag Manager, and Facebook Pixel for analytics and marketing. It uses HTTPS with good SSL configuration but lacks some security headers. The site does not display a privacy or cookie policy, which is a notable compliance gap, especially given the use of tracking pixels. Contact information is clearly provided, enhancing business credibility. From a security perspective, the site shows good practices like HTTPS and nonce usage for AJAX but could improve by adding security headers and publishing explicit security and incident response policies. No vulnerabilities or suspicious patterns were detected. WHOIS data confirms the domain is registered to the official Estonian health institute, supporting legitimacy. Overall, the site is trustworthy and professional but should address privacy compliance and security policy transparency to improve its security posture and regulatory adherence.

N

Narko

narko.ee

42

The website www.narko.ee serves as a comprehensive informational and support platform focused on narcotics, risk reduction, and assistance options primarily targeting the Estonian population. It provides extensive educational content, community resources, and guidance for drug users, their relatives, and the broader community. The site is positioned as an authoritative resource, likely supported by government or non-profit entities, with a clear focus on public health and harm reduction. Technically, the website is built on WordPress with a modern plugin ecosystem including Yoast SEO and GDPR compliance tools. It employs Google Analytics for user tracking and demonstrates good mobile responsiveness and SEO optimization. However, some technical debt is noted with the use of an older jQuery version, which could pose security risks. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR. While no critical vulnerabilities or exposed sensitive data were detected, the absence of a published security policy, incident response contacts, and security.txt file indicates room for improvement in transparency and readiness. Security headers are not explicitly confirmed, and updating libraries is recommended. Overall, the website presents a trustworthy and professional front with good content quality and compliance posture. Strategic enhancements in security policies, technical updates, and contact transparency would further strengthen its security posture and user trust.

M

Milrem Robotics

milrem.com

54

Milrem Robotics is a leading global provider of autonomous unmanned ground vehicles (UGVs) specializing in combat-ready robotic solutions that enhance military operational effectiveness and tactical advantages. Established in 2013 and headquartered in Estonia, the company has expanded its footprint with offices across Europe, the UAE, and the USA, serving 19 customer countries. Their product portfolio includes multi-mission UGVs such as THeMIS, VECTOR, HAVOC, and Type-X, supported by advanced autonomy kits and participation in key EU defense projects. The website reflects a professional and modern digital presence with comprehensive content tailored to defense and military audiences. Technically, the website is built on WordPress with modern SEO and user experience optimizations, including mobile responsiveness and accessibility considerations. It employs standard security measures such as HTTPS, Google reCAPTCHA, and GDPR-compliant cookie consent mechanisms. However, there is room for improvement in security headers and explicit security policy disclosures. Analytics usage is moderate, primarily via Google Analytics through Google Tag Manager, with privacy compliance well addressed. The security posture is solid with no visible vulnerabilities or exposed sensitive data, but lacks dedicated incident response or vulnerability disclosure information. WHOIS data confirms domain legitimacy and consistency with the company's history and operations. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, supporting Milrem Robotics' position as a reputable defense technology provider.

M

Milrem Robotics

milremrobotics.com

54

Milrem Robotics is a leading global provider of autonomous unmanned ground vehicles, specializing in combat-ready robotic solutions that enhance military operational effectiveness and troop safety. Established in 2013 and headquartered in Estonia, the company has expanded its footprint with offices across Europe, the UAE, and the USA. Their product portfolio includes multi-mission UGVs like THeMIS, VECTOR, HAVOC, and Type-X, supported by advanced autonomy integration kits. The company actively participates in European defense projects, reinforcing its market leadership and innovation capabilities. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Fluent Forms, ensuring good SEO, accessibility, and user experience. The site is mobile-optimized and uses Google reCAPTCHA to secure forms. Cookie consent mechanisms and comprehensive privacy policies demonstrate strong privacy compliance. Performance is moderate with room for optimization. Security posture is solid with HTTPS enforced, clientTransferProhibited domain status, and use of reCAPTCHA. However, DNSSEC is not enabled, and security headers are not explicitly detected, suggesting areas for improvement. No incident response or security policy information is publicly available, which could be enhanced to build trust. Overall, Milrem Robotics presents a professional, trustworthy, and technically sound online presence aligned with its business stature. Strategic recommendations include enabling DNSSEC, publishing security policies, and enhancing security headers to further strengthen their security and compliance posture.

W

Webware

webware.ee

46

Webware OÜ is an established Estonian technology company specializing in comprehensive and flexible information and document management solutions through its flagship platform, WebDesktop. With over 23 years of experience, Webware serves a broad client base including major organizations in Estonia and Northern Europe, positioning itself as a market leader in the info management sector. The company offers a range of services including software analysis, development, hosting, training, and workflow and risk management, targeting both private and public sector organizations. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support.

A

Ahola Group

aholagroup.com

60

Ahola Group is a well-established Finnish logistics and transport company with over 70 years of experience, operating primarily in the Nordic and Central/Eastern European markets. The company offers a broad range of services including road transport, special heavy logistics, and digital logistics solutions through its subsidiaries Ahola Transport, Ahola Special, and Ahola Digital. The website reflects a professional and modern digital presence with clear navigation, multilingual support, and a focus on sustainability and innovation. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Cookiebot for privacy compliance. It uses Google Tag Manager for analytics and tracking, and Swiper.js for interactive UI elements. The site is mobile optimized and demonstrates good SEO practices, although accessibility features could be improved. Performance is moderate with no critical technical issues detected. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks explicit security policies or incident response contacts. No security vulnerabilities or exposed sensitive data were found in the HTML content. The absence of WHOIS registration data is a concern and should be investigated further to confirm domain legitimacy. Overall, the site presents a secure and trustworthy front for a large logistics business. Strategically, Ahola Group should enhance its security posture by publishing formal security policies and incident response contacts, implementing additional security headers, and considering a vulnerability disclosure program. Improving accessibility and continuing to monitor third-party scripts for vulnerabilities will further strengthen their digital maturity and trustworthiness.

E

eLMEK Accounting OÜ

elmek.ee

43

eLMEK Accounting OÜ is a small Estonian accounting and payroll service provider established in 2017. The company positions itself as a friendly and expert partner for businesses needing accounting and payroll advice and services. It has received recognition as one of the fastest growing accounting firms in Estonia and awards for female entrepreneurship, indicating a positive market presence and growth trajectory. The website clearly communicates its key services and team members, targeting Estonian businesses seeking professional financial services. Technically, the website is built on WordPress using the Enfold theme, enhanced with Yoast SEO and jQuery-based components like Owl Carousel. It employs Google Tag Manager for analytics and tracking, and the site is hosted by Zone Media OÜ, consistent with the Estonian locale. The site is mobile-optimized and SEO-friendly, with good performance and accessibility basics. From a security perspective, the site uses HTTPS with strong SSL configuration and implements a cookie consent mechanism compliant with GDPR principles. However, it lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The site collects user data via a contact form with required fields and uses cookies and session storage for user experience and tracking. Overall, the website presents a professional and trustworthy front for a small accounting firm with good technical implementation and moderate privacy compliance. Strategic improvements include publishing a privacy policy, security policy, and incident response information, enhancing security headers, and improving accessibility features to strengthen compliance and trust.

C

CDED

cd-ed.com

59

CDED operates as an online distance education provider specializing in flexible diploma programs across various fields including Medical Administration, Accounting, Graphic Design, Health Information Management, and Office Administration. The website positions itself as a specialized college offering remote learning opportunities, targeting students seeking flexible education options. The business appears established with a domain age dating back to 1999, indicating longevity in the education sector. Technically, the website is built on WordPress using the Astra theme and enhanced with plugins such as Yoast SEO and Ultimate Addons for Gutenberg. It integrates marketing and analytics tools including Google Tag Manager and Trustpilot for customer reviews. The site demonstrates good mobile optimization and SEO practices, though performance is moderate and accessibility features are basic. From a security perspective, the site uses HTTPS with a valid SSL certificate and domain registration protections. However, it lacks DNSSEC and security headers, and does not provide explicit privacy or cookie policies, which are critical for compliance and user trust. No incident response or vulnerability disclosure information is available, indicating room for improvement in security transparency. Overall, the website is professional and credible but would benefit from enhanced privacy compliance and security hardening to reduce risk and improve user trust. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing privacy and cookie policies with consent mechanisms, and providing clear incident response contacts.

C

Confido

confido.ee

41

Confido is a prominent Estonian medical center offering over 2500 healthcare services including preventive care, primary and specialist medical services, surgical and rehabilitation treatments, and aesthetic medicine. The company operates multiple physical clinics across Estonia and provides digital health services such as a digital clinic and online booking. The website is multilingual, targeting Estonian, English, and Russian speakers, reflecting a broad target audience within Estonia. The business model focuses on comprehensive healthcare delivery with both in-person and digital service channels, positioning Confido as a leading private healthcare provider in the region. Technically, the website is built on WordPress with modern plugins like Yoast SEO and WPML for multilingual support. It uses popular JavaScript libraries such as jQuery, Fancybox, and Owl Carousel for enhanced user experience. The site integrates Google Tag Manager and Facebook Pixel for analytics and marketing, and employs a cookie consent mechanism via cookie-script.com, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, though accessibility features are basic. From a security perspective, the site enforces HTTPS with an excellent SSL configuration and uses asynchronous loading for tracking scripts to minimize performance impact. However, there is no explicit privacy policy, terms of service, or security policy pages found, nor any incident response or vulnerability disclosure information. Cookie consent is implemented, but GDPR compliance indicators are limited. No critical vulnerabilities or suspicious activities were detected in the content provided. Overall, Confido's website demonstrates a strong business presence with good technical implementation and a solid security posture, though improvements in privacy compliance documentation and security transparency are recommended. The domain registration details align well with the business claims, supporting high legitimacy and trustworthiness.

S

SA Kiusamisvaba Kool

kiusamisvaba.ee

40

SA Kiusamisvaba Kool is a well-established Estonian non-profit organization dedicated to preventing bullying in schools through the implementation of the KiVa anti-bullying program developed in Finland. The organization provides training, resources, and support to schools, parents, and communities, positioning itself as the official representative of the KiVa program in Estonia. The website reflects a professional and consistent brand presence with comprehensive content targeting educators, parents, and socially responsible entities. Technically, the site is built on WordPress with modern plugins and integrations, including WooCommerce for e-commerce and Edwiser Bridge for LMS functionalities. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site demonstrates good digital maturity and trustworthiness.

D

DragDropr

dragdropr.com

61

DragDropr is a technology company specializing in a visual drag & drop page builder that integrates seamlessly with multiple CMS and e-commerce platforms such as WordPress, Magento, Shopify, and Lightspeed. The company targets website owners, agencies, content managers, and small businesses seeking an easy-to-use content creation tool without requiring coding skills. Their market position is that of a versatile, cross-platform content builder offering both standalone and white-label solutions. The website is professionally designed, with clear navigation and comprehensive content describing their services and benefits. Technically, the site is built on WordPress with the Enfold theme and uses modern plugins and analytics tools, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and policies are not fully documented. The absence of WHOIS registration data is a concern for domain legitimacy, but the overall business credibility is supported by transparent contact information and active social media presence. Strategic recommendations include improving transparency around security policies, publishing vulnerability disclosure information, and enhancing WHOIS data visibility to strengthen trust.

C

CoreTrek AS

pameldingssystem.no

55

CoreTrek AS operates the website pameldingssystem.no, offering a user-friendly event registration system branded as Pindena. The platform targets event organizers in Norway, providing services such as registration management, payment processing without transaction fees, and participant follow-up, including a mobile check-in app. The company appears to be a small-sized technology firm founded around 2019, with a consistent brand presence across multiple social media platforms. Technically, the website is built on WordPress 6.8.1, utilizing modern tools like Yoast SEO, Google Tag Manager, and a proprietary AI widget. The site is well-optimized for mobile and accessibility, with good SEO practices and moderate performance. Security posture is strong with HTTPS enforced and cookie consent implemented, although explicit security headers are not confirmed. Privacy compliance is robust, featuring a comprehensive cookie policy and GDPR-aligned consent mechanisms. However, no explicit privacy policy or terms of service pages were found, and no direct contact information is publicly visible. WHOIS data is unavailable due to Norwegian registry policies, but the domain and website content show no suspicious indicators. Overall, the site demonstrates a professional, secure, and privacy-conscious digital presence suitable for its business model.

F

Finlandia Cheese

finlandiacheese.com

70

Finlandia Cheese is a well-established brand specializing in the production and retail of high-quality Nordic cheeses and butter. The company emphasizes its Finnish heritage and commitment to natural ingredients, positioning itself as a premium dairy product provider. The website reflects a mature digital presence with professional design, clear navigation, and SEO optimization, targeting consumers interested in Nordic dairy products. Technically, the site is built on WordPress with modern plugins and integrates Google Tag Manager and CookiePro for analytics and consent management. Security posture is adequate with HTTPS enabled and cookie consent implemented; however, the absence of explicit security headers and privacy policy pages indicates room for improvement. The lack of WHOIS data for the domain raises concerns about domain registration legitimacy, warranting further investigation. Overall, the site demonstrates a solid business and technical foundation but should enhance transparency and security compliance to strengthen trust and regulatory adherence.

M

Maidonjalostajien ja meijeritukkukauppiaiden liitto ry

maidonjalostajat.fi

62

Maidonjalostajien ja meijeritukkukauppiaiden liitto ry (M2L) is a Finnish dairy industry association founded in 2011, dedicated to promoting the business interests of milk producers and the dairy industry. The website serves as an informational platform targeting dairy producers, processors, and wholesale traders, providing industry news, contact information, and organizational details. The association holds a clear market position as a representative body within Finland's dairy sector, offering advocacy and business development support to its members. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Valio custom components, ensuring good SEO, mobile responsiveness, and accessibility. The use of Google Tag Manager and Adobe Typekit fonts indicates a mature digital infrastructure. Performance is moderate with good mobile optimization and clear navigation. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with comprehensive privacy and cookie policies and an active consent mechanism. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, with minor recommendations to enhance security transparency and incident readiness.

V

Valio

valio.com

69

Valio is a well-established Finnish dairy company with over 120 years of history, specializing in innovative dairy ingredient solutions for the global food industry. Their product portfolio includes lactose-free, protein-enriched, sugar-reduced, and specialized nutrition products, supported by a strong commitment to sustainability and quality. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation targeting food industry professionals and manufacturers. Technically, the site is built on WordPress with modern plugins and analytics tools, optimized for mobile and SEO. Security posture is good with HTTPS and consent management, though some security headers and explicit policies could be improved. The WHOIS data is unavailable, which slightly reduces trust but is mitigated by strong branding and content. Overall, the site demonstrates a high level of professionalism and business credibility.

O

Oddlygood

oddlygood.com

69

Oddlygood is a plant-based food and beverage brand focused on delivering non-dairy, gluten-free products such as drinks, yogurts, desserts, cheese alternatives, and cooking essentials. The brand positions itself as a taste-revolutionary player in the retail sector, targeting consumers seeking delicious and daring plant-based options. The website is professionally designed, mobile-optimized, and SEO-friendly, leveraging WordPress and various Valio custom plugins. The technical infrastructure includes Google Tag Manager and Adobe Typekit fonts, hosted likely on Valio's CDN. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response policies are absent. The lack of WHOIS registration data is a notable concern, potentially indicating an unregistered domain or privacy-protected registration, which slightly impacts trustworthiness. Overall, the site is credible, user-friendly, and compliant with privacy regulations, but domain registration verification is recommended.

S

Sentinel Research

sentinel-research.com

59

Sentinel Research is a student-led academic organization dedicated to pioneering innovative counterintelligence solutions to enhance national security. The organization positions itself as a leader in the academic research space with a focus on interdisciplinary approaches and strategic collaborations. Their offerings include research publications, policy recommendations, and educational resources aimed at students, academics, and national security professionals. The website is built on a modern WordPress platform with SEO and analytics integrations, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced transparency and security practices.

C

Chudovo

chudovo.de

56

Chudovo is a medium-sized German-based software development company with over 15 years of market presence, specializing in custom software solutions, dedicated development teams, and IT consulting services. The company targets businesses seeking scalable, high-quality software development and maintenance, leveraging modern technologies and AI tools to enhance delivery and performance. Their market position is supported by a professional website, client testimonials, and a presence on reputable platforms like Clutch. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and SEO optimization via Yoast. Hosting and DNS are managed through Cloudflare, providing CDN and security benefits. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site enforces HTTPS and uses Cloudflare for protection but lacks explicit security headers and formal security policies or incident response disclosures. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanism, and GDPR adherence. Overall, the website and business demonstrate a solid risk posture with minor areas for improvement in security policy transparency and accessibility. The domain WHOIS data aligns well with the business claims, supporting legitimacy and trustworthiness.