Security Directory

A

Agencija za zaštitu osobnih podataka

azop.hr

43

The Agencija za zaštitu osobnih podataka (AZOP) is an independent Croatian government agency responsible for overseeing the implementation of the General Data Protection Regulation (GDPR) within Croatia. The website serves as an official portal providing comprehensive information about data protection rights, regulatory activities, educational initiatives, and public resources. It targets Croatian citizens, data controllers, processors, and public institutions, positioning itself as the authoritative national data protection authority. The site features multilingual support, primarily Croatian and English, enhancing accessibility for diverse audiences. Technically, the website is built on WordPress using the Divi theme and incorporates several plugins such as Yoast SEO for search optimization, Contact Form 7 for user inquiries, and Pojo Accessibility for compliance with accessibility standards. The infrastructure supports modern web standards including HTTPS, responsive design, and accessibility features, reflecting a mature digital presence. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses secure form handling mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. However, explicit security policies and incident response contacts are not prominently published, suggesting areas for improvement in transparency and readiness. Overall, AZOP's website demonstrates a high level of professionalism, compliance with GDPR, and a strong trust profile consistent with its role as a government regulator. Strategic recommendations include publishing detailed security policies, establishing clear incident response channels, and maintaining vigilance on third-party plugin security to sustain and enhance its security posture.

株式会社名鉄ホテルホールディングス operates a large hotel group primarily in the Chubu region of Japan, managing 20 facilities including well-known brands such as ANA Crowne Plaza and Meitetsu Grand Hotel. The website serves as an official portal providing information about their hotel brands, press releases, and news updates, targeting both business and leisure travelers in the Aichi and Gifu areas. The business model focuses on hospitality services with a strong regional presence and multiple subsidiary hotel brands. Technically, the website employs modern JavaScript libraries including jQuery, Slick Carousel, and Swiper for interactive UI elements and responsive design. It uses Google Tag Manager for analytics and tracking. The site is well-optimized for mobile devices and provides a good user experience with clear navigation and professional design. However, no CMS or hosting provider information was detected. From a security perspective, the site uses HTTPS with excellent SSL configuration, but lacks explicit security headers and does not provide a security policy or vulnerability disclosure information. No privacy or cookie policies were found, which is a compliance gap. The absence of direct contact emails or phone numbers reduces transparency in user support and incident response. Overall, the website is functional, professional, and credible from a business standpoint but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

P

pj101

pj101.net

42

pj101.net is a Japanese website focused on providing comprehensive food event coordination, vendor support, and transportation logistics services. The company targets event organizers, convention centers, and facilities, aiming to streamline food event operations through integrated logistics solutions. The website uses modern web technologies including Nuxt.js and Vue.js, hosted on Google Cloud Storage, and demonstrates good mobile optimization and SEO practices. However, it lacks explicit privacy, cookie, and terms of service policies, and does not provide direct contact emails or phone numbers, relying solely on a contact form for communication. Security posture is moderate with HTTPS enabled but missing security headers and incident response information. Overall, the site is professional and functional but could improve transparency and compliance.

P

ProTrainUp Sp. z o.o.

protrainup.com

10

ProTrainUp Sp. z o.o. operates a comprehensive sports club management system targeting sports academies and clubs across Europe. The platform offers modular services including automated payment processing, exercise database management, and mobile applications for enhanced communication among trainers, players, and parents. The company positions itself as a leading provider in the European sports management technology market, supported by a strong client base including notable sports associations and clubs. Technically, the website leverages modern web technologies such as Bootstrap, jQuery, and integrates with Bitrix24 CRM and live chat services, hosted in a high-standard Polish data center. Security-wise, the site enforces HTTPS and emphasizes GDPR compliance, though it lacks some advanced security headers and explicit cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, with room for improvement in privacy and security transparency.

A

Analyticom d.o.o.

analyticom.de

10

Analyticom d.o.o. is a specialized software provider recognized as a global leader in football management solutions, serving football governing bodies such as national associations and continental confederations. Their product suite includes COMET, COMET LIVE, and COMET PLAY, complemented by professional services like implementation, support, and cloud infrastructure. The company emphasizes innovation and reliability, targeting a global sports management audience. Technically, the website is built on WordPress using the Avada theme and Fusion Builder, integrating Cookiebot for GDPR-compliant cookie management and Google Analytics for traffic analysis. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be enhanced. Performance is moderate, with modern technologies and scripts in use. From a security perspective, Analyticom maintains a strong posture with HTTPS enforced, ISO 27001 certification, and comprehensive privacy policies. Cookie consent is actively managed, and no critical vulnerabilities or exposed sensitive data were detected. However, additional security headers and a security.txt file could further improve their security maturity. Overall, the website and business present a trustworthy and professional image with strong compliance to privacy regulations. The domain registration details align well with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, improving accessibility, and formalizing vulnerability disclosure mechanisms.