Security Directory

The website www.informationsportal.de is an official information portal operated by ITSG GmbH, providing comprehensive guidance to employers in Germany about their social security reporting obligations. It serves as a government-related resource offering question-answer catalogs, glossaries, brief profiles, and a document library to assist employers in compliance. The portal targets German employers and is positioned as a niche authoritative source in the social security domain. Technically, the site is built on WordPress with modern plugins such as Yoast SEO Premium and Borlabs Cookie for privacy compliance. It uses Matomo for analytics, ensuring user data is anonymized and GDPR compliant. The site is well-structured, mobile-optimized, and employs HTTPS with appropriate security headers, although some advanced headers could be added for enhanced security. No direct contact emails or phone numbers are published; contact is primarily via a form. No explicit security or incident response policies are published, which could be improved. Overall, the site demonstrates a good security posture, strong privacy compliance, and professional content quality, making it a trustworthy resource for its audience.

H

Die Haushaltsjob-Börse der Minijob-Zentrale - Startseite

haushaltsjob-boerse.de

56

The website Haushaltsjob-Boerse.de serves as a specialized job listing platform connecting household helpers and employers in Germany, operating under the auspices of the Minijob-Zentrale. It offers free job postings for household help, targeting a niche market within the German employment sector. The platform's market position is that of a focused, medium-sized service provider facilitating private household employment opportunities. Technically, the site leverages modern web technologies including the Ionic framework and Angular, with analytics powered by Matomo and consent management via Usercentrics, indicating a moderate level of digital maturity and compliance with cookie regulations. Security-wise, the site employs HTTPS and basic privacy controls but lacks published privacy policies, terms of service, and explicit security or incident response documentation, which are areas for improvement. Overall, the site is functional, professionally designed, and trustworthy within its niche, but could enhance its compliance and security posture to better align with best practices.

C

Christof Brand GmbH

christof-brand.de

54

Christof Brand GmbH is a medium-sized German company specializing in construction services including demolition, earthworks, machine rental, and recycling. The company positions itself as a reliable partner with a modern machinery fleet equipped with GPS and laser technology, targeting both private and commercial clients in the construction sector. Their website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on Joomla CMS with Bootstrap and uses Matomo analytics, indicating a moderate level of digital maturity and privacy awareness. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and explicit incident response policies. Overall, the website is accessible, well-structured, and trustworthy, though improvements in security policies and WHOIS transparency could enhance credibility further.

A

axilaris GmbH

axilaris.de

68

axilaris GmbH is a German IT service provider specializing in premium, tailored IT infrastructure, software development, and IT security services primarily targeting medium-sized enterprises (Mittelstand) in Germany. The company emphasizes secure, scalable, and user-friendly IT solutions, supported by a regional data center in Chemnitz certified under ISO 27001. Their website reflects a professional and consistent brand image, showcasing key services, customer testimonials, and active recruitment, indicating a stable market presence. Technically, the site uses modern web technologies including Contao CMS, Matomo analytics, and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is strong with ISO certification and HTTPS usage, though explicit security headers and vulnerability disclosure mechanisms are absent. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

B

Bistum Mainz

bistummainz.de

62

Bistum Mainz is a large non-profit Catholic diocese based in Germany, providing a wide range of religious, social, educational, and community services. The website serves as a comprehensive portal for parishioners and the general public, offering news, event information, pastoral resources, and social initiatives. It targets members of the Catholic community and residents within the diocese's region. Technically, the site is built on the Alkacon Mercury CMS platform, with a modern tech stack including responsive design, accessibility features, and privacy-conscious analytics via Matomo. The site is well-structured, professionally designed, and optimized for mobile and accessibility standards. Security posture is good with HTTPS enforced and cookie consent implemented, though security headers and explicit security policies are not visibly present. WHOIS data and domain registration details align well with the organization's identity, supporting legitimacy and trustworthiness. Overall, the site demonstrates a mature digital presence suitable for a large religious non-profit organization.

T

Tregler Paliva

tregler-paliva.cz

49

Tregler Paliva is a small, established business specializing in the purchase, processing, and sale of quality firewood primarily serving the Czech Republic and Austria. Founded in 1991, the company has a strong regional presence and targets both consumer and business customers seeking firewood products. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern JavaScript frameworks, Laravel Nova for administration, and integrates multiple analytics and tracking tools including Matomo, Google Tag Manager, Facebook Pixel, and Smartlook. The hosting and domain registration are consistent with the business location and claims, enhancing trustworthiness. Security posture is adequate with HTTPS enabled and secure admin routes, but lacks some security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies despite cookie consent mechanisms. Overall, the site is functional and trustworthy but would benefit from improved privacy transparency and security best practices.

G

Gemeinsamer Bundesausschuss

g-ba.de

58

The Gemeinsamer Bundesausschuss (G-BA) is a central German government institution responsible for regulating healthcare services and ensuring quality in the healthcare system. The website serves as the official portal for disseminating information about the G-BA's work, including guidelines, decisions, public meetings, and innovations in healthcare. It targets healthcare professionals, policymakers, patients, and the general public interested in healthcare regulation in Germany. The site is well-branded, professionally designed, and provides comprehensive content relevant to its mission. Technically, the website employs modern web technologies including Matomo for privacy-conscious analytics, deferred JavaScript loading, and SVG graphics for branding. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. Hosting appears stable and professional, with no signs of blocking or WAF interference. From a security perspective, the site uses HTTPS with strong SSL configuration and respects user privacy by disabling cookies in analytics and honoring Do Not Track signals. However, it lacks explicit security headers and does not publicly disclose security policies or incident response procedures. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong regarding the privacy policy, but cookie consent mechanisms are absent. Overall, the G-BA website is a trustworthy, authoritative source with high content quality and professional presentation. It demonstrates a solid security posture with room for improvement in transparency and security header implementation. The domain registration data aligns well with the website's purpose, reinforcing legitimacy. Strategic recommendations include enhancing security headers, adding cookie consent, and publishing security and vulnerability disclosure policies.

M

Martinushaus Aschaffenburg

martinushaus.de

52

Martinushaus Aschaffenburg is a non-profit community and educational center located in the heart of Aschaffenburg, Germany. It operates under the Diocese of Würzburg and offers a variety of services including community meeting spaces, educational programs, and event venue rentals. The website reflects a well-established regional institution with a clear mission to provide open doors and hearts to visitors. The business model focuses on community engagement and educational offerings supported by the church diocese. Technically, the website is built on Joomla CMS with a Yootheme template and leverages modern frameworks such as UIkit and jQuery. It integrates Matomo analytics for user tracking and Usercentrics for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and performs moderately well. Hosting appears to be via GoDaddy, indicated by the domain's nameservers. From a security perspective, the site enforces HTTPS and includes CSRF tokens in scripts, indicating good security hygiene. However, it lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong with clear privacy and cookie policies. Overall, the website is professional, trustworthy, and well-aligned with its non-profit mission. Recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture and trust.

J

Jugendhaus St. Kilian

jugendhaus-st-kilian.de

49

Jugendhaus St. Kilian is a non-profit youth and educational center located in Miltenberg, Germany, affiliated with the Diocese of Würzburg. The organization provides accommodation, conference facilities, catering, and educational programs primarily targeting school classes, families, and youth groups. The website is professionally designed using Joomla CMS with modern frameworks such as Bootstrap and UIkit, and integrates privacy-compliant tools like Usercentrics for consent management and Matomo for analytics. Contact information and legal disclosures are clearly presented, enhancing trust and transparency. The domain registration and DNS setup are consistent with the organization's regional and operational profile, indicating legitimacy and stability. Technically, the website employs a modern tech stack and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism in place. No incident response or security policy pages were found, suggesting an area for improvement. Overall, the website presents a trustworthy and professional digital presence for a regional non-profit organization focused on youth services and education. The risk profile is low, with no indications of malicious activity or content safety concerns.

H

Haus Volkersberg - KdÖR Diözese Würzburg

volkersberg.de

51

Haus Volkersberg is a well-established educational and hospitality institution located in Germany, offering youth education, adult learning, and conference facilities. It operates under the Diocese of Würzburg and serves a broad audience including youth groups, adults, and families. The website reflects a mature organization with comprehensive content, clear navigation, and professional design. Technically, it is built on Joomla CMS with modern UI frameworks and privacy-conscious analytics. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. WHOIS data is limited but consistent with the institution's profile. Overall, the site is trustworthy and compliant with GDPR requirements.

B

Burkardushaus Würzburg

burkardushaus.de

51

Burkardushaus Würzburg is a well-established, church-affiliated conference and event center located in the historic city center of Würzburg, Germany. The website presents a professional and comprehensive overview of their services, including conference rooms, guest accommodations, and event hosting. The business targets educational providers, companies, and church institutions, emphasizing hospitality, service, and sustainability. The site is built on Joomla CMS with modern UIkit framework and integrates privacy-conscious analytics and consent management tools.

I

Internetagentur dd-media.de

kalirevier.net

50

kalirevier.net is a regional online portal dedicated to promoting local businesses, shops, and services within the Kalirevier mining region in central Germany. The platform offers categorized listings including delivery and pickup services, online shops, and regional information, targeting residents and visitors interested in local commerce. The site is operated and sponsored by Internetagentur dd-media.de, a local internet agency, indicating a small but focused business model with a community-centric approach. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and Owl Carousel, with Matomo analytics and Usercentrics consent management ensuring GDPR compliance. The site is served over HTTPS, providing a secure browsing experience. However, the WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration legitimacy and longevity. No direct company contact emails or phone numbers are published, though a contact form is available. Security policies and incident response information are not publicly disclosed, which could be improved to enhance trust. Overall, the website is professionally designed with good content quality and user experience, but the lack of WHOIS transparency and limited contact details slightly reduce business credibility.

I

Internetagentur dd-media.de

werratal-wetter.de

50

The website www.werratal-wetter.de serves as a regional weather data and information portal focused on the Kalirevier area in Germany. It provides current and historical weather data, local event information, and regional news links. The site is operated by Internetagentur dd-media.de, a small agency specializing in regional digital services. The business model centers on providing free weather data and regional content to residents and visitors, supported by related regional sites and a marketplace. Technically, the site uses a modern technology stack including Bootstrap, jQuery, and Matomo analytics, with good mobile optimization and basic accessibility features. Security posture is solid with HTTPS and cookie consent management, though it lacks advanced security headers and explicit incident response information. Privacy compliance is well addressed with GDPR-aligned policies and a Usercentrics consent mechanism. Overall, the site is professional, trustworthy, and well-branded for its niche regional audience.

I

Internetagentur dd-media.de

werratal-news.de

47

werratal-news.de is a regional news portal operated by Internetagentur dd-media.de, serving the Mittleres Werratal and Waldhessen regions in Germany. The site provides local news, event calendars, weather updates, and cultural information, positioning itself as a trusted source for residents and regional stakeholders. The business model focuses on digital regional news dissemination and community engagement through a well-structured website with categorized content and social media integration. Technically, the website employs a moderate technology stack including jQuery, Bootstrap, FontAwesome, and Matomo analytics, combined with a cookie consent manager compliant with GDPR. The site is mobile-optimized with good navigation and SEO practices, although some outdated libraries like jQuery 1.11.2 present potential security risks. Hosting details are not explicitly identified, but HTTPS is enforced with a good SSL configuration. From a security perspective, the site demonstrates good practices such as HTTPS, privacy-respecting analytics, and cookie consent mechanisms. However, it lacks advanced security headers like Content-Security-Policy and does not provide a security policy or vulnerability disclosure page. No critical vulnerabilities or exposed sensitive data were detected, but updating outdated libraries and enhancing security headers is recommended. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its regional audience effectively. Strategic improvements in security posture and transparency would further enhance its credibility and resilience.

U

unimess GmbH

anwaltskanzlei-marketing.de

42

The website represents unimess GmbH, a specialized marketing agency focused on legal professionals such as lawyers and tax advisors in Germany. Their services include internet presence creation, marketing consulting, print media, and office equipment for law firms. The company positions itself as an experienced niche player with a nationwide clientele. Technically, the website uses a modern frontend stack including Bootstrap, jQuery, and Matomo analytics configured for privacy by disabling cookies. The site is responsive and well-structured, providing a professional user experience. Security posture is moderate; while HTTPS is assumed, no explicit security headers or policies are visible, and no cookie consent mechanism is implemented despite analytics usage. WHOIS data aligns with the company branding, indicating legitimacy. Overall, the site is professional and trustworthy but could improve in security and privacy compliance aspects.

The website www.werbeagentur-juwelier.de represents unimess GmbH, a small specialized advertising agency focused on jewelers and jewelry manufacturers. The company offers services including internet agency solutions, marketing, and advertising tailored to this niche market. The website content is professional and consistent with the business focus, targeting German-speaking jewelers and related manufacturers. The technical infrastructure employs modern front-end libraries such as jQuery, Bootstrap, and Font Awesome, with Matomo analytics integrated for user tracking without cookies. The site is mobile optimized and provides a good user experience with clear navigation and design consistency. However, contact information is not explicitly visible on the main page, and no forms or social media links are present in the analyzed content.

U

unimess GmbH

jobs-ueberall.de

41

Jobs-ueberall.de is a German job listing portal operated by unimess GmbH, providing job offers from various clients across Germany. The site targets a broad audience seeking employment opportunities in multiple sectors. The platform offers a job finder search form and links to employer websites for detailed job information. The business model centers on aggregating and displaying client job offers to job seekers. Technically, the site uses a modern frontend stack including Bootstrap, jQuery, and Slick Carousel, with Matomo analytics configured to disable cookies, reflecting some privacy awareness. However, no cookie consent mechanism is present. Security posture is moderate with no detected security headers and unknown SSL configuration from provided data. WHOIS data aligns with the company branding and domain ownership, supporting legitimacy. Overall, the site is functional, professionally designed, and mobile optimized but could improve in privacy compliance and security best practices.

I

Industrie- und Handelskammer Bonn/Rhein-Sieg

ihk-bonn.de

50

The Industrie- und Handelskammer Bonn/Rhein-Sieg (IHK Bonn/Rhein-Sieg) is a regional chamber of commerce serving the Bonn and Rhein-Sieg economic region in Germany. It acts as a key institution supporting local businesses through consultation, training, certification, and advocacy services. The website reflects a well-established organization with a clear focus on business development, vocational training, and regional economic growth. The target audience includes companies, apprentices, founders, and members of the chamber. The business model is that of a public law institution representing commercial interests in the region.

D

DGNB GmbH

dgnb.de

57

DGNB GmbH is a well-established non-profit organization founded in 2007, recognized as Europe's largest network for sustainable building and the second largest worldwide. The organization offers a comprehensive certification system (DGNB Zertifizierung), educational programs through the DGNB Akademie, and a digital networking platform (myDGNB). Their market position is strong within the sustainability and construction sectors, supported by over 2,800 member organizations and more than 11,000 certified projects globally. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support.

O

OEMUS MEDIA AG

zwp-online.info

10

ZWP online is a professional German-language news portal focused on the dental industry, providing daily news, market information, product details, educational content including CME, and multimedia resources such as videos and podcasts. The site targets dental professionals, industry stakeholders, and students, positioning itself as a leading source of dental news in the German-speaking market. The business operates under OEMUS MEDIA AG, a known media company specializing in healthcare and dental sectors. Technically, the website employs a modern tech stack including jQuery, Font Awesome, Moment.js, Chart.js, JWPlayer, and integrates marketing and analytics tools like Sendinblue, Matomo, and PushOwl. The site is mobile-optimized with good SEO practices and a professional design, though some accessibility features are basic. Performance is moderate with room for improvement. Security posture is solid with HTTPS enforced, CSRF tokens present, and cookie consent mechanisms implemented. However, the absence of explicit security headers and lack of published security policies or incident response contacts are areas for enhancement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the site is trustworthy and professional, but the lack of publicly available WHOIS data and registrant information slightly reduces domain trustworthiness. Strategic recommendations include improving security headers, publishing security and incident response policies, and providing clearer contact information to enhance user trust and compliance.

S

Sozialverband Deutschland e.V.

diebessererente.de

54

Sozialverband Deutschland e.V. (SoVD) is a well-established German non-profit organization dedicated to social justice and strengthening the statutory pension system. The website focuses on educating the public about the benefits of the statutory pension, advocating for policy improvements, and providing social counseling services. It targets German residents, pensioners, and socially vulnerable groups. The organization positions itself as a trusted voice in social policy with a strong digital presence and comprehensive content offerings. Technically, the website is built on TYPO3 CMS, uses modern JavaScript libraries like jQuery, and integrates privacy-respecting tools such as Klaro for cookie consent and Matomo for analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses privacy-friendly embedded content, and implements cookie consent mechanisms. However, explicit security headers like Content-Security-Policy are not detected and could be improved. No critical vulnerabilities or exposed sensitive data were found. Overall, the website presents a low-risk profile with strong privacy compliance and professional content. Strategic improvements in security headers and explicit incident response policies could further enhance trust and resilience.

The Verband für Sicherheit in der Wirtschaft Hessen (VSW) is a professional association serving as a key interface between government security agencies and the private sector in Germany, particularly in Hessen. It provides a platform for information exchange, networking, and professional development through seminars, events, and an expert pool. The organization collaborates closely with federal and state security bodies, enhancing its credibility and influence in the security domain. The website reflects a mature digital presence built on TYPO3 CMS, featuring modern web technologies and a responsive design that caters well to its professional audience. Security-wise, the site enforces HTTPS, uses GDPR-compliant cookie consent mechanisms, and integrates Google reCAPTCHA to protect forms. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the site is trustworthy, well-maintained, and aligned with its business mission.

P

Projekt Pilgerheiligtum

pilgerheiligtum.de

50

Projekt Pilgerheiligtum is a well-established non-profit religious initiative based in Germany, focused on promoting the pilgrimage of the Mater Ter Admirabilis image within Christian communities. With over 25 years of history and a network of thousands of pilgrimage images, it serves as a spiritual and community-building platform. The website offers rich content, multilingual support, and various services including newsletters, online prayer sessions, and a shop for religious materials. Technically, the site is built on WordPress using Elementor and WooCommerce, with moderate performance and good mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Privacy compliance is strong, reflecting GDPR adherence. Overall, the site is professional, trustworthy, and well-positioned within its niche.

I

INTERVISTA AG

intervista-ag.de

49

INTERVISTA AG operates as a specialized provider of sales automation and digitalization software solutions primarily targeting the insurance and finance sectors in Germany. Their offerings include consulting, software development, and operational services designed to enhance sales efficiency and digital transformation for their clients. The company positions itself as a partner for businesses seeking to outperform competitors through innovative technology solutions. Technically, the website is built on WordPress with modern plugins and frameworks such as Beaver Builder and Yoast SEO, indicating a mature digital infrastructure. The presence of tracking and analytics tools like Matomo and Leadinfo suggests an active approach to user engagement and lead generation, although privacy compliance mechanisms are lacking. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and explicit policies. Overall, the website is professional and content-rich but would benefit from enhanced privacy and security disclosures to improve trust and compliance.

B

Bonn.digital

nachhaltigezukunft.camp

67

The website nachhaltigezukunft.camp represents the Barcamp Nachhaltige Zukunft, an open conference focused on sustainability actors in the Bonn-Rhein-Sieg region. It serves as a platform for knowledge exchange, networking, and community engagement among local initiatives, NGOs, businesses, and interested individuals. The event is supported by local government entities and economic development agencies, positioning it as a reputable regional sustainability forum. Technically, the site is built on WordPress 6.8.3 with a modern, responsive design and uses Matomo for privacy-conscious analytics. Security posture is moderate with HTTPS implied but lacking explicit security headers and cookie consent mechanisms. The WHOIS data is privacy-protected, which is typical for such event sites, and no suspicious patterns were detected. Overall, the site is professional, trustworthy, and well-aligned with its community-focused mission.

U

unimess GmbH

unimess.de

46

unimess GmbH is a small, established internet and advertising agency based in Ulm, Germany, with over 25 years of experience. The company specializes in internet presence creation, web design, CMS implementation, SEO, SEA, programming, online shops, app development, cloud solutions, and business consulting. Their market position is regional with a focus on delivering tailored digital marketing and technology solutions. Technically, the website employs modern front-end frameworks such as Bootstrap and jQuery, with additional libraries for animations and user experience enhancements. The use of Matomo analytics reflects a privacy-conscious approach. Security posture is moderate with no visible critical vulnerabilities, but lacks explicit security headers and published security policies. Privacy compliance is good with a comprehensive privacy policy but missing cookie consent mechanisms. Overall, the website is professional, well-branded, and trustworthy, though improvements in security transparency and compliance could enhance their posture.

K

Kassenärztliche Vereinigung Hessen

kvhessen.de

63

The Kassenärztliche Vereinigung Hessen (KVH) is a public law corporation responsible for ensuring medical care for statutory health insured persons in the German state of Hessen. The website serves as an information and service portal for its members, including contracted physicians and psychotherapists, medical students, and patients. It offers comprehensive resources such as billing applications, practice management support, continuing education, and patient services. The organization holds a strong regional market position as the official healthcare authority in Hessen. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and is hosted by Anexia. It features good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. The site uses Matomo for analytics with moderate user tracking and maintains GDPR compliance with clear privacy and cookie policies. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

B

BirdLife Norge

fuglevennen.no

61

Fuglevennen.no is a Norwegian non-profit website dedicated to birdwatching, nature education, and conservation. It is a collaborative effort primarily published by BirdLife Norge and supported by academic institutions such as the Naturmuseum og botanisk hage ved UiA and Skolelaboratoriet i realfag ved UiB. The site offers bird species information, community activities, a biannual magazine, and educational resources targeting nature enthusiasts and the general public interested in ornithology. The website is well-branded, content-rich, and maintains a consistent professional appearance aligned with its mission. Technically, the website uses a modern technology stack including jQuery, Bootstrap, Font Awesome, and Matomo analytics configured to disable cookies, reflecting a moderate level of digital maturity and privacy awareness. The site is mobile-optimized, accessible, and provides a good user experience with clear navigation and relevant content. However, there is no detected CMS or hosting provider information, and performance is moderate. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit privacy or security policies beyond a basic cookie policy. No forms appear to collect sensitive personal data except for login and question submission forms. The absence of WHOIS data for the domain is a notable concern, reducing the trustworthiness score, although the strong organizational affiliations mitigate this somewhat. There are no signs of vulnerabilities or malicious content. Overall, Fuglevennen.no presents a trustworthy and professional platform for birdwatching and nature education in Norway, but it would benefit from enhanced security headers, clearer privacy compliance measures, and verification of domain registration details to improve trust and compliance.

N

Netzwerk Digital

elkb-digital.de

63

Netzwerk Digital is a Bavarian digital transformation network focused on church and diaconal sectors, providing knowledge sharing, training, and collaboration services. The website is professionally designed, well-structured, and targets church professionals interested in digital tools and practices. Technically, it is built on WordPress with modern plugins for SEO, analytics, and GDPR compliance, hosted on infrastructure using GoDaddy name servers. Security posture is good with HTTPS and consent-based analytics, though some security headers could be improved. Overall, the site is trustworthy and compliant with privacy regulations, with clear contact points primarily via email and forms.

E

Evangelische Kirche in Deutschland (EKD)

fundus-medien.de

58

Fundus Medien is a cooperative image and media database operated by the Evangelische Kirche in Deutschland (EKD) and 15 regional churches. It provides free access to a large collection of images, graphics, and drawings for church and diaconal media and public relations work. The website targets church media professionals and volunteers, offering a user-friendly platform with registration and upload capabilities. Technically, the site is built on TYPO3 CMS, uses Cookiebot for GDPR-compliant cookie consent, and Matomo for privacy-respecting analytics. The site is well-structured, mobile-optimized, and professionally designed. Security practices include HTTPS enforcement and cookie consent blocking mechanisms, though some security headers could be improved. Overall, the site demonstrates a strong commitment to privacy and compliance, with clear contact information and trust signals from official church domains.

The website 'Ehrenamt Evangelisch Engagiert' serves as an informational and community platform supporting voluntary engagement within the Evangelical Lutheran Church in Bavaria. It provides news, resources, and coordination services for volunteers and church members, positioning itself as a niche non-profit entity focused on church-related volunteerism. The site is professionally designed with consistent branding and clear navigation, targeting German-speaking church volunteers and coordinators. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries such as Leaflet for maps and Matomo for privacy-conscious analytics. The site is mobile-optimized and performs moderately well, with basic accessibility features. Security posture is solid with HTTPS enforced and minimal cookies used, although security headers are not explicitly detected. Privacy compliance is good, with a clear cookie banner and privacy policy in German. No critical vulnerabilities or blocking mechanisms were detected. The WHOIS data aligns with the website's organizational claims, showing consistent domain registration and DNS management. Contact information is transparent and professional, including official church email and phone numbers. Social media presence is limited to Facebook. Overall, the website demonstrates a mature digital presence for a small non-profit church entity, with good security and privacy practices but room for improvement in security headers and incident response disclosures.

B

Bundesverband des Schornsteinfegerhandwerks

schornsteinfeger.de

65

The Bundesverband des Schornsteinfegerhandwerks is a German national trade association representing the chimney sweep industry. The website provides comprehensive information about the trade, including services, regulations, partner organizations, and regional contact points. It targets homeowners, industry professionals, and partners with a focus on safety, environmental protection, and energy efficiency. Technically, the site is built on Drupal 10 with modern frontend technologies and integrates Matomo analytics and YouTube video content with a cookie consent mechanism. Security posture is good with HTTPS and cookie management, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

A

ArtTermo | Kondensacyjne kotły pelletowe ÖkoFEN

kotlypellet.pl

37

The website kotlypellet.pl represents a small Polish business specializing in the distribution of automatic condensing pellet boilers by ÖkoFEN. The company, ArtTermo, positions itself as a key distributor in Poland for biomass heating solutions, targeting customers interested in eco-friendly heating technologies. The site is built on a modern WordPress infrastructure using Astra theme and Elementor, integrating analytics and marketing tools such as Matomo, Google Tag Manager, and Facebook Pixel. Cookie consent is managed via Cookiebot, indicating some level of GDPR compliance, although no explicit privacy or terms of service pages were found. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers, which are recommended for improvement. Overall, the website is professional and safe for general audiences but could enhance compliance and security transparency.

Q

queo valueTec

queo-valuetec.com

60

queo valueTec is a German technology company specializing in tailored software solutions aimed at sustainable value creation and business process optimization. The company positions itself as a trusted partner offering services from business analysis through solution architecture, software development, and application management. Their client portfolio includes notable organizations such as VW and Fraunhofer, supported by certifications like TISAX and CPRE, underscoring their commitment to quality and security. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, incorporating modern JavaScript libraries and analytics tools such as Matomo and Facebook Pixel. The site demonstrates good mobile optimization, SEO practices, and a professional design, reflecting a mature digital presence. Cookie consent mechanisms and GDPR-compliant privacy policies are implemented, indicating attention to privacy regulations. From a security perspective, the site enforces HTTPS and employs cookie consent but lacks visible security headers and explicit incident response or vulnerability disclosure information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data reduces transparency but does not detract significantly from the overall trustworthiness given the professional presentation and certifications. Overall, queo valueTec presents a credible and professional business with a solid technical foundation and reasonable security posture. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and compliance further.

U

ULMATEC GmbH

ulmatec.de

47

ULMATEC GmbH operates a professional website focused on modular extraction and filtration systems for industrial applications. The company positions itself as a specialized provider in the manufacturing sector, offering tailored solutions to business clients. The website is built on a modern WordPress CMS with Elementor page builder and includes multiple marketing and analytics integrations, indicating a mature digital presence. However, the WHOIS data for the domain www.ulmatec.com is missing or indicates the domain is not registered, which raises concerns about domain legitimacy despite the professional appearance of the site. Security posture is moderate with HTTPS enabled but lacks visible security headers and formal privacy or cookie policies. Overall, the website is safe and professional but would benefit from improved transparency and domain registration verification.

M

Menzel Metallchemie GmbH

menzel-metallchemie.de

45

Menzel Metallchemie GmbH is a German-based medium-sized company specializing in the development and manufacturing of minimum quantity cooling and lubrication technologies using biodegradable high-performance oils. Positioned as a pioneer and market leader, the company serves industrial manufacturers, particularly in metal and plastic processing sectors, offering products such as spray technology systems, cooling lubricants, safety cold bronzing systems, and technical cleaning solutions. The website reflects a professional and consistent brand image with comprehensive product information and multiple contact channels including GDPR-compliant forms. Technically, the website is built on Mae CMS and employs modern web technologies including HTML5, CSS, JavaScript, and jQuery, with Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized with good SEO practices, though some accessibility features are basic. Performance is moderate, with room for improvement in loading speed and security headers. From a security perspective, the site uses HTTPS with good SSL configuration and secure forms incorporating CSRF tokens and GDPR consent checkboxes. However, explicit security policies and incident response information are absent, and security headers are not detected. No vulnerabilities or suspicious content were found, indicating a generally sound security posture. Overall, the website is trustworthy and professional, with strong business credibility and compliance with privacy regulations. Recommendations include implementing cookie consent mechanisms, enhancing security headers, and publishing security and incident response policies to further strengthen trust and compliance.

Mobil Betriebskrankenkasse is a public health insurance provider based in Munich, Germany, operating as a Körperschaft des öffentlichen Rechts with self-administration. The website targets insured persons, offering services such as online processing of sick notes, sickness benefits, bonus programs, preventive health offers, and free health courses. The organization is a member of the BKK Landesverband Bayern, indicating its regional market position within Bavaria. The website presents a professional and consistent brand image with good content quality and accessibility features.

K

Kallinich Media GmbH & Co. KG

chemie-azubi.de

46

Chemie-Azubi.de is a specialized educational blog operated by Kallinich Media GmbH & Co. KG, focusing on apprenticeships and dual study programs in the German chemical industry. The platform provides comprehensive career guidance, company profiles, and chemistry knowledge targeted at students, apprentices, parents, and educators. It holds a niche position supported by chemical industry employers and associations, emphasizing practical career information and industry insights. Technically, the website is built on TYPO3 CMS with modern web technologies including Bootstrap and jQuery, hosted on Schlundtech infrastructure. It integrates privacy-compliant analytics (Matomo) and user consent management (Usercentrics), reflecting a mature digital infrastructure. Security posture is strong with HTTPS and consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for its audience and purpose.

M

MEHRWERT:PFLEGE

mehrwert-pflege.com

43

MEHRWERT:PFLEGE is a healthcare-focused non-profit initiative affiliated with the Verband der Ersatzkassen e. V. (vdek), providing free and comprehensive process consulting to promote employee health in hospitals, stationary and ambulatory care facilities. The website presents a professional and well-structured digital presence with clear navigation, multimedia content, and strong branding consistency. Technically, it is built on WordPress with the Avada theme and employs modern web technologies and SEO best practices. Security posture is good with HTTPS and cookie consent mechanisms, though some advanced security headers and incident response information are missing. The domain WHOIS data is unavailable, which raises some concerns about registration transparency but does not detract from the overall legitimacy suggested by the content and affiliations. Strategic recommendations include enhancing security headers, publishing incident response contacts, and verifying domain registration details.

K

Künstlersozialkasse

kuenstlersozialkasse.de

52

The Künstlersozialkasse website serves as the official online presence for the German statutory social insurance scheme for self-employed artists and publishers. It provides comprehensive information about the KSVG law, services, compliance, and contributions, targeting artists, publishers, and companies obligated to pay contributions. The site is positioned as a government-related entity under the parent organization Knappschaft-Bahn-See since 2025, offering key services such as insurance coverage, online forms, and up-to-date news. Technically, the website is built on TYPO3 CMS with Bootstrap and FontAwesome, ensuring a modern and responsive design. Cookie consent is managed via Cookiebot, and analytics are handled by Matomo, reflecting a privacy-conscious approach. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, though it lacks explicit terms of service and vulnerability disclosure mechanisms.

K

Knappschaft-Bahn-See

arbeitgeberversicherung.de

63

The website arbeitgeberversicherung.de represents the employer insurance services provided by Knappschaft-Bahn-See, a major German government-related insurance entity. It offers comprehensive insurance coverage for employers regarding employee sickness and maternity benefits through Umlageverfahren U1 and U2. The site targets employers in both commercial and private sectors, including those with Minijobbers and employees insured under the Knappschaft system. With over two million customers and a history dating back to 1969, it holds a strong market position in Germany's social insurance landscape. Technically, the website is built on the Government Site Builder CMS, leveraging modern JavaScript libraries, Matomo analytics, and Usercentrics for cookie consent management. The site is well-optimized for mobile and accessibility, with good SEO practices and a moderate performance profile. It uses HTTPS and encrypted form submissions, ensuring secure data handling. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and consent management but lacks explicit published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the website is professional, trustworthy, and well-aligned with its government insurance service mission. Strategic improvements could include publishing dedicated security and incident response information and enhancing security headers to further strengthen its security posture.

M

Minijob-Zentrale

minijob-zentrale.de

68

Minijob-Zentrale is the official German government portal dedicated to providing comprehensive information and administrative services related to Minijobs and minor employment in Germany. It serves as the central registration and reporting authority for such employment types, targeting both employers and employees. The website offers a broad range of services including registration, calculators, informational articles, newsletters, and a household job marketplace platform. The site is well-positioned as a trusted government resource with authoritative content and a strong market presence in the employment sector.

E

Evangelisch-lutherische Landeskirche Hannovers

landeskirche-hannovers.de

54

The Evangelisch-lutherische Landeskirche Hannovers website serves as the official digital presence of the regional Evangelical Lutheran Church in Hannover, Germany. It provides comprehensive information about church administration, community services, religious ceremonies, and social support programs. The site targets church members, affiliates, and the general public interested in the church's activities. The organization holds a significant position as a large non-profit religious entity within its region. Technically, the website employs modern web technologies including Font Awesome 7 for icons, Matomo for privacy-conscious analytics, and Turbo (Hotwire) for enhanced user experience. The site is mobile-optimized, accessible, and well-structured, reflecting a mature digital infrastructure. Performance is moderate with good SEO and accessibility practices. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and integrates security headers, contributing to a strong security posture. However, it lacks an explicit cookie consent mechanism and published security or incident response policies, which are areas for improvement to enhance compliance and transparency. Overall, the website is trustworthy, professionally maintained, and aligned with the organization's mission. Strategic recommendations include implementing cookie consent, publishing security policies, and adding vulnerability disclosure information to further strengthen compliance and user trust.

E

Evangelisch-Lutherische Kirche in Bayern (ELKB)

uebernachtungshaeuser-elkb.de

44

The website www.uebernachtungshaeuser-elkb.de serves as an informational portal for the Evangelisch-Lutherische Kirche in Bayern's network of group accommodations. It targets church groups, youth groups, families, and seminar attendees seeking lodging in scenic Bavarian locations. The site offers detailed descriptions of various types of houses, including self-catering and fully serviced options, and promotes community and spiritual experiences. Technically, the site is built on Drupal 10, uses Bootstrap for responsive design, and integrates Matomo analytics with privacy-conscious settings. The Klaro consent manager ensures GDPR-compliant cookie handling. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though explicit security headers and policies are absent. No contact emails or phone numbers are directly published, relying on a contact form instead. Overall, the site is professional, trustworthy, and well-suited for its non-profit church audience.

Q

queo

queo.de

58

queo is a German technology company founded in 2004 specializing in agency business and software development. With over 180 employees across six locations, it operates multiple group brands including queo valueTec, queonext, intolight, Procunia, Social Web macht Schule, and admoderate. The company targets business clients seeking integrated communication, technology, and software solutions. The website is professionally designed, well-structured, and optimized for mobile, reflecting a mature digital presence. The technical infrastructure is based on the Neos CMS and Flow PHP framework, utilizing modern JavaScript libraries and analytics tools such as Matomo and Facebook Pixel. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, alongside references to TISAX certification indicating adherence to automotive industry security standards. However, explicit security headers and incident response contacts are not evident, suggesting areas for improvement. Overall, queo presents a credible and trustworthy business with a good balance of technical sophistication and compliance.

B

BGF Koordinierungsstelle

bgf-koordinierungsstelle.de

53

The BGF Koordinierungsstelle website serves as a comprehensive advisory platform focused on workplace health promotion, primarily targeting small and medium enterprises in Germany. It offers free initial consultations and supports companies in implementing health promotion programs, leveraging expertise from statutory health insurance funds. The site is well-positioned as a government/non-profit entity with a clear mission to improve employee health and company productivity. Technically, the website is built on WordPress with Elementor and integrates modern accessibility and SEO practices. It uses Matomo analytics with user consent, ensuring privacy compliance. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious elements were detected. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

M

MAILINGWORK

mailingwork.de

57

MAILINGWORK is a professional email marketing software provider targeting medium to large enterprises primarily in Germany. The company offers personalized newsletter solutions, automated email campaigns, and multi-account management features, positioning itself as a comprehensive SaaS provider in the email marketing sector. The website is built on WordPress with the Avada theme, integrating modern marketing and analytics tools such as Google Tag Manager, Matomo, and Cookiebot for GDPR-compliant cookie management. The technical infrastructure reflects a mature digital presence with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are absent. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting the company's credibility in the market.

S

Stadt Heringen (Werra)

heringen.de

51

Stadt Heringen (Werra) is the official municipal government website serving the city of Heringen (Werra) in Germany. The site provides comprehensive information about city administration, local news, events, citizen services, and tourism. It targets residents, visitors, and local stakeholders, offering a broad range of public service information and resources. The website maintains a consistent and professional brand image aligned with its governmental role. Technically, the site employs a modern tech stack including Bootstrap for responsive design, jQuery, Font Awesome icons, and integrates Matomo analytics for privacy-conscious user tracking. It also uses Usercentrics for GDPR-compliant cookie consent management and EqualWeb for accessibility enhancements. The site is moderately performant and well-optimized for mobile devices, with good SEO and accessibility practices. From a security perspective, the website enforces HTTPS and uses a consent management platform to comply with privacy regulations. However, it lacks explicit HTTP security headers and does not publicly disclose a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be improved with additional headers and transparency. The website is safe for general audiences, containing no adult or questionable content. Contact information is clearly provided, including phone numbers and contact links. The domain WHOIS data aligns with the municipal nature of the site, showing consistent name servers and no privacy protection, supporting legitimacy. No WAF or blocking mechanisms interfere with content access. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

T

Tagungshäuser des Bistums Würzburg

tagungshaeuser.net

52

The website www.tagungshaeuser.net represents the Tagungshäuser des Bistums Würzburg, a network of conference and seminar houses affiliated with the Diocese of Würzburg in Germany. The organization provides venues for conferences, seminars, youth education, and events, targeting educational institutions, corporate clients, and youth groups. The site is professionally designed, content-rich, and well-structured, reflecting a medium-sized non-profit hospitality business with a strong regional presence. Technically, the site is built on Joomla CMS with Yootheme Pro and UIkit frameworks, incorporating modern JavaScript libraries and accessibility features. It uses Matomo for analytics and Usercentrics for GDPR-compliant cookie consent management. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, explicit security headers like Content-Security-Policy are not detected and could be improved. Privacy compliance is strong with clear privacy and cookie policies. Contact information is transparent and complete. Overall, the site is trustworthy and professional, though the WHOIS data is unavailable or not publicly accessible, which slightly reduces domain trustworthiness. No WAF or blocking mechanisms are detected, allowing full content access and analysis.