Security Directory

B

Bukhman Foundation

bukhmanfoundation.org

50

The Bukhman Foundation is a recently established philanthropic non-profit organization focused on supporting medical research, education, and arts & culture. The foundation positions itself as a catalyst for lasting social change, with notable partnerships such as the Bukhman Centre for Research Excellence in Type 1 Diabetes at Oxford University. The website reflects a professional and consistent brand image targeting philanthropists, researchers, educators, and the general public interested in charitable causes. Technically, the website is built on WordPress with modern frontend technologies like Tailwind CSS and GSAP, hosted by GoDaddy. Performance and mobile optimization are good, though accessibility and SEO could be improved. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR indicators. Contact information is limited to an email address, with no phone or physical address provided. Overall, the website is trustworthy and professional but could enhance security and privacy practices.

KimJongHoon.com is the official website of Kim Jong-hoon, Chairman of HanmiGlobal, a leading Korean construction project management company with a strong focus on nuclear power and global expansion. The website serves as a platform to share management stories, speeches, contributions, and corporate news, targeting Korean-speaking professionals and stakeholders in the construction and energy sectors. The business model centers on providing project management and consulting services with a growing international presence. The site reflects a mature and established business with a domain age since 2004 and multiple subsidiary and partner companies linked.

K

KOMUNIQUE

komunique.com

10

KOMUNIQUE is a Swiss-based independent web design and development studio led by Philipp Roth, specializing in creating custom websites, web applications, and mobile apps using advanced platforms such as Webflow, Craft CMS, FlutterFlow, and Webstudio. The company serves clients primarily in Switzerland but also internationally, focusing on delivering unique, user-friendly, and SEO-optimized digital solutions. KOMUNIQUE collaborates with partners in design and content to provide comprehensive digital services. Technically, the website leverages modern web technologies, including GSAP for animations, Lenis for smooth scrolling, and integrates marketing and analytics tools like Google Tag Manager and MailerLite. The site is well-optimized for performance, mobile responsiveness, and accessibility. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and publicly available security policies. WHOIS data is unavailable, which slightly reduces trust but is likely due to privacy protection or recent registration. Overall, KOMUNIQUE presents as a professional and credible digital agency with a strong technical foundation and good privacy compliance.

SHINSEGAE E&C is a well-established South Korean construction company specializing in residential, architectural, and civil engineering projects. The company emphasizes customer happiness and corporate social responsibility, with a strong focus on sustainable management and community contributions. Their website reflects a professional corporate presence with clear navigation and a consistent brand identity aligned with the Shinsegae Group. Technically, the site uses a combination of legacy and modern JavaScript libraries, hosted on Akamai CDN infrastructure, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and uses outdated libraries that could pose risks. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR indicators. Overall, the domain registration data supports the legitimacy and long-term operation of the business.

Horizons by heise is a well-established German conference platform focusing on digital transformation, AI, data-driven organizations, and the future of work. It is backed by the reputable heise medien group and targets decision-makers and digital change agents. The website provides comprehensive event information, speaker profiles, and additional content such as podcasts and online meetups. Technically, the site uses modern JavaScript libraries like Swiper and Fancybox, and employs Matomo for privacy-conscious analytics. The hosting is consistent with the domain's WHOIS data, indicating a legitimate and professional setup. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the site lacks some security headers and a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in its niche.

G

Groupe Sarrion

sarrion-transports.fr

51

Groupe Sarrion is a well-established French transport and logistics company with a history dating back to 1947. It operates a large network of 27 agencies and subsidiaries across France, employing approximately 1300 people. The company offers a broad range of specialized transport services including general cargo, container transport, exceptional transport, bulk transport, hydrocarbon transport, waste management, and logistics solutions. Their market position is that of a significant player in the French transportation sector, emphasizing quality service and environmental responsibility. Technically, the website is built on WordPress with modern front-end libraries and plugins, providing a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and GDPR compliance evident through comprehensive privacy and cookie policies, as well as a whistleblower alert system. However, the absence of WHOIS registration data and lack of explicit security headers represent areas for improvement. Overall, the website is professional, trustworthy, and compliant, supporting the company's credibility and operational transparency.

L

La Sphères des Possibles

laspheredp.com

46

La Sphères des Possibles is a French event communication agency established in 1992, serving primarily the Auvergne Rhône-Alpes region. The company offers specialized event communication services and positions itself as a local, experienced player in the event management sector. Their website reflects a professional and consistent brand image with a focus on clear communication and client engagement through social media channels. Technically, the website is built on WordPress with Elementor and uses modern web technologies, ensuring good performance and mobile optimization. The presence of GDPR-compliant cookie consent mechanisms indicates attention to privacy regulations. Security posture is adequate with HTTPS enforced, but could be improved by enabling DNSSEC and adding security headers. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration data aligns well with the company's history, supporting legitimacy. Overall, the website is professional, secure, and compliant with privacy standards, suitable for its business purpose.

M

Motionmill webdesign Antwerpen

motionmill.com

53

Motionmill is a well-established web and communication agency based in Antwerp, Belgium, specializing in WordPress web design, branding, marketing, storytelling, and business solutions. The company positions itself as a full-circle 360° marketing agency targeting businesses seeking growth through digital and offline channels. The website reflects a professional and consistent brand image with clear service offerings and a focus on client results. Technically, the site is built on WordPress with modern frameworks and performance optimizations, hosted by WPorters. Security posture is solid with HTTPS enforced and domain registration showing legitimacy and longevity. Privacy compliance is well implemented with cookie consent and GDPR-aligned policies. However, explicit security policies and incident response contacts are not publicly available, which could be improved. Overall, the site is trustworthy, user-friendly, and well-optimized for SEO and mobile devices.

S

SpeedAdmin ApS

speedadmin.com

61

SpeedAdmin ApS is a Denmark-based company specializing in SaaS solutions for music schools and services, offering comprehensive software to manage planning, teaching, attendance, and finances. The company has established a strong market presence in Europe, trusted by over 600 schools across 10 countries. Their website reflects a professional and consistent brand image, supported by certifications such as ISAE3000 and AAA Silver 2024, enhancing their credibility. Technically, the website is built on Webflow and leverages modern web technologies including Google Analytics, Microsoft Clarity, and various tracking pixels for marketing and analytics purposes. The site is fast, mobile-optimized, and SEO-friendly, though accessibility features could be improved. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published incident response policies. The WHOIS data is unavailable, which slightly reduces trustworthiness; however, the website's content quality, certifications, and clear contact information mitigate concerns. Overall, the site demonstrates a mature digital infrastructure suitable for its business domain, with room for security and compliance enhancements. Strategic recommendations include adding security headers, publishing incident response and vulnerability disclosure policies, improving accessibility, and adding a Terms of Service page to strengthen legal clarity and user trust.

M

Mediawerk GmbH

mediawerk.ch

47

Mediawerk GmbH is a Swiss-based content creation agency specializing in video production, photo production, social media, and web development services. The company positions itself as a modern, fresh, and creative agency targeting businesses and individuals in Switzerland seeking professional content creation. The website showcases a portfolio of projects and client testimonials, reinforcing its market presence and credibility. Technically, the website is built on WordPress using popular plugins such as Elementor and Yoast SEO, with a modern tech stack including jQuery, Bootstrap, and various JavaScript libraries for enhanced user experience. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features are basic. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers and explicit security or incident response policies. There is no cookie consent mechanism, which is a compliance gap given GDPR relevance. No vulnerabilities or suspicious content were detected. Overall, the website is professional and trustworthy, with clear business contact information and consistent branding. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance the site's security posture and compliance standing.

Agenza GmbH is a specialized web agency based in Kriens near Luzern, Switzerland, focusing on WordPress websites, UX design, e-commerce solutions, and web platform development. The company serves a diverse clientele including SMEs, organizations, and startups, offering tailored digital solutions that emphasize accessibility, SEO, and user experience. Their market position is solid within the regional technology sector, supported by a portfolio of over 93 clients and positive testimonials. Technically, the website is built on WordPress using modern tools such as the Breakdance builder, WooCommerce for e-commerce, and Yoast SEO for optimization. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Analytics and marketing integrations include Google Tag Manager, Google Ads, and LinkedIn Insight, indicating a moderate level of user tracking and marketing sophistication. From a security perspective, the site enforces HTTPS and follows good practices by avoiding exposed sensitive data and using reputable third-party scripts. However, explicit security headers and a formal security policy are absent, representing areas for improvement. Privacy compliance is strong with a comprehensive privacy policy and cookie policy, though a consent mechanism is not evident. Overall, Agenza GmbH presents a trustworthy and professional online presence with a strong focus on quality and client satisfaction. The website's security posture is good but could benefit from enhanced header policies and incident response transparency. The business is credible, well-branded, and aligned with its WHOIS registration data, supporting a high legitimacy score.

*

*zünder Startup-Förderung Zentralschweiz

zuender.ch

54

The website zuender.ch represents *zünder Startup-Förderung Zentralschweiz, a startup accelerator and investment facilitation program focused on innovative startups in Central Switzerland. It offers an accelerator program, coaching, networking, and investment opportunities, positioning itself as the leading startup booster in the region. The site targets startups, young entrepreneurs, investors, students, and interested parties, providing a comprehensive ecosystem for startup growth and visibility. Technically, the site is built on WordPress with the Breakdance theme, enhanced by Yoast SEO, HubSpot marketing and analytics tools, and Google reCAPTCHA Enterprise for form security. The site demonstrates good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS, security headers, and no detected vulnerabilities. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Contact information is clearly provided via email, phone, and multiple contact forms. Overall, the site is professional, trustworthy, and well-positioned in its market niche.

Truwant + Rodet + is a small architecture and design studio based in Basel, Switzerland, specializing in innovative architectural projects, competitions, research studios, and exhibitions. Their portfolio includes a variety of projects primarily in Switzerland with some international collaborations, emphasizing adaptive reuse, artistic installations, and academic design studios. The website reflects a professional and artistic brand image targeting architecture professionals, clients, and academic institutions. Technically, the website employs modern JavaScript frameworks such as Alpine.js and GSAP, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, but lacks security headers and formal privacy or cookie policies. The presence of Google Analytics without a configured tracking ID and absence of privacy compliance mechanisms indicate areas for improvement. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security practices.

M

Matthäi

matthaei.de

48

Matthäi is a well-established German construction and infrastructure company with over 90 years of experience. The company operates across multiple sectors including infrastructure construction, building construction, raw materials, building materials, logistics, and disposal services. With a workforce of over 3,500 employees and more than 75 locations, Matthäi holds a strong market position in Germany. The website reflects a mature digital presence with modern technologies, good performance, and a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS and privacy-respecting analytics, though explicit security policies and incident response contacts are not publicly visible. Overall, the domain registration and website content align well, indicating a trustworthy and credible business.

M

My Blog

world-of-leading-golf.com

47

The website 'Exploring Golf: Legends and Iconic Tournaments' is a small-scale WordPress blog dedicated to providing educational content about golf history, legendary players, major tournaments, and related cultural aspects. It targets golf enthusiasts and general sports fans seeking knowledge about the sport's heritage. The site offers well-structured, relevant content with good design and navigation, optimized for mobile devices. Technically, it uses a modern WordPress stack with popular libraries and frameworks such as Bootstrap and jQuery, ensuring a moderate performance and good SEO practices. Security-wise, the site enforces HTTPS and avoids exposing sensitive data but lacks important security headers and formal privacy or cookie policies, which impacts compliance and trust. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency. Overall, the site is functional and informative but would benefit from enhanced privacy compliance, security hardening, and clearer business contact information to improve trust and credibility.

L

Landis & Gyr Foundation

lg-stiftung.ch

55

The Landis & Gyr Foundation is a Swiss non-profit organization dedicated to supporting artistic and cultural projects, primarily focusing on professional and contemporary creative work by artists and writers within Switzerland. The foundation emphasizes collaboration with recognized organizations and has a regional interest in Zug and central Switzerland, while also supporting projects from non-urban areas across the country. The website reflects a niche cultural foundation with a clear mission and professional presentation, targeting artists and cultural entities. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript libraries such as Swiper.js and Leaflet.js, and uses Matomo for analytics, indicating a moderate level of digital maturity. Hosting and resources are served from computedby.com domains, suggesting a specialized hosting or development provider. The site is mobile-optimized and has good design quality, though accessibility and SEO optimizations are basic. From a security perspective, the site uses HTTPS and defers scripts for performance, but lacks visible security headers and does not provide privacy or cookie policies, which are compliance gaps. No contact information or incident response channels are explicitly provided, limiting transparency. The use of Matomo analytics suggests some privacy awareness, but absence of consent mechanisms reduces privacy compliance. Overall, the website is professional and trustworthy for its purpose but would benefit from enhanced privacy compliance, security headers, and clearer contact information to improve user trust and regulatory adherence.

R

Ramasuri

ramasuri.at

39

Ramasuri is a small hospitality business operating a restaurant located in Vienna's 2nd district. The restaurant offers Austrian and internationally inspired cuisine with a focus on local ingredients, serving breakfast, lunch, and dinner alongside house-made drinks and coffee. The business emphasizes friendly and attentive service and provides a summer garden with Italian flair. The website is well-structured and professionally designed, providing clear contact details, location, and menu access. Technical infrastructure includes modern JavaScript libraries such as jQuery, Bootstrap, and GSAP, supporting a responsive and visually appealing user experience. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website presents a trustworthy and professional image consistent with a legitimate small hospitality business.

P

Pizza Randale

pizzarandale.com

45

Pizza Randale is a small hospitality business specializing in pizza restaurant services, providing customers with menu options, location details, gallery images, and job opportunities. The website presents a professional and visually appealing design with clear navigation and mobile optimization, targeting a general audience interested in dining or ordering pizza. The technical infrastructure leverages modern JavaScript libraries such as jQuery, ScrollMagic, GSAP, and Swiper.js, along with Google Maps API for location services. The site is custom-built and hosted via RegistryGate GmbH, with moderate performance and basic SEO and accessibility features. Security posture is adequate with HTTPS enabled and a cookie consent mechanism in place; however, it lacks advanced security headers and explicit security policies. WHOIS data is consistent and transparent, supporting the legitimacy of the business. Overall, the website is functional and trustworthy but could benefit from enhanced security and privacy compliance measures.

V

VIZUAL Grafik und Code GmbH

vizual.ch

51

VIZUAL Grafik und Code GmbH is a Swiss-based agency specializing in visual and digital communication, offering services in graphic design, user-friendly websites, and practical applications. The company positions itself as a niche provider focusing on the harmonious integration of form, content, and functionality, targeting businesses and organizations seeking professional digital communication solutions. The website is built on TYPO3 CMS and incorporates modern web technologies such as jQuery, GSAP, and Flickity, reflecting a moderate to advanced digital maturity. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit incident response policies are absent. Privacy compliance is basic with a privacy policy present but lacking a cookie consent mechanism. Overall, the website and domain registration data indicate a legitimate, professional small agency with a solid online presence.

V

von Bartha

vonbartha.com

49

von Bartha is a well-established Swiss art gallery specializing in contemporary and modern art, operating since 1970 with locations in Basel and Copenhagen. The gallery represents a diverse roster of artists and hosts exhibitions, fairs, and publishes related materials. The website reflects a professional and polished digital presence, leveraging modern web technologies such as Nuxt.js and Vue.js, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS and no obvious vulnerabilities, though improvements in security headers and incident response transparency are recommended. Privacy compliance is good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a gap. Overall, the website is trustworthy and serves its target audience effectively.

F

FabFox

fabfox.at

72

FabFox is a professional Austrian entertainment business specializing in modern magic shows and live performances. The company holds a strong market position as a leading solo magician in Austria, with sold-out shows in major venues such as the Wiener Stadthalle and Schloss Schönbrunn. Their business model revolves around live touring shows, corporate events, ticket sales, and merchandise. The website reflects a mature digital presence with a WordPress CMS infrastructure, modern JavaScript libraries, and integration with ticketing platforms. Privacy compliance is well addressed with comprehensive GDPR and cookie policies, including a consent mechanism. Security posture is strong with HTTPS enforcement and security headers, though there is room for improvement in incident response and explicit security policies. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

H

Höllinger

hoellinger-juice.at

57

Höllinger Juice is a small Austrian retail company specializing in organic syrups, fruit juices, energy drinks, and related beverages. Established in 1998, the company emphasizes natural ingredients and regional sourcing, targeting health-conscious consumers seeking high-quality organic products. The website serves as an e-commerce platform showcasing their product range and brand philosophy. Technically, the site is built on WordPress with WooCommerce, enhanced by modern JavaScript libraries and marketing integrations such as Google Analytics and Facebook Pixel. The site demonstrates good SEO and mobile optimization but lacks explicit privacy and terms of service pages, which are critical for compliance and user trust. Security posture is adequate with HTTPS and privacy plugins but could be improved by adding security headers and incident response information. Overall, the site is professional and trustworthy but would benefit from enhanced privacy disclosures and security hardening.

D

Diamond Country Club

countryclub.at

53

Diamond Country Club is a well-established hospitality and golf resort located in Austria, offering multiple golf courses, hotel accommodations, event hosting, and retail services. The website positions itself as Austria's only European Tour Destination, targeting golf enthusiasts and travelers seeking premium leisure experiences. The business model integrates golf, hospitality, and event services with online booking capabilities, supported by a professional and consistent brand presence. Technically, the website is built on WordPress with WooCommerce for e-commerce functionalities, leveraging modern JavaScript libraries such as jQuery, GSAP, and Slick Carousel for enhanced user experience. The site demonstrates good mobile optimization and SEO practices, though accessibility features could be improved. Performance is moderate, with caching and optimization plugins in use. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. It implements a cookie consent mechanism compliant with GDPR, and privacy policies are comprehensive and clearly presented. However, there is no dedicated security policy or incident response information publicly available, nor a vulnerability disclosure program, which could be areas for enhancement. Overall, the website is trustworthy, professional, and compliant with privacy regulations, with a strong business credibility and digital maturity. Strategic improvements in security transparency and accessibility would further strengthen its posture.

F

Fondation Jan Michalski

fondation-janmichalski.com

57

Fondation Jan Michalski is a Swiss non-profit organization dedicated to literature and writing, offering writer residencies, a library, cultural events, and a literary prize. The foundation targets writers, literary professionals, and the general public interested in literature. The website reflects a niche cultural institution with a consistent brand and good content quality. Technically, the site uses modern JavaScript libraries such as GSAP and Barba.js for animations and page transitions, hosted behind Cloudflare DNS, but lacks DNSSEC and some security headers. The site is mobile-optimized and SEO-friendly but does not implement cookie consent mechanisms or publish detailed security or incident response policies. Social media integration is strong, enhancing outreach and trust.

D

Dataweavers

dataweavers.io

59

Dataweavers is a technology company specializing in Platform as a Service (PaaS) solutions that automate and manage Sitecore and Optimizely digital experience platforms (DXP) and content management systems (CMS). Their offerings, including Fusion, Arc, and Spark, focus on improving operational efficiencies, accelerating platform performance, and simplifying headless CMS transformations. The company targets digital experience teams and enterprises seeking to streamline their DXP infrastructure and enhance digital customer experiences. The website demonstrates a high level of digital maturity with modern technologies such as HubSpot CMS, GSAP animations, and integration with Microsoft Azure Marketplace. Security posture is solid with HTTPS enforcement and privacy consent mechanisms, though explicit security policies and incident response details are not published. Overall, the website is professional, well-branded, and trustworthy, but the absence of WHOIS data raises some concerns about domain registration legitimacy.

A

Another Kind Studio

anotherkind.co.uk

61

Another Kind Studio is a small, specialized creative agency based in East London, focusing on impactful brand identity and web design services. The company targets brands and businesses seeking strategic and memorable design solutions, positioning itself as a growth-focused and future-proof design partner. The website showcases a professional portfolio with notable clients, reinforcing its market presence in the media and creative sectors. Technically, the website is built on WordPress with modern performance optimizations and SEO best practices, including the use of Yoast SEO and WP Rocket. The site is mobile-optimized and accessible, providing a smooth user experience. Security-wise, the site uses HTTPS and modern libraries but lacks explicit security headers and published security policies, which could be improved. Privacy compliance is minimal, with no visible privacy or cookie policies, which is a gap for GDPR adherence. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

F

Flix SE

flix.careers

60

Flix SE operates an international career website focused on attracting talent for its tech-driven transportation services. The company emphasizes sustainability, teamwork, and personal growth, positioning itself as a modern and innovative player in the travel industry. The website provides comprehensive career information, office locations worldwide, and insights into company culture, targeting job seekers interested in technology and global opportunities. Technically, the site is built on WordPress with modern JavaScript libraries and SEO optimizations, hosted likely on DigitalOcean infrastructure. Security posture is strong with HTTPS enforced and consent management implemented, though some security headers and explicit incident response contacts are missing. Overall, the site is professional, trustworthy, and compliant with privacy regulations, supporting Flix SE's brand and recruitment efforts effectively.

G

GUURU

guuru.com

65

GUURU is a technology company specializing in AI-based customer service solutions that connect shoppers with passionate customer communities for authentic product advice. The company operates a B2B SaaS model targeting e-commerce businesses seeking to enhance shopper trust and engagement through live community conversations. The website demonstrates a mature digital presence with a WordPress CMS, modern JavaScript libraries, and integrations with HubSpot and Google Tag Manager for analytics and marketing. Security posture is solid with HTTPS, domain transfer protection, and cookie consent mechanisms, though improvements such as enabling DNSSEC and publishing security policies are recommended. Overall, GUURU presents a professional, trustworthy, and well-branded online presence with clear market positioning in the AI customer service niche.

Z

Zeren Group Energy BV

zolarisenergy.com

66

Zolaris Energy, operated by Zeren Group Energy BV, is a renewable energy company founded in 2023 and based in Amsterdam, Netherlands. The company focuses on sustainable energy solutions derived from natural sources such as sunlight, wind, and geothermal heat. Their website presents a professional image with clear branding and contact information, targeting businesses and stakeholders interested in clean energy. The company positions itself as an integrated energy provider emphasizing sustainability and environmental benefits. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and various JavaScript libraries for UI and animation effects. It is hosted behind Cloudflare DNS services, ensuring good availability and moderate performance. The site is mobile-optimized with basic accessibility features but lacks advanced SEO and security headers. No CMS or analytics platforms were detected, indicating a lean technical footprint. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and important security headers. There are no visible privacy or cookie policies, which represents a compliance gap especially under GDPR. No incident response or vulnerability disclosure information is provided. The absence of tracking scripts suggests minimal user data collection, but also a lack of transparency on data protection practices. Overall, the website is functional and professional but would benefit from enhanced security measures, privacy compliance documentation, and improved transparency to strengthen trust and regulatory adherence.

#

#clicksgefühle

clicksgefuehle.at

49

Clicksgefühle is a Vienna-based digital agency specializing in TYPO3 and WordPress web development, AI optimization, SEO, and UX consulting. They serve B2B clients, medium-sized enterprises, government agencies, universities, and public institutions primarily in Austria, Germany, and Switzerland. The agency positions itself as a trusted partner with a strong focus on user-friendly, scalable, and future-proof websites and online shops. Their market presence is reinforced by long-term client relationships and multiple certifications, including Google Partner and Certified Web Accessibility Expert. Technically, the website leverages modern web technologies such as WordPress CMS, Gravity Forms, Yoast SEO, Google Tag Manager, and various JavaScript libraries like Alpine.js and GSAP. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, contributing to a fast and professional user experience. Tracking and marketing tools are integrated responsibly, with standard industry ad networks and pixels. From a security perspective, the site uses HTTPS and shows no obvious vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and published privacy or cookie policies, which are important for GDPR compliance and user trust. The absence of WHOIS data limits domain trust verification, but the website's content quality and certifications mitigate some concerns. Overall, Clicksgefühle presents a professional and credible digital agency with strong technical and business maturity. To enhance security posture and compliance, they should publish comprehensive privacy and cookie policies, implement security headers, and provide clear contact information for incident response.

[

[PIAS] GROUP

pias.com

63

PIAS is an established family of independent record labels with a strong international presence, supporting artists globally through a passionate network. The website reflects a mature digital presence with rich content including news, events, videos, playlists, and an online store. The technical infrastructure is based on WordPress with modern SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. The absence of WHOIS registration data is a notable concern but the overall professional presentation and active social media presence support legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and improving contact transparency.

Sir Robin Photography is a professional photography service based in Switzerland, specializing in a diverse range of photographic categories including corporate, events, weddings, portraits, artwork, journeys, and documentaries. The website serves as a portfolio showcasing the photographer's work and includes client testimonials and references, targeting individuals and businesses seeking high-quality photography services. The business operates primarily as a small-scale service provider within the media industry. Technically, the website is built on WordPress using the Elementor page builder, leveraging modern web technologies such as jQuery, Google Analytics, Google reCAPTCHA, and Photoswipe for image galleries. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect its contact form, indicating a reasonable security posture. However, it lacks important security headers and formal security policies, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional and trustworthy, with clear contact information and social media presence. The absence of privacy and cookie policies represents a compliance gap, especially under GDPR regulations. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and establishing a vulnerability disclosure process to enhance security and compliance.

L

Le Groupe Nicollin

groupenicollin.com

10

Le Groupe Nicollin is a well-established French family-owned company with over 80 years of history, specializing in environmental services including waste management, urban cleanliness, water treatment, and facility services. The company positions itself as a leading independent player in France offering a broad portfolio of services to businesses and local authorities. The website reflects a professional and consistent brand image with comprehensive service descriptions and active social media engagement. Technically, the site is built on WordPress with modern plugins and libraries, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers and explicit policies are missing. The WHOIS data is unavailable or inconsistent, which raises some concerns about domain registration legitimacy, but the website content and branding support a credible business presence. Overall, the site is trustworthy and professionally maintained, with room for improvement in security transparency and contact information clarity.

A

Anas S.p.A.

guidaebasta.it

59

Anas S.p.A., a key Italian government-owned enterprise under Gruppo FS Italiane, operates the website GUIDAeBASTA to promote road safety awareness and infrastructure maintenance. The site targets the general public and drivers, providing campaigns, projects, and educational content to reduce road accidents. The company holds a strong market position in Italy's transportation sector, leveraging official partnerships and government backing. Technically, the website is built on WordPress with modern plugins and frameworks, delivering a good user experience with mobile optimization and moderate performance. Security posture is solid with HTTPS and privacy-respecting analytics (Matomo), though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, enhancing trust. Contact information is clearly presented, including official email, phone, and physical address. Overall, the website is professional, trustworthy, and aligned with its public safety mission.

A

Alidem Srl

alidem.com

46

Alidem Srl is an Italian company specializing in beauty and design products and services, primarily targeting the hospitality sector, companies, and design professionals such as architects and interior designers. Their offerings include studio services, decorative products, and souvenirs, positioning them as a niche player in the design and hospitality market. The website is built on WordPress using modern plugins and frameworks, providing a good user experience with responsive design and clear navigation. However, the absence of WHOIS data for the domain raises questions about domain registration legitimacy, although the website content and business information appear professional and credible. Security posture is moderate with HTTPS enabled but lacking security headers and explicit incident response or security policies. Privacy compliance is basic with a privacy and cookie policy present but no active consent mechanism. Overall, the website is functional and professional but would benefit from improved security practices and domain registration transparency.

C

Cavarretta Assicurazioni SRL

polizzaunicadelvolontariato.it

51

Polizza Unica del Volontariato, operated by Cavarretta Assicurazioni SRL, is a specialized insurance provider focused on the volunteer and Third Sector in Italy. The company offers tailored insurance products that cover civil liability, accidents, professional illnesses, and specific protections for volunteers with disabilities. With over 25 years of experience, it holds a niche market position serving volunteer organizations and individuals. The website is built on WordPress with modern JavaScript libraries and integrates comprehensive privacy and cookie compliance mechanisms via Iubenda. Contact information and social media presence are clearly provided, enhancing business credibility. Security posture is solid with HTTPS, DNSSEC, and reCAPTCHA, though some advanced security headers and policies could be improved.

M

Mey Generalbau GmbH

meygeneralbau.de

61

Mey Generalbau GmbH is a medium-sized construction and restoration company based in Germany, specializing in private and commercial remodeling, expansion, and damage restoration services including water and fire damage. The company operates multiple regional offices in Baden-Württemberg, supported by a professional website built on the Contao CMS platform. The website demonstrates good digital maturity with modern JavaScript libraries, mobile optimization, and SEO best practices. Security posture is solid with HTTPS, CSRF protection, and cookie consent mechanisms, though some security headers could be improved. The company shows strong business credibility with multiple certifications and clear contact information. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

K

Kallinich Media Digital GmbH

kallinich-media.de

52

Kallinich Media Digital GmbH is a German-based marketing and digital agency specializing in brand development, communication, web design, SEO, social media marketing, and e-commerce solutions. The company positions itself as a future-oriented agency focused on authentic storytelling and digital transformation for businesses seeking to connect with their customers effectively. The website demonstrates a professional and consistent brand presence with comprehensive service offerings and strong trust indicators such as Google Partner certification and positive customer reviews. Technically, the website is built on TYPO3 CMS with modern frontend technologies including Bootstrap, GSAP, and Swiper.js, ensuring a responsive and engaging user experience. Consent management is handled via Usercentrics, and analytics are implemented through Matomo, Hotjar, and Leadinfo, reflecting a moderate level of user tracking balanced with privacy compliance. The site is well-optimized for SEO and mobile devices, with structured data enhancing search visibility. From a security perspective, the site uses HTTPS and employs best practices such as CAPTCHA for form submissions and consent management. However, explicit security headers and a published security policy or incident response contact are absent, representing areas for improvement. No vulnerabilities or suspicious WHOIS patterns were detected, supporting the site's legitimacy. Overall, the website is professional, secure, and compliant with GDPR, offering a trustworthy digital presence for Kallinich Media Digital GmbH. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining transparency in data protection practices.

F

Fulcrum

fulcrumproject.org

60

Fulcrum is a pioneering project establishing the first universal federation of cloud infrastructures and services, emphasizing open source principles and alignment with the European Trust Framework. It targets cloud service providers, ISPs, telecom providers, and application providers, offering a federated marketplace and consensus frameworks to enable interoperability and sustainable digital ecosystems. The project is supported by a consortium of founding members and partners, primarily based in Italy, reflecting a strong regional focus with global ambitions. Technically, the website is built on a modern WordPress platform utilizing advanced plugins such as WPBakery Page Builder and Slider Revolution, with integration of Google Tag Manager and Iubenda for privacy compliance. The site demonstrates good mobile optimization, SEO practices, and a professional design, indicating a mature digital presence. However, hosting details are not explicitly disclosed, and some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published incident response or vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust analysis, but the professional presentation and transparency in privacy policies support a positive security posture. Overall, Fulcrum presents a credible and professional initiative in the cloud federation space with strong compliance and privacy practices. Strategic improvements in security policy transparency and WHOIS data availability would further enhance trust and security posture.

T

Tarasoft

domnakinoto.com

54

Дом на киното is a Bulgarian cinema venue providing film screening schedules and online ticket sales primarily serving the Sofia region. The website offers a comprehensive program of films including premieres and upcoming shows, targeting general audiences interested in cinema. The business appears to be a small local media entity founded around 2010, with a consistent brand presence and active social media engagement. Technically, the site uses a modern JavaScript stack with libraries such as jQuery, Swiper, and Video.js, hosted on SuperHosting.BG. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and advanced security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained but could improve in privacy and security transparency.

A

Abbaye de Vaucelles

abbayedevaucelles.fr

56

Abbaye de Vaucelles is a cultural heritage site located in France, offering visitors guided tours, event space rentals, and a boutique bookstore. The website reflects a well-maintained digital presence with clear navigation and relevant content targeting tourists, cultural enthusiasts, and professionals. The site is affiliated with the Département du Nord, enhancing its credibility and regional importance. Technically, the website employs modern JavaScript libraries and analytics tools, hosted behind Cloudflare DNS, ensuring reasonable performance and security. However, there is room for improvement in privacy compliance, particularly regarding cookie consent and explicit privacy policy details. Security posture is adequate with HTTPS and no visible vulnerabilities, but lacks published security policies or incident response information. Overall, the website is professional, trustworthy, and serves its cultural mission effectively.

C

Cap Créa

capcrea.com

68

Cap Créa is a French non-profit community dedicated to supporting entrepreneurs and business creators through a network of ambassadors. The website promotes entrepreneurial pride and the importance of accompaniment for successful business projects. Technically, the site is built on Drupal 11 with modern JavaScript libraries and is mobile optimized, offering a good user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some security headers and formal privacy documentation. The absence of WHOIS data for the domain is a notable concern, potentially impacting trust. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation.

R

Raffut

raffut-rugby.fr

54

Raffut is a French media company specializing in rugby-related content, including magazines and news articles that explore the cultural and social aspects of rugby. The website is professionally designed using WordPress and Elementor, with a focus on delivering quality content to rugby enthusiasts. The business model centers on magazine sales and subscriptions, supported by partnerships with Sud Ouest's boutique and subscription platforms. Technically, the site employs modern web technologies and analytics tools such as Matomo and Piano Analytics, with a cookie consent mechanism implemented via Didomi. Security posture is adequate with HTTPS enforced, but lacks some advanced security headers and published security policies. Overall, the domain registration is consistent with the business's recent founding in 2022, and no suspicious indicators were found. Recommendations include publishing privacy and security policies and enhancing security headers to improve trust and compliance.

S

SEAUTON International

seauton-international.com

53

SEAUTON International is a Brussels-based company specializing in association management, event organization, communication, branding, and financial processes. As part of the Uhoda Group, it leverages over 20 years of experience to serve associations and corporate clients, focusing on operational excellence and client satisfaction. The website reflects a professional and consistent brand image with clear service offerings and a target audience of associations and event organizers. Technically, the site is built on WordPress using modern libraries such as jQuery, GSAP, and Swiper, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced but lacks advanced security headers and incident response information. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. WHOIS data is missing, which raises concerns about domain registration transparency and slightly impacts trust. Overall, the site is functional, professional, and trustworthy but could improve in security and privacy compliance.

M

Mairistem

jvs-mairistem.fr

53

Mairistem is a French software publisher specializing in digital management solutions tailored for local governments and collectivités. With over 40 years of experience and a client base exceeding 15,000 collectivités, the company offers a comprehensive suite of interoperable software products covering finance, human resources, civil status, citizen services, and territory management. Their business model combines software licensing with cloud solutions, consulting, training, and dedicated client support, positioning them as a trusted partner in the government technology sector. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries and analytics tools such as Matomo and HubSpot, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, though it lacks a dedicated security policy or incident response contact details. The absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, but the professional presentation and extensive business information mitigate this concern. Overall, Mairistem demonstrates a mature digital presence aligned with its market position, though improvements in transparency around security policies are recommended.

T

TPF

tpfingenieria.com

50

TPF is a large, international multidisciplinary engineering consultancy headquartered in Spain, with a presence in over 45 countries through multiple subsidiaries. The company offers a broad range of engineering services including consultancy, design, asset management, project supervision, and quality control, targeting businesses and public sector clients. Their market position is strong, supported by a diversified portfolio and global reach. Technically, the website is built on Drupal 10, uses modern JavaScript libraries such as jQuery and GSAP, and integrates privacy-conscious analytics via Plausible. The site is mobile-optimized and accessible, with good SEO practices. However, some security best practices such as DNSSEC and security headers are missing. Security posture is moderate with HTTPS enabled and no visible vulnerabilities, but lacks explicit security policies and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Overall, the website is professional and trustworthy, but improvements in privacy compliance and security hardening are recommended to enhance user trust and regulatory adherence.

T

TPF

tpf.ro

46

TPF is a well-established global multidisciplinary engineering consultancy headquartered in Belgium, active in over 40 countries with a strong portfolio in environment and water, transport and mobility, and building and cities sectors. The company offers a broad range of services including consultancy, design, technical asset management, and project management. It holds a reputable market position, evidenced by its ENR Top 50 ranking and BREEAM Excellent certifications. The website reflects a mature digital presence built on Drupal 10 with modern JavaScript libraries and a privacy-conscious analytics approach using Plausible. However, explicit privacy and cookie policies are missing, representing a compliance gap. Security posture is moderate with no visible security headers and no incident response or vulnerability disclosure information published. Contact information is clearly provided, enhancing business credibility.

T

TPF Engineering

tpfengineering.be

39

TPF Engineering is a large, established multidisciplinary engineering consultancy headquartered in Belgium, operating globally with subsidiaries in multiple countries. The company provides engineering design, construction, and operational services primarily targeting large public and private organizations. The website is built on Drupal 10 and hosted by OVH, featuring modern technologies such as jQuery, GSAP, and Fancybox. The site is professionally designed, mobile-optimized, and offers clear navigation and relevant content including news, projects, and company information. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and formal privacy/cookie policies. Analytics usage is minimal and privacy-friendly, but GDPR compliance could be improved by adding explicit policies and consent mechanisms. Overall, the domain registration data aligns well with the business claims, indicating a trustworthy and legitimate presence.

T

TPF

tpf.eu

46

TPF is a well-established global multidisciplinary engineering consultancy headquartered in Belgium, with a strong presence in over 40 countries through multiple subsidiaries. The company offers a broad range of engineering services including consultancy, design, technical asset management, and project management. Their market position is reinforced by recognitions such as BREEAM Excellent certifications and rankings in ENR's Top 50 International Design Firms. The website reflects a professional and consistent brand image targeting engineering clients and infrastructure projects worldwide. Technically, the site is built on Drupal 10 with modern JavaScript libraries and is optimized for mobile and accessibility. Security posture is good with HTTPS and no visible vulnerabilities, though explicit security headers and policies are missing. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is trustworthy and professional but could improve compliance and security transparency.

goEast Filmfestival is a well-established cultural event organizer specializing in Central and Eastern European cinema. The website provides comprehensive information about the festival, including event dates, program details, and opportunities such as internships and film submissions. The organization targets film enthusiasts and cultural audiences interested in this niche. Technically, the website is built on WordPress with modern JavaScript libraries and SEO optimizations, hosted on a professional DNS provider. Security posture is adequate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms. Social media integration is strong, enhancing community engagement and trust. Overall, the website is professional, trustworthy, and serves its audience effectively.