Security Directory

Miele For Life is a dedicated membership loyalty website targeting existing Miele appliance owners in New Zealand, offering exclusive benefits such as discounts, events, and customer care. The website is built on WordPress with modern technologies including Bootstrap, jQuery, Google Tag Manager, and reCAPTCHA, hosted behind Akamai CDN infrastructure. The site demonstrates good digital maturity with mobile optimization, SEO best practices, and a clear content structure focused on recipes, offers, and member engagement. Security posture is solid with HTTPS enforced and bot protection via reCAPTCHA, though minor issues such as missing DNSSEC and a broken GTM script fetch exist. Privacy compliance is well addressed with a cookie consent mechanism and clear links to privacy and terms pages. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate and professional brand presence.

B

Benefit Management s.r.o.

benefit-plus.cz

64

Benefit Management s.r.o. operates the Benefit Plus platform, a comprehensive cafeteria benefits catalog and redemption service primarily targeting employees and employers in the Czech Republic. The platform offers a wide range of benefits including travel, food, books, culture, personal development, sport, and health services. The website is professionally designed, mobile-optimized, and integrates modern web technologies such as React and Next.js, with security features including HTTPS and Google reCAPTCHA. Social media presence and clear contact information enhance business credibility. However, the lack of publicly available WHOIS data and absence of a cookie consent banner indicate areas for improvement in transparency and privacy compliance. Overall, the platform holds a strong market position as a local benefits management solution with a medium-sized business profile.

O

OANNA

oanna.be

40

OANNA is a small creative agency based in Liège, Belgium, specializing in web design, branding, digital marketing, strategy, and video production. The company targets businesses seeking comprehensive communication and marketing services to enhance their market presence. The website reflects a professional and creative approach with good content quality and consistent branding. Technically, the site uses a CMS Made Simple platform hosted by OVH, integrates multiple modern JavaScript libraries and marketing tools, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though lacks explicit security policies and headers. Overall, the website is trustworthy and well-positioned in its niche, with room for improvement in security transparency and contact information visibility.

Miele For Life is a membership loyalty website targeting existing Miele appliance customers in Australia, offering exclusive benefits such as discounts, events, and customer care services. The site is well-branded and professionally designed, reflecting the premium nature of the Miele brand. Technically, the site is built on WordPress with Bootstrap and uses modern tools like Google Tag Manager and reCAPTCHA for analytics and security. Cookie consent is implemented with a granular mechanism, supporting GDPR compliance. Security posture is generally good with HTTPS enforced and bot protection, though minor issues like missing DNSSEC and a broken GTM script reference exist. No direct contact emails or phone numbers are exposed, but a contact form is available. The domain registration is consistent with the brand and managed by a reputable registrar, enhancing trustworthiness.

C

Chromos

chromos.com

50

Chromos, Inc. is a small healthcare-focused company specializing in aesthetic and medical skin care services, tattoo removal, and professional training. With over 40 years of industry experience, the company operates multiple affiliated entities including MarLō Advanced Skin Center, InkLESS Tattoo Removal, and American Laser College. The website presents a professional image with clear service descriptions and contact information, targeting aesthetic and medical professionals as well as patients seeking advanced treatments. The technical infrastructure is based on GoDaddy Website Builder, hosted by GoDaddy.com, LLC, and incorporates modern web technologies including HTTPS and Google reCAPTCHA for form security. The site is mobile-optimized and provides a good user experience, though accessibility and SEO optimizations are basic. Privacy compliance is limited due to the absence of a privacy policy and terms of service, although a cookie consent banner is present. Security posture is moderate with HTTPS enabled and use of reCAPTCHA, but lacks security headers and incident response information. No vulnerabilities or suspicious content were detected. The domain registration is consistent and trustworthy, with a long-established domain age matching the company's history. Overall, Chromos.com is a credible and professionally maintained website with room for improvement in privacy compliance and security best practices to enhance trust and regulatory adherence.

ZM – TECH s.r.o. operates the reproman.cz website, offering REPROMAN®, a dietary supplement aimed at improving male sexual health and fertility. The company positions itself as a niche healthcare provider with a focus on reproductive medicine, supported by expert partnerships and a clear e-commerce model. The website provides comprehensive product information, expert advice, and a user-friendly shopping experience targeting men seeking to enhance fertility and sexual vitality. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and reCAPTCHA for security and analytics, with a responsive design suitable for mobile users. Security posture is solid with HTTPS and form protection, though lacks explicit security policies and incident response contacts. Privacy compliance is strong, featuring detailed privacy and cookie policies with consent mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

FUJIFILM Cellular Dynamics, Inc.

fujifilmcdi.com

63

FUJIFILM Cellular Dynamics, Inc. is a specialized biotechnology company focused on providing human induced pluripotent stem cell (iPSC) services and products to support scientific research and cell therapy development. The company operates a professional and well-branded website targeting researchers, pharmaceutical, and biotech firms. Their market position is that of an established leader in the iPSC field, supported by a medium-sized business infrastructure and backed by the FUJIFILM Holdings Corporation. Technically, the website leverages a modern Magento eCommerce platform integrated with WordPress for content, using advanced search and analytics tools such as Algolia, Google Tag Manager, and Hotjar. Privacy and cookie compliance are well implemented with a consent mechanism and comprehensive policies. Security posture is good with HTTPS, security headers, and form protections, though the absence of a published security policy and incident response details is noted. The lack of WHOIS registration data is a concern but does not detract significantly from the overall legitimacy given the professional web presence. Overall, the website is secure, compliant, and professionally maintained, suitable for its B2B healthcare audience.

C

ConnectLife

connectlife.io

64

ConnectLife is a sophisticated smart home platform developed by the Gorenje Group and Hisense, designed to unify and enhance the user experience across connected and non-connected home appliances. The platform offers a range of intelligent features including device sharing, remote start, voice control, firmware updates, and a unique AI-powered cooking assistant called Dish Designer. Positioned as a leader in smart home technology with a strong emphasis on sustainability, ConnectLife targets consumers seeking convenience, efficiency, and eco-friendly living solutions. Technically, the website leverages modern web technologies such as jQuery, Google Analytics, and a consent management SDK, built on an ASP.NET WebForms framework. The site is well-optimized for mobile and accessibility, with comprehensive content and clear navigation. Security posture is solid with HTTPS enforcement and bot protection, though some security headers and explicit policies could be improved. Privacy compliance is robust, featuring detailed privacy and cookie policies and user consent mechanisms. Overall, the platform demonstrates a mature digital presence aligned with its business goals and market positioning.

A

APOLO s.r.o.

apolopraha.cz

40

APOLO s.r.o. is a Czech company specializing in the sale and installation of interior and entrance doors, primarily of the Sapeli brand, along with complementary products such as door frames, fittings, glass doors, flooring, and railings. The company operates physical showrooms in Prague Štěrboholy and Štrampouch near Čáslav, serving customers mainly in the Central Bohemian Region and Prague. Their market position is that of a regional authorized reseller with a focus on quality and customer service. Technically, the website is built on WordPress with modern plugins and technologies, including Google Tag Manager and reCAPTCHA, ensuring a moderate to good digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements in security headers and incident response documentation are recommended. Overall, the website is professional, compliant with GDPR, and trustworthy, supporting the company's business credibility.

B

Bookio

bookio.com

45

Bookio is a mature SaaS company specializing in online booking and reservation management solutions, serving a broad range of industries with over 18,000 clients and 19 million customers served. The website reflects a professional and well-established business with a comprehensive feature set including online payments, SMS/email reminders, and extensive analytics. Technically, the site employs modern frameworks such as Bootstrap, integrates Google Tag Manager, Analytics, Hotjar, and uses Cloudflare for DNS and CDN services, ensuring fast performance and mobile optimization. Security posture is solid with HTTPS, CSRF tokens, reCAPTCHA, and cookie consent mechanisms, though improvements could be made by enabling DNSSEC and publishing explicit security policies. Overall, the site is trustworthy, compliant with GDPR, and provides a positive user experience.

K

KACHLIČKOVO

kachlickovo.sk

55

KACHLIČKOVO is a Slovak retail company specializing in tiles and cladding products, offering both online e-commerce services and physical showroom experiences. The website presents a professional and well-structured platform with a focus on customer engagement through 3D bathroom design visualization and a wide product catalog. The company maintains a verified presence on local e-commerce platforms such as Heureka, enhancing its market credibility. Technically, the website employs a modern technology stack including Google reCAPTCHA for bot protection, Sentry for error monitoring, and Bloomreach Exponea for marketing automation. The platform is built on the CreativeShop CMS, with good mobile optimization and SEO practices. Performance is moderate, with multiple external scripts for enhanced user experience and marketing. From a security perspective, the site enforces HTTPS, integrates anti-bot measures, and uses CSRF tokens, indicating a solid baseline security posture. However, it lacks explicit security headers and published security or incident response policies. Privacy compliance is limited due to the absence of visible privacy and cookie policies or consent mechanisms, which is a notable gap given GDPR requirements. Overall, the website is trustworthy and professional, with minor improvements needed in privacy compliance and security transparency. The risk level is moderate, with recommendations focusing on enhancing privacy disclosures and security headers to align with best practices.

W

Waragod.sk

waragod.sk

60

Waragod.sk is a Slovak-based e-commerce retailer specializing in outdoor, tactical, sports, and hobby apparel and equipment. The website targets active lifestyle consumers across multiple Central European countries, offering a broad product range including clothing, footwear, tactical gear, and accessories. The business operates a multilingual platform with clear contact information and a professional online presence. Technically, the site is built on Joomla CMS with CreativeShop e-commerce integration, leveraging modern analytics and tracking tools such as Google Analytics, Facebook Pixel, and Sentry for error monitoring. Security is well implemented with HTTPS, CSRF tokens, and Google reCAPTCHA, although some advanced security headers and policies are missing. Privacy compliance is partial due to the absence of explicit privacy and terms of service pages. Overall, the domain registration data aligns with the business claims, supporting legitimacy and trustworthiness.

R

Robel.sk

robel.sk

61

Robel.sk is a Slovakian e-commerce retailer specializing in branded footwear and accessories, targeting consumers primarily in Slovakia and neighboring countries. The website offers a broad selection of quality shoes and related products from well-known brands, supported by services such as in-store reservation, free delivery to pickup points, and a 30-day return policy. The business operates multiple country-specific domains, indicating a regional market presence and a mature business model focused on retail and online sales. Technically, the website employs a modern technology stack including JavaScript frameworks, Google reCAPTCHA for bot protection, Sentry for error tracking, and various marketing and analytics tools such as Facebook Pixel, Google Tag Manager, and Mouseflow. The platform is built on the CREATIVE shop CMS and uses Amazon Cloudfront CDN for content delivery. Security posture is solid with HTTPS enforced, CSRF tokens, and OAuth login options; however, explicit cookie consent mechanisms and security.txt disclosures are missing, representing compliance and transparency gaps. Overall, the website is professional, trustworthy, and well-positioned in its market segment, though improvements in privacy compliance and security policy publication are recommended.

D

DREVONA Market s.r.o.

drevona.sk

57

DREVONA Market s.r.o. is a Slovak furniture manufacturer and retailer operating both physical stores and an e-commerce platform. The company offers a wide range of furniture products including living room, bedroom, kitchen, office, and children's furniture, primarily produced in their own manufacturing facilities in Slovakia. Their market position is that of a trusted local brand with multiple retail locations and a strong online presence. Technically, the website is built on the CREATIVE shop CMS platform, utilizing modern web technologies including Google Analytics, Facebook Pixel, and Sentry for error tracking. Security measures such as HTTPS, CSRF tokens, and Google reCAPTCHA are implemented, reflecting a mature security posture. Privacy and cookie policies are present and GDPR compliant, supporting user data protection. Overall, the website demonstrates good content quality, professional design, and clear navigation, making it a reliable and user-friendly platform for customers.

A

ALLTOYS

alltoys.sk

55

Alltoys.sk is a Slovakian retail company specializing in toys for children, operating both an e-commerce platform and a network of physical stores. The website offers a broad selection of toys including popular brands like LEGO, and targets parents and children. The business is well-established in the Slovak market with clear contact information and a professional online presence. Technically, the site uses modern web technologies including Google Analytics, Google Tag Manager, reCAPTCHA, and Sentry for error tracking, built on the CREATIVE shop CMS platform. The website is mobile optimized and SEO friendly, providing a good user experience. Security posture is solid with HTTPS enforced and secure form handling, though additional security headers could enhance protection. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the site is trustworthy and professionally managed, with room for improvement in publishing explicit security policies and incident response details.

Caracal Agency is a Brussels-based digital and creative agency specializing in branding, communication strategy, digital marketing, and website and e-commerce development. The company positions itself as a partner for businesses seeking to enhance their digital presence and brand awareness. Their website demonstrates a strong market position with a portfolio of notable clients and testimonials, indicating a trusted service provider in the technology sector. Technically, the website is built on modern frameworks such as Next.js and Chakra UI, hosted on Vercel, and integrates advanced analytics and marketing tools including Google Analytics and HubSpot. Security posture is strong with HTTPS, security headers, and bot protection via Google reCAPTCHA, although explicit security policies and incident response information are not publicly disclosed. Overall, the website is professional, well-structured, and compliant with privacy regulations, reflecting a mature digital presence suitable for their business model.

I

Isopan

isopan.com

67

Isopan is a well-established Italian manufacturer specializing in insulating sandwich panels for roofs and walls, operating under the Manni Group umbrella. The company offers innovative and sustainable building solutions, targeting construction professionals such as architects, engineers, and contractors. Their product portfolio includes premium systems like FORTELIA and ADDMIRA, supported by certifications such as LEED and FM APPROVED, indicating a strong commitment to quality and sustainability. The website is professionally designed, mobile-optimized, and incorporates modern technologies including WordPress CMS, Google Tag Manager, and Iubenda for cookie consent management. Security measures include HTTPS enforcement and reCAPTCHA integration, though some security headers could be improved. Privacy compliance is supported by a cookie consent mechanism, but no explicit privacy policy or terms of service were detected in the provided content. WHOIS data confirms a long-standing domain registered in Italy with privacy protection, consistent with the business profile. Overall, the digital presence reflects a mature and credible industrial manufacturer with room for enhanced transparency and security documentation.

O

OKNOTHERM spol. s r.o.

oknotherm.cz

47

OKNOTHERM spol. s r.o. is a well-established Czech manufacturer specializing in plastic windows, euro windows, doors, shading solutions, and related accessories. With over 33 years in the market and a large customer base, the company positions itself as a trusted provider of high-quality, customized products. The website reflects a professional and consistent brand image, targeting residential and commercial customers seeking durable and tailored window and door solutions. Technically, the website employs modern frameworks such as Bootstrap and integrates Google services for analytics and marketing, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and uses Google reCAPTCHA to protect forms, but lacks some advanced security headers and explicit incident response information. Overall, the site is secure, compliant with GDPR, and demonstrates good privacy practices through cookie consent mechanisms and a comprehensive privacy policy. The absence of public WHOIS data indicates privacy protection, which is justified for this business type. The website is trustworthy and professionally maintained, with room for improvement in security transparency and contact email availability.

F

Fontstand BV

fontstand.com

10

Fontstand BV operates a specialized font discovery and streaming platform that enables users to try, rent, or subscribe to high-quality fonts. The company targets designers and creative professionals seeking flexible font licensing options. The website is well-structured, professionally designed, and offers a good user experience with clear navigation and mobile optimization. Technically, the site uses modern frameworks such as Bootstrap and SilverStripe CMS, hosted on AWS infrastructure, and integrates Google services for analytics and advertising. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though improvements like DNSSEC and security headers are recommended. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the business profile, indicating legitimacy and stability.

C

Community Agribusiness Partners

communityagribusiness.org

10

Community Agribusiness Partners is a non-profit organization focused on transforming agriculture into sustainable businesses in Malawi, Rwanda, and Tanzania. The organization collaborates with farming communities, governments, private sector, and NGOs to provide technical support, financial assistance, and training programs. Their mission is to drive positive social and economic change through agribusiness partnerships. The website is professionally designed using the Squarespace platform, featuring clear navigation and a consistent brand image. Technical infrastructure includes HTTPS with HSTS, reCAPTCHA for form security, and integration of a donation widget (Fundraise Up). However, the site lacks explicit privacy, cookie, and terms of service policies, and no direct contact emails or phone numbers are visible, which impacts privacy compliance and business credibility scores. WHOIS data is unavailable or privacy protected, which is common for non-profits but reduces transparency. Overall, the site presents a trustworthy and secure platform for its mission but would benefit from enhanced privacy and contact disclosures.

T

Tržiště Pod Kaštany

trzistepodkastany.cz

46

The website trzistepodkastany.cz represents a local marketplace called "Tržiště Pod Kaštany" located in Zlín, Czech Republic. It focuses on offering a diverse range of regional food products and hosting community events that foster direct interaction between sellers and buyers. The business model is centered around a physical and digital marketplace promoting local and healthy food options, targeting local residents and tourists. The website content is well-structured, with clear navigation and a consistent brand presence, supported by social media channels on Facebook and Instagram. From a technical perspective, the site employs a variety of modern JavaScript libraries and plugins such as jQuery, fullcalendar, select2, and Google services including reCAPTCHA and Tag Manager. The site enforces HTTPS and includes a Content-Security-Policy header, indicating a baseline security posture. Performance and mobile optimization are adequate, though accessibility features could be improved. SEO is supported by proper meta tags and Open Graph data. Security-wise, the website benefits from HTTPS and basic security headers but lacks comprehensive security policies such as privacy, cookie, or vulnerability disclosure statements. No critical vulnerabilities or exposed sensitive data were detected. The absence of privacy and cookie policies represents a compliance gap, especially under GDPR regulations. Contact information is clearly provided, enhancing business credibility. Overall, trzistepodkastany.cz is a legitimate, small-scale local marketplace website with good content quality and technical implementation. To improve security posture and compliance, it is recommended to implement privacy and cookie policies, enhance security headers, and consider a vulnerability disclosure mechanism. These steps will strengthen trust and regulatory adherence while maintaining a positive user experience.

A

AVAL- J Z, s.r.o.

aval-jz.sk

65

AVAL- J Z, s.r.o. is a Slovakian medium-sized company specializing in the manufacturing and retail of custom furniture, including kitchens, bedrooms, wardrobes, and commercial furniture. With over 23 years of experience, the company positions itself as a professional and reliable provider with a strong local market presence, supported by positive client testimonials and a showroom for direct customer engagement. The website reflects a modern and professional digital presence, leveraging WordPress CMS and integrating key marketing and analytics tools such as Google Analytics and Google Tag Manager. Privacy compliance is robust, featuring a comprehensive cookie consent mechanism and a detailed privacy policy in Slovak. Security posture is strong with HTTPS enforced and Google reCAPTCHA protecting forms, though some security headers could be improved. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity suitable for its business domain.

P

Protechshop

protechshop.sk

53

Protechshop.sk is a Slovakian e-commerce retailer specializing in tools, automotive equipment, household, garden, and related products. The website targets both general consumers and professionals seeking quality tools at competitive prices. It offers a broad product range with multi-language support, indicating a regional market focus in Slovakia and neighboring countries. The business model is primarily online retail with a medium-sized market presence. Technically, the site uses a proprietary CMS (CREATIVE shop) and integrates modern analytics and marketing tools such as Google reCAPTCHA, Sentry, Hotjar, Microsoft Clarity, and Facebook Pixel. The site is well-optimized for SEO and mobile devices, with good navigation and professional design. Security posture is solid with HTTPS, CSRF protection, and CAPTCHA on forms, but lacks explicit security policies and incident response information. Privacy compliance is basic with cookie consent and a privacy policy present, though GDPR compliance is not explicitly confirmed. Overall, the website is trustworthy and professionally maintained, suitable for its business purpose.

C

Corpay, Inc

corpayone.com

68

Corpay One is a business-focused spend management platform offering integrated fuel cards, business cards, and virtual cards to streamline payments and expense workflows. Positioned as the leading B2B Mastercard issuer in North America, Corpay One serves a large client base with billions in annual spend processed and extensive vendor networks. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site leverages Adobe Experience Manager, Google reCAPTCHA, and multiple marketing and analytics tools, ensuring a modern and responsive user experience. Security posture is strong with HTTPS, secure forms, and cookie consent mechanisms, though explicit security headers could be more visible. WHOIS data for the subdomain is unavailable, which is typical for subdomains, and does not detract from the legitimacy of the parent company. Overall, Corpay One presents a credible and trustworthy business platform with solid technical and security foundations.

M

MDD Minds

mddminds.org

61

MDD Minds is an educational program developed by WONCA aimed at improving primary care for major depressive disorders in regions including Africa-Middle East, Asia, and Latin America. The program offers a self-paced online course, a Train-the-Trainer course, and practical performance initiatives to empower family doctors and primary care professionals. The website is hosted on Squarespace and features a professional design with good navigation and mobile optimization. Security is well implemented with HTTPS and HSTS, and reCAPTCHA is used for form protection. However, the absence of a privacy policy, terms of service, and WHOIS registrant data reduces overall trust and compliance posture. Contact is only available via a contact form, with no direct emails or phone numbers provided. Social media links connect to official WONCA accounts, enhancing credibility.

T

Tropical Health and Education Trust (THET)

thet.org

70

The Tropical Health and Education Trust (THET) operates as a non-profit organization focused on supporting health workers globally through partnerships, capacity building, and policy work. The website positions THET as an established entity with a clear mission and vision to improve healthcare access worldwide. Their key services include grant management, volunteer programs, and digital transformation initiatives, targeting health workers, donors, and global health stakeholders. The organization is UK-based with a charity registration number, reinforcing its legitimacy. Technically, the website is built on WordPress with modern JavaScript libraries and integrations such as Google Tag Manager, Hotjar, and Google reCAPTCHA to enhance user experience and security. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers are missing. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and employs reCAPTCHA on forms, indicating a baseline security posture. However, the absence of visible security headers and a cookie consent mechanism suggests areas for improvement in compliance and defense-in-depth strategies. The WHOIS data is unavailable due to privacy protection or query issues, but the website's content and trust signals mitigate concerns about legitimacy. Overall, the website presents a professional, trustworthy, and content-rich platform for THET's mission. Strategic recommendations include enhancing security headers, implementing explicit cookie consent, publishing incident response policies, and improving WHOIS transparency where possible.

P

Památník Tomáše Bati

pamatnikbata.eu

46

Památník Tomáše Bati is a cultural heritage and museum website dedicated to the memorial of Tomáš Baťa, a prominent figure in Zlín's history and architecture. The site targets visitors interested in architecture, history, and cultural tourism, offering guided tours, ticket sales, and event hosting. The website is professionally designed with clear navigation, multilingual support, and strong branding consistency. Technically, it is built on WordPress with modern plugins for SEO, GDPR compliance, and user experience enhancements. Security posture is good with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers could be improved. The domain registration is consistent with the business's Czech origin, enhancing trustworthiness. Overall, the site presents a secure, compliant, and user-friendly platform for cultural engagement.

S

Statutární město Zlín

zlin.eu

66

The website https://zlin.eu/ serves as the official online presence of the statutory city of Zlín in the Czech Republic. It provides comprehensive information about the city's administration, culture, events, public services, and citizen engagement platforms. The site targets residents, local businesses, and visitors, offering services such as an official citizen portal, public notices, event calendars, and contact information for municipal departments. The business model is that of a government entity providing transparent and accessible information and services to its constituents. Technically, the website employs a modern technology stack including jQuery, Google Analytics, Google Tag Manager, Google reCAPTCHA, OneSignal push notifications, and various UI libraries such as Slick Carousel and SweetAlert2. It is hosted by Media4web, s.r.o., a Czech hosting provider. The site is mobile-optimized, accessible, and SEO-friendly with proper meta tags and structured navigation. Cookie consent and privacy policies are implemented with high confidence in GDPR compliance. From a security perspective, the site enforces HTTPS with a Content Security Policy header and uses Google reCAPTCHA to protect forms. While no critical vulnerabilities or exposed sensitive data were detected, additional security headers could enhance protection. There is no explicit security incident response or vulnerability disclosure information published, which could be improved to strengthen trust and readiness. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively serves its role as a municipal information hub with a strong digital presence. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing clear incident response contacts to further improve security posture and stakeholder confidence.

N

Nadace Tomáše Bati

nadacetomasebati.cz

68

Nadace Tomáše Bati is a Czech non-profit foundation focused on preserving the legacy of the Baťa family and supporting social, cultural, and educational initiatives primarily in the Zlín region. The foundation operates from the historically significant Baťa villa and offers a variety of community events, educational programs, and an e-commerce platform for branded merchandise. The website is professionally designed with consistent branding and clear navigation, targeting a general audience interested in culture and community development. Technically, the website employs a modern JavaScript stack including jQuery, Vue.js, and various UI libraries, ensuring good mobile optimization and user experience. The site uses HTTPS with valid SSL certificates and incorporates Google reCAPTCHA and cookie consent mechanisms, reflecting a reasonable security posture. However, the absence of explicit security headers and incident response information suggests room for improvement. From a security perspective, the site shows good practices such as encrypted connections and form protections but lacks detailed security policies and vulnerability disclosure mechanisms. The missing WHOIS data for the domain is a concern for trust and legitimacy, although the website content and external partnerships support its authenticity. Overall, the website presents a trustworthy and professional front for the foundation but should address WHOIS transparency and enhance security disclosures to improve credibility and compliance.

M

Město Vizovice

mestovizovice.cz

51

Město Vizovice operates as the official municipal government website for the town of Vizovice in the Czech Republic. It provides residents and visitors with comprehensive information about the town, including news, events, contact details, and virtual tours. The site emphasizes community engagement and local services, positioning itself as a trusted source of municipal information. The website targets local citizens, tourists, and stakeholders interested in the town's activities and services. Technically, the website employs a modern technology stack including Bootstrap, jQuery, FontAwesome, and Google services such as reCAPTCHA and Tag Manager. The site is mobile-optimized, accessible, and performs moderately well. It integrates an AI chat widget to assist users, enhancing user experience. However, the CMS appears custom or based on the Nette framework, with no explicit commercial CMS detected. From a security perspective, the website uses HTTPS and Google reCAPTCHA to protect forms, but lacks published privacy and cookie policies, security headers, and incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and long-standing registration, consistent with the municipal nature of the site. Overall, the website is professional, trustworthy, and well-maintained but would benefit from enhanced privacy compliance and security policy transparency to improve user trust and regulatory adherence.

The website visitzlin.eu serves as the official tourist information portal for the city of Zlín, Czech Republic. It provides comprehensive information about the city, including cultural events, historical background, practical visitor information, and local attractions. The portal is operated by the city's magistrate and targets tourists, local residents, and cultural enthusiasts. It holds a strong market position as the authoritative source for tourism-related content in the region. Technically, the website employs a modern JavaScript-based tech stack including jQuery, FullCalendar, Slick Carousel, and Google Maps API. It uses HTTPS with a Content-Security-Policy header and integrates Google Analytics and reCAPTCHA for analytics and bot protection. The site is mobile-optimized with good navigation and content structure, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses CSP headers, but lacks several other recommended security headers. The subscription form is protected by Google reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a cookie consent mechanism and explicit security or incident response policies indicates room for improvement in privacy compliance. Overall, the website is trustworthy, professionally maintained, and aligned with its municipal purpose. Strategic recommendations include enhancing security headers, implementing cookie consent for GDPR compliance, publishing security policies, and maintaining regular security audits to ensure ongoing protection.

T

Tropical Health and Education Trust (THET)

globalhealthpartnerships.org

70

The Tropical Health and Education Trust (THET) operates as a UK-based non-profit organization dedicated to supporting health workers globally through partnerships, grant management, policy work, and volunteer programs. The website positions THET as an established entity with a clear mission and vision focused on universal health coverage and quality healthcare access worldwide. The organization targets health professionals, donors, volunteers, and policy makers, leveraging partnerships and digital transformation to advance its goals. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, Hotjar, and Google reCAPTCHA for security and analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers and cookie consent mechanisms could enhance compliance and security posture. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security headers and incident response information suggests room for improvement. WHOIS data is unavailable due to privacy protection, which is common and justified for non-profits, but it slightly reduces trust signals. Overall, the website is professional, trustworthy, and well-maintained, with strong content quality and business credibility. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing security policies to further strengthen compliance and user trust.

V

Vinařství Procházka Valtice

valtickavina.cz

65

Vinařství Procházka Valtice is a well-established family-owned winery based in the Czech Republic, specializing in the production and sale of quality Moravian wines. Founded in 1999, the company operates on 73 hectares of vineyards and produces up to 350,000 bottles annually. Their business model combines traditional wine production with modern technology, selling directly to consumers via an e-shop and a physical wine shop in Valtice. The website reflects a professional and consistent brand image, targeting wine consumers primarily within the Czech Republic. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Analytics, and implements appropriate mechanisms such as cookie consent and age verification for alcohol sales. Security posture is solid with HTTPS and reCAPTCHA, though some improvements in security headers and published policies are recommended. Overall, the website is trustworthy and well-positioned in its market niche.

B

Banalita.cz

banalita.cz

48

Banalita.cz is a Czech Republic-based small business specializing in the manufacturing and retail of promotional products, souvenirs, and related merchandise. The company operates both physical stores and an e-commerce platform, serving retail customers and businesses seeking customized advertising items. Their website demonstrates a professional and consistent brand presence, with clear contact information and compliance with GDPR cookie policies. Technically, the site is built on WordPress with Elementor, integrating modern web technologies and security features such as HTTPS and Google reCAPTCHA. However, the absence of WHOIS data limits domain trust verification. Security posture is solid but could be enhanced with additional HTTP security headers and incident response information. Overall, the website is well-structured, user-friendly, and trustworthy for its target audience.

N

Navigo Solutions s.r.o.

navigo3.com

11

Navigo Solutions s.r.o. operates the Navigo3 platform, a comprehensive project and company management software solution primarily targeting small to large businesses in creative and project-driven industries. The website presents a professional and well-structured digital presence, offering detailed information about their software capabilities, customer testimonials, and multiple contact channels. The company has established itself since 2012, with a consistent domain registration and a clear focus on delivering SaaS solutions for project management, financial oversight, human resources, and firm-wide information systems. The platform supports multiple languages and integrates modern web technologies to enhance user experience and accessibility. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, reCAPTCHA, and GDPR compliance plugins. Hosting is provided via Amazon AWS infrastructure, ensuring reliable performance and scalability. SEO and accessibility are well addressed, with proper meta tags, structured data, and mobile optimization. The site employs cookie consent mechanisms and privacy policies aligned with GDPR requirements. From a security perspective, the site enforces HTTPS, uses Google reCAPTCHA to protect forms, and implements cookie consent management. However, DNSSEC is not enabled, and some security headers are not explicitly detected, suggesting room for improvement. No vulnerabilities or exposed sensitive data were found in the analysis. The domain registration is consistent with the business claims, and no suspicious patterns were detected, indicating a trustworthy and legitimate online presence. Overall, Navigo3's website demonstrates a mature digital footprint with strong business credibility, good technical implementation, and solid privacy and security practices. The site is safe for general audiences and provides a professional user experience. Strategic recommendations include enabling DNSSEC, enhancing security headers, and publishing a vulnerability disclosure policy to further strengthen security posture and trust.

The website ofertymiele.pl is a promotional platform operated by Underground Media Sp. z o.o., focusing on presenting the latest offers and promotions related to Miele products. The site targets consumers interested in Miele promotions, providing features such as user registration for returns and feedback collection. The business is relatively new, with domain registration dating from May 2023, and operates primarily within the retail and media sectors in Poland. Technically, the site uses a basic technology stack including jQuery and Google services such as Google Tag Manager, Analytics, and AdWords, with IP anonymization enabled for privacy. The site is hosted by home.pl S.A. and includes a comprehensive cookie policy with a consent mechanism embedded directly on the main page. However, no explicit privacy policy or terms of service pages were found. The design and user experience are functional but basic, with moderate mobile optimization and SEO. From a security perspective, the site employs Google reCAPTCHA to mitigate bot traffic and anonymizes IP addresses in analytics, but lacks visible security headers and DNSSEC is not enabled. The WHOIS data is consistent and transparent, enhancing trustworthiness. No WAF or blocking mechanisms were detected, and the site content is fully accessible. The site includes an age verification gate related to alcohol promotions, indicating content suitable for mature audiences but no explicit adult content. Overall, the website demonstrates a moderate level of digital maturity and security posture, with room for improvement in security headers, privacy policies, and technical modernization. The business credibility is supported by clear company information and consistent domain registration. Strategic recommendations include enhancing security configurations, publishing comprehensive privacy and terms policies, and improving mobile and accessibility features.

The Burdett Trust for Nursing is a UK-based charitable trust established in 2002, dedicated to supporting nursing contributions to healthcare through charitable grants. The organization focuses on building nursing research and leadership capacity and supports local nurse-led initiatives. The website reflects a professional and consistent brand presence with clear information about its mission, values, and grant programs. The trust is registered as a charity in England and Wales and maintains an active digital presence including social media channels. Technically, the website is built on WordPress with modern web technologies such as jQuery, Google Analytics, and Google reCAPTCHA, ensuring a secure and user-friendly experience. However, WHOIS data for the domain is unavailable due to domain naming rules issues, which slightly impacts trust verification. Security posture is good with HTTPS and form protection, but could be enhanced with additional security headers and a vulnerability disclosure policy. Privacy compliance is addressed with a comprehensive privacy and cookie policy, though a cookie consent mechanism is absent. Overall, the website is trustworthy, well-maintained, and serves its target audience effectively.

H

Hockey Club Morzine-Avoriaz

hockey-morzine.com

50

Hockey Club Morzine-Avoriaz operates as a regional ice hockey club based in France, providing hockey training, team participation, event hosting, and merchandise sales. The club targets local hockey players, families, and fans, positioning itself as a community-centric sports organization competing in Division 1. The website serves as an official portal for news, schedules, ticketing, and multimedia content, supporting fan engagement and club promotion. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Analytics, and GDPR compliance plugins. It demonstrates good mobile optimization and SEO practices, though performance is moderate. Security posture is adequate with HTTPS and reCAPTCHA integration, but lacks some advanced security headers and explicit security policies. WHOIS data is missing, which reduces domain trustworthiness, but the website content and social media presence support legitimacy. Overall, the site is professional, user-friendly, and compliant with privacy regulations, though improvements in security and transparency are recommended.

T

The Burdett Trust for Nursing

nursingnow.org

64

The Nursing Now Challenge is a global non-profit initiative operated by The Burdett Trust for Nursing, focused on developing leadership opportunities for student and early career nurses and midwives worldwide. The website serves as a platform for information dissemination, networking, and resource sharing, positioning itself as a reputable program within the healthcare and non-profit sectors. Technically, the site is built on WordPress with modern plugins and integrations such as Google Analytics and reCAPTCHA, indicating a mature digital infrastructure. Security posture is strong with HTTPS and anti-bot measures, though it lacks some advanced security headers and explicit incident response contacts. Privacy compliance is partially met with a comprehensive privacy policy but missing cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-maintained, with minor areas for improvement in security and privacy transparency.

E

Ethyca

ethyca.com

62

Ethyca is a technology company specializing in providing trusted data infrastructure solutions for AI-driven enterprises. Their platform addresses the critical challenge of governing sensitive data access, use, and auditability at scale, offering modular products that cover governance taxonomy, data inventory, consent orchestration, automated data subject requests, and AI policy enforcement. Positioned as a leader in AI data governance, Ethyca targets enterprises requiring robust privacy compliance and data trust frameworks. The website demonstrates a high level of digital maturity, utilizing modern technologies such as Next.js, React, and integrating Google Tag Manager and reCAPTCHA for analytics and security. The security posture is strong with HTTPS enforced and secure form handling, though explicit security headers and incident response policies are not publicly documented. Overall, the website is professional, well-branded, and trustworthy, supported by notable customer logos and testimonials. However, the absence of public WHOIS data and cookie consent mechanisms slightly reduce the privacy compliance score.

K

GreMi KLIMA | KONTEJNEROVÉ ŘEŠENÍ

kontejnerovereseni.com

47

The website kontejnerovereseni.com is a small business site focused on container solutions, primarily targeting a Czech-speaking audience. The domain was registered in 2022 and is hosted by a Czech provider, consistent with the website's language and apparent market. The site uses WordPress CMS with the Divi theme and integrates Google services such as Google Tag Manager and reCAPTCHA for analytics and bot protection. While the site is accessible and uses HTTPS with a valid SSL certificate, it lacks DNSSEC and security headers, which are recommended for enhanced security. No privacy, cookie, or terms of service policies were found, indicating limited compliance with privacy regulations. Contact information and business legal details are not explicitly provided on the site, which may affect user trust and business credibility.

G

Golem Club

golemclub.sk

59

Golem Club operates the largest network of fitness centers in Slovakia, offering a wide range of wellness and fitness services including group exercises, physiotherapy, and wellness treatments. The website reflects a mature business with a strong market position and a comprehensive service portfolio targeting fitness enthusiasts across multiple Slovak cities. Technically, the site employs modern web technologies such as Google Maps API, reCAPTCHA, and FontAwesome icons, ensuring a good user experience with mobile optimization and moderate performance. Security posture is solid with HTTPS enforced and use of anti-bot measures, though some security headers and explicit incident response policies are absent. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the site is professional, trustworthy, and safe for general audiences.

H

HeroDevs

herodevs.com

73

HeroDevs is a technology company specializing in providing Never-Ending Support (NES) for deprecated open source software. Their offerings include secure drop-in replacements, professional consulting services, and a vulnerability directory aimed at helping enterprises maintain security, compliance, and compatibility during migration timelines. The company targets IT security managers, software development managers, engineering leaders, and compliance-focused decision-makers, positioning itself as a trusted partner for long-term open source software support. The website demonstrates a mature digital presence with modern technologies, comprehensive documentation, and active partnerships, including with IBM. Security posture is solid with HTTPS, reCAPTCHA, and privacy compliance mechanisms, though explicit security policies and incident response contacts are not published. WHOIS data is incomplete, which slightly impacts trust but is mitigated by professional site content and business signals.

C

CanWaCH

cansfe.ca

71

CanWaCH operates as the Canadian Partnership for Women and Children's Health, focusing on global health initiatives to improve the wellbeing of women and children worldwide. The organization provides a data exchange platform, resource center, membership services, and hosts events to engage stakeholders. Positioned as a leading non-profit in the Canadian global health sector, CanWaCH targets health professionals, members, and the public interested in women's and children's health. The website is professionally designed, bilingual (French focus), and well-structured to serve its audience effectively. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap 4, Yoast SEO, and Contact Form 7. It uses Cloudflare DNS and is hosted via Go Daddy Domains Canada. Performance is moderate with good mobile optimization and accessibility features. Security measures include HTTPS, Google reCAPTCHA, and cookie consent management, though some security headers could be improved. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place. However, the site lacks explicit security policies, incident response information, and vulnerability disclosure mechanisms. Overall, CanWaCH presents a trustworthy, professional online presence with a strong focus on privacy and user engagement. Strategic improvements in security headers and transparency around security policies would enhance its security maturity and trustworthiness further.

S

Suitcase Type Foundry

suitcasetype.com

62

Suitcase Type Foundry is a specialized font design and digitization business founded in 2003 by Tomáš Brousil. The company focuses on producing high-quality retail fonts and custom typefaces for professional and corporate clients. Their market position is niche, targeting designers and organizations needing bespoke typography solutions. The website reflects a professional and consistent brand image with a good user experience and clear navigation. Technically, the site uses modern web technologies including Bootstrap, Font Awesome, Google Analytics, and Google reCAPTCHA, ensuring a secure and functional user interface. Security posture is strong with HTTPS and form protections, though explicit security policies and incident response contacts are absent. The lack of WHOIS registration data reduces trust slightly, but the overall digital presence and social media links support legitimacy. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms.

K

Kyowa Kirin International plc

kyowakirininternational.com

53

Kyowa Kirin International plc is a global specialty pharmaceutical company focused on developing and commercializing innovative prescription medicines addressing unmet medical needs. The company targets healthcare professionals, patients, and partners worldwide, positioning itself as a key player in the specialty pharmaceuticals sector. Their business model revolves around pharmaceutical innovation, commercialization, and patient support services. The website reflects a large enterprise with consistent branding and professional content aligned with their industry and market position. Technically, the website is built on WordPress using the Divi theme and several modern plugins including Yoast SEO and Google Analytics. It employs Google reCAPTCHA for form security and OneTrust for cookie consent management, indicating a mature digital infrastructure. Performance and mobile optimization are good, though accessibility features are basic. SEO is well implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS and implements reCAPTCHA and cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious domains were detected. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, the security posture is solid but could be improved with additional headers and disclosure. The overall risk assessment is low with no critical issues detected. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing explicit incident response contact information to improve transparency and trust. The website is professional, trustworthy, and compliant with GDPR and cookie regulations, making it suitable for its healthcare audience.

Steiner & Kovarik is a small family-owned premium chocolate manufacturer based in the Czech Republic, operating since 2005. The company produces high-quality, design-focused chocolate products sold through multiple physical stores in Prague and an online e-shop, with international distribution including prestigious clients such as the Sultan's palace. The website is professionally designed, mobile-optimized, and uses a modern technology stack including jQuery, Google Tag Manager, Facebook Pixel, and Matomo Analytics. Security posture is good with HTTPS and reCAPTCHA implemented, but lacks some security headers and formal privacy and terms policies. The WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional online presence. Overall, the website is trustworthy and business credible but would benefit from improved transparency and security practices.

I

Impact Hub Česká Republika

hubpraha.cz

69

Impact Hub Česká Republika operates a well-established coworking and entrepreneurship support network in the Czech Republic, with a flagship location in Prague. Founded in 2014, the organization offers over 2500 m² of workspace, flexible offices, event spaces, and a vibrant community for entrepreneurs and startups. The website reflects a mature digital presence with strong SEO, structured data, and clear business information. Technically, the site is built on WordPress with Elementor and Gravity Forms, leveraging Cloudflare DNS and Google Tag Manager for performance and analytics. Security posture is robust with HTTPS, security headers, and consent management in place, although formal security policies and incident response details are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Mondo Spa

mondoworldwide.com

62

Mondo Spa operates a professional website focused on sport flooring systems and artificial turf, targeting sports facilities and athletes globally. The company positions itself as a leading provider of high-quality sport surfaces, supporting athletes in achieving outstanding results. The website demonstrates a moderate to advanced digital maturity with modern JavaScript technologies, CDN hosting, and integration of marketing and analytics tools such as Google Tag Manager and Cookiebot. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks explicit security policies and vulnerability disclosure mechanisms. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, which should be addressed to improve trust. Overall, the website is well-designed and functional but would benefit from enhanced privacy, security, and compliance disclosures.

T

TOMARCO

tomarco.sk

50

TOMARCO is a Slovak digital agency specializing in web development, e-commerce solutions, and AI-driven marketing automation. Established in 2018, the company positions itself as a partner for small to medium businesses aiming to modernize and automate their online presence. Their key services include website and e-shop creation, marketing automation, AI readiness audits, and tailored AI training courses. The website reflects a professional and consistent brand image, supported by multiple certifications and positive client testimonials. Technically, the site is built on WordPress with Elementor and WooCommerce, integrating modern tools such as Google Tag Manager, Facebook Pixel, and reCAPTCHA for marketing and security purposes. Security posture is strong with HTTPS, DNSSEC, and domain lock statuses, though additional HTTP security headers could enhance protection. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, TOMARCO demonstrates a mature digital presence with a solid foundation for growth and client trust.