Security Directory

S

SinuLab

sinulab.ee

53

SinuLab is a technology company specializing in software solutions for strategic performance management and people development, primarily targeting small and medium-sized enterprises. Their SaaS offerings include modules for people data management, performance tracking, employee development, and talent management, complemented by e-learning courses. The company has a consistent brand presence and a professional website that clearly communicates its services and target audience. Technically, the website is built on WordPress with modern plugins and integrates marketing and analytics tools such as HubSpot and Google Tag Manager. Security posture is good with HTTPS enforced and domain transfer protections in place, though improvements like enabling DNSSEC and adding security headers are recommended. Privacy compliance is basic but includes a cookie consent mechanism and a privacy policy page. Overall, the website and business present a trustworthy and professional image with room for enhanced security and compliance maturity.

Z

Zone Media OÜ

rahinge.ee

47

Rahinge.ee is a small Estonian website focused on promoting and providing information about Rahinge Wakepark, a water sports and relaxation destination near Tartu, Estonia. The site offers content about wakeboarding, SUP boards, canoe and kayak rentals, and leisure facilities such as beaches and ball courts. The business model centers on regional water sports enthusiasts and visitors seeking recreational activities. The website is built on WordPress with popular plugins and themes, showing moderate performance and good mobile optimization. SEO practices are adequately implemented with proper meta tags and structured data. Security posture is basic with HTTPS enabled but lacks DNSSEC and security headers, and no cookie consent mechanism is present. Contact information is limited to a contact form without explicit emails or phone numbers. The domain is newly registered in 2025 by Zone Media OÜ, a known Estonian registrar and hosting provider, consistent with the website's launch timeframe. Overall, the site is functional and professionally designed but could improve in privacy compliance and security best practices.

P

Powerfleet (formerly Fleet Complete)

fleetcomplete.com

66

Powerfleet (formerly Fleet Complete) is a leading provider of connected fleet management and asset tracking solutions, targeting businesses ranging from small-medium enterprises to large Fortune 500 companies. The company offers a comprehensive suite of products including fleet management software, AI dash cameras, asset trackers, and telematics integrations, positioning itself as a key player in the transportation and logistics sector. The website reflects a mature digital presence with consistent branding and a focus on data intelligence to optimize fleet operations. Technically, the website is built on WordPress with Elementor, leveraging modern analytics and marketing tools such as Google Analytics, Google Tag Manager, LinkedIn Insight, and 6sense. The site is mobile-optimized, SEO-friendly, and includes privacy and cookie consent mechanisms, indicating a good level of digital maturity and compliance with privacy regulations like GDPR. From a security perspective, the site enforces HTTPS and includes basic security headers, but lacks some advanced headers and a public security or incident response policy. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data transparency slightly reduces trust but does not outweigh the professional and active nature of the website. Overall, the risk profile is moderate to low with recommendations to enhance security headers, publish explicit security policies, and consider vulnerability disclosure mechanisms to further strengthen trust and compliance.

T

TJO Konsultatsioonid

tjo.ee

52

TJO Konsultatsioonid is a leading Estonian consulting firm specializing in management systems development, strategic management, and production efficiency enhancement. The company offers a range of consulting services and training programs targeted at businesses seeking to improve operational effectiveness and comply with international standards. Their market position is strong within Estonia, supported by multiple ISO certifications and a robust client base. The website infrastructure is built on WordPress, utilizing modern plugins such as Yoast SEO and Ninja Forms, integrated with Google Analytics and Google Tag Manager for performance and user behavior tracking. The site is mobile-optimized and demonstrates good SEO practices, contributing to a positive digital maturity profile. Security posture is solid with HTTPS enforced, use of Google reCAPTCHA on forms, and indications of security plugins like Wordfence. However, some security headers are not explicitly confirmed and could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website and business present a trustworthy and professional image with no critical security issues detected. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and considering a formal incident response policy to further strengthen security and compliance.

E

Elkdata OÜ

keeleagentuur.ee

41

Keeleagentuur is a small Estonian language agency founded in 2022, specializing in language education and translation services primarily for Estonian and Russian languages. The company offers goal-oriented language courses for adults, including exam preparation and thematic courses. The website is built on WordPress using the Astra theme, Elementor page builder, and WooCommerce for e-commerce capabilities. It employs modern web technologies and integrates Google Analytics for visitor tracking. The website is well-structured, mobile-optimized, and SEO-friendly, but lacks explicit privacy and terms of service policies. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers could be improved. Overall, the business appears legitimate and consistent with its domain registration data.

T

TTK - Leak Detection System

ttkuk.com

70

TTK Leak Detection is a specialized manufacturer of liquid leak detection systems, focusing on water, acids, and oil leak detection for commercial and industrial applications. The company positions itself as a global leader with a strong presence in multiple international markets, offering products made in France with a notable 10-year warranty. Their target audience includes data centers, industrial facilities, airports, and other critical infrastructure sectors requiring reliable leak detection solutions. The website reflects a mature digital presence with comprehensive product information, case studies, and certifications that reinforce their market credibility. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Matomo, and Google Tag Manager for analytics and marketing. The site is well-optimized for SEO and mobile devices, with good performance and accessibility standards. Security measures include HTTPS, reCAPTCHA on forms, and cookie consent mechanisms, although some advanced security headers are not detected. From a security perspective, the site demonstrates good practices but lacks explicit security policies or incident response information. The absence of WHOIS data for the domain is a notable anomaly that reduces trustworthiness from a domain registration standpoint. Despite this, the professional website, certifications, and client references suggest a legitimate and established business. Overall, the risk assessment is moderate with recommendations to enhance domain registration transparency, implement additional security headers, and publish vulnerability disclosure policies to improve trust and compliance.

E

eHost OÜ

aksohaus.ee

40

Investor.ee is a small Estonian educational website focused on providing practical advice and information about investing, portfolio management, risk management, and financial knowledge. The site targets individuals and organizations interested in growing their capital through various investment strategies. The business operates primarily as a content and informational platform, with a niche focus on the Estonian-speaking investment community. The domain is registered to eHost OÜ since 2019, consistent with the website's scope and scale. Technically, the website is built on WordPress using a modern theme and standard libraries such as Bootstrap, jQuery, and FontAwesome. It integrates Google Tag Manager for analytics and Google reCAPTCHA v3 for spam protection on forms. The site is hosted behind Cloudflare DNS and uses HTTPS, ensuring secure communication. Mobile optimization and SEO practices are good, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks explicit security headers like Content-Security-Policy and X-Frame-Options, and does not publish privacy or cookie policies, which are critical for GDPR compliance. No incident response or security policy information is available. External links are configured to open in new windows with noopener for security. Overall, the website is functional, professionally designed, and provides relevant content for its audience. The main risks relate to privacy compliance gaps and missing security headers. Strategic improvements in these areas would enhance trust and regulatory adherence.

M

Manimal OÜ

manimaldesign.com

46

Manimal OÜ is a small Estonian digital media and design studio specializing in web design, SEO, and social media services. Founded in 2016, the company targets local businesses and individuals seeking creative digital solutions. The website reflects a professional and consistent brand image with a clear portfolio and client references. Technically, the site is built on WordPress with modern plugins such as Elementor and WooCommerce, and includes tracking via Google Analytics and Facebook Pixel. Security measures include HTTPS and Google reCAPTCHA on the contact form, but lack advanced security headers and explicit privacy or cookie policies. Overall, the site is functional and credible but would benefit from enhanced privacy compliance and security hardening.

T

Tallinna Tehnikakõrgkool

tktk.ee

49

Tallinna Tehnikakõrgkool is a reputable higher education institution in Estonia specializing in technical and engineering education. The website serves multiple audiences including prospective and current students, continuing education learners, and business partners. It offers comprehensive information on study programs, admissions, continuing education, and institutional news. The institution maintains a solid market position as a key technical education provider in Estonia. Technically, the website is built on WordPress using the Elementor page builder, enhanced with Yoast SEO and Usercentrics for GDPR-compliant cookie management. It integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and a chat widget, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS and uses a consent management platform, but lacks explicit security headers like Content-Security-Policy and does not publicly disclose security policies or incident response procedures. No vulnerability disclosure or security.txt file is present, which could be improved to enhance transparency and trust. Overall, the website is professional, trustworthy, and well-maintained, with moderate to good scores in content quality, technical implementation, and security posture. Strategic improvements in security headers, privacy policy publication, and incident response transparency are recommended to further strengthen compliance and security maturity.

M

Morek Group

morek.eu

45

Morek Group is a medium-sized Estonian company specializing in manufacturing and distributing high-quality electrical components and electric vehicle charging solutions. With 20 years of industry experience, Morek positions itself as a trusted partner in the energy and transportation sectors, focusing on infrastructure development for electricity and electric cars. The company targets electrical industry professionals and infrastructure developers across Europe, supported by multilingual website content and a clear product catalog. Technically, the website is built on WordPress with modern JavaScript integrations, including Google Tag Manager and Facebook Pixel for analytics and marketing. The site demonstrates good performance, mobile optimization, and SEO practices, with a consent management system for cookies ensuring privacy compliance. The technical infrastructure reflects a mature digital presence suitable for a medium-sized enterprise. From a security perspective, the site enforces HTTPS and uses consent mechanisms but lacks explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. Security headers could be improved to enhance protection. Overall, the security posture is solid but could benefit from formalized policies and additional headers. The domain WHOIS data is consistent with the business claims, showing no privacy protection and a domain age appropriate for the company's 20-year history. Contact information is clearly presented, including emails, phone numbers, and physical address, enhancing business credibility. Social media presence on LinkedIn and Facebook supports trust and engagement. Recommendations include publishing security and incident response policies, adding security headers, and considering a vulnerability disclosure program to strengthen security culture and compliance.

S

Softwerk

softwerk.ee

43

Softwerk OÜ is an Estonian technology company specializing in custom business software solutions including business intelligence (BI), ERP implementations (notably Microsoft Dynamics 365), and web development using modern frameworks such as .NET and React. Established in 2012, Softwerk has positioned itself as a trusted partner for businesses in Estonia and Europe, offering tailored solutions that improve operational efficiency and data-driven decision making. The company emphasizes long-term client relationships and quality service delivery, supported by positive client testimonials and recognized partnerships such as Microsoft. Technically, the website is built on WordPress with WPBakery Page Builder, leveraging common web technologies like jQuery and FontAwesome, and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is solid with HTTPS enforced and secure form handling, but lacks advanced security headers and explicit security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, Softwerk demonstrates a mature digital presence with room for improvement in privacy and security transparency.

B

Boomerang

boomerang.ee

47

Boomerang is a well-established third-party logistics provider specializing in eCommerce fulfillment and returns management, primarily serving the Nordic region and global markets. The company positions itself as the largest return handling operator in the Nordics, offering tailored and flexible logistics solutions to online webshops. The website reflects a professional and consistent brand image with good content quality and clear business focus. Technically, the site is built on WordPress with Elementor, leveraging modern technologies such as Usercentrics for cookie consent and Google Tag Manager for analytics, indicating a moderate level of digital maturity. Security-wise, the website enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published security policies, which are areas for improvement. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

O

Oy Lunden Ab Jalostaja

jalostaja.fi

64

Oy Lunden Ab Jalostaja is a well-established Finnish food manufacturing and retail company specializing in ready meals, soups, salads, and vegan products. The company emphasizes convenience for everyday consumers and sustainability in packaging. Their website reflects a strong brand presence with consistent messaging and active engagement in para-sports sponsorship, enhancing their community involvement and brand image. Technically, the website is built on WordPress with modern SEO and tracking tools such as Yoast SEO and Google Tag Manager, ensuring good digital maturity and performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, although there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is professional, user-friendly, and compliant with GDPR requirements, supporting a high trust level for visitors and customers.

L

Latitude59

latitude59.ee

53

Latitude59 is a well-established flagship startup and technology event based in Estonia, with a history dating back to 2012. It serves as a key platform for startups, investors, partners, and media to connect and showcase innovation. The website reflects a mature event organization with a strong international presence, offering pitch competitions, investor days, and satellite events worldwide. The business model centers on event management and ecosystem development within the technology sector. Technically, the website is built on WordPress using Elementor and integrates modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and PixelYourSite. The site is optimized for SEO and mobile devices, with a good user experience and clear navigation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is good, with a comprehensive privacy and cookie policy and GDPR adherence. However, the site lacks explicit security policies, incident response contacts, and terms of service pages, which could enhance trust and compliance. Overall, Latitude59's website demonstrates a professional, secure, and privacy-conscious digital presence aligned with its business objectives.

E

Evocon

evocon.com

61

Evocon is a Denmark-based company specializing in user-friendly OEE (Overall Equipment Effectiveness) software designed to help manufacturing companies automate data collection from machines and provide real-time production performance insights. The company targets manufacturers seeking to improve productivity, reduce waste, and enhance operational efficiency. Their market position is supported by a global client base and trusted brand presence, including notable manufacturing partners. Technically, the website is built on WordPress with modern integrations such as HubSpot, Google Tag Manager, and Hotjar, indicating a mature digital infrastructure. Performance and mobile optimization are good, though accessibility features are basic. Security posture is solid with HTTPS enforced and domain transfer protections in place, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service found. Overall, the website reflects a professional and credible business with room for improvement in privacy and security transparency.

F

FM Capital Consulting Ltd.

capital-consulting.com

48

FM Capital Consulting Ltd. is a well-established Estonian finance consulting firm specializing in worldwide company registration, bookkeeping, compliance, legal support, and tax planning services. The company targets businesses and entrepreneurs, including startups and fintech companies, offering tailored corporate and tax advantage solutions. Their market position is that of a niche consulting provider with expertise in cross-border transactions and fintech licensing. The website is professionally designed with good content quality and clear navigation, supporting their business credibility. Technically, the website is built on WordPress with common plugins such as Yoast SEO, Slider Revolution, and WPBakery Page Builder. It uses modern tracking and analytics tools including Google Analytics and LinkedIn Insight Tag. Performance and mobile optimization are good, though accessibility is basic. The hosting provider is not explicitly identified but the domain is registered with GoDaddy and uses DNS servers from zone.eu and zone.ee. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. No privacy or cookie policies are present, which is a compliance gap especially given the use of tracking technologies. Contact information is clearly provided, enhancing trust. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the website presents a moderate risk profile with strengths in business credibility and technical implementation but weaknesses in privacy compliance and security best practices. Strategic improvements in privacy policy implementation, cookie consent, and security headers would enhance their security posture and compliance standing.

H

Horizon Geosciences

horizon-geosciences.com

50

Horizon Geosciences is a medium-sized, established company specializing in worldwide marine survey, geotechnical services, and offshore vessel operations. Founded in 2004, the company serves key sectors including oil & gas, renewables, civil, utilities, subsea, and offshore construction. Their website reflects a professional and consistent brand with detailed service offerings and a growing fleet of specialized vessels. Technically, the site is built on WordPress with Elementor, hosted on Bluehost, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and domain transfer protection, though improvements are recommended in DNSSEC and security headers. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is trustworthy and well-positioned in its market niche.

I

Iutecredit

iutecredit.md

62

Iutecredit is a Moldovan financial services company specializing in instant credit products, refinancing, and smart shopping solutions. The company leverages a mobile application (Myiute) and an extensive ATM network to provide convenient access to financial services. The website reflects a mature digital presence with a focus on user experience and mobile accessibility. The business is positioned as a trusted player in the Moldovan microfinance sector with over 15 years of operational history through its parent company, Iute Group AS. Technically, the website is built on WordPress and integrates multiple analytics and marketing tools, indicating a well-developed digital marketing strategy. Security posture is strong with HTTPS, security headers, and reCAPTCHA usage, though some improvements in cookie consent and incident response transparency are recommended. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

N

Nord Projekt

nordprojekt.ee

42

Nord Projekt is a leading Estonian architecture and engineering bureau offering comprehensive design and project management services. The company emphasizes creativity, precision, and quality across all project phases, serving clients seeking professional architectural and engineering solutions. Their market position is strong within Estonia, supported by a portfolio of notable projects and ISO 9001 certification. The website is built on WordPress with modern plugins and demonstrates good digital maturity, including multilingual support and SEO optimization. Security posture is solid with HTTPS enabled, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. Contact information is clearly provided, enhancing business credibility. Overall, the site reflects a professional and trustworthy business presence.

S

Spring

springadvertising.com

62

Spring is an independent creative advertising agency based in Vancouver, Canada, established in 2005. The company offers a broad range of services including strategy, design, advertising, branding, digital, and on-demand creative services. They have a strong market presence with a focus on real estate marketing and have worked with over 100 brands across more than 70 industries. The website reflects a professional and consistent brand image with clear navigation and good content quality. Technically, the site is built on WordPress with modern plugins and SEO tools, hosted by Automattic Inc., ensuring reliable infrastructure and good performance. Security posture is solid with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is basic but present, with privacy and cookie policies including consent mechanisms. Contact information is complete and easily accessible, enhancing business credibility. Overall, the website is trustworthy and well-maintained, suitable for its target audience.

AuditPartner is a small Estonian auditing and financial consulting firm with a website primarily in Estonian and an English language option. The company positions itself as a professional service provider focusing on seeing beyond the numbers, targeting businesses requiring auditing and financial services. The website is built on WordPress with common web technologies such as jQuery and Bootstrap, indicating a standard but modern technical infrastructure. Performance and mobile optimization are moderate to good, with basic SEO and accessibility features. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers and visible security policies such as privacy, cookie, or incident response policies. No vulnerability disclosure or security.txt files are present, and no contact information such as emails or phone numbers are explicitly provided on the homepage. These gaps reduce the overall privacy compliance and security posture scores. Overall, the website is functional and professionally designed but lacks critical compliance and security transparency elements. The domain WHOIS data is consistent with the business claims, supporting legitimacy. Strategic improvements in privacy policy publication, security headers, and contact transparency would enhance trust and compliance.

M

M-Partner

mpartner.ee

41

M-Partner is an established Estonian recruitment company specializing in the effective hiring of managers and specialists, with over 20 years of experience and more than 1000 successful recruitments. Their business model focuses on full search and headhunting services, targeting Estonian companies seeking qualified personnel. The website reflects a professional and consistent brand image, supported by client logos and clear service descriptions. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates essential tools such as Google Tag Manager and reCAPTCHA, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement, email obfuscation, and cookie consent mechanisms, though additional security headers and formal policies could enhance protection. Overall, the site is accessible, well-structured, and compliant with GDPR, presenting a trustworthy and credible online presence.

O

Ouman Oy

ouman.fi

67

Ouman Oy is a Finnish company specializing in building automation and energy efficiency solutions, targeting property owners, automation contractors, housing companies, and related sectors primarily in the Baltic Sea region. The company offers smart controllers, IoT solutions, and energy optimization services, positioning itself as a key player in energy-efficient building management. The website reflects a mature digital presence with professional design, multilingual support, and comprehensive product and solution information. Technically, the site is built on WordPress with modern analytics and marketing integrations such as Google Analytics, HubSpot, and Facebook Pixel. Security measures include HTTPS enforcement and CAPTCHA-protected forms, though explicit security headers and policies are not fully implemented. Overall, the site demonstrates good security hygiene and business credibility, with room for improvement in privacy compliance documentation and security transparency.

F

Fortaco Group

fortacogroup.com

71

Fortaco Group is a leading brand-independent strategic partner specializing in manufacturing technology, vehicle cabins, steel fabrications, and vehicle assemblies primarily serving the heavy off-highway equipment and marine industries. Established in 2012, the company has positioned itself as a key player in Europe with a strong focus on quality, delivery performance, and operational excellence. Their business model revolves around providing comprehensive value chain solutions to global customers, emphasizing flexibility, reliability, and innovation in manufacturing processes. The website infrastructure is built on WordPress, leveraging modern plugins such as Yoast SEO and MonsterInsights for analytics and SEO optimization. The site demonstrates good mobile responsiveness, clear navigation, and professional design, supporting a positive user experience. Technical implementation is solid with HTTPS enforced, though there is room for improvement in security headers and DNSSEC deployment. Security posture is generally good, with no critical vulnerabilities detected. The domain registration is consistent with the business claims, showing a stable and legitimate presence. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. However, explicit security policies and incident response contacts are not publicly available, which could be enhanced to improve trust and compliance. Overall, Fortaco Group's digital presence reflects a mature and professional organization with a strong market position. Strategic recommendations include enhancing DNS security, publishing detailed security policies, and expanding contact information for incident response to further strengthen their security and compliance posture.

L

Lindab

lindab.si

40

Lindab.si is a Slovenian content and blogging website established in 2022, offering articles on a variety of topics including home, health, sports, services, and technology. The site targets a general Slovenian-speaking audience interested in diverse lifestyle and technology content. The business model is primarily content publishing with no direct e-commerce or transactional services evident. The website is built on WordPress CMS, utilizing Yoast SEO for search optimization and Google reCAPTCHA for form security. The technical infrastructure is modern and moderately performant with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enforced and form protection via reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy page present but no cookie consent mechanism detected. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the website is legitimate, consistent with its domain registration data, and presents a moderate trust level. Strategic improvements in privacy compliance, security policy transparency, and contact information availability would enhance credibility and user trust.

R

Roadplan

roadplan.ee

48

Roadplan is an Estonian company specializing in road project design, outdoor space projects, and consulting services. Founded in 2013, it positions itself as a leading road project designer in Estonia, targeting clients who require sustainable and innovative solutions for their outdoor environments. The website content is primarily in Estonian and focuses on communicating the company's expertise and service offerings. Technically, the website is built on WordPress and uses modern web technologies including Google Fonts, Google Analytics, Google Tag Manager, and reCAPTCHA for form security. The site is hosted by Zone Media OÜ, a known Estonian hosting provider. Performance and mobile optimization are good, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the website uses HTTPS with a valid SSL certificate and employs reCAPTCHA to protect forms. However, it lacks important security headers and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional and functional but lacks comprehensive privacy and cookie policies, explicit contact information, and detailed security disclosures. These gaps reduce its privacy compliance and slightly impact trustworthiness. Strategic improvements in these areas would enhance the site's security posture and user trust.

T

TF Bank

tfbankgroup.com

66

TF Bank operates as an internet-based niche bank offering consumer banking services through a proprietary IT platform emphasizing automation. The website presents a professional image consistent with a financial institution targeting consumers seeking streamlined online banking solutions. The technical infrastructure is built on WordPress CMS, utilizing modern web technologies such as jQuery and Cookiebot for cookie consent management, alongside Google Tag Manager for analytics. The site is secured with HTTPS, and cookie consent is actively managed, reflecting a commitment to privacy compliance. However, the absence of WHOIS data for the domain group.tfbank.se raises questions about domain registration legitimacy, although the website content itself appears credible and well-maintained. Security posture is solid with HTTPS and consent mechanisms, but could be improved by adding explicit security headers and detailed privacy and security policies. Overall, the site demonstrates a good balance of professionalism, technical maturity, and privacy awareness, with room for enhanced transparency and security documentation.

L

Laser Diagnostic Instruments

ldi.ee

44

Laser Diagnostic Instruments (LDI) is an Estonian-based company specializing in advanced oil spill detection systems and water monitoring sensors. Their flagship product, the ROW (Remote Optical Watcher), provides autonomous, non-contact detection of oil spills and algal blooms, serving industrial and environmental clients globally. The company has a strong niche market position with installations across multiple continents and industries including energy, water treatment, and shipping ports. The website reflects a professional and consistent brand image with detailed product information and client testimonials, supporting their credibility in the environmental monitoring sector. Technically, the website is built on WordPress with modern plugins and frameworks, offering good performance and mobile optimization. Security posture is solid with HTTPS and standard best practices, though improvements are recommended in cookie consent and security headers. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, LDI presents a trustworthy and professional digital presence aligned with their business objectives.

S

Sparkup

teaduspark.ee

45

Sparkup Tartu Teaduspark is a well-established science and technology park based in Tartu, Estonia, founded in 2010. It serves as a hub for science- and technology-intensive startups and scaleups, offering incubation, acceleration, business development services, and rental spaces. The organization supports companies through various programs including Sparkup Inkubaator, ESA BIC Estonia, and multiple thematic accelerators focused on energy, climate, defense, and logistics. The website reflects a mature digital presence with a modern WordPress-based infrastructure, leveraging Elementor for design and Google Tag Manager and Facebook Pixel for analytics and marketing. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, primarily in Estonian. Overall, the site demonstrates good professionalism, clear navigation, and strong business credibility, positioning Sparkup as a key player in the Estonian innovation ecosystem.

E

Eesti Keskkonnauuringute Keskus OÜ

klab.ee

40

Eesti Keskkonnauuringute Keskus OÜ is a government-affiliated Estonian company specializing in chemical, physical, and microbiological laboratory analyses, geotechnical studies, and environmental condition modeling. The company positions itself as a leading environmental research and laboratory service provider in Estonia, serving government bodies, environmental agencies, and research institutions. Their website reflects a professional and consistent brand image with a clear focus on environmental services and scientific expertise. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site includes a consent management platform (Usercentrics) for cookie compliance and integrates Google Tag Manager for analytics. Performance and mobile optimization are good, though accessibility features are basic. The hosting and domain registration are consistent with an Estonian government-related entity, registered since 2013. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, but lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of a security.txt or vulnerability disclosure policy is noted as an area for improvement. Overall, the website demonstrates a solid business credibility and technical foundation with room for enhanced security and privacy policy transparency. The risk profile is low, but strategic improvements in security headers and formal policies would strengthen trust and compliance.

A

askRobin México

askrobin.com

57

askRobin México operates as an online loan search platform targeting Mexican consumers seeking personal loans and debt liquidation options. The platform aggregates offers from multiple financial institutions to provide tailored financing proposals. The website is built on WordPress with a modern tech stack including jQuery, Bootstrap Slider, and integrates marketing and tracking tools such as Google Tag Manager, Facebook Pixel, and SalesManago. The site is well-structured, mobile-optimized, and provides clear navigation and content relevant to its audience. Security posture is adequate with HTTPS enforced, but lacks some security headers and cookie consent mechanisms. WHOIS data for the subdomain is unavailable, which slightly impacts trust but the presence of partner logos and privacy policies supports legitimacy. Overall, the site presents a professional and functional digital presence for its business model.

L

Likewize

brightstar.com

67

Likewize is a technology service provider focused on offering comprehensive protection and support for technology disruptions. The company positions itself as a reliable partner for consumers and businesses seeking to mitigate technology-related issues. The website is professionally designed using WordPress CMS, enhanced with SEO tools like Yoast, and incorporates modern tracking and consent technologies such as Google Tag Manager and OneTrust. While the site is accessible and well-structured, it lacks explicit privacy and terms of service documentation, as well as direct contact information, which are important for trust and compliance. The absence of WHOIS data raises questions about domain registration legitimacy, though the website content suggests a legitimate business presence. Security posture is generally good with HTTPS and cookie consent, but could be improved by adding security headers and incident response contacts.

I

Indevex

indevex.com

54

Indevex is a small healthcare-focused company specializing in the development of science-based nutritional products, such as NGC®, aimed at supporting health, recovery, and performance. The company positions itself as a niche innovator leveraging clinical research to back its product offerings. The website reflects a professional and consistent brand image with good content quality and SEO optimization, targeting health-conscious consumers and athletes. Technically, the site is built on WordPress 6.8.1, utilizing modern technologies including Google Tag Manager for analytics and Cookiebot for cookie consent management. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the domain is legitimate, long-established since 1999, and registered through a reputable registrar without privacy protection, supporting trustworthiness. Strategic improvements in privacy transparency, security headers, and contact information publication are recommended to enhance compliance and user trust.

D

Domestack

domestack.com

51

Domestack is a small technology company specializing in tailored software development services across various business sectors. Founded in 2018, the company presents a professional online presence with a well-structured website built on WordPress and Elementor. The site targets businesses seeking custom software solutions and emphasizes expertise in multiple technologies. Technically, the website employs modern tools including Google reCAPTCHA for form security and EWWW Image Optimizer for performance enhancements. SSL is properly configured, ensuring secure communications. However, the absence of explicit privacy policies, terms of service, and direct contact details limits full compliance and trust transparency. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Overall, the website is functional and professional but would benefit from enhanced privacy and security disclosures.

L

LVM Kinnisvara

lvm.ee

46

LVM Kinnisvara is a well-established Estonian real estate company providing comprehensive property services including sales, valuation, development, and brokerage. The company operates across major Estonian cities with multiple office locations and a professional online presence. Their website is built on WordPress with modern plugins and integrates marketing and analytics tools to engage and track users effectively. Security measures such as HTTPS, CAPTCHA on forms, and cookie consent mechanisms are implemented, though some security headers could be improved. The domain registration data aligns well with the business profile, indicating legitimacy and a mature online presence.

J

Jolos

jolos.eu

44

Jolos is a full spectrum creative agency based in Estonia, specializing in world-class event production, branding, campaigns, and live and virtual events. The company positions itself as a high-quality, professional agency focused on delivering unique and memorable experiences for brands and organizations. The website reflects a mature digital presence built on WordPress, leveraging modern optimization and analytics tools such as Google Analytics and Tag Manager with IP anonymization enabled. The site is well-designed, mobile-optimized, and rich in multimedia content, showcasing detailed case studies and team profiles that enhance trust and professionalism. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of security headers and formal security policies suggests room for improvement. Privacy compliance is limited due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the domain registration aligns with the business claims, indicating legitimacy and trustworthiness.

F

FDF

fdf.dk

57

FDF.dk is the official website of FDF, a Danish voluntary youth organization focused on outdoor activities and community engagement for children and young people. The organization has an established presence since 1996, reflected in the domain age and consistent WHOIS data. The website is built on WordPress and uses modern frontend technologies such as Bootstrap and Google Fonts, providing a good user experience with mobile responsiveness and clear navigation. The site employs a comprehensive cookie consent mechanism compliant with GDPR, detailing cookie categories and third-party data processors. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though DNSSEC is not enabled and security headers are not explicitly detected, representing areas for improvement. No direct contact information or security policies are found, which could be enhanced to improve trust and compliance. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its audience effectively.

N

Nordic Hotel Forum

nordichotels.eu

51

Nordic Hotel Forum is a modern four-star superior hotel located in the heart of Tallinn, Estonia, just 150 meters from the Old Town. The hotel targets business travelers, conference attendees, and tourists seeking quality accommodation and conference facilities. The website is built on WordPress using the Avada theme and integrates WooCommerce for e-commerce capabilities. It employs modern analytics and marketing tools such as Google Analytics, Hotjar, Google Tag Manager, and Cookiebot for cookie consent management. The site is well-structured with good SEO and mobile optimization, providing a professional user experience. Security posture is strong with HTTPS and cookie consent mechanisms, though it lacks some HTTP security headers and formal privacy and terms of service pages. WHOIS data is not publicly available due to EURid privacy policies, which is typical for .eu domains. Overall, the website represents a legitimate hospitality business with moderate digital maturity and good security hygiene.

K

Kinema

kinema.eu

56

Kinema OÜ is a small Estonian company specializing in the sale, installation, and maintenance of modern garage doors, industrial lifting doors, loading equipment, and access control systems. The company targets both industrial and private customers within Estonia, positioning itself as a local provider of comprehensive door and automation solutions. The website is built on WordPress with WooCommerce components, integrating modern analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and Cookiebot for consent management. The technical infrastructure is modern and moderately optimized for performance and mobile use, though accessibility features are basic. Security posture is good with HTTPS enabled and cookie consent implemented, but could be improved by adding explicit security headers and publishing formal privacy and security policies. No contact emails or phone numbers were found in the provided content, which limits direct customer engagement visibility. Overall, the website reflects a professional small business with consistent branding and a clear business focus, but with room for improvement in privacy compliance and security transparency.

N

Nordic Consult

nordicconsult.ee

40

Nordic Consult is a small Estonian corporate services provider specializing in online company registration, legal address provision, accounting, and e-Residency support. Established since 1997, it targets entrepreneurs and e-Residents seeking efficient company formation in Estonia. The website is built on WordPress with SEO and form plugins, offering a user-friendly experience with clear navigation and relevant content. Technically, the site is hosted via Zone Media OÜ and uses HTTPS with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and secure form handling but lacks important security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from improved privacy and security practices.

T

The Institute of World Politics

iwp.edu

58

The Institute of World Politics is a specialized graduate school focused on educating future leaders in national security, intelligence, diplomacy, and military strategy. It offers a range of graduate degree programs, certificates, and continuing education opportunities tailored to professionals and students seeking careers in statecraft and international affairs. The institution positions itself as a niche leader with a strong emphasis on scholar-practitioner faculty and practical skills development. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and integrations such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag for analytics and marketing. The site is hosted likely on SiteGround, with good mobile optimization, accessibility, and SEO practices. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, employs standard security headers, and does not expose sensitive data in the HTML. However, there is no publicly visible security policy or incident response page, and no vulnerability disclosure mechanism was found. The WHOIS data is unavailable or restricted, typical for .edu domains, but the domain's legitimacy is supported by the content and .edu status. Overall, the site demonstrates a strong professional presence with good security hygiene, though it could improve transparency around security policies and incident response. The business is credible and well-positioned in its educational niche, with a clear target audience and robust digital infrastructure.

M

MyHome OÜ

myhome.ee

42

MyHome OÜ operates a professional real estate brokerage and property management business primarily serving the Estonian market with additional offerings in Spain. The company provides services including property sales, rentals, management, and interior design. The website reflects a well-established small business with a consistent brand and a focus on quality customer service, as evidenced by testimonials and detailed property listings. The technical infrastructure is based on WordPress with common plugins and integrations such as Google Analytics, Google Tag Manager, and Mailchimp, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, with structured data enhancing search visibility. Security posture is adequate with HTTPS and some security best practices, but lacks advanced headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security transparency.

F

Ferdio

ferdio.com

57

Ferdio is a Denmark-based visual communication agency founded in 2014, specializing in creating infographics, animations, presentations, and other visual storytelling content. The company targets businesses and organizations that require professional visual explanations of complex information. Their market position is supported by a portfolio featuring notable clients and a consistent brand presence across their website and social media channels. Technically, the website is built on WordPress hosted on WP Engine, utilizing modern web technologies such as jQuery, Vimeo API, and Google Analytics, with good mobile optimization and SEO practices. Security-wise, the site uses HTTPS with a valid SSL certificate and implements cookie consent mechanisms compliant with GDPR. However, there is room for improvement in security headers and publishing formal security policies or incident response plans. Overall, Ferdio presents a professional, trustworthy, and well-maintained digital presence with moderate technical maturity and good privacy compliance.

C

Chudovo

chudovo.com

60

Chudovo is a well-established software development company founded in 2004, offering a broad range of IT services including custom software development, dedicated development teams, application maintenance, and cloud development. The company targets businesses seeking scalable and innovative software solutions, leveraging AI and machine learning technologies to enhance delivery speed and quality. With multiple international offices and a strong portfolio of over 160 projects, Chudovo positions itself as a reliable partner in the technology sector. Technically, the website is built on WordPress with modern frameworks like Bootstrap and jQuery, optimized for mobile and SEO. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. The site uses standard plugins for forms and code highlighting, and implements lazy loading for images to improve load times. From a security perspective, the site enforces HTTPS and employs clientTransferProhibited domain status, but lacks DNSSEC and advanced security headers. Contact forms include CAPTCHA and an NDA option, enhancing data protection. However, no explicit security policy or incident response contacts are published, and no vulnerability disclosure mechanism is present. Overall, the website demonstrates a solid business and technical foundation with good content quality and user experience. Security posture is adequate but could be improved with additional headers and policies. Privacy compliance is basic, with cookie consent present but no dedicated privacy policy page detected. The domain WHOIS data aligns well with the business claims, supporting legitimacy and trustworthiness.

M

MasterBase®

masterbase.com

70

MasterBase® is a Spanish technology company specializing in providing access to multi-skilled automation tools designed to enhance productivity and improve quality of life. The website is professionally designed using WordPress and Elementor, targeting Spanish-speaking professionals and businesses interested in automation solutions. The company has a mature domain presence dating back to 2002, indicating a stable market position within its niche. Technically, the website leverages modern technologies including Cloudflare DNS, Cookiebot for cookie consent, Google Tag Manager for analytics, and Rank Math for SEO optimization. Hosting is provided by WordPress.com, ensuring reliable infrastructure. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features could be improved. From a security perspective, the website enforces HTTPS with a strong SSL configuration and employs clientTransferProhibited status on the domain to prevent unauthorized transfers. Cookie consent mechanisms are in place, but the absence of DNSSEC and lack of published security policies or incident response contacts represent areas for enhancement. No critical vulnerabilities or suspicious activities were detected. Overall, the website presents a moderate risk profile with good business credibility and technical implementation. Strategic improvements in privacy compliance, explicit contact information, and security policy transparency would further strengthen trust and compliance posture.

M

Myoton AS

myoton.com

60

Myoton AS is a specialized company providing advanced digital palpation devices (MyotonPRO) for measuring muscle tone, stiffness, and elasticity. Their products serve medical professionals, sports scientists, and researchers, positioning them as a niche leader in soft tissue assessment technology. The company has a well-established online presence with a website created on a WordPress platform, optimized for SEO and mobile use, and supported by modern analytics tools such as Google Analytics and Plausible Analytics. Hosting and DNS services are managed via Cloudflare, ensuring reliable performance and security. Security posture is solid with HTTPS enforced and domain transfer protections in place, though improvements could be made by adding security headers and a cookie consent mechanism to enhance GDPR compliance. The WHOIS data confirms the domain's legitimacy with a long registration history dating back to 2004 and no privacy protection, aligning with the company's transparency. Overall, the website is professional, trustworthy, and well-suited for its target audience, with minor recommendations to improve privacy compliance and security headers.

S

Sisustuskoda OÜ

sisustuskoda.ee

42

Sisustuskoda OÜ is a small Estonian company specializing in custom-made furniture, particularly kitchen furniture for residential customers. Established in 2014, the company positions itself as a provider of quality, durable, and design-focused furniture solutions. Their website reflects a professional and consistent brand image, targeting consumers seeking bespoke interior furnishings. The business operates primarily in the retail sector with a local market focus in Estonia. Technically, the website is built on WordPress using the Astra theme and WooCommerce for e-commerce capabilities. It integrates modern tools such as Google Tag Manager and Google reCAPTCHA to enhance functionality and security. The site is mobile-optimized and demonstrates good SEO practices through structured data and meta tags. Hosting appears to be managed by Zone Media OÜ, consistent with the domain's Estonian registration. From a security perspective, the site uses HTTPS and includes reCAPTCHA to protect forms, but lacks explicit security headers and published security or incident response policies. Privacy and cookie policies are absent, posing compliance risks under GDPR. No vulnerability disclosure or security contact information is provided, which could impact trust and incident handling readiness. Overall, the website is functional and credible for its business purpose but would benefit from enhanced privacy compliance, improved security headers, and transparent security policies to strengthen its security posture and regulatory adherence.

N

Nordic Automation Systems

nasys.no

62

Nordic Automation Systems is a specialized technology company providing end-to-end LoRaWAN-based smart city and remote metering solutions. Their offerings include smart streetlight controllers, utility metering products for gas, water, and heat, as well as gateways and energy monitoring solutions. The company targets smart city planners, utility providers, telco operators, and system integrators, positioning itself as a niche provider with in-house R&D and production capabilities enabling rapid market rollout. The website is professionally designed, content-rich, and well-structured, supporting a positive user experience and clear navigation. Technically, the site is built on WordPress with WooCommerce, leveraging modern JavaScript libraries and SEO plugins, and is mobile-optimized with moderate performance. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers are missing and no explicit incident response or vulnerability disclosure policies are published. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is justified for this business type. Overall, the website reflects a credible and professional business presence with room for security and privacy improvements.

H

Horizon Pulp & Paper Ltd

horizon.ee

53

Horizon Pulp & Paper Ltd is a well-established European manufacturer specializing in 100% virgin sack kraft paper, serving packaging applications and exporting to over 70 countries. The company has a solid market position as a leading manufacturer in its sector, with a business model focused on manufacturing and international export. The website reflects a professional corporate presence with good content quality and consistent branding, targeting industrial and business clients in need of packaging materials. Technically, the website is built on a modern WordPress platform using WooCommerce for e-commerce capabilities, Elementor for page building, and Yoast SEO for search engine optimization. The site demonstrates good mobile optimization and moderate performance, with integration of analytics tools such as Google Analytics and Plausible Analytics. Hosting appears to be managed by Elkdata OÜ, consistent with the domain registration data. From a security perspective, the site uses HTTPS with excellent SSL configuration and no visible exposed sensitive data. However, there is a lack of explicit security headers and no published security or incident response policies. Privacy compliance is partially addressed through a cookie consent mechanism, but the absence of a clear privacy policy and terms of service pages represents a compliance gap. No contact information or incident response contacts were found, limiting user trust and support options. Overall, the website is functional, professional, and secure in basic terms but would benefit from enhanced privacy and security disclosures to improve compliance and user trust. Strategic recommendations include publishing comprehensive privacy and terms policies, adding security headers, and providing clear contact channels for security incidents and data protection inquiries.

Bole is a company specializing in innovative and sustainable flooring solutions, prominently featuring their unique product that follows the natural growth of trees. The website positions Bole as an innovator in the manufacturing sector, targeting design professionals and environmentally conscious consumers. The digital infrastructure is built on WordPress with modern JavaScript libraries and tracking tools such as Google Analytics and Facebook Pixel, indicating a moderate level of digital maturity. The website is mobile optimized and provides a catalog download feature through a secure form submission process. Security posture is adequate with HTTPS enabled and secure form handling, but lacks important security headers and visible privacy and terms policies, which are critical for compliance and trust. Overall, the website is professional and functional but would benefit from enhanced transparency and security practices.