Security Directory

Ö

ÖGS.barrierefrei

relayservice.at

45

ÖGS.barrierefrei operates the ÖGS Relay-Service, a specialized telephone interpreting service for deaf, hard-of-hearing, and speech-impaired individuals in Austria. Established in 2012, it provides free, barrier-free communication assistance nationwide, enabling users to communicate via sign language and German through telephone and video chat. The service is positioned as a leading non-profit organization dedicated to accessibility and inclusion for the deaf community in Austria. Technically, the website is built on a modern WordPress platform using Elementor and JupiterX theme, enhanced with performance and accessibility plugins such as WP Rocket and Accessible Poetry. The site demonstrates good mobile optimization, accessibility features, and SEO practices. Security measures include HTTPS enforcement and a Content-Security-Policy header, with cookie consent mechanisms aligned with GDPR requirements. Security posture is solid with no detected vulnerabilities or exposed sensitive data. However, the site lacks a dedicated security policy or incident response contact information, which could be improved. Privacy compliance is strong, with clear privacy and cookie policies and user consent mechanisms. Overall, the website and service present a trustworthy, professional, and user-focused platform with a strong commitment to accessibility and privacy. Strategic enhancements in security transparency and incident response readiness are recommended to further strengthen trust and compliance.

L

liverelations gmbh

liverelations.at

48

liverelations gmbh operates a German-language website focused on corporate magazines and event organization, targeting corporate clients primarily in Austria. The website is built on WordPress using the Enfold theme and integrates modern web technologies such as Google Fonts, YouTube embeds, and Google reCAPTCHA for bot protection. While the site is functional and moderately optimized for mobile, it lacks explicit privacy and cookie policy pages, though a cookie consent mechanism is present. Security posture is adequate with HTTPS enforced and reCAPTCHA implemented, but missing security headers and absence of a published security policy reduce overall security maturity. No contact emails or phone numbers are directly visible on the homepage, which may impact user trust and compliance. Overall, the site is a small media business with basic digital maturity and moderate security and privacy compliance.

C

Creative Europe Desk Austria

creativeeurope.at

10

Creative Europe Austria is an official Austrian government portal providing comprehensive information and advisory services related to the EU's Creative Europe 2021-2027 funding program. The site targets cultural and creative sectors, offering guidance on funding opportunities across media, culture, and cross-sectoral projects. It is operated under the Bundesministerium für Wohnen, Kunst, Kultur, Medien und Sport (BMWKMS), positioning it as a trusted source for EU cultural funding in Austria. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and Rocksolid Slider, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong, with GDPR-aligned cookie management and anonymized analytics via Matomo. Overall, the site demonstrates a professional and trustworthy presence with no detected vulnerabilities or suspicious elements.

J

Jungwacht Blauring St. Clara

jubla-stclara.ch

57

Jungwacht Blauring St. Clara is a well-established non-profit youth organization based in Basel, Switzerland, focused on providing enriching leisure activities and leadership opportunities for children and adolescents. The organization emphasizes inclusivity, respect, and community engagement, operating under a volunteer leadership model. Their website reflects a professional and consistent brand image, targeting families and youth interested in community and outdoor activities. Technically, the site is built on WordPress using the Enfold theme, leveraging modern web technologies and Google services for analytics and consent management. Security posture is strong with HTTPS enforced and privacy compliance evident through comprehensive cookie consent and privacy policies. No critical vulnerabilities or security issues were detected, and the domain registration details align well with the organization's identity, enhancing trustworthiness. Overall, the site demonstrates a mature digital presence suitable for its community-focused mission.

Müllverbrennung Kiel GmbH & Co. KG (MVK) operates a highly efficient and environmentally friendly waste-to-energy facility in Kiel, Germany, processing approximately 140,000 tons of household and commercial waste annually. The company serves around 500,000 residents and employs about 70 staff members. Ownership is split between the City of Kiel (51%) and REMONDIS GmbH (49%), positioning MVK as a key regional player in waste management and energy recovery. The website reflects a professional and consistent brand image with clear business information and contact details. Technically, the site is built on the Contao CMS platform, utilizing common JavaScript libraries and a cookie consent mechanism compliant with GDPR requirements. Analytics are handled via Matomo, ensuring privacy-conscious tracking.

T

TelefonSeelsorge® Deutschland

telefonseelsorge.de

11

TelefonSeelsorge® Deutschland is a well-established non-profit organization providing free, anonymous, and competent counseling services across Germany. It operates under the responsibility of the Evangelical and Catholic churches and relies on a large volunteer base to offer telephone, chat, email, and on-site counseling, as well as a mobile app for crisis support. The organization is positioned as a trusted national service with strong church affiliations and a comprehensive digital presence including a YouTube channel and multiple contact options. Technically, the website is built on WordPress with modern plugins and scripts, offering good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though formal security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

Sport- und Erlebnisdorf Hinsbeck des Landessportbundes Nordrhein-Westfalen e.V.

hinsbeck.nrw

60

Sport- und Erlebnisdorf Hinsbeck, operated by the Landessportbund Nordrhein-Westfalen e.V., provides sports, leisure, and accommodation services primarily targeting clubs, school classes, and families in the NRW region of Germany. The website is professionally designed with a strong emphasis on accessibility, user experience, and comprehensive content about their offerings including accommodations, sports activities, and event hosting. Technically, the site uses modern JavaScript libraries, a consent management platform, and multimedia content to engage users effectively. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site demonstrates strong compliance with GDPR and privacy regulations, providing clear contact and legal information. The domain registration details align well with the business entity, supporting high legitimacy and trustworthiness.

The Nationale Plattform zur Bekämpfung der Manipulation von Sportwettbewerben is an official German government initiative under the Bundesministerium des Innern und für Heimat, dedicated to combating manipulation in sports competitions. The platform provides comprehensive information, monitoring, prevention strategies, and a reporting mechanism to stakeholders including public authorities, sports organizations, and the general public. It holds a strong market position as a trusted governmental resource in Germany for sports integrity. Technically, the website is built on the Government Site Builder CMS, employing modern web technologies such as HTML5, CSS3, JavaScript, and accessibility tools like ReadSpeaker. The site is mobile-optimized, accessible, and includes SEO best practices. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism with options for anonymous statistical tracking. However, it lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were found in the content. The WHOIS data is consistent and transparent, reinforcing the site's legitimacy. Overall, the platform demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable source for its intended audience. Strategic improvements in security policy transparency and header implementation could further enhance its security posture.

H

Hutterli AG

hutterli-ag.ch

44

Hutterli AG is a Swiss-based manufacturing company specializing in precision CNC machining services including milling, turning, 3D and 5-axis machining, and measurement. With over 35 years of experience since its founding in 1979, the company serves industrial clients requiring high-quality, complex single and series parts. The website reflects a medium-sized, established business with a focus on quality and technical expertise. Technically, the site is built on WordPress using common plugins such as Yoast SEO and WPBakery Page Builder, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks important security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in compliance and security transparency.

P

PFA

pfa-auto.fr

51

PFA (Plateforme automobile) is a prominent French automotive industry platform established in 2009, representing manufacturers, suppliers, subcontractors, and mobility actors. It serves as a strategic body for innovation, competitiveness, employment, and skills development within the French automotive sector and organizes major events such as Mondial de l’Auto. The website is professionally designed using WordPress with modern plugins and demonstrates a strong digital presence including social media integration and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy and security policies are missing, representing compliance gaps. Overall, the site reflects a credible and authoritative industry platform with room for improvement in privacy and security transparency.

C

ClubDesk

clubdesk.ch

11

ClubDesk is a Swiss-based SaaS provider offering an online club management software tailored for various types of associations including sports clubs, cultural groups, and fan clubs. The platform provides comprehensive modules such as member management, accounting, event calendars, and website creation, positioning itself as a leading solution with over 20,000 clubs using its services. The website is professionally designed, mobile-optimized, and offers extensive support resources including FAQs, tutorials, and a user forum. Technically, it leverages Contao CMS and modern JavaScript libraries, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS, security headers, and GDPR-compliant privacy and cookie policies. However, explicit security policies and incident response contacts are not publicly detailed. Overall, ClubDesk demonstrates a mature digital presence with solid business credibility and trustworthy domain registration.

S

schweizeraktien.net AG

schweizeraktien.net

50

schweizeraktien.net AG operates a specialized online platform providing comprehensive information, analyses, and commentary on Swiss stocks, including small caps, unlisted shares, and the OTC market. The company targets investors and financial market participants interested in Swiss equities, positioning itself as a niche content provider within the finance sector. The website is professionally designed and regularly updated, reflecting a focused business model centered on financial content delivery. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO Premium for search optimization, Wordfence for security, and Real Cookie Banner Pro for privacy compliance. Integration with Google Tag Manager and various Google services indicates a mature digital infrastructure. Performance and mobile optimization are good, though some accessibility features could be enhanced. From a security perspective, the site employs HTTPS and Wordfence firewall protections, alongside Google reCAPTCHA on forms to mitigate spam. Cookie consent mechanisms comply with GDPR and Swiss data protection laws. However, explicit security headers like Content-Security-Policy are not detected and should be implemented to strengthen defenses. No vulnerabilities or exposed sensitive data were found. Overall, the website presents a low-risk profile with strong privacy and security practices, though the absence of WHOIS registration data raises questions about domain legitimacy. Continuous monitoring of domain registration and further security hardening are recommended to maintain trust and compliance.

K

KulturPass

kulturpass.de

64

KulturPass is a German government-supported cultural initiative aimed at providing 18-year-old youths in Germany with a digital budget to access a wide range of cultural offerings such as books, concerts, cinema, and music. The platform is accessible via a web portal and mobile apps, facilitating budget redemption and promoting media literacy through a dedicated toolkit. The website is professionally designed, mobile-optimized, and integrates social media channels to engage its target audience effectively. Technically, it leverages TYPO3 CMS with modern JavaScript libraries and frameworks, ensuring a stable and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, although some security headers could be enhanced. Privacy compliance is strong, reflecting GDPR adherence with clear policies and consent management. Overall, the site demonstrates high trustworthiness and professionalism, supporting its role as a government cultural program.

W

Wagnerepiano

wagnerepiano.com

64

Wagnerepiano operates a niche business specializing in designer digital piano wings (Flügel) that are portable, stylish, and equipped with solar modules for autonomous use. The company targets musicians, bands, and private users seeking mobility and aesthetic enhancement for their digital pianos. The website is professionally designed using WordPress with the Divi theme and includes multimedia content such as images and videos to showcase the product. Contact information and certifications related to innovation competence are clearly presented, enhancing business credibility. Technically, the website employs modern web technologies and plugins, ensuring good performance and SEO optimization. Security posture is solid with HTTPS enabled, though some security headers are missing and no explicit cookie consent mechanism is present. WHOIS data is incomplete, which slightly reduces trust but does not outweigh the professional presentation and clear contact details. Overall, the website is a reliable and well-maintained digital presence for a small manufacturing business in Germany.

A

ats Elektronik GmbH

atsonline.de

48

ats Elektronik GmbH is a German technology company specializing in secure communication and safety technology solutions. Their website presents a professional image with detailed service offerings in areas such as 5G, TETRA, MOTOTRBO/DMR radio technology, security systems, system solutions for energy, transport, public safety, and military sectors, as well as research projects and training. The company targets security professionals and enterprises requiring advanced communication and safety solutions. The website is well-structured, multilingual (German and English), and includes comprehensive contact information and policies, reflecting a mature digital presence. Technically, the website uses a proprietary CMS (sethora.de Synapsis CMS), integrates modern JavaScript libraries including jQuery and MediaElement.js, and leverages Google Maps API for location services. Hosting is provided by Hetzner Online GmbH, a reputable German hosting provider. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are adequate with proper meta tags and structured navigation. Security posture is decent with HTTPS enforced and cookie consent implemented. However, no explicit security policy or incident response information is published, and security headers are absent. The WHOIS data shows an anomalous future domain creation date, which is likely an error but reduces trustworthiness. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is professional and trustworthy with minor security and compliance gaps. Strategic improvements in security transparency and WHOIS data accuracy are recommended to enhance credibility and risk posture.

G

Goldgelb Zeit und Raum GmbH

goldgelb.ch

51

Goldgelb Zeit und Raum GmbH is a Swiss-based marketing and media production agency specializing in advertising photography, videoproduction, virtual reality, drone aerial photography, web design, SEO, and AI-generated artwork. The company targets businesses and professionals seeking high-quality visual communication services to enhance their brand presence across web and print media. Their market position is that of a niche regional agency with a strong focus on creative and technological solutions for visual marketing. Technically, the website is built on WordPress using modern plugins such as WPBakery Page Builder, Yoast SEO, and Slider Revolution. It integrates Google Analytics and Google Tag Manager for tracking and marketing purposes. The site is mobile-optimized with good SEO practices and moderate performance. Some minor issues with lazy loading images were noted but do not significantly impact user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, indicating good privacy compliance. However, security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and should be added to enhance security posture. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the legitimacy of the domain with consistent registrant information matching the business identity. Overall, the website presents a professional and trustworthy digital presence with good content quality and compliance. Strategic recommendations include enhancing security headers, fixing minor technical issues, and publishing explicit security and incident response policies to further strengthen trust and security culture.

L

le19ieme.ch

le19ieme.ch

53

Le19ieme.ch is the official website of a small hospitality business operating a restaurant and bar located at the golf course in Neuchâtel, Switzerland. The business offers seasonal and daily menus, event hosting, and a scenic dining experience targeting local residents, golf enthusiasts, and business clients. The website is professionally designed using WordPress with modern UIkit framework and SEO optimization via Yoast plugin. Contact information including phone, email, and physical address is clearly presented, along with social media presence on Instagram and Tripadvisor, enhancing trust and customer engagement. However, the site lacks visible privacy and cookie policies, which are important for GDPR compliance and user trust.

T

Treets Venner

treetsvenner.no

43

Treets Venner is a Norwegian non-profit organization dedicated to the use, preservation, and maintenance of trees and vegetation. The website serves as an educational and advocacy platform targeting environmentally conscious individuals and communities interested in tree conservation. The organization operates primarily through membership engagement, events, and informational content. The website is built on WordPress using the Twenty Fourteen theme and integrates Google Analytics and Jetpack for analytics and site management. While the site is well-structured, mobile-optimized, and secure with HTTPS, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. No direct contact information or security incident response details are provided, which could impact user trust and compliance. Overall, the site presents a professional and trustworthy image consistent with a small non-profit entity with a long-standing domain registration dating back to 2009.

A

Archi Urbain

archiurbain.be

46

Archi Urbain is a specialized media platform dedicated to architectural and urbanistic content, primarily serving the Belgian market with a focus on Walloon architects and cultural events. The website offers video documentaries, news articles, and an agenda of architecture-related cultural activities, targeting professionals and enthusiasts in the architecture and urban planning sectors. Supported by a network of partners and donations, it operates as a niche media outlet with a small organizational size. Technically, the website is built on WordPress 6.8.3, utilizing common plugins such as MonsterInsights for Google Analytics, Jetpack for stats, and jQuery. The site is mobile-optimized with good SEO practices but lacks some advanced accessibility features. Performance is moderate, and HTTPS is enforced, ensuring secure communication. From a security perspective, the site demonstrates basic best practices such as HTTPS and secure form handling but lacks important security headers and explicit privacy or cookie policies, which are critical for GDPR compliance. The WHOIS data is restricted due to .be domain policies, limiting transparency but the website content and partner ecosystem suggest legitimacy. Overall, Archi Urbain presents a professional and trustworthy platform with room for improvement in privacy compliance and security hardening. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and enhancing accessibility to strengthen user trust and regulatory compliance.

K

Kontextur

kontextur.info

61

Kontextur is a niche digital magazine specializing in architecture, providing curated content for architecture enthusiasts and professionals. The website demonstrates a consistent brand identity and a focused business model centered on digital publishing. The presence of social media links and embedded content enhances user engagement and outreach. Technically, the site is built on WordPress with modern SEO and cookie consent plugins, ensuring good digital maturity and compliance with privacy regulations. The site is mobile optimized and offers a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, though it lacks visible security headers and explicit incident response information. Overall, Kontextur presents a trustworthy and professional online presence with moderate technical sophistication and good privacy compliance.

S

Stiftung Architektur Dialoge Basel

architekturwochebasel.ch

50

Architekturwoche Basel is a biennial platform organized by Stiftung Architektur Dialoge Basel, focusing on international architecture and urban development events in Basel, Switzerland. The website serves as an information hub for the event, providing program details, news, partner information, and multimedia galleries. The platform targets architecture professionals, enthusiasts, and the general public interested in urban culture and development. The business operates as a non-profit entity with a clear focus on cultural and architectural engagement. Technically, the website is built on WordPress with modern web technologies including jQuery and MediaElement.js for media handling. It uses HTTPS with excellent SSL configuration and employs encrypted email links to protect contact information. The site is moderately optimized for performance and mobile devices, with good SEO practices and basic accessibility features. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a published security or incident response policy. No critical vulnerabilities or suspicious activities were detected. Privacy compliance is partially met with a privacy policy present and GDPR considerations, but no explicit cookie consent mechanism was found. Overall, the website presents a professional and trustworthy front for the Architekturwoche Basel event, with room for improvement in security headers, cookie consent, and incident response transparency to enhance compliance and user trust.

I

it’s mee

its-mee.com

53

it’s mee is a small visual communication agency based in Basel, Switzerland, specializing in conceptualizing and designing visual identities, exhibitions, websites, and publications. The website serves as a professional portfolio showcasing their projects primarily in the cultural and publication sectors. The company appears to be well-established with a domain age consistent with its founding date in 2017. The business targets clients seeking high-quality visual communication services in the local region. Technically, the website is built on WordPress using common libraries such as jQuery, Masonry.js, and MediaElement.js, with SEO optimization via the All in One SEO plugin. Hosting is provided by a German hosting provider. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Analytics are handled by Matomo, indicating some privacy-conscious tracking. From a security perspective, HTTPS is enabled, but DNSSEC is not configured, and no security headers are detected, which are areas for improvement. There is no visible privacy or cookie policy, nor any incident response or security policy pages, indicating compliance gaps especially regarding GDPR. Contact information is clearly provided, but no forms are present on the homepage. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening to improve its risk posture and user trust.

S

SOLUTRANS

solutrans.fr

63

SOLUTRANS is a prominent biennial trade fair and exhibition dedicated to industrial and urban vehicles, held in Lyon, France. It serves as a global crossroads for professionals in road and urban transport, showcasing innovations in energy transition, digitalization, and regulatory compliance. The event is organized by Comexposium and supported by key industry partners such as Michelin and Aramco. The website provides comprehensive information about the event, exhibitors, conferences, and practical visitor details, supported by a modern technical infrastructure including Sitecore CMS, Bootstrap, and compliance tools like OneTrust.

B

Basler Stadtbuch

baslerstadtbuch.ch

61

Basler Stadtbuch is a reputable digital cultural archive dedicated to preserving and presenting the historical memory of Basel since 1879. The website offers rich historical content including articles, dossiers, and daily historical events, targeting the general public interested in Basel's heritage. Technically, the site is built on Magnolia CMS and uses modern JavaScript libraries and analytics tools, providing a good user experience with mobile optimization and accessibility features. Security posture is strong with HTTPS and security headers, though explicit privacy and security policies are missing. Overall, the site is trustworthy and professionally maintained, with room for improvement in privacy compliance and incident response transparency.

K

Kanton Basel-Stadt, Fachstelle Integration und Antirassismus

hallo-baselstadt.ch

42

The website 'Hallo Baselstadt' is an official government portal managed by the Kanton Basel-Stadt, Fachstelle Integration und Antirassismus. It serves as an informational resource for newcomers to the Basel-Stadt canton, providing multilingual content on integration, social services, housing, education, and emergency contacts. The site targets immigrants and new residents, aiming to facilitate their integration and access to local services. The business model is public service-oriented, with no commercial activities, positioning it as a trusted government information source. Technically, the website is built using the Webflow CMS platform and incorporates modern JavaScript libraries such as jQuery and MediaElement.js. It employs Matomo analytics with IP anonymization, reflecting a privacy-conscious approach. The site is mobile-optimized and features a clear navigation structure with a comprehensive sitemap. However, some technical improvements are possible, including the addition of security headers and enhanced accessibility features. From a security perspective, the site uses HTTPS with a strong SSL configuration, ensuring secure data transmission. The use of Matomo with anonymized IPs is a positive privacy measure. However, the absence of explicit privacy and cookie policies, lack of security headers, and missing contact information for security incidents represent areas for improvement. No vulnerabilities or suspicious elements were detected in the provided content. Overall, the website demonstrates a solid foundation in content quality, business credibility, and technical implementation, but could enhance privacy compliance and security posture. Strategic recommendations include publishing comprehensive privacy and cookie policies with consent mechanisms, implementing security headers, and providing clear contact channels for security and privacy concerns to strengthen trust and compliance.

H

Handicap Kickers Hannover e.V.

handicap-kickers.de

57

Handicap Kickers Hannover e.V. is a non-profit inclusive youth football club based in Germany, focusing on integrating children and adolescents with and without handicaps. The organization operates multiple training locations and organizes inclusive football leagues and tournaments, positioning itself as a regional leader in inclusive sports. The website is built on WordPress with a modern theme and plugins, demonstrating a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and GDPR-compliant cookie consent mechanisms, though security headers and explicit security policies are absent. Overall, the site is trustworthy, professional, and serves its community effectively.

Bloomlight Productions GmbH is a Swiss-based creative company specializing in biography, literature, film, coaching, and moderation. The company targets cultural and educational audiences, offering a range of services including film production, performances, podcasts, exhibitions, and project coaching. Their market position is niche, focusing on storytelling and cultural projects with a small company size. The website is professionally designed using the Contao CMS and modern web technologies, providing good user experience and mobile optimization. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though the absence of security headers and cookie consent mechanisms are areas for improvement. Contact information is clearly presented, enhancing business credibility. Overall, the website reflects a trustworthy and legitimate entity with a focus on cultural media production.

M

mosaik

mosaikzeitschrift.at

46

mosaik is a small non-profit cultural platform and magazine based in Austria, focusing on new literature and culture. The website serves as a hub for literary publications, cultural events, and community engagement, targeting German-speaking literature enthusiasts. The business model relies on subscriptions, memberships, and event participation, positioning mosaik as a niche cultural media entity within the Austrian and broader German-speaking market. Technically, the website is built on WordPress using the Uncode theme, leveraging standard web technologies such as jQuery and MediaElement.js. The site demonstrates good mobile optimization and moderate performance, with a clean and professional design. SEO practices are adequately implemented, though accessibility features are basic. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several security headers and a formal vulnerability disclosure policy. Privacy compliance is supported by a comprehensive privacy policy, though cookie consent mechanisms are absent. Contact information is primarily via contact forms, with no direct emails or phone numbers published. Overall, mosaik presents a trustworthy and professional online presence for a cultural non-profit. The absence of WHOIS data limits full domain trust analysis, but the website's content quality and social media presence support legitimacy. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance the security posture and compliance standing.

F

FabFox

fabfox.at

72

FabFox is a professional Austrian entertainment business specializing in modern magic shows and live performances. The company holds a strong market position as a leading solo magician in Austria, with sold-out shows in major venues such as the Wiener Stadthalle and Schloss Schönbrunn. Their business model revolves around live touring shows, corporate events, ticket sales, and merchandise. The website reflects a mature digital presence with a WordPress CMS infrastructure, modern JavaScript libraries, and integration with ticketing platforms. Privacy compliance is well addressed with comprehensive GDPR and cookie policies, including a consent mechanism. Security posture is strong with HTTPS enforcement and security headers, though there is room for improvement in incident response and explicit security policies. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

A

AME International

ame.eu

53

AME International is an Austrian healthcare company specializing in turnkey tertiary care hospitals, medical equipment packages, and digital healthcare solutions. The company positions itself as a provider of comprehensive healthcare infrastructure projects on a global scale, targeting healthcare providers and government agencies. The website reflects a professional and modern digital presence built on WordPress, featuring multimedia content and clear navigation. The technical infrastructure is well-implemented with modern libraries and performance optimizations. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the website demonstrates a mature digital footprint with strong compliance to GDPR and privacy standards, supporting the company's credibility in the healthcare sector.

D

Diamond Country Club

countryclub.at

53

Diamond Country Club is a well-established hospitality and golf resort located in Austria, offering multiple golf courses, hotel accommodations, event hosting, and retail services. The website positions itself as Austria's only European Tour Destination, targeting golf enthusiasts and travelers seeking premium leisure experiences. The business model integrates golf, hospitality, and event services with online booking capabilities, supported by a professional and consistent brand presence. Technically, the website is built on WordPress with WooCommerce for e-commerce functionalities, leveraging modern JavaScript libraries such as jQuery, GSAP, and Slick Carousel for enhanced user experience. The site demonstrates good mobile optimization and SEO practices, though accessibility features could be improved. Performance is moderate, with caching and optimization plugins in use. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. It implements a cookie consent mechanism compliant with GDPR, and privacy policies are comprehensive and clearly presented. However, there is no dedicated security policy or incident response information publicly available, nor a vulnerability disclosure program, which could be areas for enhancement. Overall, the website is trustworthy, professional, and compliant with privacy regulations, with a strong business credibility and digital maturity. Strategic improvements in security transparency and accessibility would further strengthen its posture.

istitutimissionari.it represents the Conferenza degli Istituti Missionari in Italia (CIMI), a non-profit organization uniting Italian missionary institutes to promote missionary spirit and initiatives. The website provides information about their mission, events such as the Festival della Missione, publishing activities via EMI, and community projects like intercongregational living in Modica. The target audience is Italian-speaking individuals interested in missionary and religious activities. Technically, the site is built on WordPress using the Divi theme, with responsive design and moderate performance. Security posture is good with HTTPS and DNSSEC enabled, but lacks advanced security headers and formal vulnerability disclosure. Privacy and cookie policies are missing, and Google Analytics is installed but not configured, indicating room for privacy compliance improvement. The domain is newly registered, which contrasts with the organization's long history, suggesting a recent domain acquisition or migration. Overall, the site is professional and trustworthy but could enhance compliance and security transparency.

M

Maya mare

mayamare.de

52

Maya mare is a medium-sized hospitality business based in Germany, operating a unique themed water park, sauna, wellness, and fitness club. The website reflects a well-established brand with a clear market position as the first fully themed experience bath in Germany. The business targets general audiences including families and fitness enthusiasts, offering a broad range of leisure services. Technically, the site is built on WordPress with the Divi theme and uses modern plugins for SEO, cookie management, and analytics. The hosting provider is EVH, a reputable German hosting service. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities were detected. Privacy compliance is strong with comprehensive policies and GDPR-aligned cookie management. Overall, the website is professional, trustworthy, and user-friendly, supporting the business's credibility and customer engagement.

Z

Zonal

zonal.co.uk

73

Zonal is a UK-based leading provider of integrated hospitality technology solutions, offering a comprehensive ecosystem that connects front- and back-of-house operations. Their product portfolio includes EPoS systems, online ordering, reservation management, inventory control, kitchen management, property management, business analytics, and marketing CRM solutions. Positioned as the UK's number one technology ecosystem for hospitality, Zonal targets a broad range of hospitality sectors including pubs, bars, restaurants, hotels, and leisure venues. Technically, the website is built on WordPress with modern optimization tools such as NitroPack and uses various marketing and analytics integrations including Google Tag Manager, HubSpot forms, and Visual Website Optimizer. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, providing a fast and professional user experience. From a security perspective, the site enforces HTTPS and includes standard security headers, alongside a robust cookie consent mechanism compliant with GDPR. However, explicit security policies, incident response information, and vulnerability disclosure mechanisms are not published, representing areas for improvement. Overall, the website is professional, trustworthy, and well-structured, though the lack of WHOIS data due to domain registration anomalies introduces some uncertainty regarding domain legitimacy. Strategic recommendations include publishing detailed security and incident response policies and clarifying domain registration details to enhance trust.

Lokwort Buchverlag is a small Swiss book publisher specializing in thematic and regional literature, primarily targeting German-speaking audiences interested in Swiss German dialects and consciousness topics. The company operates an e-commerce platform based on WordPress and WooCommerce, offering a curated selection of books and author events. The website is professionally designed with good navigation and mobile optimization, reflecting a consistent brand image. Technically, the site uses modern web technologies including jQuery, Slick Slider, and MediaElement.js, but lacks some advanced security headers and cookie consent mechanisms. Security posture is moderate with HTTPS enforced but missing additional headers and explicit security policies. Contact information is clearly provided, enhancing business credibility. Overall, the website is safe, compliant to a basic degree with privacy regulations, and suitable for general audiences.

A

Allianz für den freien Sonntag Österreich

freiersonntag.at

62

The Allianz für den freien Sonntag Österreich is a well-established non-profit organization advocating for the protection of free Sundays in Austria. Founded in 2001, it operates as a coalition of over 50 member organizations including churches, unions, and civil society groups. The website serves as an informational and campaign platform, promoting petitions and public awareness to safeguard labor laws related to Sunday work. It targets the Austrian public and stakeholders interested in labor rights and social welfare. Technically, the website is built on WordPress using the Enfold theme and several plugins including Yoast SEO and Complianz GDPR for privacy compliance. The site is mobile-optimized, uses HTTPS with a good SSL configuration, and implements cookie consent mechanisms. Performance is moderate with a clean and professional design, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses hCaptcha for form protection, but lacks explicit security headers and publicly available security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a low-risk profile with strong business credibility and good privacy practices. Strategic improvements could include enhancing security headers, publishing incident response information, and expanding accessibility features to further strengthen trust and compliance.

A

AKB Stiftung

akb-stiftung.de

42

The AKB Stiftung website represents a small, regional non-profit foundation with a family heritage focus. The site content is minimal but clearly communicates the foundation's regional engagement and mission. The business model is typical for a non-profit foundation, relying on regional initiatives and likely donations or grants. The market position is niche and localized, with no evident commercial activities or services offered online. Technically, the website is built on WordPress using the Enfold theme and several plugins including Slider Revolution and MediaElement.js. The site is served over HTTPS, indicating a basic level of security. However, the technical implementation is basic with limited mobile optimization and no advanced SEO or accessibility features detected. The site lacks privacy and cookie policies, which is a compliance gap. From a security perspective, the site has HTTPS enabled but lacks security headers and does not disclose any security or incident response policies. There are no visible vulnerabilities or exposed sensitive data, but the absence of security best practices and policies suggests room for improvement. No analytics or tracking scripts are present, indicating minimal user tracking. Overall, the website is safe and appropriate for a general audience, with no adult or questionable content. The lack of contact information and compliance documentation reduces trust and business credibility. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and compliance.

N

NABU|naturgucker geG

artenwissen.online

46

NABU|naturgucker-Akademie is a German non-profit educational platform dedicated to nature observation and biodiversity learning. It offers free courses, online lectures, and a web-app to support nature enthusiasts in identifying and understanding species and habitats. The platform is affiliated with NABU, a well-known German nature conservation organization, enhancing its credibility and trustworthiness. The website is primarily in German and targets nature observers and learners interested in environmental topics. Technically, the site is built on the ILIAS Learning Management System, using modern web technologies such as Bootstrap and jQuery, with moderate performance and good mobile optimization. Security posture is solid with HTTPS and SAML authentication integration, though some security headers and explicit policies are missing. Privacy compliance is mostly addressed with a privacy policy and cookie policy, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and serves its educational mission effectively.

N

Nationale Dekade gegen Krebs

dekade-gegen-krebs.de

60

The website 'Die Nationale Dekade gegen Krebs' is a German government-backed initiative led by the Bundesministerium für Bildung und Forschung (BMBF) to advance cancer research and support affected individuals. It serves as a comprehensive platform providing information on research projects, patient involvement, partner organizations, and relevant events. The site is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, it uses the Government Site Builder CMS, modern JavaScript libraries like Slick Slider and MediaElement.js, and is hosted by ITZBund, ensuring reliable infrastructure and good performance. Security posture is solid with HTTPS enforced and a cookie consent mechanism that complies with GDPR, although some security headers could be improved. The site uses Matomo analytics with anonymized data collection and explicit user consent, reflecting good privacy practices. No contact emails or phone numbers are explicitly listed, and no terms of service page is found. Overall, the website is trustworthy, secure, and well-aligned with its mission as a national cancer research initiative.

I

Information Solutions Limited

theweborchard.com

60

The Web Orchard is a creative web design and digital marketing agency based in Shrewsbury, Shropshire, operating under Information Solutions Limited. The company offers a comprehensive suite of services including bespoke web design, WordPress development, e-commerce solutions, SEO, PPC, content marketing, and hosting support. Positioned as a leading agency in the Shropshire region, it serves a diverse clientele including businesses, public sector organizations, and charities. The website reflects a professional and consistent brand image with strong client testimonials and certifications such as Cyber Essentials, reinforcing its market credibility. Technically, the website is built on WordPress with modern technologies including WPBakery Page Builder, jQuery, and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, and Microsoft Clarity. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in implementing security headers and publishing explicit security policies. From a security and compliance perspective, the site demonstrates good privacy compliance with a comprehensive privacy policy and cookie consent banner. However, no explicit incident response or vulnerability disclosure information is publicly available. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trustworthiness, though the professional presentation and business information mitigate concerns. Overall, the site presents a low-risk profile with recommendations to enhance security headers and transparency. Strategically, the company should focus on improving its public security posture by publishing incident response details and security policies, and consider registering or updating WHOIS information to enhance domain legitimacy. Continued investment in technical modernization and accessibility will support sustained growth and client trust.

R

Robert Bosch Stiftung (RBSG) in cooperation with Türkische Gemeinde in Deutschland (TGD) and neue deutsche organisationen (ndo)

lets-level-up.de

61

The website lets-level-up.de represents a non-profit empowerment program called “LEVEL up!” focused on supporting migrant and new German organizations in Germany to enhance their societal impact and participation. The program is backed by reputable partners including the Robert Bosch Stiftung, Türkische Gemeinde in Deutschland, and neue deutsche organisationen. The site provides detailed information about the program's goals, funding, coaching, and networking activities. Technically, the site is built on WordPress with a modern theme and optimized for performance and mobile use. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. No critical security or privacy issues were detected. Overall, the site is professional, trustworthy, and well-aligned with its non-profit mission.

H

Häussler Leihservice

haeussler-leihservice.de

46

Häussler Leihservice is a German-based company specializing in rental services for table culture and event equipment, catering to both private and commercial customers. The company operates multiple physical locations and offers a wide range of products including crockery, cutlery, glasses, furniture, and gastronomy equipment. Their website reflects a professional and consistent brand image with detailed product information and customer service options. Technically, the website is built on the Contao Open Source CMS platform and utilizes modern JavaScript libraries such as jQuery and Google Tag Manager for analytics. The site is moderately optimized for performance and mobile devices, with good SEO and basic accessibility features. Hosting is provided via rzone.de, as indicated by the nameservers. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published security or incident response policies, which are areas for improvement. Privacy compliance is partially met with a privacy policy present, but no cookie consent mechanism is detected, which may pose GDPR compliance risks. Overall, the website is trustworthy and professionally maintained, with a solid business presence. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance their security posture and compliance standing.

N

NABU|naturgucker geG

nabu-naturgucker-akademie.de

47

NABU|naturgucker-Akademie is a German non-profit educational platform dedicated to nature observation and biodiversity learning. It offers free courses, blogs, and online lectures primarily targeting nature enthusiasts and observers. The platform is built on the ILIAS LMS system and hosted on RZONe servers, employing modern web technologies such as jQuery, Bootstrap, and MathJax. The website is well-structured, mobile-optimized, and provides clear contact and legal information, enhancing its credibility. Security posture is good with HTTPS and secure login mechanisms, though some improvements in security headers and cookie consent are recommended. Overall, the platform demonstrates a strong commitment to education and user trust, with moderate tracking via Matomo analytics.

T

tirol kliniken

tirol-kliniken.blog

48

The Tirol Kliniken Blog is an informational healthcare blog operated by the Tirol Kliniken GmbH, a large healthcare provider in Austria. The blog provides health-related articles, patient education, and updates relevant to the regional healthcare sector. The website is built on WordPress with modern optimization plugins and uses HTTPS for secure communication. Social media presence across major platforms supports its outreach efforts. However, the domain WHOIS data is not publicly available, indicating privacy protection which slightly reduces transparency. The site lacks explicit contact information and cookie consent mechanisms, which are important for GDPR compliance. Hidden gambling-related content embedded offscreen raises concerns about possible SEO spam or content injection, which should be investigated and remediated. Security headers are absent, suggesting room for improvement in security posture. Overall, the site is professionally designed and provides valuable content but would benefit from enhanced security and privacy compliance measures.

The website www.kaha.at represents a small Austrian advertising agency led by Katharina Haselwanter, now integrated with Huber Web Media. The business focuses on graphic and web design services for local clients in the Tirol region. The website is professionally designed using WordPress and the Enfold theme, providing clear contact information and basic legal compliance documents such as privacy policy and terms of service. Technically, the site uses standard web technologies and is mobile optimized with moderate performance. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though additional security headers and explicit security policies are absent. Overall, the site is trustworthy and suitable for its business purpose, with no signs of malicious activity or content safety concerns.

Karrieretag is a German regional job fair organizer operating in multiple cities across Germany, targeting professionals, students, and career changers. The website is built on WordPress using modern themes and plugins, with a focus on SEO and user experience. The technical infrastructure includes popular event and job management plugins, and the site is mobile optimized with consent management for GDPR compliance. Security posture is good with HTTPS and some security best practices, though explicit security headers and policies could be improved. The lack of WHOIS data limits domain trust verification but the professional presentation and social media presence support legitimacy. Overall, the site is a credible platform for career events in Germany.

I

innoWerft Walldorf GmbH

innowerft.com

55

innoWerft Walldorf GmbH operates as an early-stage investor and startup accelerator based in Walldorf, Germany, focusing on supporting B2B high-tech startups in their early phases. The company provides key services including fundraising support, sales assistance, and co-investment opportunities, positioning itself as a strategic partner for startups aiming to scale rapidly. Their market presence is reinforced by a portfolio of startups that have successfully closed Seed rounds and attracted significant investment since 2019. The website content is professionally crafted, targeting startups seeking acceleration and investment, with a clear call to action for pitch deck submissions.

M

Microcredentials

microcredentials.at

56

Microcredentials.at is an Austrian educational platform specializing in providing compact, flexible online courses with personal expert support, culminating in certificates issued by Austrian universities. The platform targets professionals seeking up-to-date continuing education in specific fields. The website is built on a mature WordPress infrastructure with LMS and e-commerce capabilities, indicating a solid technical foundation. Security posture is generally good with HTTPS enforced, but lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professional, with clear contact information and university partnerships enhancing credibility.

R

Research & Degrowth International

degrowth.org

58

Research & Degrowth International is a small, non-profit think-and-act tank focused on promoting degrowth principles through research, advocacy, education, and events. The organization targets activists, academics, policymakers, and students interested in sustainable and equitable alternatives to growth-centric economic models. Their offerings include research collaborations, educational programs such as Master's degrees, and event organization at local and international levels. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website is built on WordPress using the Elementor framework, hosted by OVH sas. It employs modern web technologies including jQuery and MediaElement.js, and is optimized for mobile devices with good accessibility and SEO practices. Performance is moderate, with room for improvement in loading speed and security hardening. The domain is well-established since 2009, with proper registrar locks but lacks DNSSEC. Security posture is good with HTTPS enforced and cookie consent mechanisms implemented, but could be enhanced by enabling DNSSEC and adding more security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a comprehensive privacy policy and GDPR-aligned cookie consent. However, no explicit security or incident response policies are published, and no vulnerability disclosure or security.txt file is present. Overall, the website is trustworthy, safe, and professionally maintained, supporting the organization's mission effectively. Strategic recommendations include enhancing domain security with DNSSEC, publishing incident response and security policies, and continuous monitoring of third-party components to maintain security and compliance.

A

ASC Ulm/Neu-Ulm

asc-ulm-neu-ulm.de

10

ASC Ulm/Neu-Ulm is a well-established German sports club founded in 2011, focusing on running, swimming, and cycling training courses primarily to prepare participants for the Einstein-Marathon. The club offers a variety of courses and community events, serving approximately 2,000 members as of 2016. The website is professionally designed using WordPress and Elementor, providing rich content about training programs, events, and membership details. It integrates with partner event sites and promotes sustainability initiatives. Technically, the site uses modern web technologies and SEO tools but lacks explicit privacy and cookie policies, which are compliance gaps. Security posture is adequate with HTTPS but could be improved by adding security headers and formal policies. Overall, the site is trustworthy and serves its community well but should enhance privacy compliance and security best practices.