Security Directory

T

SEO Optimeerimine | Teie Ettevõte

taddy.ee

35

The website www.taddy.ee is a small Estonian SEO service provider specializing in both internal and external SEO optimization, competitor analysis, and targeted advertising. The business targets companies seeking to improve their search engine visibility and website traffic. The site presents clear service packages with pricing and showcases client examples, indicating a focused and professional approach. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, and Google Analytics, with a responsive design and good navigation. However, there are gaps in privacy compliance, as no privacy or cookie policies are published, and contact information is limited to a web form without direct emails or phone numbers. Security posture is moderate with HTTPS enabled but lacking explicit security headers and vulnerability disclosures. Overall, the site is functional and professional but would benefit from enhanced privacy and security practices to improve trust and compliance.

C

Constructive

constructive.net.au

67

Constructive is a specialist recruitment consultancy operating in Australia since 2003, focusing on the Built Environment and Infrastructure sectors. The company offers permanent and contract recruitment solutions, franchise opportunities, and tailored hiring services to employers and jobseekers. The website reflects a professional and consistent brand with clear navigation and relevant content. Technically, the site uses modern web technologies including service workers, Google Analytics, and Elfsight widgets, hosted likely by Identity Digital Australia. Security posture is good with HTTPS and captcha-protected forms, but lacks explicit security headers and published privacy or cookie policies. WHOIS data is incomplete but registrar information aligns with Australian domain administration, supporting legitimacy. Overall, the site is functional and trustworthy but could improve compliance and security transparency.

The website cityntel.com represents a small Chinese company specializing in the rental, leasing, sales, and recycling of diesel generators ranging from 30KW to 2000KW, focusing on imported brands such as Cummins, Mitsubishi, and Caterpillar. The target audience includes infrastructure sectors such as railway, transportation, municipal engineering, real estate, factories, hotels, and construction sites. The business model is primarily service-oriented, providing equipment solutions tailored to client needs. The website content is primarily in Simplified Chinese and provides product listings, case studies, team introductions, and news updates related to diesel generators. Technically, the website is built on the EmpireCMS platform, utilizing standard web technologies including HTML5, CSS, JavaScript, and libraries such as Blazy for lazy loading and WOW.js for animations. The site has basic mobile optimization and moderate performance but lacks advanced SEO and accessibility features. There is no evidence of modern frameworks or advanced hosting details. The WHOIS data shows inconsistencies, including a domain creation date in the future and minimal registrant information, which raises legitimacy concerns. From a security perspective, the website lacks critical security headers, DNSSEC is not enabled, and there is no visible HTTPS enforcement information. Privacy and cookie policies are absent, and no incident response or vulnerability disclosure information is provided. These gaps indicate a low security maturity level and potential compliance issues with data protection regulations such as GDPR. Overall, the website presents a functional but basic online presence for a niche diesel generator rental business. The main risks relate to domain legitimacy concerns and insufficient security and privacy practices. Strategic improvements in security posture, compliance documentation, and WHOIS transparency are recommended to enhance trust and reduce operational risks.

G

GH Imaging

ghimaging.com

55

GH Imaging is a medium-sized manufacturing company specializing in large format digital printing products such as custom decals, vehicle wraps, banners, and rigid prints. The company operates under the Graphics House family umbrella, with multiple related subsidiaries supporting various product lines. The website is professionally designed using WordPress with Elementor and OceanWP theme, providing a good user experience and clear navigation. Contact information including phone number and physical address is prominently displayed, supporting business credibility. However, the absence of WHOIS data raises concerns about domain registration legitimacy. The website uses HTTPS and includes anti-spam and tracking technologies but lacks explicit privacy and cookie policies, which impacts privacy compliance scores.

G

GDPR Register

gdprregister.eu

53

GDPR Register is a specialized technology company providing GDPR compliance software tools designed to streamline privacy management for organizations. The company offers a SaaS platform that supports data mapping, records of processing activities, data breach registers, contract lifecycle management, and reporting tools. Their market position is that of an established GDPR compliance software provider with a focus on privacy teams and Data Protection Officers, primarily serving clients in the EU and UK regions. The website demonstrates a mature digital presence with multilingual support and integration of modern marketing and analytics technologies. Technically, the website is built on WordPress using Elementor, with a modern tech stack including jQuery, FontAwesome, and Klaviyo for marketing automation. The site is well-optimized for SEO and mobile responsiveness, with good performance and accessibility features. Security posture is strong, with HTTPS enforced and multiple security headers present. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a publicly visible vulnerability disclosure policy and explicit incident response contact details. Overall, GDPR Register presents a professional, trustworthy, and secure online presence consistent with its business focus on data privacy compliance. The domain WHOIS data is privacy protected, which aligns with the nature of the business. The site integrates trusted client logos and provides comprehensive privacy and cookie policies, reinforcing its compliance credentials. Strategic recommendations include publishing a vulnerability disclosure policy, enhancing incident response transparency, and improving accessibility compliance to further strengthen trust and security posture.

Z

Zone Media OÜ

depile.ee

51

Depile.ee is an established Estonian e-commerce website specializing in beauty, health, and wellness products. The site offers a wide range of branded products including hair care, nail care, body care, massage items, and related accessories. The business targets both consumers and professionals in the beauty sector, primarily serving the Estonian market. The company behind the domain is Zone Media OÜ, with a domain age dating back to 2010, indicating a mature online presence. Technically, the website is built on Magento 2, leveraging modern web technologies such as RequireJS, jQuery, and FontAwesome. It integrates Google Analytics and Google Tag Manager for tracking and marketing purposes. The site demonstrates good mobile optimization and SEO practices, with a clear navigation structure and responsive design. Performance is moderate, with room for optimization. From a security perspective, the website enforces HTTPS and includes several security headers, contributing to a good security posture. Cookie consent is implemented with a detailed mechanism allowing users to manage preferences, which aligns with GDPR requirements. However, the absence of a publicly accessible privacy policy and terms of service pages represents a compliance gap. No critical vulnerabilities or exposed sensitive data were detected. Overall, Depile.ee presents a professional and trustworthy e-commerce platform with solid technical foundations and security practices. To enhance compliance and trust, it is recommended to publish comprehensive privacy and terms of service documents and improve accessibility features. Regular security audits and updates to third-party scripts will further strengthen the site's security posture.

T

The University of Alabama

ua.edu

66

The University of Alabama is a prominent public educational institution offering a broad spectrum of undergraduate and graduate programs. The website reflects a strong brand identity consistent with a major university, targeting prospective students, current students, faculty, staff, and alumni. The site provides comprehensive academic information, campus life resources, and news updates, supporting its role as a leading university in the region. Technically, the website is built on WordPress and leverages modern web technologies including Google Tag Manager, New Relic for performance monitoring, and various font and icon libraries. The site demonstrates excellent performance, mobile optimization, and accessibility features, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs monitoring tools, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. However, explicit security policies and incident response information are not publicly available, representing an area for improvement. Overall, the website is professional, trustworthy, and well-maintained, with minor gaps in security transparency. The domain WHOIS data is unavailable due to .edu domain restrictions but the site’s content and external references strongly affirm its legitimacy.

T

The Conversion Department

theconversiondepartment.nl

58

The Conversion Department is a Dutch marketing agency focused on enabling online growth for organizations with growth ambitions. Founded in 2018, the company positions itself as a strategic marketing partner, leveraging modern digital marketing techniques and SEO strategies to help clients achieve their marketing objectives. The website reflects a professional and consistent brand image, utilizing WordPress with popular plugins such as Yoast SEO and Elementor to deliver a good user experience and SEO optimization. The technical infrastructure is solid, hosted by a reputable registrar with DNSSEC enabled and HTTPS enforced, indicating a secure baseline. However, the site lacks explicit privacy, cookie, and terms of service policies, which are critical for GDPR compliance and user trust. No direct contact information such as emails or phone numbers were found in the provided content, which may hinder user engagement and trust. Security posture is good but could be enhanced by implementing additional security headers and publishing a security policy. Overall, the site is functional and professional but requires improvements in privacy compliance and security transparency to elevate trust and compliance standards.

P

PersonaliDisain

personalidisain.ee

44

PersonaliDisain is an Estonian-based small business specializing in strategic human resource consulting and development services. The company offers a range of HR-related services including consulting, system development, surveys, recruitment, training, and coaching. Their market position is that of a niche HR consulting partner serving organizations seeking to optimize their personnel management. The website is professionally designed using WordPress and Bootstrap, with good mobile optimization and clear navigation. The technical infrastructure includes modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and Leadfeeder, indicating a mature digital presence. Security posture is generally good with HTTPS enforced and use of reCAPTCHA on forms, though security headers could be improved. Privacy compliance is supported by a cookie consent mechanism and a privacy policy page, though no terms of service or security policy pages were found. Overall, the domain registration is consistent and legitimate, supporting the business credibility. Recommendations include enhancing security headers and reviewing third-party scripts to reduce risk.

A

A.J.Boggs & Company

ajboggs.com

73

A.J. Boggs & Company is a technology solutions provider specializing in healthcare, government, and public sector markets. Their offerings include managed hosting, eligibility management engines, search engine technology, and data interface solutions designed to improve operational efficiency and compliance. The company targets organizations requiring HIPAA-compliant and scalable technology services. The website reflects a medium-sized enterprise with a professional online presence and a focus on B2B services. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and HubSpot analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and performs adequately, though there is room for improvement in accessibility and security headers. The presence of a cookie consent mechanism and privacy policy shows awareness of privacy compliance, though GDPR compliance is not explicitly confirmed. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure. However, the lack of explicit security headers and incident response information suggests areas for enhancement. The absence of WHOIS registration data is a notable concern, potentially indicating privacy protection or recent domain registration, which slightly reduces trustworthiness. Overall, the website and business appear legitimate and professional, but improvements in transparency around security policies and domain registration details are recommended to strengthen trust and compliance.

L

Lindex Group Oyj

stockmanngroup.com

61

Lindex Group Oyj is a Finnish multinational retail company operating primarily in the fashion and department store sectors through its two main divisions: Lindex and Stockmann. Lindex is a leading Nordic fashion brand with a strong presence in 17 countries and online sales in 34 countries, focusing on women's and children's apparel, lingerie, and cosmetics. Stockmann operates quality department stores and e-commerce platforms in Finland and the Baltic countries. The company targets consumers seeking quality fashion and lifestyle products, leveraging a multichannel retail business model combining physical stores and digital commerce. The website reflects a professional corporate presence with comprehensive investor relations and sustainability information. Technically, the website is built on WordPress 6.8.1 with modern web technologies including jQuery and Google Tag Manager. It employs a cookie consent mechanism compliant with GDPR and integrates analytics tools such as Google Analytics and ContentSquare. The site is mobile-optimized and accessible, with good SEO practices. However, no explicit security headers were detected in the HTML source, which could be improved to enhance security posture. Security-wise, the site enforces HTTPS and uses cookie consent for privacy compliance. There is no visible security policy or incident response contact information published, which are areas for improvement. The absence of WHOIS registration data for the domain is a notable anomaly that raises questions about domain legitimacy, despite the professional appearance and content of the website. Overall, the website is well-designed and functional, supporting the company's business objectives effectively. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and verifying domain registration details to strengthen trust and compliance.

K

Kim Johansen International Transport A/S

kim-johansen.com

59

Kim Johansen International Transport A/S is a well-established European transportation company specializing in the delivery of time-sensitive goods. With over 45 years of experience, the company emphasizes efficient, secure, and environmentally responsible logistics solutions. Their market position is strong within the European transport sector, targeting businesses requiring reliable and precise delivery services. The website reflects a professional image with clear service offerings and contact information, supporting their credibility. Technically, the website employs modern JavaScript libraries such as jQuery, Bootstrap, and Revolution Slider, hosted on Microsoft Azure DNS infrastructure. The site is mobile-optimized and demonstrates good SEO practices. Cookie consent is managed via Cookiebot, indicating attention to privacy compliance. However, no explicit CMS or advanced frameworks are detected, and performance is moderate. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data. There is no public security policy or incident response information, which could be improved. The domain WHOIS data is consistent and supports legitimacy, with a long registration period and matching business claims. Overall, the website scores well in content quality, business credibility, and privacy compliance, with moderate technical and security posture scores. Strategic improvements in DNS security, security headers, and public security policies would enhance trust and resilience.

I

INTATI TOUR

iati.com

58

IATI is a well-established online travel platform primarily serving the Turkish market and selected international countries. Founded in 2003, it positions itself as Turkey's largest online travel platform, offering travel booking services and technology solutions. The website is professionally designed with consistent branding and clear navigation, targeting travelers and tourism industry stakeholders. The technical infrastructure leverages common web technologies such as jQuery, Bootstrap, and Google Tag Manager, hosted likely on AWS infrastructure. While the website uses HTTPS and has a long-standing domain, it lacks some advanced security features such as DNSSEC and security headers. Privacy compliance is partial, with a privacy policy and terms of service present but no cookie consent mechanism. Contact information is limited on the main page, which may impact user trust. Overall, the site demonstrates moderate digital maturity with room for security and privacy improvements.

P

Puratos

puratos.com

76

Puratos is a global enterprise specializing in the manufacturing and supply of bakery, patisserie, and chocolate ingredients. The company targets professional bakers, pastry chefs, and chocolatiers worldwide, offering a broad portfolio of products and innovation support. The website reflects a mature digital presence with multilingual support and a professional design consistent with its market position as a leader in the food ingredient manufacturing sector. Technically, the site uses advanced marketing and analytics tools such as Visual Website Optimizer and Google Tag Manager, hosted on a CMS platform likely Adobe Experience Manager, ensuring a modern and responsive user experience. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including GDPR adherence. The absence of WHOIS data for the domain is a notable anomaly that warrants further investigation but does not detract from the overall legitimacy of the business as presented on the site.

H

Huntloc

huntloc.com

57

Huntloc is a technology company specializing in real-time hunting tracking applications and GPS-GSM tracking devices for hunting dogs. Founded in 2013 and based in Estonia, the company targets hunters and hunting dog owners with a niche product offering that enhances hunting efficiency and safety. The website is built on WordPress with WooCommerce, leveraging modern web technologies such as Bootstrap and FontAwesome, and integrates extensive analytics and tracking tools to monitor user engagement. Security posture is adequate with HTTPS enabled and domain registration protections, but lacks explicit security headers and published security policies. Privacy compliance is partial, with cookie consent mechanisms in place but no visible privacy policy or terms of service. Overall, the site presents a professional and consistent brand image with moderate trustworthiness.

T

Työllisyysrahasto

tvr.fi

57

Työllisyysrahasto is a Finnish government-related entity focused on supporting employment transitions by financing unemployment security, adult education benefits, and related social security measures. The organization serves employees, employers, and adult learners, positioning itself as a key player in Finland's labor market support ecosystem. The website provides comprehensive information about its services, including unemployment insurance contributions and adult education support, with clear navigation and multilingual support for Finnish, Swedish, and English users. Technically, the site employs a modern stack including AngularJS, Bootstrap, and privacy-conscious analytics tools like Matomo and Cookiebot, ensuring good performance, accessibility, and SEO. Security posture is strong with HTTPS enforced and consent mechanisms in place, though explicit security policies and headers could be improved. The WHOIS data confirms the legitimacy and consistency of the domain with the organization's identity. Overall, the website is professional, trustworthy, and well-aligned with its public service mission.

D

DANA4D

pipfrog.com

52

The website www.pipfrog.com operates as an Indonesian online gambling platform branded as DANA4D, specializing in slot games and offering a QRIS-based deposit payment method. The site targets Indonesian users interested in convenient and secure online slot gaming. Technically, the site leverages the AMP framework for fast mobile performance and uses external content delivery networks for images and game hosting. However, the domain WHOIS data is unavailable, raising concerns about domain legitimacy and registration status. Security posture is weak due to missing security headers, malformed form URLs, and absence of privacy and cookie policies. Overall, the site presents basic content and functionality but lacks critical compliance and security features, which impacts trustworthiness and business credibility.

S

Saaremaa Golf & Country Club

saaregolf.ee

50

Saaremaa Golf & Country Club is a small hospitality business based in Estonia, specializing in golf tourism and resort services. The company offers a world-class golfing experience with well-maintained courses and resort amenities targeting golf enthusiasts and families. The website is professionally designed using WordPress with the Divi theme and incorporates modern SEO and analytics tools, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks some advanced security headers and explicit incident response information. Privacy compliance is weak due to missing privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the website is trustworthy and functional, supporting the business's market position as a regional golf resort.

E

eHost OÜ

aksohaus.ee

40

Investor.ee is a small Estonian educational website focused on providing practical advice and information about investing, portfolio management, risk management, and financial knowledge. The site targets individuals and organizations interested in growing their capital through various investment strategies. The business operates primarily as a content and informational platform, with a niche focus on the Estonian-speaking investment community. The domain is registered to eHost OÜ since 2019, consistent with the website's scope and scale. Technically, the website is built on WordPress using a modern theme and standard libraries such as Bootstrap, jQuery, and FontAwesome. It integrates Google Tag Manager for analytics and Google reCAPTCHA v3 for spam protection on forms. The site is hosted behind Cloudflare DNS and uses HTTPS, ensuring secure communication. Mobile optimization and SEO practices are good, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks explicit security headers like Content-Security-Policy and X-Frame-Options, and does not publish privacy or cookie policies, which are critical for GDPR compliance. No incident response or security policy information is available. External links are configured to open in new windows with noopener for security. Overall, the website is functional, professionally designed, and provides relevant content for its audience. The main risks relate to privacy compliance gaps and missing security headers. Strategic improvements in these areas would enhance trust and regulatory adherence.

S

Softwerk

softwerk.ee

43

Softwerk OÜ is an Estonian technology company specializing in custom business software solutions including business intelligence (BI), ERP implementations (notably Microsoft Dynamics 365), and web development using modern frameworks such as .NET and React. Established in 2012, Softwerk has positioned itself as a trusted partner for businesses in Estonia and Europe, offering tailored solutions that improve operational efficiency and data-driven decision making. The company emphasizes long-term client relationships and quality service delivery, supported by positive client testimonials and recognized partnerships such as Microsoft. Technically, the website is built on WordPress with WPBakery Page Builder, leveraging common web technologies like jQuery and FontAwesome, and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is solid with HTTPS enforced and secure form handling, but lacks advanced security headers and explicit security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, Softwerk demonstrates a mature digital presence with room for improvement in privacy and security transparency.

Nixor is a technology solutions provider specializing in retail and IT infrastructure services. Their offerings include sales systems, self-service solutions, POS hardware, payment solutions, electronic shelf labels, weighing systems, security technology, business software, and IT infrastructure. The website targets businesses seeking integrated technology solutions in Estonia and the surrounding region. The company presents itself as a medium-sized, established player in the technology sector with a professional online presence. Technically, the website is built on the Odoo CMS platform, utilizing modern frontend technologies such as Bootstrap and FontAwesome. The site is mobile-optimized and provides a multilingual experience with support for English, Estonian, Latvian, and Lithuanian. Performance is moderate, and SEO practices are adequately implemented. However, accessibility features are basic, and there is room for improvement in technical implementation. From a security perspective, the website lacks visible security headers and explicit security or privacy policies. There is no evidence of GDPR compliance mechanisms such as cookie consent banners or privacy policies. No incident response or vulnerability disclosure information is provided, which may impact trust and compliance. The absence of these elements suggests a need for enhanced security posture and privacy compliance. Overall, the website is functional and professional but requires improvements in privacy, security, and compliance transparency to strengthen trustworthiness and meet regulatory expectations. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and establishing clear incident response and vulnerability disclosure processes.

In Nomine OÜ is an established Estonian communication and public relations agency founded in 2001, offering effective communication and PR services primarily targeting businesses and organizations. The company positions itself as a creative and experienced agency with a strong local presence and a portfolio of successful projects. The website reflects a professional and consistent brand image with clear messaging in Estonian and English language support. Technically, the website is built on WordPress using modern frameworks and plugins, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies could be improved. Overall, the website demonstrates a trustworthy and credible business presence with room for enhanced security and compliance documentation.

K

Kernel

kernel.ua

69

Kernel is a leading agribusiness company based in Ukraine, recognized as the largest producer and exporter of grains and a global leader in sunflower oil exports. The company operates extensively in the Black Sea region and serves over 60 countries worldwide. Publicly traded on the Warsaw Stock Exchange since 2007, Kernel demonstrates strong market positioning and a robust business model focused on agricultural production and export. The website reflects a professional digital presence with comprehensive investor relations and sustainability information. Technically, the site is built on WordPress with modern web technologies, offering good performance and mobile optimization. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in security headers and incident response disclosures. Overall, the website is trustworthy, compliant with GDPR, and provides clear contact information and social media channels, supporting its credibility as a major agribusiness entity.

A

Advokaadibüroo GLIMSTEDT

glimstedt.ee

41

Advokaadibüroo GLIMSTEDT is a well-established full-service law firm with a strong focus on business law, serving clients primarily in the Baltics and Scandinavia. Founded in 1935, the firm offers a broad range of legal services including data protection, M&A, energy, real estate, tax, banking, and dispute resolution. The website reflects a professional and consistent brand image with clear navigation and regularly updated content, supporting its market position as a reputable legal services provider. Technically, the site is built on WordPress with modern libraries and integrates key analytics and marketing tools, ensuring a good digital maturity level. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and explicit security policies are missing. Overall, the site is trustworthy and well-maintained, with room for improvement in privacy policy transparency and incident response readiness.

V

Voxmate

voxmate.com

64

Voxmate is a technology company focused on delivering an all-in-one Android app designed specifically for blind and visually impaired users. Their product offers a gesture-based interface to access news, audiobooks, games, and communication tools, positioning them as an innovative player in the accessibility technology market. The company operates a subscription-based business model with free limited access and discounted early access paid plans. Their market position is that of an emerging, specialized provider with a clear target audience and strategic partnerships, notably with Sight and Sound Technology in the UK. Technically, the website is built using modern web technologies including Angular 13, FontAwesome, and integrates third-party services such as YouTube, Wistia, Facebook Pixel, and Google Tag Manager. Hosting and domain registration are managed via Amazon Registrar, indicating a reliable infrastructure. The site is mobile-optimized and accessible, with good SEO practices and a professional design. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks published security policies, incident response contacts, and security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy present but lacking comprehensive GDPR details. The absence of explicit contact information and security disclosures suggests areas for improvement. Overall, Voxmate presents a trustworthy and professional online presence with a solid business foundation and technical implementation. Strategic enhancements in security transparency, privacy compliance, and contact availability would strengthen their risk posture and user trust.

K

Keila Kool

keilakool.ee

41

Keila Kool is a well-established educational institution in Estonia with a history spanning over 300 years. The website serves as an information portal for students, parents, and staff, offering details about school operations, educational programs, news, and contact information. The institution positions itself as a key local school with a medium-sized presence and a focus on comprehensive education including adult learning and extracurricular activities. Technically, the website is built on WordPress with a modern tech stack including jQuery and FontAwesome, and it is hosted by Elkdata OÜ, an Estonian provider. The site is accessible, mobile-optimized, and uses HTTPS, ensuring secure connections. However, there are gaps in privacy compliance, notably the absence of privacy and cookie policies, which could pose regulatory risks. Security posture is generally good with no visible vulnerabilities, but the lack of security headers and incident response information suggests room for improvement. Overall, the website is professional and trustworthy, serving its educational mission effectively.

S

Shokkin Group International

shokkin.org

45

Shokkin Group International is a European network of youth organizations focused on supporting innovative development in youth work and education. Established in 2015 and registered in Estonia, it serves as a collaborative platform for small to medium NGOs to foster personal and civic growth among young people. The website is built on WordPress and employs common plugins such as Yoast SEO and Jetpack, hosted on HostGator servers. It features good SEO practices and a cookie consent mechanism compliant with EU regulations. Security posture is adequate with HTTPS enabled and domain protection measures, though lacks advanced security headers and published security policies. Contact information is limited to email addresses, with no phone or physical address provided. WHOIS data shows privacy protection consistent with the organization's profile and domain age aligns with business history. Overall, the site is professional and functional but could improve in privacy compliance and security transparency.

S

SA Kutsekoda

kutsekoda.ee

45

SA Kutsekoda operates as an impartial cooperation platform in Estonia, focusing on identifying current and future skill and occupational needs. It coordinates the development of vocational standards, organizes vocational examinations, and analyzes labor market and skill requirements. The organization serves as a central body in Estonia's vocational education and labor market ecosystem, targeting employers, employees, and educational institutions. The website is professionally designed, multilingual, and integrates modern web technologies including WordPress, Yoast SEO, and Smart Slider 3, reflecting a mature digital presence. Security posture is solid with HTTPS enforced, use of security plugins, and no evident vulnerabilities, though some security headers could be improved. Privacy compliance is good with visible cookie consent and privacy policy in Estonian. Overall, the site demonstrates high trustworthiness and professionalism appropriate for a government-related entity.

M

Meeskonnakoolitus ja Arendus OÜ

meeskonnakoolitus.ee

37

Meeskonnakoolitus ja Arendus OÜ is an Estonian company specializing in team training and organizational development services. Their offerings include multi-day team training, experiential learning, consulting, mentoring, and coaching aimed at improving cooperation, leadership, and communication within organizations. The company targets Estonian businesses seeking to enhance team dynamics and leadership skills. The website is built on Joomla CMS with Bootstrap and jQuery, featuring a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and CSRF tokens in forms, but the use of outdated JavaScript libraries and lack of security headers present moderate risks. Privacy and cookie policies are not found, indicating compliance gaps. Contact information and social media presence are clearly provided, supporting business credibility.

S

ScanMarine Estonia OÜ

scanmarine.ee

46

ScanMarine Estonia OÜ is a small Estonian company specializing in the sale and rental of sea containers along with comprehensive transport and logistics services including maritime, air, road, and rail transport. Established in 2012, the company targets both business and consumer markets within Estonia and the broader EU region. Their website reflects a professional and consistent brand presence with multilingual support and e-commerce capabilities. Technically, the site is built on WordPress with WooCommerce and integrates modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and PixelYourSite, all managed with GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. The domain registration is consistent and long-standing, supporting the legitimacy of the business. Overall, the website demonstrates good digital maturity, compliance, and trustworthiness.

S

SDDNL

sdd.nl

69

SDDNL is a specialized distributor of high-quality print finishing machinery and materials based in the Netherlands. The company offers a range of products including binders, laminators, cutters, creasers, and folders, targeting professional print finishing businesses. Their website reflects a strong market position with partnerships with well-known brands and a focus on quality and technical innovation. The digital infrastructure is built on WordPress with WooCommerce, enhanced by performance and GDPR compliance plugins, indicating a mature and professional online presence. Security posture is solid with HTTPS, security headers, and spam protection, though there is room for improvement in publishing dedicated security policies and incident response information. Overall, the website is well-designed, user-friendly, and compliant with privacy regulations, supporting the company’s credibility and trustworthiness in its niche market.

S

SSH - Master Planning, Infrastructure, Building Design and Construction Supervision.

sshic.com

43

SSH is a well-established international architecture and engineering consultancy firm with a strong presence across the GCC and Middle East & Africa regions. Founded in 1961, the company offers a comprehensive range of services including building design, construction supervision, infrastructure design, and master planning. The firm is recognized as a top player in its industry, ranked 95 globally by ENR in 2024 and among the top 10 fee-earning architects in the Middle East. Their target audience includes clients seeking high-quality architectural and engineering consultancy services in the MEA region. The website reflects a professional and consistent brand image with good content quality and clear navigation.

C

Clínica Dermaline

dermaline.es

48

Clínica Dermaline is a well-established medical aesthetic clinic based in Madrid, Spain, operating since 2008. The website presents a professional and comprehensive overview of their services, including laser treatments, varicose veins care, and facial and body aesthetic procedures. The clinic targets individuals seeking quality medical aesthetic solutions and has built a strong local reputation with over 10,000 patients and media presence. Technically, the site is built on WordPress using common plugins and libraries, with moderate performance and good mobile optimization. Security is generally good with HTTPS enforced and no exposed sensitive data, but there are areas for improvement such as updating outdated JavaScript libraries and implementing stronger security headers. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy or terms of service policies found. Overall, the site is trustworthy and professional but should address compliance and security best practices to enhance user trust and regulatory adherence.

S

SIROWA Group

sirowa.lv

68

SIROWA Group operates as a wholesale distributor specializing in cosmetics and beauty care products, positioning itself as an experienced regional player in this retail sector. The website reflects a medium-sized business with a focus on wholesale distribution of well-known brands in the health and beauty industry. The digital infrastructure is based on WordPress, enhanced with modern tools such as Brizy Builder and FontAwesome, and utilizes Cloudflare for DNS services. The site demonstrates good design quality, mobile responsiveness, and basic SEO optimization, supporting a positive user experience. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no accessible privacy or terms of service pages. Overall, the domain registration data supports legitimacy and transparency, with a long-established domain and no privacy protection masking registrant details.

S

SOL Group

solgroup.com

72

The SOL Group is a large Italian company specializing in the production, applied research, and marketing of technical and medical gases, home care services, biotechnologies, and renewable energy production. The company targets industrial clients, healthcare facilities, patients at home, and the biotechnology sector, positioning itself as a diversified and established player in the energy and healthcare industries. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the website is built on the Plone CMS platform, utilizing modern web technologies including Bootstrap, FontAwesome, and Cookiebot for privacy management. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Analytics are handled via Matomo, indicating a preference for privacy-conscious tracking. From a security perspective, the site enforces HTTPS, implements standard security headers, and provides a robust cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS registration data raises concerns about domain legitimacy, which should be investigated further. Overall, the SOL Group website demonstrates strong digital maturity and compliance with privacy regulations, but the domain registration inconsistency slightly impacts trustworthiness. Strategic recommendations include publishing explicit security policies, incident response contacts, and a security.txt file to enhance transparency and security posture.

D

DiaMedica Therapeutics, Inc.

diamedica.com

69

DiaMedica Therapeutics, Inc. is a clinical stage biopharmaceutical company focused on developing innovative synthetic protein therapies targeting serious vascular diseases such as preeclampsia and acute ischemic stroke. Their lead candidate, DM199, is a recombinant form of the KLK1 protein aimed at improving blood flow and reducing ischemia. The company maintains a professional online presence with investor relations content and Nasdaq stock information, positioning itself as a specialized healthcare innovator in a niche market. Technically, the website employs modern web technologies including Google Analytics, Cloudfront CDN, and responsive design, delivering a moderate to good user experience. Security posture is strong with HTTPS and some best practices, though lacking explicit security headers and incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies. The missing WHOIS data for the domain raises concerns about domain registration legitimacy, which should be further investigated. Overall, the website is professional and credible but would benefit from enhanced privacy disclosures and security transparency.

S

Snowhound

snowhound.eu

66

Snowhound is a technology company specializing in software development, consulting, and training services primarily targeting businesses and organizations. Their market position is that of a trusted software development partner focused on delivering quality solutions that simplify and optimize client operations. The company operates mainly in Estonia with offices in Tartu and Tallinn. The website presents a professional and consistent brand image with detailed case studies and client testimonials, indicating a strong business credibility. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder and Slider Revolution. It employs modern web technologies including lazy loading for images and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized and performs moderately well, though accessibility features are basic. Hosting details are not explicitly disclosed. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policies, incident response information, and security headers which are recommended best practices. Privacy compliance is partial, with a cookie consent banner present but no privacy policy or terms of service pages found, representing a compliance gap. Overall, the website is professional and trustworthy with good business and technical foundations. The main risks relate to privacy compliance and security policy transparency. Addressing these gaps would enhance trust and regulatory adherence.

E

Eastern Mediterranean University Cyprus

emu.edu.tr

60

Eastern Mediterranean University Cyprus is a prominent state university in North Cyprus offering a wide range of associate, undergraduate, and postgraduate degree programs. The institution holds a strong market position as the only state university in the region, supported by multiple accreditations, recognitions, and international rankings. The website reflects a comprehensive academic and administrative structure targeting prospective students, current students, alumni, and academic partners. The university emphasizes research, continuing education, and international exchange programs, indicating a mature and diverse educational business model. Technically, the website employs modern web technologies including Bootstrap, FontAwesome, Google Fonts, and integrates advanced analytics and marketing tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine understanding. Hosting and performance appear moderate, with no detected CMS but likely a custom or proprietary system. From a security perspective, the site enforces HTTPS with excellent SSL configuration and uses secure external scripts. However, it lacks visible security headers and explicit security or incident response policies. There is no cookie consent mechanism, which is a compliance gap given GDPR relevance. No vulnerabilities or exposed sensitive data were detected, indicating a generally strong security posture. Overall, the website is professional, trustworthy, and well-maintained, with minor improvements recommended in privacy compliance and security transparency to enhance user trust and regulatory adherence.

S

Seinäjoen ammattikorkeakoulu SEAMK

seamk.fi

64

Seinäjoen ammattikorkeakoulu SEAMK is a Finnish higher education institution offering a broad range of bachelor's and master's degree programs, as well as continuing education and open university studies. Positioned as a regional leader in education within South Ostrobothnia, SEAMK serves students, academic partners, and local businesses. The website reflects a mature digital presence with multilingual support and clear navigation, supporting its educational mission effectively. Technically, the site is built on WordPress with modern libraries and integrates comprehensive analytics and marketing tools, all managed with a strong cookie consent mechanism ensuring GDPR compliance. Security posture is robust with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are not published. Overall, the website is professional, trustworthy, and well-aligned with the institution's public educational role.

L

LVL UP OÜ

levelup.ee

45

LVL UP OÜ operates the website levelup.ee as a digital recruitment agency specializing in fast and efficient talent acquisition for Estonian businesses. The company leverages digital marketing, social media, and recruitment software to identify and attract candidates aligned with client needs. The website presents a professional and modern digital presence with clear branding and multimedia content to engage visitors. Technically, the site is built on WordPress with Elementor and Yoast SEO, supported by Cloudflare DNS and CDN services, ensuring good performance and SEO readiness. Security posture is solid with HTTPS and bot protection scripts, though explicit security headers are not fully evident. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Contact information is available primarily via email and contact forms, with social media integration enhancing trust. Overall, the site is credible and well-positioned in its niche but would benefit from enhanced privacy and security disclosures.

I

ITT Group

ittgroup.ee

46

ITT Group is a small Estonian company specializing in education-related innovative mechatronic products, training, and e-solution development, primarily targeting educational institutions in Estonia, Scandinavia, and Europe. With over 20 years of experience, the company has evolved to include consulting and development services in autonomous systems, collaborating with European and US higher-education institutions. The website is built on Joomla CMS, featuring a consistent and professional design with moderate performance and good mobile optimization. However, it lacks critical compliance documentation such as privacy and cookie policies, and no contact information is provided, which impacts trust and compliance perception. Security posture is basic with HTTPS enabled but missing advanced security headers and incident response details. Overall, the site is functional and informative but requires improvements in compliance and security transparency to enhance trustworthiness and regulatory adherence.

C

CCP Games

ccpgames.com

75

CCP Games is a well-established interactive entertainment company founded in 1997 in Reykjavik, Iceland, best known for its flagship product EVE Online. The company positions itself as an innovative leader in the gaming industry with a focus on immersive online experiences. The website reflects a professional digital presence with modern technologies such as Google Tag Manager, Cookiebot for privacy compliance, and Bootstrap for responsive design. The site is well-optimized for SEO and mobile devices, providing a good user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit security or incident response policies are published. The absence of WHOIS data for the domain is a notable concern, as it raises questions about domain registration legitimacy despite the professional appearance of the site. Overall, CCP Games demonstrates a mature digital infrastructure but should address transparency in domain registration and enhance security disclosures to improve trust and compliance.

D

DPD

dpd.ee

71

DPD Estonia operates as a key parcel delivery service provider within Estonia and across Europe, under the larger Geopost group umbrella. The company offers comprehensive parcel sending, receiving, and tracking services tailored for both business and private customers. Their digital presence is well-established with a modern WordPress-based website featuring multilingual support and customer self-service portals such as myDPD. The website demonstrates good technical maturity with responsive design, modern frameworks, and integration of marketing and analytics tools. Security posture is solid with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly disclosed. The absence of WHOIS data for the main domain suggests privacy protection or proxy usage, which slightly impacts transparency but is common for large enterprises. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

B

BeCommerce

becomsummit.digital

51

Becom Summit is a professionally managed event platform organized by BeCommerce, the Belgian e-business federation, targeting the Belgian e-commerce sector. The website effectively communicates event details, past editions, and upcoming dates, positioning itself as a leading e-commerce event in Belgium. The technical infrastructure is based on WordPress with modern plugins and multilingual support, indicating a mature digital presence. Security posture is adequate with HTTPS and domain transfer protection, though improvements like DNSSEC and security headers are recommended. Privacy compliance is well addressed with visible policies and consent mechanisms. Overall, the website presents a trustworthy and credible business front with clear contact information and legal disclosures.

We Educación Ejecutiva SAC. is a Peruvian-based education company specializing in executive education, offering a variety of programs including online courses, specializations, diplomados, memberships, and live events targeting professionals and executives in Latin America. The company positions itself as a leader in LATAM executive education with practical methodologies designed by industry leaders. The website is built on the Odoo CMS platform, leveraging modern web technologies such as Bootstrap 5, Swiper.js, and integrates payment SDKs like MercadoPago and Culqi, hosted on AWS infrastructure. The site demonstrates good design quality, mobile optimization, and clear navigation, supporting a positive user experience. Security posture is adequate with HTTPS enabled and domain registration protections, though it lacks DNSSEC and explicit security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy, with room for improvement in privacy and security best practices.

T

Tutor

tutor.cz

58

Tutor.cz is a Czech education services provider specializing in preparatory courses for secondary school entrance exams, maturita (high school graduation), university entrance, and language learning. The company offers a broad portfolio of services including online and in-person courses, language camps, and individual tutoring, targeting students across multiple cities in the Czech Republic. The website reflects a professional and consistent brand presence with good content quality and clear navigation tailored to its audience. Technically, the site is built on WordPress with Elementor and integrates modern analytics and marketing tools such as Google Tag Manager and Microsoft Clarity. Security posture is adequate with HTTPS enforced and use of reCAPTCHA, though some security headers are not explicitly detected. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy policy page found. The absence of WHOIS data limits domain trust assessment, but the website's professional presentation and active social media presence support its legitimacy. Strategic recommendations include improving privacy disclosures, enhancing security headers, and verifying domain registration details to strengthen trust and compliance.

W

WocaBee, s.r.o.

wocabee.app

49

WocaBee, s.r.o. operates an innovative online vocabulary learning application targeting schools and students primarily in Europe. Founded in 2018, the company offers a subscription-based SaaS platform with gamified learning, pronunciation assessment, and teacher-student management features. The website is well-designed, mobile-optimized, and provides comprehensive content including user testimonials and detailed business information. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and ResponsiveVoice.js, ensuring a responsive and interactive user experience. Security posture is moderate with HTTPS implied and CAPTCHA on forms, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no dedicated privacy policy page found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

T

Trustprofile B.V.

trustprofile.io

68

Trustprofile B.V. operates an online platform dedicated to verifying the trustworthiness of e-commerce stores, providing consumers with ratings, reviews, and scam prevention guidance. The company targets online shoppers seeking reliable information to avoid fraudulent vendors. The website demonstrates a mature digital presence with a modern tech stack including Vue.js and Tailwind CSS, delivering a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and comprehensive security headers, though some privacy compliance aspects like cookie consent could be improved. The absence of WHOIS registration data raises concerns about domain legitimacy, which should be addressed to enhance trust. Overall, the platform is professional and trustworthy from a content and technical perspective but would benefit from improved domain registration transparency and privacy compliance enhancements.

B

BeCommerce

safeshops.be

59

Becom is a Belgian e-commerce federation established in 2023, dedicated to supporting and certifying webshops and online businesses in Belgium. The organization offers a range of services including the Becom Trustmark certification, security scans, educational events, research labs, and advocacy to help members grow and comply with regulations. The website is professionally designed, multilingual, and integrates modern web technologies such as WordPress, WPBakery, and Google Tag Manager. Security posture is solid with HTTPS and reCAPTCHA usage, though improvements like DNSSEC and security headers are recommended. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, Becom presents a trustworthy and authoritative presence in the Belgian e-commerce sector.

D

DirectLease

directlease.be

67

DirectLease is a well-established online auto lease provider founded in 2003, operating primarily in Belgium with subsidiaries in the Netherlands and Germany. The company offers a comprehensive range of leasing services including business leasing, private leasing, electric vehicle leasing, and flexible monthly contracts. Their market position is strong, supported by a parent company, International Car Lease Holding, and a consistent brand presence across multiple languages. The website is professionally designed with good content quality, clear navigation, and mobile optimization. Technically, it leverages modern frameworks like Vue.js, integrates Algolia for search, and uses trusted third-party services such as Cookiebot for consent management and Trustpilot for customer reviews. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and a dedicated security policy page are absent. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the site demonstrates high business credibility and trustworthiness, with clear contact information and transparent business practices.