Security Directory

S

Saarioinen Oy

saarioinen.fi

60

Saarioinen Oy is a well-established Finnish food manufacturer specializing in popular ready meals and traditional Finnish foods. The company engages consumers through its website by offering product information, recipes, and a community platform. The website reflects a strong brand presence with consistent branding and multiple trust certifications such as Avainlippu and Sydänmerkki. The target audience primarily consists of Finnish consumers interested in convenient and traditional food products. Technically, the website is built on a modern stack including Vue.js and Episerver CMS, with integrations for Google Tag Manager and Cookiebot for analytics and consent management. The site is mobile-optimized and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting the company's market position as a leading Finnish food brand.

C

Chudovo

chudovo.com

60

Chudovo is a well-established software development company founded in 2004, offering a broad range of IT services including custom software development, dedicated development teams, application maintenance, and cloud development. The company targets businesses seeking scalable and innovative software solutions, leveraging AI and machine learning technologies to enhance delivery speed and quality. With multiple international offices and a strong portfolio of over 160 projects, Chudovo positions itself as a reliable partner in the technology sector. Technically, the website is built on WordPress with modern frameworks like Bootstrap and jQuery, optimized for mobile and SEO. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. The site uses standard plugins for forms and code highlighting, and implements lazy loading for images to improve load times. From a security perspective, the site enforces HTTPS and employs clientTransferProhibited domain status, but lacks DNSSEC and advanced security headers. Contact forms include CAPTCHA and an NDA option, enhancing data protection. However, no explicit security policy or incident response contacts are published, and no vulnerability disclosure mechanism is present. Overall, the website demonstrates a solid business and technical foundation with good content quality and user experience. Security posture is adequate but could be improved with additional headers and policies. Privacy compliance is basic, with cookie consent present but no dedicated privacy policy page detected. The domain WHOIS data aligns well with the business claims, supporting legitimacy and trustworthiness.

S

Sisustuskoda OÜ

sisustuskoda.ee

42

Sisustuskoda OÜ is a small Estonian company specializing in custom-made furniture, particularly kitchen furniture for residential customers. Established in 2014, the company positions itself as a provider of quality, durable, and design-focused furniture solutions. Their website reflects a professional and consistent brand image, targeting consumers seeking bespoke interior furnishings. The business operates primarily in the retail sector with a local market focus in Estonia. Technically, the website is built on WordPress using the Astra theme and WooCommerce for e-commerce capabilities. It integrates modern tools such as Google Tag Manager and Google reCAPTCHA to enhance functionality and security. The site is mobile-optimized and demonstrates good SEO practices through structured data and meta tags. Hosting appears to be managed by Zone Media OÜ, consistent with the domain's Estonian registration. From a security perspective, the site uses HTTPS and includes reCAPTCHA to protect forms, but lacks explicit security headers and published security or incident response policies. Privacy and cookie policies are absent, posing compliance risks under GDPR. No vulnerability disclosure or security contact information is provided, which could impact trust and incident handling readiness. Overall, the website is functional and credible for its business purpose but would benefit from enhanced privacy compliance, improved security headers, and transparent security policies to strengthen its security posture and regulatory adherence.

R

Recrur

recrur.com

55

Recrur is a recruitment software company offering an applicant tracking system designed to connect HR teams, hiring managers, and candidates to simplify and automate the hiring process. The website positions itself as a SaaS platform focused on enhancing recruitment efficiency and transparency. The company appears to be a small-sized technology business founded in 2016, with hosting on DigitalOcean and a WordPress CMS platform. The technical infrastructure includes modern analytics and marketing tools such as Google Analytics, Facebook Pixel, Microsoft Clarity, and MailerLite for email marketing. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the website is professional and functional but could improve transparency and security documentation to enhance trust and compliance.

P

Printlanti Oy

printlanti.fi

49

Printlanti Oy is a Finnish print management company specializing in print brokerage and production management services. With over 10 years of experience and a strong network across Finland and the Baltic region, they provide cost-effective print solutions to small and medium-sized enterprises. Their website reflects a professional and consistent brand image, targeting businesses seeking expert print management to optimize resources and reduce costs. Technically, the site is built on WordPress using the Enfold theme, incorporating modern web technologies and marketing tools such as Google Analytics and Survicate. Security posture is solid with HTTPS enabled and standard domain protections, though DNSSEC is not enabled and no explicit security policies or vulnerability disclosures are present. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the website is trustworthy and well-positioned in its niche, though improvements in privacy and security transparency are recommended.

W

Woodman

woodman.ee

41

Woodman is a medium-sized Estonian company specializing in the manufacturing and retail of designer furniture products. With over 16 years of professional service and sales in more than 20 countries, Woodman positions itself as a reliable and modern furniture producer collaborating with international designers. Their business model focuses on flexible production quantities and modern technologies to serve retailers and designers globally. The website reflects a professional brand image with good content quality and clear navigation, targeting furniture retailers and design professionals. Technically, the website is built on Joomla CMS and utilizes common web technologies such as jQuery, Google Analytics, Google reCAPTCHA, and bxSlider for interactive elements. The site is hosted by Radicenter OÜ, an Estonian hosting provider, and uses HTTPS with a valid SSL certificate, ensuring secure communication. Mobile optimization is good, though accessibility features are basic. SEO optimization is present but could be improved. From a security perspective, the site employs HTTPS and Google reCAPTCHA on its contact form, which are positive indicators. However, no security headers were detected, and there is no published privacy policy, cookie consent, or terms of service, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is available, indicating room for improvement in security transparency and readiness. Overall, the website is functional and professional but lacks critical privacy and security documentation. The domain registration is consistent with the business claims, enhancing trustworthiness. Strategic improvements in privacy compliance, security headers, and contact transparency would strengthen the site's security posture and user confidence.

R

random forest

randomforest.ee

50

Random Forest is a small Estonian IT consultancy and AI development agency founded in 2019, specializing in providing CTO-for-hire services, software development from UI/UX design to scalable backend systems, and AI/ML solutions. Their market position is that of a niche technology partner focused on solving real-life business problems with optimal technology stacks including React, Flutter, Node.js, and Python. The company emphasizes deep business understanding and scalable solutions. Technically, the website is built on Webflow, uses modern fonts and libraries, and is hosted with Cloudflare DNS and Webflow hosting. Performance and mobile optimization are good, though accessibility is basic. Security posture is solid with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is clearly provided with multiple channels and social media presence. Overall, the website is professional and trustworthy but can improve privacy and security transparency.

K

Kiviõli Keemiatööstus

keemiatoostus.ee

44

Kiviõli Keemiatööstus is an established Estonian company operating in the energy and chemical manufacturing sector. The website presents the company as a regional player focused on traditional energy and chemical production, targeting Estonian-speaking audiences with multilingual support for Russian and English. The business model centers on industrial manufacturing with a clear emphasis on energy and chemical products. The website content is professionally presented with good design quality and clear navigation, supporting a positive user experience. Technically, the website is built on WordPress with common plugins such as Yoast SEO and WPML for multilingual capabilities. It uses jQuery and Google Fonts, and the site is mobile optimized with moderate performance. SEO practices are well implemented, and accessibility is basic but present. The site is served over HTTPS with no detected blocking or WAF mechanisms, indicating a secure and accessible infrastructure. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks advanced security headers and does not provide explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the website's business claims, supporting domain legitimacy. Overall, the website demonstrates a solid digital presence with good privacy compliance and moderate security posture. Strategic improvements in security headers and incident response transparency would enhance trust and resilience. The site is suitable for its business purpose but could benefit from further security and compliance enhancements.

R

Reiven Solutions

reiven.eu

47

Reiven Solutions is a small Estonian technology service provider specializing in web-based software, custom IT solutions, hosting, and marketing services. The company targets businesses and organizations seeking tailored web development and IT support. Their website presents a professional and consistent brand image with a focus on quality solutions and client engagement through portfolio showcases and service descriptions. Technically, the site is built on WordPress using the Salient theme and WPBakery page builder, incorporating modern web technologies and responsive design. The use of Matomo analytics and Cookiebot indicates a moderate level of digital maturity with attention to user privacy preferences. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies are lacking. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy and security documentation to improve compliance and user trust.

V

Voxmate

voxmate.com

64

Voxmate is a technology company focused on delivering an all-in-one Android app designed specifically for blind and visually impaired users. Their product offers a gesture-based interface to access news, audiobooks, games, and communication tools, positioning them as an innovative player in the accessibility technology market. The company operates a subscription-based business model with free limited access and discounted early access paid plans. Their market position is that of an emerging, specialized provider with a clear target audience and strategic partnerships, notably with Sight and Sound Technology in the UK. Technically, the website is built using modern web technologies including Angular 13, FontAwesome, and integrates third-party services such as YouTube, Wistia, Facebook Pixel, and Google Tag Manager. Hosting and domain registration are managed via Amazon Registrar, indicating a reliable infrastructure. The site is mobile-optimized and accessible, with good SEO practices and a professional design. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks published security policies, incident response contacts, and security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy present but lacking comprehensive GDPR details. The absence of explicit contact information and security disclosures suggests areas for improvement. Overall, Voxmate presents a trustworthy and professional online presence with a solid business foundation and technical implementation. Strategic enhancements in security transparency, privacy compliance, and contact availability would strengthen their risk posture and user trust.

U

United Angels VC

unitedangels.vc

54

United Angels VC is an early-stage venture capital fund based in Estonia, with a portfolio of notable startups such as Bolt and Starship. The fund's investment period for United Angels Fund I has ended, and current investments are made under the Specialist VC Fund II brand. The website reflects a professional and consistent brand presence, with clear business information and legal disclosures. Technically, the site is built on the Voog CMS platform, utilizing modern web technologies and is mobile optimized. Security posture is generally good with HTTPS enabled and no visible vulnerabilities, though security headers are missing and privacy compliance is limited due to absence of privacy and cookie policies. Contact information is limited but includes a verified company email and physical address. Overall, the site is trustworthy and credible but could improve privacy and security transparency.

N

Nordkalk

nordkalk.com

56

Nordkalk is a leading limestone supplier in Northern Europe, providing essential raw materials and solutions for industries such as agriculture, environmental care, steel, pulp and paper, and construction. The company emphasizes sustainability and circular economy principles, aiming to reduce carbon footprint and maximize resource utilization. Owned by UK-based SigmaRoc PLC, Nordkalk operates multiple localized domains serving different European markets. The website is built on WordPress with modern technologies and demonstrates good SEO and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response information are lacking. The absence of WHOIS data for the domain www.nordkalk.com raises concerns about domain registration legitimacy, though the website content and branding appear professional and trustworthy. Contact information is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the site reflects a mature business with a strong sustainability focus but would benefit from enhanced transparency in domain registration and security policies.

E

E-riigi Akadeemia

ega.ee

38

The e-Governance Academy (eGA) is a well-established Estonian organization specializing in digital transformation and e-governance advisory services. With over 20 years of experience and engagement in 145 countries, eGA positions itself as a center of excellence for governments and public administrations seeking to enhance prosperity and openness through digital means. The website reflects a professional and comprehensive digital presence, featuring rich content including conferences, podcasts, and insights relevant to its target audience. Technically, the site is built on WordPress with modern performance optimizations and uses Google Tag Manager and CookieYes for analytics and consent management. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security best practices like DNSSEC and security headers could be improved. Privacy compliance is partial, with a cookie consent mechanism but no explicit privacy policy or terms of service pages detected. Overall, the domain registration data aligns well with the business claims, supporting high legitimacy and trustworthiness.

1

1Home

1home.eu

41

1Home is a regional student housing provider focusing on accommodation for international students and interns in Baltic states and Poland. The company offers freshly renovated shared apartments with services such as weekly housekeeping, fixed utilities, and high-speed Wi-Fi. The website is built on WordPress with WooCommerce and Elementor, indicating a moderate level of digital maturity. It integrates common analytics and marketing tools like Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS enforced and reCAPTCHA on forms, but lacks comprehensive security headers and explicit GDPR cookie consent mechanisms. Overall, the website presents a professional and trustworthy image but could improve privacy compliance and security best practices.

S

SDDNL

sdd.nl

69

SDDNL is a specialized distributor of high-quality print finishing machinery and materials based in the Netherlands. The company offers a range of products including binders, laminators, cutters, creasers, and folders, targeting professional print finishing businesses. Their website reflects a strong market position with partnerships with well-known brands and a focus on quality and technical innovation. The digital infrastructure is built on WordPress with WooCommerce, enhanced by performance and GDPR compliance plugins, indicating a mature and professional online presence. Security posture is solid with HTTPS, security headers, and spam protection, though there is room for improvement in publishing dedicated security policies and incident response information. Overall, the website is well-designed, user-friendly, and compliant with privacy regulations, supporting the company’s credibility and trustworthiness in its niche market.

A

APTEK

aptek.ee

41

APTEK is a small hospitality business operating as a cocktail and shot bar located in Pärnu, Estonia. The website presents a well-structured digital presence with event promotions, a cocktail menu, and club membership offerings targeting adults interested in nightlife. The business appears established with a domain age of over 12 years, consistent WHOIS data, and active social media engagement. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Owl Carousel, providing a moderate performance and good mobile optimization. However, the site lacks critical privacy and cookie policies, and the contact form is disabled, which limits user interaction and compliance with data protection regulations. Security headers are not evident, and while HTTPS is used, further security hardening is recommended. Overall, the website is functional and professional but requires improvements in privacy compliance and security best practices.

H

Heidi Park Kondiiter

kondiiter.ee

44

Heidi Park Kondiiter is a small Estonian bakery business operating since 2010, specializing in retail and custom cakes including gluten-free options. The website is built on WordPress with WooCommerce, providing an e-commerce platform and rich content including product descriptions and Instagram integration. The business has announced permanent closure effective June 13, 2025. Technically, the site uses modern web technologies and maintains good SSL security, but lacks explicit privacy and security policies. Contact information is clearly presented, enhancing business credibility. Security posture is adequate but could be improved with additional headers and published policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

S

SkyfrontVR

skyfrontvr.com

57

SkyfrontVR is a niche multiplayer VR FPS game focused on zero-gravity battle arenas, targeting VR gaming enthusiasts. The website serves primarily as a promotional and informational platform with links to Steam for game purchase and social media for community engagement. Technically, the site is built on WordPress with common plugins like Yoast SEO and Elementor, and integrates marketing tools such as Google Analytics and Facebook Pixel. The site is accessible over HTTPS with no visible SSL issues but lacks advanced security headers and privacy compliance features. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts trustworthiness despite the professional presentation and active social media presence. Overall, the site demonstrates moderate digital maturity but requires improvements in privacy, security policies, and domain registration transparency.

D

Datel

datel.info

62

Datel is a well-established UK-based Sage business partner specializing in delivering Sage software solutions such as Sage Intacct, Sage 200, and Sage X3, along with private cloud hosting and customer support services. The company positions itself as a leading Sage partner with over 40 years of experience, targeting UK businesses seeking scalable financial and ERP solutions. The website is professionally designed using HubSpot CMS and integrates modern technologies including Google Analytics 4 and Google Tag Manager for marketing and analytics purposes. Security posture is adequate with HTTPS enabled and domain registration protections in place, though improvements are recommended in DNSSEC implementation and security headers. Privacy compliance is basic, with no explicit privacy or cookie policies found, but consent mechanisms for analytics are present. Overall, the website reflects a credible and professional business presence with room for enhanced transparency and security documentation.

I

IPF Digital

ipfdigital.com

54

IPF Digital is a credit solutions provider established in 2015, offering fast, flexible, and user-friendly credit services. The website targets businesses and consumers seeking credit solutions, positioning itself as a niche player in the finance sector. The company appears to be small in size with consistent branding and a professional online presence. The website is built using modern technologies such as Vue.js and integrates Google Analytics for user tracking. Hosting is managed via EuroDNS S.A., with domain registration consistent with the company's founding date. Security posture is moderate with HTTPS enabled and domain status clientTransferProhibited, but lacks DNSSEC and security headers. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy policy or terms of service. Contact is available only through a web form, with no direct emails or phone numbers found. Overall, the website is functional and professional but could improve in privacy and security transparency.

The website merxu.com is currently inaccessible, displaying a technical break page with minimal content and no functional business or security information. The domain is registered since 2019 with a reputable registrar and uses Google Cloud DNS servers, indicating a legitimate domain setup. However, the lack of accessible content prevents a full assessment of the business, technical infrastructure, or security posture. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available. The site uses Google Fonts but no other detectable technologies or analytics services. Security headers and HTTPS status could not be confirmed from the provided data. Overall, the site appears to be temporarily down or under maintenance, limiting any meaningful analysis.

Kontuur LB OÜ operates the website kontuur.ee, presenting itself as an established advertising agency based in Estonia, founded in 2010. The company offers a broad range of creative advertising services including 3D advertising, digital marketing, animation, and campaign development. The website showcases a comprehensive portfolio of client works, indicating a solid market position within the media and advertising sector. Technically, the site is built on WordPress, leveraging common plugins such as Yoast SEO and Responsive Lightbox, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal security or incident response policies. Privacy compliance is weak, with no visible privacy or cookie policies and no consent mechanisms implemented. Contact information is clearly presented with company email and phone number, enhancing business credibility. Overall, the website is professional and functional but would benefit from improved privacy and security practices.

D

DiaMedica Therapeutics, Inc.

diamedica.com

69

DiaMedica Therapeutics, Inc. is a clinical stage biopharmaceutical company focused on developing innovative synthetic protein therapies targeting serious vascular diseases such as preeclampsia and acute ischemic stroke. Their lead candidate, DM199, is a recombinant form of the KLK1 protein aimed at improving blood flow and reducing ischemia. The company maintains a professional online presence with investor relations content and Nasdaq stock information, positioning itself as a specialized healthcare innovator in a niche market. Technically, the website employs modern web technologies including Google Analytics, Cloudfront CDN, and responsive design, delivering a moderate to good user experience. Security posture is strong with HTTPS and some best practices, though lacking explicit security headers and incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies. The missing WHOIS data for the domain raises concerns about domain registration legitimacy, which should be further investigated. Overall, the website is professional and credible but would benefit from enhanced privacy disclosures and security transparency.

S

SkySelect

skyselect.com

70

SkySelect operates as an AI-powered platform specializing in the procurement, sale, and repair of aircraft parts, targeting airlines and MROs. The website presents a professional and modern interface, emphasizing efficiency, cost reduction, and enhanced visibility for aviation parts procurement. The platform includes an AI platform, supplier portal, and various plans, indicating a SaaS business model focused on aviation technology. Technically, the site is built using Next.js and React, leveraging modern web technologies and delivering a responsive, well-structured user experience. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response contacts are not published. Privacy compliance is addressed with a cookie consent banner and a comprehensive privacy policy, indicating GDPR awareness. However, the absence of WHOIS data raises concerns about domain registration legitimacy, warranting further verification. Overall, the site is professional and trustworthy from a content and technical perspective but would benefit from enhanced transparency in security and domain registration details.

N

NETDEV

netdev.com.mx

44

NETDEV is a small Mexican IT solutions provider focused on integrating technology to help businesses succeed. Their website presents basic information about their services and expertise but lacks comprehensive business and security disclosures. The technical infrastructure is based on a website builder platform with standard web technologies and moderate performance. Security posture is minimal with no detected security headers or published policies, and no explicit contact information is available for incident response or privacy concerns. Overall, the website is functional but requires significant improvements in privacy compliance, security best practices, and business transparency to enhance trust and professionalism.

G

GiftTime Rugby

gifttimerugby.com

42

GiftTime Rugby is a niche media website dedicated to rugby-related content including news, podcasts, interviews, and movie reviews. Founded in 2013, it serves rugby enthusiasts with a variety of multimedia content and advertising opportunities. The website is built on WordPress with Elementor, leveraging modern web technologies and Google services for analytics and monetization. The site demonstrates good content quality and user experience with consistent branding and clear navigation. Security posture is adequate with HTTPS enabled and domain registration protections, but lacks advanced security headers and explicit privacy or cookie policies. Overall, the site is legitimate and functional but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

E

Eastern Mediterranean University Cyprus

emu.edu.tr

60

Eastern Mediterranean University Cyprus is a prominent state university in North Cyprus offering a wide range of associate, undergraduate, and postgraduate degree programs. The institution holds a strong market position as the only state university in the region, supported by multiple accreditations, recognitions, and international rankings. The website reflects a comprehensive academic and administrative structure targeting prospective students, current students, alumni, and academic partners. The university emphasizes research, continuing education, and international exchange programs, indicating a mature and diverse educational business model. Technically, the website employs modern web technologies including Bootstrap, FontAwesome, Google Fonts, and integrates advanced analytics and marketing tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine understanding. Hosting and performance appear moderate, with no detected CMS but likely a custom or proprietary system. From a security perspective, the site enforces HTTPS with excellent SSL configuration and uses secure external scripts. However, it lacks visible security headers and explicit security or incident response policies. There is no cookie consent mechanism, which is a compliance gap given GDPR relevance. No vulnerabilities or exposed sensitive data were detected, indicating a generally strong security posture. Overall, the website is professional, trustworthy, and well-maintained, with minor improvements recommended in privacy compliance and security transparency to enhance user trust and regulatory adherence.

M

Modera

modera.ee

49

Modera is an established software company founded in 2003, specializing in providing digital solutions for the automotive industry. Their offerings include automotive CRM, website builders, e-commerce platforms, and dealer management systems designed to streamline car sales and enhance customer experience. The company targets manufacturers, importers, and dealerships across 15 countries and collaborates with over 30 automotive brands. The website is professionally designed, multilingual, and optimized for modern web standards, reflecting a mature digital presence. Technically, the site is built on WordPress with Elementor and integrates various marketing and analytics tools such as Google Tag Manager and LinkedIn Insight. Security posture is generally good with HTTPS enforced and clientTransferProhibited domain status, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy or terms of service policies found. Contact is primarily via web forms, with no direct emails or phone numbers published. Overall, Modera presents a credible and professional business with room for improvement in transparency of privacy and security policies.

B

BRV Solutions

brv-solutions.com

56

BRV Solutions is a small US-based technology consultancy specializing in business transformation and ERP alignment to facilitate digital transformation. The company targets businesses seeking to improve operational processes through technology and change management. The website is professionally designed using Squarespace, with good content quality and clear navigation. Social media presence on Facebook and LinkedIn supports business credibility. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the active and professional website presence suggests a legitimate operation. The technical infrastructure is modern but lacks some security best practices such as security headers and privacy policies. Overall, the security posture is moderate with HTTPS enabled but could be improved with additional headers and compliance documentation.

A

AS Postimees Grupp

postimees.ee

59

Postimees is a leading Estonian news media company providing comprehensive news coverage from Estonia and abroad. The website serves a broad Estonian-speaking audience with diverse content including politics, economy, culture, sports, and regional news. It operates a subscription-based business model complemented by advertising revenue. The company maintains multiple regional and thematic subsidiaries, enhancing its market reach and content diversity. Technically, the website employs modern web technologies including advanced analytics, consent management, and subscription/paywall systems, ensuring a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates high professionalism, trustworthiness, and technical sophistication, positioning it well in the Estonian media landscape.

A

AS Orient Office

kontorikaubad.ee

46

AS Orient Office operates a professional e-commerce website offering a broad range of office supplies, paper goods, household items, food products, and electronics primarily targeting Estonian businesses and consumers. The company has an established market presence since 2011 and provides a comprehensive product catalog with clear navigation and a consistent brand presentation. The website is built on Drupal CMS and leverages common web technologies including jQuery, Bootstrap, and Google Analytics for tracking and marketing purposes. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure; however, the absence of security headers and incident response contacts indicates room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which poses a compliance risk under GDPR. Overall, the website is trustworthy and credible but would benefit from enhanced privacy and security practices to strengthen user trust and regulatory compliance.

T

TERE AS

tere.eu

51

Tere dairy (TERE AS) is a medium-sized Estonian dairy product manufacturer and retailer offering a variety of dairy and plant-based products such as kefir drinks and puddings. The company targets consumers in Estonia and neighboring regions, providing products in multiple languages to cater to a diverse audience. The website is professionally designed with good content quality and clear navigation, supporting the company's market presence. Technically, the website is built on the Voog CMS platform, utilizing modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, and Google Fonts. The site is mobile-optimized and performs moderately well, though accessibility and SEO optimizations could be improved. The presence of Google Tag Manager indicates moderate user tracking and analytics capabilities. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide visible privacy policies, terms of service, or incident response information, which are critical for compliance and trust. Cookie consent is implemented, but GDPR compliance indicators are minimal. WHOIS data is unavailable due to privacy restrictions, which is common but reduces transparency. Overall, the website demonstrates a solid business and technical foundation but requires improvements in privacy compliance, security headers, and transparency to enhance trust and regulatory adherence.

U

United Partners Group OÜ

unitedpartners.ee

40

United Partners Group OÜ is an Estonian investment company specializing in providing growth capital to small and medium-sized enterprises in the Baltic region, with a focus on private equity and real estate sectors including commercial and residential properties. The company positions itself as a regional growth capital fund with a clear business model centered on investment and asset management. The website reflects a professional and consistent brand image, targeting investors and Baltic SMEs seeking capital for growth. Technically, the website is built on WordPress and employs modern web technologies such as lazy loading scripts and Google Fonts. The site is mobile optimized and performs moderately well, though accessibility features are basic. Hosting and domain registration are consistent with the company's Estonian location, and the domain age supports the legitimacy of the business. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance. There is no incident response or vulnerability disclosure information available, which could be improved to enhance trust and security posture. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency to reduce risk and improve user confidence.

I

Ingenium Baltic

ingenium.ee

42

Ingenium Baltic is a specialized engineering company focused on delivering solutions for the Oil & Gas industry, particularly in subsea and marine equipment. Their services span the entire project lifecycle from concept to installation support, targeting offshore sector challenges. The website is built on WordPress using the Divi theme, indicating a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and published policies. No contact or privacy-related policies are found, which impacts compliance and trust. Overall, the site presents a professional business presence but would benefit from enhanced transparency and security practices.

A

AS Hekotek

hekotek.ee

45

AS Hekotek is a well-established Estonian manufacturing company specializing in equipment and technological solutions for sawmills, pellet plants, and wood and wood pellet boiler houses. With over 30 years of market presence, 155 employees, and a broad international footprint, the company serves industrial clients primarily in the woodworking and bioenergy sectors. Their product portfolio includes log sorting lines, conveyor systems, pellet plants, and aspiration systems, positioning them as a key player in their niche. The website reflects a professional and consistent brand image with comprehensive business information and multilingual support. Technically, the website is built on WordPress using the Avada theme and Fusion Builder, enhanced with modern plugins such as Rank Math SEO and CookieYes for privacy compliance. The site leverages Cloudflare for DNS and CDN services, ensuring good performance and security. Mobile optimization and SEO practices are well implemented, though accessibility features are basic. Analytics and tracking are managed via Google Analytics and Tag Manager, with a cookie consent mechanism in place. From a security perspective, the site enforces HTTPS and employs cookie consent but lacks explicit security headers like CSP or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the business claims, showing a domain registered since 2010 under ALMIC OÜ, matching the Estonian business location. No WAF or blocking mechanisms interfere with content accessibility. Overall, AS Hekotek's digital presence is solid, reflecting a mature business with good technical infrastructure and privacy compliance. Security posture is adequate but could be improved with additional headers and policies. The site effectively supports business credibility and user trust.

1

1Partner

1partner.ee

54

1Partner is a well-established Estonian real estate company offering comprehensive property services including buying, selling, renting, and valuation. With over 20 years of market presence and more than 45,000 satisfied clients, it holds a strong position in the Estonian real estate sector. The website reflects a professional and consistent brand image, targeting both private and business clients. Technically, the site uses modern web technologies such as Bootstrap and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is trustworthy and compliant with GDPR, but could improve transparency around security policies and vulnerability disclosures.

E

Elisa Eesti AS

starman.ee

60

Elisa Eesti AS is a leading telecommunications company in Estonia, providing a broad range of services including mobile and fixed internet, telephony, TV packages, and e-commerce for devices and accessories. The company targets private customers with a comprehensive portfolio of digital services and applications, positioning itself as a market leader with a strong brand presence and multiple industry recognitions. The website reflects a mature digital infrastructure built on Drupal CMS and custom Elisa design systems, offering good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforcement, security headers, and a robust cookie consent mechanism, although explicit security policy and incident response contacts are not publicly detailed. Overall, the website demonstrates professionalism, trustworthiness, and compliance with GDPR requirements, supporting Elisa Eesti AS's reputation as a reliable telecommunications provider.

Metus Laenud is a small Estonian finance-focused informational website providing content about various loan types including quick loans, small loans, and general loans. The site targets Estonian-speaking individuals seeking financial solutions and loan information. The business model is content-driven, relying on informational articles rather than direct financial services. The website is built on WordPress, utilizing common plugins such as Contact Form 7 and Rank Math SEO, hosted behind Cloudflare DNS services. The technical infrastructure is modern and moderately performant with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks important security headers and incident response information. Privacy compliance is poor due to absence of privacy and cookie policies. The domain registration data is suspicious due to a future creation date and lack of registrant details, which impacts overall trustworthiness. Strategic improvements in privacy compliance, security policies, and business transparency are recommended.

H

Heateo Sihtasutus

heategu.ee

42

Heateo Sihtasutus operates as a non-profit organization in Estonia, focusing on promoting social change and charitable activities. The website serves as a platform to engage the Estonian community in good deeds and social initiatives. The organization has an established presence since 2010, supported by a professionally designed website built on WordPress and hosted by a reputable Estonian provider. The technical infrastructure is modern and secure, with HTTPS and security headers properly configured. However, the site lacks visible privacy and cookie policies, which impacts its compliance posture. No explicit contact information or incident response details are provided, limiting direct communication channels. Overall, the website demonstrates a solid business credibility and technical foundation but requires improvements in privacy compliance and transparency to enhance trust and regulatory adherence.

C

CCP Games

ccpgames.com

75

CCP Games is a well-established interactive entertainment company founded in 1997 in Reykjavik, Iceland, best known for its flagship product EVE Online. The company positions itself as an innovative leader in the gaming industry with a focus on immersive online experiences. The website reflects a professional digital presence with modern technologies such as Google Tag Manager, Cookiebot for privacy compliance, and Bootstrap for responsive design. The site is well-optimized for SEO and mobile devices, providing a good user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit security or incident response policies are published. The absence of WHOIS data for the domain is a notable concern, as it raises questions about domain registration legitimacy despite the professional appearance of the site. Overall, CCP Games demonstrates a mature digital infrastructure but should address transparency in domain registration and enhance security disclosures to improve trust and compliance.

T

Tammiste Personalibüroo OÜ

tammistepersonal.ee

47

Tammiste Personalibüroo OÜ is an established Estonian recruitment and training company with over 25 years of experience. The company specializes in recruitment services, training programs, emotional intelligence assessments, coaching, and outplacement services. Their website reflects a professional and consistent brand image, targeting Estonian businesses and job seekers. The technical infrastructure is based on WordPress with Elementor, leveraging modern web technologies and tracking tools such as Google Tag Manager and Facebook Pixel. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though some security headers are missing. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the website is trustworthy and well-positioned in its market segment, though improvements in privacy and security documentation are recommended.

L

Lumi Capital

lumicapital.eu

43

Lumi Capital is a Baltic real estate company specializing in the development and management of residential rental apartment buildings across Tallinn, Riga, and Vilnius. Managing a portfolio of approximately 2000 apartments, the company partners with institutional investors such as insurance companies and pension funds. Their business model focuses on long-term rental housing with an emphasis on sustainability, innovation, and digital services, positioning themselves as a preferred brand for urban renters valuing flexibility and community. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, integrating Google Analytics for user tracking. The site is mobile-optimized and presents a professional design with clear navigation. While performance is moderate, the technical stack is modern and well-maintained. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security headers and published security policies or incident response contacts. Privacy compliance is partial, with a cookie consent banner present but no dedicated privacy or terms of service pages. The WHOIS data is unavailable due to EURid privacy restrictions, but the website content and business information appear legitimate and consistent. Overall, Lumi Capital's digital presence reflects a professional real estate business with good technical implementation and moderate security posture. Enhancements in privacy documentation, security headers, and incident response transparency would strengthen trust and compliance.

Dexatel is a technology company specializing in omnichannel communication solutions for businesses. Their platform integrates multiple messaging channels including SMS, WhatsApp, Viber, RCS, Messenger, and Instagram, providing a unified inbox and API access for streamlined customer engagement. The company targets businesses of various sizes seeking efficient and secure communication tools. The website reflects a mature digital infrastructure using modern frameworks like Next.js and React, hosted via Bluehost with Cloudflare DNS for performance and security. While the site is professionally designed and content-rich, it lacks explicit privacy, cookie, and security policies, which are critical for compliance and trust. Security posture is generally good with HTTPS and domain protections, but could be improved by adding security headers and formal policies. Overall, Dexatel presents a credible and established business with room for enhancing privacy compliance and security transparency.

E

Europanel

europanel.com

61

Europanel is a collaborative international consumer panel business that integrates multiple leading household purchase panels worldwide to provide deep shopper insights and support brand growth strategies. The website reflects a mature, well-established business with a strong partner ecosystem including Kantar, YouGov, Ipsos, and others. Technically, the site is built on WordPress with modern web technologies and is hosted on Azure DNS infrastructure. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS and reCaptcha protections, but lacks advanced security headers and explicit privacy and cookie policies. Overall, the domain registration data supports the legitimacy and maturity of the business. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving security headers to strengthen trust and compliance.

S

Spolek pro ochranu osobních údajů

ochranaudaju.cz

65

Spolek pro ochranu osobních údajů is a Czech professional association focused on data protection and privacy, bringing together data protection officers and other professionals from private, municipal, and public sectors. It is a founding member of the European Federation of Data Protection Officers, indicating a strong position within the data protection community. The website offers information about membership, educational events, conferences, and expert consultations, targeting professionals involved in personal data processing and protection. Technically, the website is built on the Webflow platform, utilizing modern web technologies such as jQuery and Google Fonts, and is hosted on a reputable CDN (Amazon CloudFront). The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses secure form submissions but lacks visible security headers and explicit security or incident response policies. No privacy or cookie policies are found, which is a compliance gap. The absence of WHOIS data reduces domain trust verification, though the website content and partner affiliations suggest legitimacy. Overall, the site presents a professional and credible front for a niche professional association but should improve privacy compliance and transparency to enhance trust and security posture.

B

Byro

byro.works

56

Byro is a small, Czech Republic-based community platform focused on creative professionals working in public administration. It aims to foster a more creative, open, and inclusive bureaucracy through networking, education, mentoring, and events. The platform targets public officials who want to improve their work and the functioning of the state. Technically, the website is built on Squarespace, leveraging modern web technologies and delivering a good user experience with mobile optimization and decent SEO. Security posture is solid with HTTPS and HSTS enabled, though some advanced security headers and privacy policies are missing. The absence of WHOIS data limits trust but is likely due to privacy protection. Overall, Byro presents as a legitimate niche community platform with room for improvement in privacy compliance and security transparency.

N

Nadační fond Czechitas Báry Bühnové

nadacnifondczechitas.cz

51

Nadační fond Czechitas Báry Bühnové is a Czech non-profit foundation dedicated to supporting women and disadvantaged groups in accessing IT education and career opportunities. The foundation provides scholarships and funding to help overcome barriers in the IT sector, aiming for systemic change in IT education across all ages. The website is professionally designed, targeting Czech-speaking audiences, and presents a clear mission with calls to action for donors and applicants. The foundation collaborates with reputable partners and uses established donation platforms to facilitate contributions. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Fonts and jQuery. It is hosted on Webflow's infrastructure, ensuring reliable performance and mobile responsiveness. The site includes a cookie consent mechanism compliant with GDPR, although explicit privacy and terms of service pages are limited or linked externally. No blocking or WAF mechanisms were detected, and SSL is properly configured, ensuring secure communications. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent but lacks some security headers and formal security policies. The absence of WHOIS data for the domain is a concern for transparency and trust, although the website content and partner references support legitimacy. No critical vulnerabilities or exposed sensitive data were found. Overall, the site presents a moderate to good security posture with room for improvement in policy disclosures and technical headers. The overall risk assessment is moderate with recommendations to improve domain registration transparency, add security headers, and publish formal security and privacy policies. These steps will enhance trustworthiness and compliance, supporting the foundation's mission and stakeholder confidence.

C

Czechitas, z.ú.

czechitas.cz

58

Czechitas is a Czech non-profit organization dedicated to opening the world of IT to women, children, and other beginners. The organization offers a wide range of IT courses, including digital academies, corporate upskilling, and career development support. Their market position is strong within the Czech Republic as a leading educational entity focused on digital literacy and inclusion. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site leverages modern web technologies such as Webflow CMS, Google Tag Manager, and various marketing and analytics tools, ensuring good performance and SEO. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers and explicit incident response contacts could enhance their security maturity. Overall, the domain is privacy protected, which is justified for a non-profit, and the website exhibits high trustworthiness and professionalism.

S

Syntra

syntra.be

55

Syntra is a well-established educational organization based in Belgium, specializing in vocational and professional training courses. The website presents a professional and modern digital presence built on WordPress with Elementor, optimized for performance and mobile responsiveness. The organization targets individuals seeking skill development and vocational education, positioning itself as a key regional player in the education sector. The website includes comprehensive privacy and cookie policies with GDPR compliance and consent mechanisms, reflecting a mature approach to privacy. Security posture is strong with HTTPS and security headers implemented, though explicit security and incident response policies are not publicly detailed. WHOIS data is restricted due to .be domain policies, which is typical and does not detract significantly from trust. Overall, the site demonstrates good business credibility and technical maturity with room for improvement in transparency around security policies.

E

Europ Assistance

europ-assistance.be

62

Europ Assistance Belgium operates as a provider of travel insurance and assistance services including roadside, cancellation, and home assistance insurance. The website targets travelers and vehicle owners in Belgium, positioning itself as a trusted expert in the insurance sector. The digital presence is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and consent management tools, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly disclosed. The domain WHOIS data is restricted by DNS Belgium, which is common for .be domains but slightly reduces transparency. Overall, the website is credible and trustworthy with room for improvement in security transparency and accessibility compliance.