Security Directory

T

The European Organisation for Grassroots Sport (ENGSO)

engso-education.eu

60

The European Organisation for Grassroots Sport (ENGSO) operates a dedicated education portal aimed at supporting the development of grassroots sport across Europe. The website offers a comprehensive range of educational resources, research publications, seminars, and e-courses focused on equality, governance, and the societal role of sport. ENGSO positions itself as a leading voice in voluntary grassroots sport, supported by EU funding and partnerships. The target audience includes sport professionals, voluntary organizations, and stakeholders involved in grassroots sport development. Technically, the website is built on WordPress using the Enfold theme and Elementor page builder, leveraging modern web technologies such as Google Tag Manager and Cloudflare Zaraz for analytics and performance. The site is mobile-optimized with good SEO and accessibility practices, although some accessibility features could be enhanced. Performance is moderate, with a well-structured and professional design. From a security perspective, the site enforces HTTPS and includes a Content Security Policy header, indicating a solid baseline security posture. However, additional security headers and formal security policies are absent. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanisms, aligning with GDPR requirements. Overall, the website presents a trustworthy and professional front for ENGSO's educational mission. The main limitation is the absence of WHOIS data, which restricts domain trust verification. Despite this, the presence of EU funding disclosures and consistent branding supports legitimacy. Strategic recommendations include enhancing security headers, publishing incident response and security policies, and verifying domain registration details to improve trustworthiness.

U

Uma Mekk

umamekk.ee

44

Uma Mekk is a regional food brand based in Estonia, specifically targeting the Vana-Võromaa area. The website serves as a platform for local food and beverage producers to obtain branding and certification under the Uma Mekk trademark. The business model focuses on promoting local food products and supporting regional producers. The website is built on WordPress using the Divi Builder and Bootstrap framework, indicating a modern and maintainable technical infrastructure. SEO is enhanced with Yoast SEO and structured data, improving search visibility. The site is mobile optimized and includes cookie consent mechanisms, reflecting awareness of privacy regulations. Security posture is solid with HTTPS and security headers implemented, though explicit privacy and security policies are absent. Tracking via Google Analytics and Facebook Pixel is present, indicating moderate user data collection. Overall, Uma Mekk presents a credible and professional online presence for a small regional food brand.

S

SIIDRIKODA OÜ

kodas.ee

38

SIIDRIKODA OÜ operates the Kodas brand, a craft cider producer and hospitality business based in Estonia. The company offers a range of award-winning sustainable ciders, a restaurant, factory tours, accommodation in unique iglu houses, and event tickets. The website is professionally designed using WordPress and WooCommerce, supporting e-commerce and booking functionalities. The digital infrastructure includes modern marketing and analytics tools such as Google Analytics, Microsoft Clarity, Facebook Pixel, and Klaviyo, indicating a mature digital marketing approach. Security posture is good with HTTPS enabled and privacy compliance evident through comprehensive privacy and cookie policies. No critical vulnerabilities or blocking mechanisms were detected, and WHOIS data supports the legitimacy of the domain and business. Overall, the website presents a trustworthy and professional online presence for a small hospitality and retail business.

M

Murimäe veinikelder

murimaevein.ee

43

Murimäe veinikelder is a small Estonian hospitality business operating the world's northernmost terraced vineyard. The company offers a combination of e-commerce wine sales, wine tastings, accommodation, and event hosting, targeting wine enthusiasts and tourists. The website is built on WordPress with WooCommerce and Elementor, reflecting a moderate level of digital maturity with good SEO and mobile optimization. Security posture is adequate with HTTPS and nonce usage, but lacks advanced security headers and explicit privacy and cookie policies, indicating room for compliance improvement. Overall, the business presents a professional online presence with clear offerings but should enhance privacy compliance and security transparency to strengthen trust and regulatory adherence.

T

Toidutänavad

toidutanavad.ee

40

Toidutänavad is an event organization business hosting Estonia's largest street food festival, established in 2020. The website serves as a promotional platform targeting families and street food enthusiasts in Estonia, offering information about the festival and related events. The site is built on WordPress with modern SEO and multilingual support, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, which are critical for GDPR compliance. Contact and incident response information are not present, limiting user trust and compliance transparency. Overall, the website is functional and professional but requires improvements in privacy, security policies, and contact transparency to enhance trust and compliance.

L

Luke Mõis

lukemois.ee

41

Luke Mõis is a hospitality business based in Estonia, operating a website that serves as a digital presence for their venue and services. The website is built on WordPress using the Divi theme and integrates WooCommerce for e-commerce functionality. It targets local and regional customers interested in hospitality, events, and accommodation services. The site demonstrates a moderate level of digital maturity with standard tracking tools such as Google Analytics and Facebook Pixel implemented alongside cookie consent mechanisms. Security posture is generally good with HTTPS enforced and no obvious vulnerabilities detected, though the absence of security headers and explicit privacy policies indicates room for improvement. Overall, the website is functional and professional but lacks some compliance and security best practices, which should be addressed to enhance trust and regulatory adherence.

M

MTÜ Hiiukala

hiiukala.org

46

MTÜ Hiiukala is a small Estonian non-profit organization dedicated to supporting the sustainable development of the Hiiumaa fishing region and representing the interests of local professional fishermen. Founded in 2008, it has a solid history of managing European fisheries fund projects and engaging the local community. The website reflects a well-structured WordPress platform with good design and navigation, optimized for mobile devices and SEO. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is adequate with HTTPS enabled and domain registration consistent with the organization's identity, but could be improved by enabling DNSSEC and adding security headers. Contact information is clearly provided, and the organization maintains an active Facebook presence. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

M

MTÜ Sibulatee

sibulatee.ee

44

Sibulatee is a non-profit organization dedicated to promoting the cultural and tourism assets of the Peipsimaa region in Estonia. The website serves as a comprehensive portal for events, local businesses, cultural heritage, and educational opportunities, targeting tourists and local communities interested in authentic regional experiences. The platform leverages WordPress and WooCommerce to provide event listings, e-commerce for local products, and seminar information, supported by active social media engagement and newsletter subscriptions. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements in security headers and policies are recommended. Privacy compliance is addressed with a clear privacy policy and cookie banner, aligning with GDPR requirements. Overall, the site is professionally designed, user-friendly, and trustworthy, with clear contact information and consistent branding. No critical vulnerabilities or blocking mechanisms were detected, supporting a positive risk profile.

V

Visit Otepää

visitotepaa.com

44

Visit Otepää is a regional tourism promotion website dedicated to showcasing the attractions, events, accommodation, and culinary experiences of Otepää, Estonia's winter capital. The site targets tourists and visitors interested in exploring the natural beauty and cultural offerings of the region. It provides comprehensive information and interactive features such as maps, event listings, and a newsletter subscription to engage its audience. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap and JavaScript libraries, and integrates Google Maps for location services. SEO is enhanced through Rank Math plugin and structured data markup is implemented for better search engine understanding. Security-wise, the site uses HTTPS with a valid SSL certificate and employs Google reCAPTCHA on its contact form to mitigate spam. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Overall, the website is professional, user-friendly, and trustworthy, but could improve its privacy compliance and security headers to enhance its security posture.

O

OÜ Veinimõisnik

veinivilla.ee

25

Valgejõe Veinivilla is a small Estonian winery operating since 2014, positioned as the northernmost winery in Estonia. They produce fruit, berry, and grape wines using local ingredients, offering retail sales through their online wine shop and on-site services including tours, tastings, and events. The business targets wine enthusiasts and tourists seeking authentic local experiences. Technically, the website is built on WordPress with WooCommerce and Elementor, supported by a reputable hosting provider. The site is well-structured, mobile-optimized, and SEO-friendly, though some accessibility features could be improved. Security posture is good with HTTPS and no visible vulnerabilities, but lacks explicit security headers and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy with room for compliance and security enhancements.

T

Tartu Welcome Centre

tartuwelcomecentre.ee

40

Tartu Welcome Centre is a local newcomer information and support center based in Tartu, Estonia, founded in 2019. It provides free consultations, registry services, cultural and networking events, and useful information to international newcomers and their families in Tartu and South-Estonia. The organization positions itself as a community-oriented non-profit entity aiming to facilitate smooth integration and settlement for newcomers. The website is built on WordPress with modern SEO and analytics tools, hosted by Zone Media OÜ. The site is well designed, mobile optimized, and offers clear navigation and professional content. However, it lacks formal privacy and cookie policies, which impacts compliance and user trust. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and vulnerability disclosure mechanisms. Overall, the website is trustworthy and functional, serving its target audience effectively.

T

Tiigi Seltsimaja

tartukorraldab.ee

60

Tartu korraldab is a government-affiliated event coordination platform managed by Tiigi Seltsimaja, focusing on organizing and promoting cultural and city-wide events in Tartu, Estonia. The website serves as a central hub for information on major city celebrations such as Tartu linna päev, jõululinn, and other seasonal festivals. The business operates under the official city branding and targets residents and visitors interested in Tartu's cultural life. Technically, the site is built on WordPress with modern plugins like Elementor and Modern Events Calendar, optimized for performance and mobile responsiveness. Security posture is solid with HTTPS, anti-spam measures, and GDPR-compliant cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy presence.

V

V360 agency

v360.ee

43

V360 Agency OÜ is a small Estonian digital agency specializing in web development, e-commerce solutions, branding, and full digital marketing services. The company positions itself as a smart solution for digital success, targeting businesses seeking to elevate their online presence through comprehensive marketing and branding strategies. Their website showcases a professional design with clear navigation, client testimonials, and a portfolio of projects, indicating a trusted market presence. Technically, the site is built on WordPress with modern JavaScript libraries such as Swiper.js and Tippy.js, and integrates Google Tag Manager and reCAPTCHA for tracking and security. The hosting and domain registration are managed by Zone Media OÜ, a reputable Estonian registrar and hosting provider. Security posture is adequate with HTTPS and reCAPTCHA implemented, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the website is professional and credible, though improvements in privacy and security policies are recommended.

V

Võrumaa Arenguagentuur SA

vorumaa.ee

39

Võrumaa Arenguagentuur SA operates the website vorumaa.ee as a regional development center serving Southeast Estonia. The organization provides information, consulting, and training services primarily targeting local businesses, non-profits, and municipalities. The website reflects a government or non-profit entity with a clear regional focus and a mission to support economic and community development. The site is built on WordPress using the Divi theme and incorporates modern SEO practices via Yoast SEO. It uses Google Analytics and Tag Manager for analytics and includes a cookie consent mechanism, indicating some attention to privacy compliance. Security measures include HTTPS and Google reCAPTCHA, but explicit security policies and incident response information are absent. Overall, the website is professionally designed with good content relevance and moderate trustworthiness, though it lacks some compliance documentation such as privacy and terms of service pages.

T

Tartu Ärinõuandla

arinouandla.ee

41

Tartu Ärinõuandla is a non-profit organization based in Estonia, providing expert consultancy and support services to entrepreneurs, NGOs, youth labs, and investors. The organization is recognized within its network as a leading entrepreneurship developer since 2014. The website serves as a portal for information, events, and service registration, targeting local and regional business communities. Technically, the site is built on WordPress, leveraging common marketing and analytics tools such as Google Analytics, Facebook Pixel, and Sendinblue for newsletter management. Security measures include HTTPS enforcement and reCAPTCHA on forms, though some security headers are missing. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, though terms of service and security policies are absent. Overall, the site is professional, trustworthy, and well-aligned with its business purpose.

S

Sihtasutus Läänemaa

laanemaa.ee

44

Sihtasutus Läänemaa operates as a regional non-profit organization dedicated to supporting and promoting the Läänemaa county in Estonia. The website serves as an information hub for residents, local businesses, non-profit organizations, educational institutions, and tourists. Key services include entrepreneurship support, coordination of education, tourism development, and event aggregation. The organization positions itself as a trusted regional authority fostering sustainable development and cultural engagement. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site is mobile-optimized and includes SEO best practices, although accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but could be improved by adding security headers and explicit incident response policies. Privacy compliance is partially met with a privacy and cookie policy present, but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

E

ET Infokeskuse AS

ehituskeskus.ee

38

ET Infokeskuse AS operates the website ehituskeskus.ee, providing construction-related information, seminars, and publications primarily targeted at construction professionals and real estate stakeholders in Estonia. The company has an established presence since 2010 and offers a mix of digital and physical products including training seminars, construction guidelines, and a digital kartoteek service. The website is multilingual, supporting Estonian, English, Finnish, and Russian languages, enhancing accessibility for a broader regional audience. Technically, the website is built on WordPress with WooCommerce for e-commerce functionality, leveraging modern web technologies such as Bootstrap, jQuery, and Owl Carousel. The site is hosted behind Cloudflare DNS and CDN services, ensuring reliable performance and security. SEO is well implemented with Yoast SEO plugin, and the site shows good mobile optimization and user experience. From a security perspective, the site enforces HTTPS and uses common security practices, though explicit security headers like Content-Security-Policy are not detected. No critical vulnerabilities or exposed sensitive data were found. However, the site lacks a cookie consent mechanism and does not provide explicit incident response or vulnerability disclosure information, which are areas for improvement. Overall, ehituskeskus.ee presents a professional and trustworthy digital presence for ET Infokeskuse AS, with solid business credibility and technical implementation. Strategic enhancements in privacy compliance and security transparency would further strengthen its posture and user trust.

1

1Kelvin

kelvin.ee

50

1Kelvin is an Estonian-based company specializing in technical system planning, design, and installation with a strong focus on energy efficiency and related services. With over 20 years of experience, the company positions itself as a reliable partner for large and complex projects in Estonia, targeting primarily business clients requiring engineering and energy consultancy services. The website reflects a professional and consistent brand image, offering clear information about services and company expertise. Technically, the site is built on WordPress with modern front-end technologies and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and explicit incident response information. Privacy compliance is partially addressed with references to cookie and privacy policies but lacks an explicit consent mechanism. Overall, the site is trustworthy and credible with room for improvement in security and privacy transparency.

S

S.F.P. Group OÜ

sfp.ee

46

S.F.P. Group OÜ is an Estonian company specializing in the sale and consulting of ventilation, heating, and cooling equipment for industrial, residential, and apartment buildings. The company collaborates with leading manufacturers to provide energy-efficient and technologically advanced HVAC solutions. Their website reflects a professional presence with a focus on local market needs and showcases references to notable projects. Technically, the website is built on WordPress using modern tools like Elementor and Astra theme, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking some advanced security headers and explicit privacy policies. Overall, the domain registration data supports the legitimacy and maturity of the business.

L

LCC PRODUKT OÜ

lccprodukt.ee

41

LCC PRODUKT OÜ is an Estonian company specializing in energy-efficient and modern ventilation solutions, including calculation, analysis, and distribution of ventilation equipment. Founded in 2012, the company positions itself as a professional partner to architects, designers, builders, and developers in Estonia, offering innovative European ventilation products and high-tech energy solutions. The website is built on WordPress with WooCommerce, featuring a modern and responsive design, integrated project search functionality, and active social media presence. Security posture is solid with HTTPS enabled and no exposed sensitive data, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site reflects a trustworthy and professional business with room for improvement in security and privacy transparency.

E

E-varamu

e-varamu.ee

55

E-varamu is a key Estonian cultural heritage digital platform that aggregates materials from multiple datasets and integrates with the Europeana digital library. It serves researchers and the general public interested in Estonian culture, operating as a non-profit government-related entity. The website is built on WordPress with modern plugins and technologies, offering good SEO, accessibility, and mobile optimization. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not published. The domain registration data aligns well with the website's purpose, indicating legitimacy. Overall, the platform is professional, trustworthy, and technically sound.

T

Tallinna Vesi

tallinnavesi.ee

42

Tallinna Vesi is a well-established water utility company based in Estonia, primarily serving the Tallinn region with water supply and wastewater treatment services. The company demonstrates a strong market position supported by comprehensive service offerings including water purification, meter installation, and customer self-service portals. Their website reflects a professional digital presence with multilingual support and investor relations, indicating a mature business model focused on transparency and customer engagement. Technically, the site is built on WordPress with modern plugins and scripts, ensuring good performance and SEO optimization. Security posture is robust with HTTPS enforcement and ISO certifications, although improvements can be made in security headers and incident response transparency. Privacy compliance is mostly adequate but lacks a visible cookie consent mechanism, which should be addressed to fully comply with GDPR requirements. Overall, the website and domain data indicate a trustworthy and credible organization with a solid digital infrastructure.

Eesti Ehitusinseneride Liit (EEL) is a non-profit voluntary association representing construction engineers in Estonia. Founded in 1991, it serves approximately 500 individual members and several collective members, providing professional membership services, certification, training, and information resources. The website positions EEL as a reputable and established professional body within the Estonian construction sector. Technically, the site is built on WordPress with common plugins and libraries, featuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers are absent and privacy compliance is minimal due to lack of privacy and cookie policies. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission, but could improve in privacy and security policy transparency.

V

Veeühing (GWP Estonia)

veeyhing.ee

43

Veeühing (GWP Estonia) is a voluntary association based in Estonia focused on water management and related environmental issues. It operates as part of the Global Water Partnership network, aiming to improve water management and protection globally. The organization hosts events such as seminars and conferences to engage stakeholders and disseminate knowledge. The website is professionally designed using WordPress and is actively maintained with regular event updates. The technical infrastructure is modern, leveraging standard WordPress plugins and libraries, and the site is served over HTTPS with no detected blocking or WAF interference. However, the site lacks explicit privacy and cookie policies, which impacts GDPR compliance and privacy posture. Contact information such as emails or phone numbers is not explicitly provided, which may affect user trust and communication. Overall, the website demonstrates a good level of professionalism and technical maturity but would benefit from enhanced privacy compliance and clearer contact channels.

M

MTÜ Maakondlikud Arenduskeskused

arenduskeskused.ee

45

MTÜ Maakondlikud Arenduskeskused operates as the largest nationwide network in Estonia providing consulting and training services to startups, active businesses, non-profits, and local governments. Their business model is based on publicly funded, free services aimed at fostering entrepreneurship and community development across all 15 Estonian counties. The website reflects a mature digital presence built on WordPress with modern plugins and SEO optimizations, supporting a good user experience and mobile responsiveness. Security posture is solid with HTTPS and standard best practices, though explicit security policies and headers could be improved. Privacy compliance is evident with a GDPR-aligned privacy policy and cookie consent mechanism. Overall, the site demonstrates high business credibility and trustworthiness with clear contact information and partner network links.

I

Itero – Digitālā marketinga aģentūra

itero.lv

24

The website www.itero.lv appears to be a small business site hosted on WordPress with minimal content and limited digital maturity. The site lacks essential legal documents such as privacy policy, cookie policy, and terms of service, which are critical for compliance and user trust. Contact information and social media presence are not evident, reducing accessibility and credibility. Technically, the site uses standard web technologies but lacks advanced security headers and optimization features. The security posture is basic with no visible incident response or vulnerability disclosure mechanisms. Overall, the site presents a low-risk profile but requires significant improvements in compliance, security, and content quality to enhance trust and professionalism.

S

SA Jõgevamaa Arendus- ja Ettevõtluskeskus

kultuuritee.ee

44

Kultuuritee.ee is a regional cultural tourism website managed by SA Jõgevamaa Arendus- ja Ettevõtluskeskus, promoting the cultural heritage and tourism opportunities in the Jõgevamaa region of Estonia. The site provides information about cultural routes, events, maps, and local attractions, targeting tourists and cultural visitors interested in exploring Estonian history and culture. The business model is non-profit and focused on regional development and cultural promotion. Technically, the website is built on WordPress with common plugins like Yoast SEO and uses Google Analytics and Tag Manager for visitor tracking. The hosting is provided by Zone Media OÜ, and the domain is registered since 2019, consistent with the site's purpose. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is functional, well-branded, and provides relevant content but could improve in privacy and security practices.

S

SportAccord

aimsisf.org

43

The Alliance of Independent Recognized Members of Sports (AIMS) operates as a non-profit international sports alliance representing various independent sports federations. The organization is positioned as a key stakeholder in the global sports governance ecosystem, partnering with major entities such as the International Olympic Committee (IOC), SportAccord, WADA, and ITA. The website serves as a communication platform providing news, member federation information, and partnership details to its target audience of sports professionals and federations worldwide. Technically, the website is built on WordPress using the Elementor page builder, hosted on StableServer infrastructure. The site demonstrates good mobile optimization, clear navigation, and a professional design, although some accessibility features could be improved. Performance is moderate, with no major technical issues detected in the HTML content. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but DNSSEC is not enabled and some security headers are not explicitly detected, suggesting room for improvement. From a security and compliance perspective, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its privacy compliance score. No incident response or vulnerability disclosure information is available, and no direct contact emails or phone numbers are provided, limiting transparency in communication channels. The WHOIS data is consistent and transparent, confirming the legitimacy of the domain ownership and alignment with the organization's identity. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy compliance measures, improved security header implementation, and clearer contact information to strengthen user trust and regulatory adherence.

S

SportAccord

sportaccord.com

60

SportAccord is a globally recognized organization dedicated to connecting International Sport Federations, cities, right holders, and businesses to shape the future of sport. The website reflects a professional and well-established entity with a strong market position in the sports event and federation engagement sector. Key services include organizing major events such as the SportAccord Convention and the International Federation Forum, alongside providing platforms for sustainability and membership applications. The technical infrastructure is built on WordPress with modern plugins and analytics tools, ensuring a robust digital presence. Security posture is strong with HTTPS enforcement, security headers, and monitoring tools like New Relic, although explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates high professionalism, good privacy compliance, and trustworthy business credibility.

S

SportAccord

gaisf.sport

60

SportAccord is a globally recognized organization dedicated to connecting International Sport Federations, cities, right holders, and businesses to shape the future of sport. The website reflects a professional and well-structured platform offering information about major events such as the SportAccord Convention and the International Federation Forum. The organization positions itself as a key player in the sports event and federation engagement sector, supported by the International Olympic Committee and a broad network of partners. The digital infrastructure is built on WordPress with modern plugins and analytics tools, ensuring a good user experience and performance. Security posture is strong with HTTPS enforcement and privacy compliance mechanisms like Usercentrics CMP. However, WHOIS data is privacy protected, limiting transparency on domain ownership, though this is common and justified for such entities. Overall, the website demonstrates a mature digital presence with good content quality, technical implementation, and business credibility.

ENGSO is a well-established European non-profit organization dedicated to grassroots sport, acting as an umbrella for National Olympic Committees and National Sports Confederations across 33 European countries. The website clearly communicates ENGSO's mission to promote stronger communities through voluntary-based sport, supported by a professional and consistent digital presence. The organization leverages modern WordPress technologies with Elementor for content management and presentation, ensuring good mobile optimization and user experience. Security posture is adequate with HTTPS enabled, but could be enhanced by implementing additional security headers and explicit privacy compliance mechanisms such as cookie consent. Contact information is primarily via a contact form, with no direct emails or phone numbers publicly listed. Overall, the domain registration and WHOIS data align with the organization's legitimacy and history, supporting a high trustworthiness rating.

S

Spordimeditsiini SA

sportmed.ee

38

Spordimeditsiini SA is an established Estonian sports medicine foundation providing specialized health examinations, treatments, and consultations for amateur, youth, and professional athletes. With over 25 years of experience, it holds a strong market position in Estonia's healthcare sector, focusing on sports-related medical services including physiotherapy, cardiology diagnostics, nutrition counseling, and advanced physiotherapy procedures. The website is well-structured, multilingual, and professionally designed, reflecting the organization's credibility and service quality. Technically, it is built on WordPress with modern plugins and SEO optimizations, though some performance and security enhancements are advisable. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks explicit security headers and incident response policies. Privacy compliance is partially met with privacy and cookie policies present, but missing active consent mechanisms. Overall, the site demonstrates a mature digital presence with room for improvements in security and privacy transparency.

A

A. Le Coq

alecoq.ee

47

A. Le Coq is Estonia's oldest and largest beverage producer, offering a wide range of alcoholic and non-alcoholic drinks including beer, cider, juices, water, and energy drinks. The company operates a professional and well-structured website built on WordPress with WooCommerce, targeting both consumers and distributors in Estonia and export markets. The website demonstrates good digital maturity with modern technologies, SEO optimization, and mobile responsiveness. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit privacy and security policies are not published. Overall, the site reflects a credible and established business with a focus on compliance and user experience.

P

Pilt Ruudus OÜ

piltruudus.ee

41

Pilt Ruudus OÜ operates as a creative agency based in Estonia, offering a comprehensive suite of digital marketing, SEO, web development, video, and photography services. The company targets Estonian businesses seeking to enhance their online presence and marketing effectiveness. The website reflects a professional and consistent brand image, with clear service descriptions and a user-friendly contact form facilitating client engagement. The business appears well-established with a domain age consistent with its operational history.

Lääneranna vald is a local government entity in Estonia formed in 2017 by merging several municipalities. The website currently serves as a maintenance page with basic information about the municipality's geography, administrative structure, and protected natural areas. The site is built on WordPress and uses common web technologies such as jQuery. The technical infrastructure is moderate with HTTPS enabled and hosted likely by Zone Media OÜ, an Estonian registrar and hosting provider. However, the site lacks advanced security headers and policies, and no privacy or cookie policies are published, which limits compliance with GDPR and other regulations. The login form is present but lacks visible security enhancements such as CAPTCHA or multi-factor authentication. Overall, the website is functional but minimal, reflecting a work-in-progress status.

R

Rapla vald

rapla.ee

45

Rapla vald operates as a local government entity serving the Rapla region in Estonia, providing a broad range of municipal services including social support, education, cultural activities, infrastructure management, and community engagement. The website serves as an official portal for residents and visitors, offering news, event information, and access to various public services. The organization maintains a clear and consistent brand presence with a well-structured website in Estonian, targeting local community members and stakeholders. Technically, the website is built on WordPress CMS, leveraging modern plugins and frontend technologies such as jQuery, FontAwesome, and Google Tag Manager. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting and domain registration are managed by a reputable Estonian registrar, Telia Eesti AS, with domain age consistent with the organization's history. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers, published security policies, and incident response contact information. No vulnerability disclosure or security.txt files are present, indicating room for improvement in transparency and security maturity. Overall, the website presents a trustworthy and professional digital presence for a government entity, with moderate technical and security posture. Strategic enhancements in security headers, incident response readiness, and vulnerability disclosure would strengthen its security and compliance stance.

M

MTÜ Kodukant Läänemaa

kklm.ee

39

MTÜ Kodukant Läänemaa is a small Estonian non-profit organization dedicated to promoting and supporting village life and rural community development in the Läänemaa region. The organization provides project support, facilitates funding opportunities, and organizes community events to strengthen local engagement. The website is built on WordPress using the Virtue theme and several plugins such as MailPoet for newsletters and Google Calendar Events for event management. The technical infrastructure is modern and moderately performant with good mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks important security headers and formal privacy or cookie policies. Contact information is clearly provided with a physical address and company email, enhancing business credibility. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance and enhanced security practices.

R

Rohelise Jõemaa Koostöökogu

joemaa.ee

39

Rohelise Jõemaa Koostöökogu is a small regional cooperative organization based in Estonia, focused on sustainable rural economic development, cultural heritage preservation, and tourism promotion. The website serves as an informational and promotional platform highlighting the organization's mission, events, and regional identity. The technical infrastructure is based on WordPress with common plugins such as Yoast SEO and Contact Form 7, supported by standard web technologies like jQuery and Bootstrap. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is functional and professional but requires improvements in privacy, security, and compliance to enhance trust and user protection.

P

Pärnu Lahe Partnerluskogu

plp.ee

39

Pärnu Lahe Partnerluskogu is a regional non-profit partnership organization based in Estonia, focused on supporting local development projects, cooperation, and dissemination of information in the Pärnu Bay area. The website serves as an information hub for local government entities, community organizations, and residents, providing updates on meetings, funding opportunities, and collaborative projects. The organization appears well-established with a domain age since 2010 and consistent regional focus. Technically, the website is built on WordPress using the Sydney theme and common plugins such as Yoast SEO and Elementor. It employs HTTPS and basic SEO optimizations, with moderate performance and good mobile responsiveness. However, accessibility features are basic, and some security best practices like DNSSEC and security headers are missing. From a security perspective, the site has a good SSL configuration but lacks advanced security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure mechanisms are evident. The absence of contact emails and phone numbers in the HTML limits direct communication channels, though physical addresses linked to local municipalities are present. Overall, the website is functional and professional for its purpose but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to strengthen trust and regulatory adherence.

Soomaa.com is a small hospitality and tourism business focused on providing wilderness experiences in Estonia, particularly in Soomaa National Park. The website offers detailed information and booking options for various outdoor activities such as canoe trips, kick-bike trips, bogwalking, mushrooming, and snowshoeing. The company targets nature enthusiasts and tourists seeking authentic outdoor adventures in Estonia. The business appears established, with a domain registered since 1999, and maintains a consistent brand presence including social media channels on Facebook, YouTube, and Instagram. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, integrating third-party booking services via FareHarbor. The site is well-structured with good SEO practices, mobile optimization, and a cookie consent mechanism compliant with GDPR principles. Performance is moderate, and accessibility is basic but functional. From a security perspective, the site uses HTTPS with good SSL configuration but lacks advanced security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. The cookie consent banner and detailed preferences indicate a commitment to privacy compliance, although no explicit privacy policy or terms of service were found in the analyzed content. Overall, Soomaa.com presents a credible and professional online presence for a niche tourism business. Strategic improvements in security headers, explicit privacy and security policies, and enhanced accessibility would strengthen its security posture and compliance. The domain registration data supports legitimacy and trustworthiness.

A

Allikukivi Veinimõis

allikukivi.ee

40

Allikukivi Veinimõis is a small family-owned Estonian business specializing in handcrafted berry and fruit wines produced on-site in their manor's wine cellar. They complement their wine production with hospitality services including wine tastings, tours, and glamping accommodations in a historic manor park. The website is built on WordPress with WooCommerce, featuring a professional design and moderate performance. The site includes cookie consent mechanisms and integrates third-party booking services. Security posture is good with HTTPS and no exposed sensitive data, but lacks some security headers and formal privacy and terms policies. Overall, the business presents a trustworthy local niche hospitality and wine production service with room for improvement in privacy compliance and security documentation.

V

Valgeranna Seikluspark

valgerannaseikluspark.ee

44

Valgeranna Seikluspark is an Estonian adventure park offering active outdoor recreational activities primarily targeting families, children, and groups near Pärnu. The website presents a professional and consistent brand image with clear descriptions of services such as adventure trails, group bookings, and special events. Technically, the site is built on WordPress with Elementor and Yoast SEO, integrating Google Analytics and Tag Manager for tracking. Cookie consent is implemented with detailed user controls, reflecting a basic level of privacy compliance. Security posture is solid with HTTPS and no visible vulnerabilities, though formal security and incident response policies are absent. Overall, the site is functional, trustworthy, and well-positioned regionally, but could improve transparency by publishing privacy and terms policies and enhancing contact information visibility.

E

Elkdata OÜ (registrar)

veetee.ee

46

VeeTee.ee is a small Estonian business specializing in outdoor recreational services including ski and snowboard rentals, canoe and rubber boat trips, and accommodation rental at Annemäe Puhkemaja. The company targets tourists and local outdoor enthusiasts seeking guided water and winter sports experiences. The website is built on WordPress with modern plugins and provides clear contact information and service descriptions. Technically, the site uses HTTPS and common WordPress technologies but lacks some security headers and explicit privacy consent mechanisms. Security posture is moderate with no critical vulnerabilities detected but room for improvement in policy transparency and compliance. Overall, the business appears legitimate with consistent domain registration data and a professional web presence.

R

Romantiline Rannatee

rannatee.ee

38

Romantiline Rannatee is a well-established regional tourism promotion website focused on the Pärnumaa coastal area in Estonia. The site offers rich content including destination guides, events, accommodations, and virtual tours, targeting tourists interested in nature, culture, and leisure activities. The business operates primarily as a tourism marketing platform, leveraging partnerships with local organizations and maintaining a consistent brand presence. Technically, the website is built on WordPress using the Avada theme and Yoast SEO plugin, with Google Tag Manager integrated for analytics. The site demonstrates good design quality, mobile optimization, and SEO practices, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, with no blocking or WAF detected, supporting a moderate to good trust level for visitors.

S

Siseturvalisus

siseturvalisus.ee

44

Siseturvalisus.ee is a government-affiliated career portal dedicated to internal security in Estonia, providing job opportunities and career information across seven key security agencies. The website serves as a centralized platform for recruitment and career development in the Estonian internal security sector, targeting job seekers interested in contributing to national security. Technically, the site is built on WordPress with modern frontend libraries such as jQuery, Fancybox, and Splide.js, delivering a responsive and well-structured user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements can be made by adding security headers and explicit incident response contacts. Privacy compliance is adequate with privacy and cookie policies present, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its government sector mission.

V

Virupärane

laaneviru.ee

44

The website laaneviru.ee serves as an official regional portal for Lääne-Viru County in Estonia, focusing on tourism, living, and entrepreneurship. It provides comprehensive information about local attractions, events, accommodation, business support, and municipal resources. The site targets tourists, residents, and entrepreneurs interested in the region. The business model is informational and promotional, likely operated by a government or regional development entity. The domain is newly registered in 2024, consistent with the website's launch and content. Technically, the site is built on WordPress with modern performance and image optimization plugins. It uses Google Tag Manager and Facebook Pixel for analytics and marketing, with a cookie consent mechanism implemented via CookieYes. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search visibility. From a security perspective, HTTPS is enforced, and no critical vulnerabilities or exposed sensitive data were detected. However, security headers are not explicitly present, and no published security or incident response policies were found. Privacy compliance is basic, with no visible privacy policy or terms of service pages, which should be addressed to improve compliance and user trust. Overall, the website is professional and trustworthy, with a solid technical foundation and clear business purpose. Strategic recommendations include publishing privacy and security policies, enhancing security headers, and adding vulnerability disclosure information to strengthen security posture and compliance.

S

SYNLAB Eesti

synlab.ee

66

SYNLAB Eesti is the largest medical laboratory in Estonia, operating since 1995 and part of the global SYNLAB Group. The company provides a wide range of medical laboratory testing services targeting medical professionals, private clients, and employers. The website reflects a mature digital presence built on WordPress with modern plugins and SEO optimizations. It offers multilingual support and integrates GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though additional security headers and explicit security policies could enhance trust. Contact is primarily via a contact form, with no exposed direct emails or phone numbers. Overall, the site is professional, trustworthy, and well-aligned with the business's market position.

A

AS Medisoft

medisoft.ee

43

AS Medisoft is an Estonian technology company with a domain registered since 2010, indicating a stable business presence. The website is built on WordPress using the Divi theme, reflecting a standard and professional digital infrastructure. The site appears to target a local or regional audience, though explicit business descriptions and contact details are not readily found in the provided content. The technical setup is moderate in performance and mobile optimization, but lacks advanced SEO and accessibility features. Security posture is average, with no detected security headers or explicit SSL/TLS configuration details, and no privacy or cookie policies are present, which may impact compliance and user trust. Overall, the website is functional and professional but would benefit from enhanced security and privacy compliance measures.

J

Jäneda Mõis OÜ

janedaturism.ee

46

Jäneda Mõis OÜ operates a tourism and hospitality center in Estonia offering conference facilities, restaurant services, accommodation, theater performances, and seasonal markets. The company targets tourists and event organizers, positioning itself as a regional hospitality provider with a medium-sized operation founded in 2010. The website is built on WordPress with WooCommerce and uses modern plugins and themes, providing a good user experience with multilingual support and clear navigation. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site reflects a professional and trustworthy business with good digital maturity.

E

Eesti Kergejõustikuliit

ekjl.ee

42

Eesti Kergejõustikuliit is the national athletics federation of Estonia, providing organizational support, event management, and athlete services within the Estonian athletics community. The website serves as a comprehensive portal for news, competition calendars, results, rankings, and educational materials targeting athletes, coaches, clubs, and fans. It holds a strong market position as the official governing body for athletics in Estonia. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js, and uses Bootstrap for responsive design. The site demonstrates good digital maturity with structured data, SEO optimization, and mobile responsiveness, although some accessibility features could be improved. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS and uses standard libraries without visible vulnerabilities. However, it lacks some security headers and does not provide explicit security or incident response policies. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. Strategic improvements in privacy compliance, security policy transparency, and accessibility would enhance its security posture and user trust.