Security Directory

T

Tenne Export-Import Handelsgesellschaft m.b.H.

tenne.at

40

Tenne Export-Import Handelsgesellschaft m.b.H. is a well-established Austrian retail company specializing in bathroom products and complete bathroom systems. With over 40 years of industry experience, the company operates multiple showrooms across Austria and offers an online shop, targeting both end consumers and business clients. Their product range includes bathroom furniture, fittings, tiles, showers, and accessories, supported by services such as online bathroom planning and mobile consultation. The company holds reputable certifications and awards, reinforcing its strong market position as a leading bathroom retailer in Austria. Technically, the website is built on WordPress with a variety of plugins including Yoast SEO, Borlabs Cookie for consent management, and Contact Form 7 for user interactions. The site uses Apache hosting likely provided by Telekom Austria. While the site is rich in content, well-structured, and optimized for SEO and mobile devices, it suffers from a critical security shortfall: the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Security-wise, the site lacks modern TLS protocols, HSTS headers, and email security measures such as DMARC and DNSSEC. However, it employs reCAPTCHA on forms and avoids known SSL vulnerabilities. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms in place. Contact information is abundant and clearly presented, enhancing business credibility. Overall, the website is professional, content-rich, and trustworthy from a business perspective but requires urgent improvements in SSL/TLS configuration and security headers to protect user data and improve trustworthiness. Addressing these issues will elevate the site's security score and user confidence.

B

Bob Silverstein

bobsilverstein.com

31

Bob Silverstein's website represents a small professional services business specializing in therapy, coaching, and crisis management consulting, primarily targeting individuals and organizations in high-stress professions such as investment professionals and corporate lawyers. The business is positioned as a niche provider with over 25 years of experience, offering unique tools and personalized services. The website content is well-structured and professionally presented, though lacking formal privacy and cookie policies. Technically, the site is built on WordPress with common plugins like Contact Form 7 and Yoast SEO, hosted on HostPapa infrastructure. However, the site suffers from poor performance with a very slow load time and large page size. Mobile optimization and accessibility are basic, and SEO is adequately addressed through Yoast. From a security perspective, the site has significant weaknesses: no valid SSL certificate or HTTPS support, no security headers, and malformed DNS CAA records. While Google reCAPTCHA is implemented to protect forms, the lack of HTTPS and other security best practices exposes the site to risks. No incident response or vulnerability disclosure policies are present, and privacy compliance is minimal. Overall, the site is functional and credible as a professional service platform but requires urgent improvements in security and privacy compliance to protect users and enhance trust.

Häuser zum Leben is Austria's largest provider of senior care and housing services, operating 30 pensioners' homes and 135 clubs in Vienna. The organization focuses on providing accommodation, care, assisted living, dementia support, and social activities for senior citizens. Their business model is non-profit, emphasizing quality of life and integration for seniors. The website is professionally designed, content-rich, and targets senior citizens and their families in Vienna. Technically, the site runs on WordPress with modern plugins and optimizations, but suffers from critical security issues due to lack of a valid SSL certificate and disabled TLS protocols, which significantly impact its security posture. Privacy compliance is strong with GDPR-aligned cookie consent and privacy policies. Contact information and social media presence are clear and professional. Overall, the site is trustworthy but urgently needs to address its SSL/TLS configuration to improve security and user trust.

U

Umdasch Group

umdaschgroup-ventures.com

35

Umdasch Group is a large Austrian manufacturing and retail company specializing in comprehensive lifecycle solutions for building projects. Their subsidiaries include Doka, a global leader in formwork and scaffolding, umdasch The Store Makers focusing on retail space planning, and Industrial Solutions providing specialized industrial scaffolding and safety services. The company emphasizes sustainability and digital innovation as core drivers of their business model. Technically, the website is built on WordPress with modern plugins and multilingual support, hosted on Azure DNS. However, a critical security weakness is the invalid SSL certificate and lack of TLS protocol support, which undermines secure communications. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is professional and content-rich, but the security posture requires urgent improvement to protect user data and maintain trust.

W

Wolfram Bergbau und Hütten AG

wolfram.at

39

Wolfram Bergbau und Hütten AG is a medium-sized Austrian company specializing in the mining, refining, and recycling of tungsten-based products. It holds a strong market position as a leading global supplier of high-quality tungsten powders. The company operates multiple sites including mining in Mittersill, refining in St. Martin, and recycling centers in Austria and India. The website is professionally designed using WordPress with the Divi theme and includes comprehensive content in German and English, targeting industrial clients and potential employees. Technically, the site uses modern SEO and analytics tools but suffers from a critical lack of valid SSL/TLS configuration, impacting security posture. Privacy compliance is well implemented with GDPR-aligned cookie consent mechanisms and a detailed privacy policy. Business credibility is supported by ISO certifications and transparent contact information. Overall, the website is trustworthy and professional but requires urgent security improvements to enable HTTPS and modern TLS protocols.

Prime Signs Ltd is a small New Zealand-based company specializing in commercial signage and sign writing services primarily serving the Auckland region. With over 18 years of industry experience, the company offers a wide range of signage solutions including building signage, safety signs, illuminated signage, vehicle graphics, and promotional displays. The website reflects a professional and consistent brand presence with clear service offerings and contact information. Technically, the site is built on WordPress with common plugins for SEO, galleries, and social sharing, indicating a moderate level of digital maturity. However, the absence of HTTPS and critical security headers represents a significant security risk. Privacy compliance is lacking as no privacy or cookie policies are present. Overall, the business appears legitimate and established, but the website's security posture requires urgent improvement to protect user data and build trust.

E

ertex solar

ertex-solar.at

40

Ertex solar is a specialized company focused on building-integrated photovoltaics (BIPV), offering innovative solar energy solutions integrated into architectural elements such as façades, balconies, and roofs. With a strong emphasis on aesthetics and energy transition, the company serves architects, developers, and environmentally conscious clients globally. The website reflects a mature digital presence with professional design, multilingual support, and comprehensive product information. Technically, the site runs on a modern WordPress stack with SEO and performance optimizations, hosted on OVHcloud. Security posture is solid with HTTPS and multiple security headers, though SSL/TLS protocol support requires enhancement. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the domain and WHOIS data corroborate the legitimacy and consistency of the business claims.

I

IC Resources

ic-resources.com

40

IC Resources is a well-established technology recruitment agency specializing in deep tech sectors such as software, semiconductor, electronics, and manufacturing. Founded in 1999, it operates globally with offices in the UK, Germany, and the USA. The company connects innovative organizations with highly skilled technology professionals, offering services including job search assistance, CV advice, and talent acquisition for clients. The website reflects a professional and comprehensive digital presence with rich content and client testimonials, positioning IC Resources as a trusted partner in the technology recruitment market. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Contact Form 7, supported by a PHP 8.2 backend and hosted via StackCDN. While the site is mobile-optimized and SEO-friendly, performance metrics are not available, and accessibility is basic. The absence of a valid SSL certificate and HTTPS support is a critical security shortfall, exposing users to potential risks. Security headers are present but insufficient to compensate for the lack of encryption. Privacy compliance is partially met with a privacy policy present, but no cookie consent mechanism is detected. Overall, the security posture is weak due to missing HTTPS and TLS protocols, which should be addressed urgently. The business credibility is strong, supported by consistent WHOIS data and transparent contact information. Strategic recommendations include immediate SSL/TLS implementation, enhanced security headers, and improved privacy and cookie consent mechanisms to align with GDPR requirements and user trust expectations.

W

WILD GmbH

wild.at

40

WILD GmbH is a well-established Austrian technology partner specializing in contract development and manufacturing of optomechatronic systems, serving sectors such as medical technology, in-vitro diagnostics, optical metrology, laboratory, laser, and semiconductor technology. The company has a strong market position with decades of experience and multiple subsidiaries, offering comprehensive services including development, production, and supply chain management. Their website reflects a mature digital presence with multilingual support, professional design, and rich content tailored to their target audience of technology and healthcare companies. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WPBakery Page Builder, hosted on infrastructure associated with a1.net. The site demonstrates good performance, mobile optimization, and accessibility. Security headers and SSL configurations are robust, with HSTS, CSP, and XSS protections in place, although some improvements like enabling HSTS preload and DMARC records are recommended. The security posture is strong with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well managed through Borlabs Cookie consent mechanisms and a comprehensive privacy policy. Contact information is clear and detailed, supporting business credibility. Overall, the website scores highly in content quality, technical implementation, security, privacy compliance, and business credibility, indicating a trustworthy and professional online presence.

E

ECM Label Production GmbH / ECM Marking Solutions GmbH

ecm.at

36

ECM.at represents a medium-sized Austrian manufacturing business specializing in label production and marking solutions with approximately 40 years of industry experience. The company offers a comprehensive range of services including label printing, dispensing systems, coding technologies, and engineering solutions tailored to various industries such as food packaging, automotive, electronics, and pharmaceuticals. The website reflects a professional B2B business model targeting companies requiring marking and labeling services. Technically, the site is built on WordPress with modern plugins and SEO optimizations but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS, absence of security headers, and no incident response or security policy disclosures. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

L

LOOP21 Mobile Net GmbH

loop21.net

22

LOOP21 Mobile Net GmbH is a specialized provider of WLAN hotspot management software, offering customizable and legally compliant solutions primarily targeting businesses in tourism, hospitality, retail, and public sectors. The company operates a professional WordPress-based website with good content quality and clear business information, including contact details and social media presence. Technically, the site uses modern WordPress plugins and themes but lacks a valid SSL certificate, resulting in no HTTPS support and weak security posture. The cookie consent mechanism is GDPR compliant, reflecting awareness of privacy regulations. However, the absence of security headers and proper SSL configuration exposes the site to potential risks. Overall, the business appears legitimate and consistent with its domain registration data, but security improvements are critical to enhance trust and protect user data.

D

Daxner & Merl GmbH

daxner-merl.com

37

Daxner & Merl GmbH is a Vienna-based consultancy specializing in sustainability strategy and environmental management services. Their website presents a professional image with clear descriptions of their key services such as life cycle assessment, environmental product declarations, sustainable building consulting, and building certification. The company targets organizations and businesses seeking expert sustainability consulting, positioning itself as a niche player in the Austrian market. The website is built on WordPress and uses common technologies including Apache, Bootstrap, and Google Analytics for tracking. However, the site lacks a valid SSL certificate, which is a critical security shortfall. The absence of HTTPS undermines user trust and exposes visitors to potential risks. Privacy compliance is minimal, with no cookie consent mechanism and only a basic privacy policy present. Contact information is limited but includes a verified company email and physical address. Overall, the site is functional and professional but requires urgent security and privacy improvements.

H

Hirsch Technology

hirsch-technology.com

40

HIRSCH Technology is a well-established manufacturer and technology leader in the EPS machine industry with over 35 years of experience. The company offers a comprehensive range of high-quality machines and turnkey plants for processing EPS, EPP, and molded pulp, serving multiple industrial sectors including construction, electrical, food, and packaging. Their market position is strong, supported by multiple locations across Europe and a parent group, HETech, which consolidates their industry presence. Technically, the website is built on a modern WordPress platform with various plugins for SEO, performance, and social media integration, but lacks a valid SSL certificate, which is a significant security concern. The security posture is basic with some security headers present but no active TLS protocols or strong cipher suites, exposing the site to potential risks. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism in place. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

S

SanLucar Fruit S.L.U.

sanlucar.com

39

SanLucar Fruit S.L.U. is a well-established company specializing in fresh fruits, vegetables, and related products, with a strong emphasis on quality, sustainability, and natural health benefits. The website reflects a mature digital presence with comprehensive product categories, corporate responsibility initiatives, and multilingual support targeting consumers and business partners globally. Technically, the site is built on WordPress with modern plugins and a reputable theme, offering good SEO and user experience. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to potential risks and undermining trust. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting responsible data handling. Overall, while the business and content quality are high, urgent improvements in SSL/TLS implementation are necessary to enhance security and user trust.

S

STUDEN & CO Holding

sco-group.com

23

STUDEN & CO Holding is an international agribusiness holding company specializing in the processing, trading, and distribution of agricultural commodities such as sugar, edible oils, oilseeds, and grains. The company operates through subsidiaries including AGRANA-STUDEN Group and BIMAL Group, targeting agribusiness stakeholders and investors. The website presents a professional corporate image with multilingual support and clear business descriptions. Technically, the site is built on WordPress with common plugins like Yoast SEO and Visual Composer, but suffers from outdated PHP and lack of HTTPS, impacting security and performance. Security posture is weak due to missing SSL, no modern TLS support, and absence of advanced security headers. Privacy compliance is minimal with no visible privacy policy but a cookie consent banner is present. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

D

Danube Shipping Management Service GmbH

dsms.at

23

Danube Shipping Management Service GmbH is a medium-sized logistics and shipping management company based in Vienna, Austria, established in 1991. The company ranks among the top 50 logistics providers in Austria and offers key services including transport, agency, and port management. Their business model focuses on providing comprehensive logistics solutions to industrial clients such as Voestalpine and HBIS. The website reflects a professional business presence with clear branding and relevant content targeted at business customers in the transportation sector. Technically, the website is built on WordPress and uses common web technologies such as jQuery, Google Analytics, and Yoast SEO for optimization. However, the site suffers from slow load times and lacks modern security configurations. The absence of a valid SSL certificate and HTTPS support is a critical vulnerability, exposing users to potential data interception risks. The site also lacks cookie consent mechanisms and comprehensive privacy compliance features, which may pose regulatory risks under GDPR. From a security perspective, the website has significant weaknesses including no HTTPS, no security headers, and no incident response or vulnerability disclosure information. While the company holds recognized certifications such as ISO 9001:2015 and FIATA, the digital security posture is weak and requires urgent improvements to protect business and customer data. Overall, the website demonstrates moderate business credibility and content quality but is hindered by poor security practices and compliance gaps. Strategic recommendations include immediate SSL implementation, enhanced privacy compliance, and adoption of security best practices to improve trust and reduce risk.

C

Christof Group

christof-group.at

26

Christof Group is a large, family-owned industrial group specializing in critical process equipment manufacturing and plant engineering services, operating across Austria, Germany, and Slovenia. The company is positioned as a world leader in its sector with a strong portfolio of subsidiaries and a history of over 150 years in the industry. The website reflects a professional B2B business model targeting industrial clients in energy, petrochemical, and pharmaceutical sectors. Technically, the site is built on WordPress with modern SEO and multilingual capabilities but lacks HTTPS, which is a significant security shortfall. The security posture is weak due to the absence of SSL/TLS encryption and limited security headers, exposing the site to potential risks. Privacy compliance is addressed with a cookie consent mechanism and privacy policy, but incident response and security policies are missing. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

SPAR International

spar-international.com

32

SPAR International is a well-established global voluntary food retail group founded in 1932, operating over 13,900 stores across 48 countries. The business model focuses on licensed wholesalers and retailers working in partnership to deliver diverse store formats and retail solutions. The website reflects a mature digital presence with comprehensive content, clear navigation, and a focus on partner engagement and responsible retailing. Technically, the site is built on WordPress with common plugins and libraries, but suffers from significant security shortcomings including lack of a valid SSL certificate and DNS configuration issues. Privacy compliance is well addressed through Cookiebot consent management and a comprehensive privacy policy. However, the absence of HTTPS and security headers poses risks to user data and trust. Overall, the site is professional and content-rich but requires urgent security improvements to align with best practices and user expectations.

M

MCR

morse.com

40

MCR is a well-established and large hotel management and ownership company, recognized as the third largest hotel owner-operator in the United States. The company operates a diverse portfolio of hotels across multiple states and brands, with a strong reputation supported by numerous industry awards and recognitions. The website reflects a mature business with a professional online presence, targeting investors, partners, and hospitality professionals. Technically, the website is built on WordPress with a modern tech stack including jQuery and Google Maps integration, but suffers from a lack of HTTPS due to an invalid or missing SSL certificate, which significantly impacts its security posture. Security headers are well implemented, but the absence of SSL and modern TLS protocols is a critical vulnerability. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of use, but the lack of a cookie consent mechanism is a gap. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

L

LVA GmbH

lva-gmbh.at

37

LVA GmbH is a well-established Austrian company specializing in food safety, quality control, certification, and training services primarily targeting the food, cosmetics, pharmaceutical, and supplement industries. Founded in 1926, it holds a strong market position as a leading competence center in the Central and Eastern European region, serving clients in over 80 countries. The company offers a comprehensive portfolio including laboratory analyses, expert assessments, inspections, research, and educational seminars. Technically, the website is built on WordPress with modern SEO and cookie consent tools, but lacks a valid SSL certificate, which impacts security and user trust. The security posture is basic with no HTTPS, no HSTS, and missing advanced security headers, exposing the site to potential risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent security improvements to align with best practices.

C

CBmed GmbH

cbmed.org

23

CBmed GmbH is a public-private partnership based in Graz, Austria, specializing in biomarker research to advance applied precision medicine and personalized healthcare. The organization collaborates globally with over 50 partners from academia and industry, focusing on innovative technologies such as ex vivo compound screening, microbiome research, and data science. Their business model centers on research and development services, supported by funded projects and a commitment to quality and innovation. The website reflects a mature, professional entity with consistent branding and comprehensive content tailored to healthcare professionals and collaborators. Technically, the website is built on WordPress with modern plugins like Yoast SEO and WPForms, hosted on an Apache server. While the site is mobile-optimized and SEO-friendly, performance metrics indicate slow loading times. Security posture is weak due to the absence of HTTPS, lack of security headers, and missing DNSSEC, exposing the site to potential risks. No explicit security or incident response policies are published, which could impact trust and compliance. Overall, the domain registration data aligns well with the business claims, showing a consistent and legitimate presence since 2014. Contact information is clearly provided, including multiple physical locations, email, phone, and a contact form. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms in place. However, the critical lack of SSL/TLS encryption significantly lowers the security score and poses a risk to user data confidentiality. Strategically, CBmed should prioritize implementing HTTPS, enhancing security headers, and publishing security policies to improve trust and compliance. The website’s strong content and business credibility provide a solid foundation for growth and partnership expansion, but technical and security improvements are essential to safeguard operations and reputation.

M

MMX e.U.

silberdraht.agency

37

Silberdraht Agency is a small Austrian online marketing firm specializing in services tailored for the BestAger demographic (age 50+). Founded in 2019 and operated by MMX e.U., the agency offers website analysis, creation, optimization, search engine marketing, social media marketing, and newsletter distribution. Their market position is niche-focused with a dedicated team and partnerships that enhance their service offerings. Technically, the website runs on WordPress with popular plugins and themes, but lacks HTTPS, which is a critical security shortfall. The site is mobile-optimized and SEO-friendly but suffers from slow or unmeasured performance. Security posture is weak due to missing SSL and security headers, and privacy compliance is minimal with no cookie consent mechanism. Overall, the business appears legitimate and consistent with its domain registration data, but security improvements are urgently needed.

G

Gymnasium Camphusianum

camphusianum.nl

36

Gymnasium Camphusianum is a small, community-oriented gymnasium school located in Gorinchem, Netherlands, providing secondary education focused on broad academic knowledge and personal development. The website reflects a well-structured educational institution with clear communication channels, active social media presence, and comprehensive privacy and cookie policies compliant with GDPR. Technically, the site is built on WordPress with modern plugins and themes, leveraging Cloudflare CDN for content delivery. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. This exposes users to potential data interception risks and reduces trustworthiness from a security perspective. Overall, while the content and business credibility are strong, the lack of HTTPS is a major vulnerability that must be addressed promptly.

L

Lebenshilfe Österreich

lebenshilfe.at

19

Lebenshilfe Österreich is a well-established non-profit organization dedicated to advocating for the rights and support of people with intellectual and multiple disabilities across Austria. Serving as the umbrella organization for regional Lebenshilfe groups, it offers services including support, advocacy, public relations, and organizes events such as the Austrian Inclusion Prize. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency targeting individuals and stakeholders interested in disability rights and inclusion. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Cookiebot for consent management. It uses Apache hosting with DNS managed by easyname.eu. Accessibility features and structured data are implemented, enhancing user experience and SEO. However, performance metrics are not provided. From a security perspective, the site lacks a valid SSL/TLS certificate, exposing it to significant risks and undermining user trust. No advanced security headers or protocols are configured, and no incident response or security policies are publicly disclosed. Cookie consent is properly implemented, and privacy policies are present and GDPR compliant. Overall, while the website excels in content quality, user experience, and privacy compliance, the absence of HTTPS is a critical vulnerability that must be addressed immediately to protect users and maintain credibility. Strategic improvements in security posture and transparency around security policies are recommended to enhance trust and resilience.

F

F/LIST

f-list.at

38

F/LIST is a well-established Austrian family business specializing in luxury interior outfitting for business jets, private jets, and high-end living spaces such as hotels. The company emphasizes craftsmanship, innovation, and premium materials, positioning itself as a global leader in the luxury interiors market. The website reflects a professional and consistent brand image with multilingual support and rich content tailored to its affluent target audience. Technically, the site is built on WordPress with modern plugins and libraries, hosted on Hostinger with LiteSpeed server technology. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which critically impacts secure communications. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a clear privacy policy. Contact information is transparent and includes multiple channels, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

E

EBNER Industrieofenbau GmbH

ebner.cc

35

EBNER Industrieofenbau GmbH is a well-established global leader in manufacturing heat treatment furnace facilities for the steel, aluminum, and copper base metal industries. The company is family-owned, founded in 1948, and headquartered in Austria. Their website reflects a mature digital presence with multilingual support, professional content, and clear business information targeting industrial B2B customers. Technically, the site runs on WordPress with modern plugins and Cloudflare CDN, but suffers from critical SSL/TLS misconfiguration, lacking a valid HTTPS certificate and modern protocol support, which severely impacts security posture. Privacy compliance is well addressed with GDPR cookie consent and a comprehensive privacy policy. However, no explicit security policy or incident response information is publicly available, which could be improved to enhance trust. Overall, the site is professional and credible but requires urgent security upgrades to protect visitors and maintain reputation.

B

BMTS Technology

bmts-technology.com

25

BMTS Technology is a medium-sized, globally active Tier 1 automotive supplier specializing in powertrain and clean mobility technologies including turbochargers, electric turbo systems, heat pump compressors, and fuel cell boosters. The company targets automotive manufacturers and suppliers focused on new energy vehicles and autonomous driving technologies. The website is built on WordPress with a modern tech stack including PHP 8.2 and popular plugins for SEO and multilingual support. However, the site lacks a valid SSL certificate, resulting in no HTTPS, which is a critical security vulnerability. Security headers and advanced security practices are minimal. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is primarily via a contact form with no direct emails or phone numbers visible. Overall, the site presents professional content and branding but requires urgent security improvements to protect user data and enhance trust.

F

Fuhrparkverband Austria

fuhrparkverband.at

36

Fuhrparkverband Austria (FVA) is a specialized Austrian platform dedicated to fleet management information and networking. It serves as an independent voice and competence partner for fleet operators, companies, and policymakers in Austria. The organization offers membership-based services including events, seminars, newsletters, and surveys to foster knowledge exchange and professionalization in corporate mobility management. The website reflects a medium-sized organization with a clear focus on the transportation sector and a strong presence in Austria. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks HTTPS, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The site integrates Google Analytics and Mailchimp for marketing and analytics purposes. Social media presence is robust across major platforms. Overall, the site is professional and content-rich but requires urgent security improvements to enable HTTPS and modern TLS protocols.

P

Polizeichor Dortmund

polizeichor-dortmund.de

23

Polizeichor Dortmund is a small, local non-profit choir organization based in Germany, founded in 1909. The choir serves as a bridge between the police and the community, inviting all interested individuals to participate regardless of prior choral experience. Their website provides information about rehearsal times, locations, and upcoming events, targeting local citizens and choir enthusiasts. Technically, the website is built on WordPress with a standard Apache/PHP hosting environment and uses common plugins such as Yoast SEO for optimization. However, the site lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes visitors to potential risks and undermines trust. Security headers are minimal, and no advanced security policies or incident response information is provided. Privacy compliance is basic, with a privacy policy page present but no cookie consent mechanism or GDPR-specific notices. Overall, the website is functional and informative but requires significant improvements in security and privacy to meet modern standards.

H

HTL Zeltweg

htl-zeltweg.at

34

HTL Zeltweg is a medium-sized Austrian educational institution specializing in technical and vocational education, particularly in mechanical engineering and construction technology. The website reflects an active institution with a focus on practical training, robotics, and international cooperation. The technical infrastructure is based on WordPress with a modern plugin ecosystem, but suffers from critical security shortcomings such as the absence of HTTPS and a valid SSL certificate. The lack of cookie consent and privacy compliance mechanisms further reduces trustworthiness. While the site provides clear contact information and social media presence, the security posture is weak, exposing the institution to risks related to data interception and user trust. Strategic improvements in SSL deployment, security headers, and privacy compliance are essential to enhance the institution's digital maturity and protect its stakeholders.

S

Sipwise GmbH

sipwise.com

40

Sipwise GmbH is a medium-sized telecommunications software company specializing in Class 5 VoIP softswitch solutions, unified communications, Cloud PBX, mobile VoIP clients, and WebRTC-based products. Their market position targets telecom operators, ISPs, and both B2B and residential customers, offering advanced and scalable communication platforms. The website is professionally designed with rich content and clear navigation, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and themes, hosted on Google Cloud infrastructure. However, the lack of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to risks and reducing trust. Security headers are present but their effectiveness is limited without proper SSL. Privacy and cookie policies are implemented with consent mechanisms, indicating good privacy compliance. Contact information is available primarily through a contact page and social media channels, but no direct emails or phone numbers are explicitly listed. Overall, the site demonstrates strong business credibility and content quality but requires urgent improvements in security configuration to meet modern standards.

C

CAPESPAN | We Deliver

capespan.com

27

Capespan is a large, established global distributor, marketer, and producer of fresh fruit with a strong market position supported by recognized brands such as Cape, Outspan, Outspan Gems, and Goldland. The company operates an integrated business model encompassing fruit growing, packing, marketing, and distribution, serving grower partners and retail customers worldwide. Their website reflects a professional and content-rich digital presence with active social media engagement and regular press updates. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and social media integration, hosted on Apache servers. However, the lack of a valid SSL certificate and absence of HTTPS significantly undermine the security posture, exposing users to risks. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect data and maintain trust.

B

Bullhorn

invenias.com

40

Bullhorn is a well-established enterprise SaaS provider specializing in cloud-based staffing and recruitment software solutions, including the Invenias executive search platform. The company serves a global customer base with a comprehensive suite of products designed to streamline recruitment processes, enhance compliance, and improve business development efforts. The website reflects a mature digital presence with strong branding, professional content, and targeted messaging for staffing firms and executive search professionals. Technically, the site leverages WordPress CMS, integrates marketing automation tools like Marketo, and employs standard web technologies such as jQuery and Slick Carousel. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which is a critical vulnerability that undermines user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent via OneTrust, and GDPR adherence. Overall, the site is professional and credible but requires urgent remediation of SSL issues to ensure secure user interactions.

syslab.com GmbH is a well-established German software company specializing in content management, risk assessment, and digital collaboration solutions. With over 25 years of experience, it holds a strong market position as a leading Plone and Python developer in Germany, serving a diverse clientele including enterprises, government agencies, and research institutions. The company emphasizes open source contributions and maintains strategic partnerships with notable organizations. Technically, the website is built on WordPress with modern themes and SEO plugins, offering a rich user experience and good mobile optimization. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, syslab.com demonstrates strong business credibility and digital maturity but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

Elfriede Gerdenits operates a personal professional website focused on authoring, career consulting, and media contributions primarily in Austria. The site targets individuals interested in career development, coaching, and personal growth, leveraging a small business model centered on content publishing and consulting services. Technically, the website is built on WordPress with a standard Apache/PHP stack and uses common plugins for SEO and social media integration. However, the site lacks HTTPS support, which is a critical security shortfall. Security posture is weak due to missing SSL, lack of security headers, and no advanced TLS features. Privacy compliance is basic, with a privacy policy page present but no explicit GDPR compliance indicators or cookie consent mechanisms beyond a basic EU cookie law plugin. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

D

Dataphone GmbH

dataphone.at

25

Dataphone GmbH is an Austrian company specializing in digitalizing supply chain processes, offering innovative software and hardware solutions primarily for warehouse logistics, transport, and retail sectors. Their market position is strong within Austria, providing comprehensive services including warehouse management systems (LOGIS 4 and LOGIS Light), hardware products like barcode scanners and label printers, and professional maintenance and support services. The company targets businesses seeking to modernize and optimize their logistics and supply chain operations through digital transformation. Technically, the website is built on WordPress with a modern theme and uses a variety of plugins for SEO, performance optimization, cookie consent, and analytics. However, a critical security shortfall is the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. The site employs Google Analytics, Google Tag Manager, and other marketing tools with proper consent mechanisms, indicating good privacy compliance. Contact information and business details are clearly presented, enhancing business credibility. Overall, while the business and technical maturity are good, urgent improvements in security infrastructure are necessary to protect user data and build trust.

V

Vela Labs

vela-labs.at

28

Vela Labs GmbH is a GLP and GMP certified contract laboratory specializing in analytical services for pharmaceutical and biotechnology companies. The company supports all phases of drug development with services including physico-chemical analysis, ligand binding assays, cell based assays, microbiological analysis, clinical sample analytics, and GMP storage. As part of the Tentamus Group, Vela Labs positions itself as a trusted partner with strong compliance credentials and a focus on quality and regulatory adherence. The website demonstrates a professional digital presence built on WordPress with SEO and analytics integrations, targeting pharma and biotech professionals. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the company shows a solid market position but should urgently address its SSL/TLS configuration to improve security posture and user confidence.

D

Ditech

ditech.com.br

24

Ditech is a Brazilian technology company founded in 2001 specializing in custom software development, IT outsourcing, and consulting services. The company targets businesses seeking tailored technology solutions and has an established market presence supported by a portfolio of client cases and active social media engagement. The website is built on WordPress with several plugins including Yoast SEO and HubSpot integration, indicating a moderate level of digital maturity. However, the site lacks HTTPS, which is a critical security shortfall, and uses outdated libraries that may expose it to vulnerabilities. No privacy or cookie policies are published, reflecting gaps in compliance. Overall, while the business appears legitimate and professional, the security posture requires urgent improvement to protect user data and enhance trust.

P

promitto organisationsberatung gmbh

promitto.at

26

promitto organisationsberatung gmbh is a small Austrian consulting firm specializing in organizational development, leadership coaching, and change management. Their website presents a professional image with clear descriptions of their services, targeting organizations and leadership teams seeking vitality and transformation support. The technical infrastructure is based on WordPress with common plugins like Yoast SEO and Contact Form 7, but lacks a valid SSL certificate, which is a significant security concern. The site includes GDPR-compliant privacy and cookie policies with consent mechanisms, but no terms of service or explicit security policies are found. Contact information is clearly provided, including email, phone, and physical address, enhancing business credibility. Overall, the website is functional and informative but requires urgent security improvements to protect user data and improve trust.

B

bluesource - mobile solutions gmbh

bluesource.at

23

bluesource - mobile solutions gmbh is a well-established Austrian company specializing in mobile app development and digital transformation services primarily for banking, retail, and industrial sectors. With over 20 years of experience, the company offers a comprehensive suite of services including app development, strategy and consulting, UX/UI design, accessibility, and data/AI solutions. Their market position is strong, supported by a portfolio of notable clients and an ISO 27001 certification that underscores their commitment to security and quality. The website is professionally designed, content-rich, and well-structured, targeting B2B clients seeking digital innovation. Technically, the site is built on WordPress with modern frontend libraries and integrates marketing tools such as HubSpot forms. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines the overall security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Social media presence and trust indicators further enhance business credibility.

G

Gottschligg

gottschligg.com

29

Gottschligg is a medium-sized manufacturing company based in Austria specializing in the development and delivery of customized and standard load carriers for industrial clients, particularly in the automotive and manufacturing sectors. The company offers a range of products including special load carriers, universal load carriers, plastic and textile carriers, wooden carriers, and repair services. Their website reflects a professional and consistent brand presence with clear contact information and compliance with GDPR and cookie consent regulations. Technically, the site is built on WordPress with Yoast SEO and jQuery, hosted on Google Cloud infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly weakens their security posture. Security headers are properly configured but cannot compensate for the lack of encryption. Overall, the site is accessible and well-structured but requires urgent security improvements to protect user data and enhance trust.

D

Distillery | Paranormal Agency

distillery.cc

20

Distillery | Paranormal Agency is a small creative agency based in Austria specializing in transformative branding, experiential marketing, media production, and communication design. The company positions itself as a niche player focusing on immersive and genuine cultural experiences. The website is built on WordPress with a modern tech stack including Yoast SEO and Contact Form 7, but lacks a valid SSL certificate, which is a critical security concern. The site implements cookie consent mechanisms indicating GDPR awareness but lacks explicit privacy policy and terms of service pages. Contact information including company emails and physical address is clearly presented, alongside active social media profiles. Overall, the website is professionally designed with good content quality and navigation but suffers from poor security posture due to missing HTTPS.

hoog.at is a small, community-driven alternative social network and blog platform primarily focused on social activism, photography, and personal projects by Wolf Hoog and collaborators. The website targets a German-speaking audience interested in social causes and alternative culture. It leverages WordPress with BuddyPress and ActivityPub plugins to provide social networking features and content sharing. The site has a moderate market position within its niche and maintains a consistent, good-quality content offering with active social media channels. Technically, the site runs on Apache and is hosted by easyname.eu, but suffers from a lack of valid SSL/TLS certificates, resulting in insecure HTTP connections. Performance data is missing, and mobile optimization is basic. Security posture is weak due to missing HTTPS, lack of strong security headers, and no modern TLS protocols enabled. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Business credibility is moderate, supported by consistent domain registration and social media presence but limited direct contact information. Overall, the site is functional but requires significant security and privacy improvements to enhance user trust and compliance.

S

SPIDI Friedl & Partner Unternehmensberatungs GmbH

spidi.at

28

SPIDI Friedl & Partner Unternehmensberatungs GmbH operates a professional language and intercultural learning institute based in Vienna, Austria. The company offers a broad portfolio of language courses, including group and individual training, online courses, and certification test centers such as ÖSD and Linguaskill. The business targets both private individuals and corporate clients, positioning itself as a quality provider in adult education with recognized certifications. The website reflects a mature digital presence built on WordPress with modern SEO and consent management tools, supporting GDPR compliance. However, the absence of a valid SSL certificate undermines the security posture and user trust. The company maintains clear contact channels and social media engagement, enhancing business credibility.

A

Amadeus International School Vienna

amadeus-vienna.com

28

Amadeus International School Vienna is a well-established private international school offering IB education and boarding services with a unique integrated Music and Arts Academy. The school targets international students and families seeking high-quality education in Vienna. The website is professionally designed with rich content and multimedia, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

Schullin Wien is a well-established luxury jewelry and watch retailer based in Vienna, Austria, with a rich family tradition dating back to 1802 and formal business founding in 1974. The company specializes in fine jewelry design and manufacturing, luxury watch sales including Rolex, and certified pre-owned Rolex watches. Their market position is strong within the luxury retail sector, targeting affluent customers seeking unique and high-quality pieces. The website reflects a mature digital presence with multilingual support, rich content, and integration of modern web technologies such as WordPress, WooCommerce, Alpine.js, and Swiper.js. Marketing and analytics tools like Google Analytics, Facebook Pixel, and Adobe Analytics are actively used with GDPR-compliant cookie consent mechanisms in place. However, the security posture is significantly weakened by the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability that undermines user trust and data protection. The site employs standard security headers but lacks advanced protections such as HSTS and OCSP stapling. Overall, the business credibility and content quality are high, but urgent remediation of SSL/TLS issues is necessary to ensure secure user interactions and compliance with best practices.

W

Werner Mertz Professional

wmprof.com

31

Werner Mertz Professional is a medium-sized manufacturing company specializing in high-performance hygiene solutions for professional cleaning markets. With over 50 years of history and a strong commitment to sustainability, the company operates under well-known brands such as Green Care Professional and Tana Professional. The website reflects a mature digital presence with comprehensive content, professional design, and strong SEO practices. However, the lack of a valid SSL certificate and proper HTTPS configuration represents a significant security risk that undermines user trust and data protection. The company has implemented cookie consent mechanisms and privacy policies compliant with GDPR, indicating awareness of privacy regulations. Overall, the business is credible and well-positioned in its sector but must urgently address its security posture to meet modern standards.

B

BBMRI-ERIC

bbmri-eric.eu

26

BBMRI-ERIC is a European research infrastructure focused on biobanking and biomolecular resources, supporting researchers in health and life sciences to find new treatments. Established in 2013 and headquartered in Graz, Austria, it provides a range of services including a directory of biobank metadata, federated platforms for privacy-preserving data queries, and quality management. The website reflects a mature organization with consistent branding and professional content aimed at the scientific community. Technically, the site is built on WordPress with a variety of plugins supporting SEO, newsletter management, and social media integration. However, the site lacks HTTPS and a valid SSL certificate, which is a critical security vulnerability. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy but requires urgent security improvements to protect user data and maintain credibility.

G

Gantner Instruments

gantner-instruments.com

40

Gantner Instruments is a medium-sized technology company specializing in modular and scalable data acquisition solutions for industrial testing and monitoring applications across sectors such as energy, aerospace, and mobility. The company offers a comprehensive portfolio of hardware, software, and technical support services, positioning itself as a market leader with a global presence. Technically, the website is built on a modern WordPress CMS with Elementor and optimized for performance and SEO, though it lacks a valid SSL certificate, which is a significant security concern. Security headers are well implemented, but the absence of HTTPS and TLS protocols reduces the overall security posture. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Business credibility is strong, supported by clear contact information, partner logos, and customer testimonials. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS implementation to enhance security and user trust.

F

Freiform Werkzeugbau GmbH

freiform.eu

23

Freiform Werkzeugbau GmbH is a small manufacturing company specializing in tooling, plastic, aluminum, and graphite electrode products, serving clients primarily in Austria, Switzerland, and Germany. The website is built on WordPress with a modern tech stack including PHP 8, Yoast SEO, and GDPR-compliant cookie management. However, the site lacks a valid SSL certificate, exposing it to security risks and reducing trustworthiness. Legal and privacy documentation is comprehensive and GDPR compliant, with a cookie consent mechanism in place. The site uses Matomo for analytics, indicating a moderate level of user tracking with privacy considerations. Overall, the business presents a professional image but must urgently address its lack of HTTPS to improve security and user trust.