Security Directory

A

ActusQ SIA

actusq.lv

61

ActusQ SIA is a specialized Latvian company focusing on agricultural investment consulting and asset management. They serve a diverse clientele including farming families, institutional investors, and international organizations, offering services in investments, accounting, legal, tax, and agricultural real estate. The company positions itself as a trusted local expert with a comprehensive one-stop approach tailored to the Latvian market. Technically, the website is built on WordPress with modern plugins and frameworks, featuring responsive design and integrated analytics. Security posture is solid with HTTPS, reCAPTCHA protection on forms, and cookie consent mechanisms, though explicit security headers are not detected and could be improved. The absence of WHOIS data limits domain trust verification, but the website content and business information appear professional and consistent. Overall, the site demonstrates good digital maturity and business credibility with room for enhanced security hardening.

RD ALFA Microelectronics is a Latvian technology company specializing in microelectronics, particularly in advanced UV-C photodetectors and radiation-hardened analog integrated circuits. The company collaborates with academic institutions and participates in European research projects, positioning itself as a key player in the European photonics and space sectors. Their business model focuses on B2B industrial technology development and research partnerships, targeting aerospace, defense, and environmental monitoring markets. The company has been operational since at least 2002 and holds ISO 9001:2008 certification, enhancing its credibility. Technically, the website employs legacy technologies such as jQuery 1.6.1 and Fancybox 1.3.1, with Google Analytics for user tracking. The site shows moderate performance and basic mobile optimization but lacks modern security headers and visible HTTPS confirmation in the provided data. The absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. From a security perspective, no critical vulnerabilities or exposed sensitive data were detected, but the use of outdated libraries and missing security headers present potential risks. The lack of incident response contact information and vulnerability disclosure policies further limits the security posture. Overall, the site demonstrates moderate security maturity but requires improvements to meet best practices. The overall risk assessment suggests the company is legitimate and credible but should prioritize updating its technical stack, implementing comprehensive privacy and cookie policies, and enhancing security configurations to improve trust and compliance.

SIA HYDROX is a well-established Latvian company founded in 2012, specializing in the supply and maintenance of laboratory equipment and reagents. It holds a leading market position in Latvia and the Baltic states, serving medical, scientific research, and industrial sectors. The company offers a comprehensive range of products from simple pipette tips to fully automated laboratory systems, complemented by installation, warranty service, and expert consultation. The website reflects a professional digital presence with clear business information, contact details, and compliance with privacy regulations. Technically, the site is built on WordPress with modern optimization and tracking tools, ensuring good performance and SEO. Security posture is solid with HTTPS and secure form handling, though some security headers and policies could be improved. Overall, the company demonstrates a credible and trustworthy online presence aligned with its business scope.

C

CV (Christian Vision)

cvglobal.co

64

CV (Christian Vision) is a medium-sized global Christian non-profit ministry focused on evangelism, digital outreach, and education. The organization partners with individuals, ministries, and churches worldwide to advance the Great Commission through innovative tools, courses, and impactful content. Their market position is well-established within the Christian non-profit sector, leveraging digital platforms and multimedia resources to engage diverse audiences. Technically, the website is built using modern frameworks such as Astro, with content delivery supported by Cloudflare Stream and Google Analytics for insights. The site demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. The use of cookie consent and privacy policies indicates attention to privacy compliance. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms but lacks explicit security headers and incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is fully redacted, a common practice for non-profits, which slightly limits domain transparency but does not detract from overall trustworthiness. Overall, CV Global presents a professional, trustworthy, and well-maintained online presence suitable for its mission-driven activities. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen security posture and stakeholder trust.

C

Cook Systems

cooksys.com

60

Cook Systems is a well-established IT and engineering staffing and enterprise solutions provider with over 30 years of experience. The company focuses on delivering elite talent and scalable technology solutions across sectors including IT, AI, cloud computing, aerospace, and government. Their market position is strengthened by a veteran-owned business certification and a professional digital presence. Technically, the website is built on WordPress using Oxygen Builder, integrates modern tools like Google Analytics and reCAPTCHA, and is hosted on AWS infrastructure. While the site is well-designed and mobile-optimized, it lacks explicit privacy and cookie policies, and security headers are not evident, representing areas for improvement. The domain registration is consistent with the business claims, showing long-term ownership and no privacy protection, which supports legitimacy. Overall, the security posture is moderate with good SSL but missing some best practices. Strategic recommendations include enhancing security headers, enabling DNSSEC, and publishing comprehensive privacy and security policies to improve compliance and trust.

S

Scandagra

scandagra.lv

53

Scandagra Latvia operates as a regional agricultural company specializing in the supply of agricultural raw materials and grain procurement services, including conventional and organic grains. The company targets Latvian farmers and agricultural businesses, positioning itself as a knowledgeable and experienced partner with over 15 years in the market. The website reflects a professional digital presence built on WordPress, integrating modern web technologies such as Google Analytics and Tag Manager for performance and marketing insights. The site is well-structured, mobile-optimized, and SEO-friendly, supporting effective user engagement. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy and cookie policies are lacking. WHOIS data could not be retrieved due to query limits, limiting domain registration verification. Overall, the website demonstrates a credible and professional business presence in the Latvian agricultural sector.

E

Edurio

edurio.com

57

Edurio is a UK-based education technology company specializing in providing unlimited school surveys and stakeholder feedback tools to schools and multi-academy trusts. Their platform enables educational institutions to gather insights from pupils, parents, and staff, supported by robust national benchmarking data. The company is well-positioned in the UK education sector, trusted by over 150 trusts and 2,000 schools, offering a comprehensive suite of survey templates, national reports, webinars, and resources to support school improvement and wellbeing. Technically, the website is built on WordPress with extensive integration of HubSpot marketing and analytics tools, including forms, messaging, and tracking. The site uses modern JavaScript libraries such as Swiper.js for UI components and is optimized for performance and mobile responsiveness. SEO and accessibility practices are well implemented, with structured data and Open Graph metadata enhancing search engine visibility and social sharing. From a security perspective, the site enforces HTTPS and uses secure HubSpot forms, with a cookie consent mechanism in place. However, there is a lack of explicit security policies, incident response information, and vulnerability disclosure details. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data for the subdomain is unavailable, which is typical, but the main domain's legitimacy is supported by the professional web presence and trust indicators. Overall, Edurio presents a professional, secure, and user-friendly digital presence aligned with its business goals in the education sector. Strategic improvements include publishing comprehensive privacy and security policies and enhancing transparency around data protection and incident response.

J

Junior Achievement Latvia

jalatvia.lv

48

Junior Achievement Latvia is a well-established non-profit educational organization founded in 1991, focusing on practical business education and leadership development for youth in Latvia. The website serves as a portal for students, teachers, and schools to access programs such as student companies, leadership initiatives, and career shadowing events. The organization maintains partnerships with reputable entities such as Swedbank and the Latvian Investment and Development Agency, enhancing its credibility and reach. Technically, the website employs standard web technologies including jQuery, Slick Carousel, Google Analytics, and Facebook SDK. It uses HTTPS and has a moderate performance profile with basic mobile optimization. However, it lacks some modern security headers and cookie consent mechanisms, which are recommended for compliance and security enhancement. From a security perspective, the site shows good practices like HTTPS usage and no visible sensitive data exposure. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the presence of clear contact information, privacy policy, and partner logos supports trustworthiness. The site does not currently provide explicit security policies or incident response contacts. Overall, the website is professional, content-rich, and serves its educational mission effectively. Strategic improvements in security headers, cookie consent, and transparency around security policies would further strengthen its posture and compliance.

B

Barbara Bula Arhitekti

aistudija.lv

44

Barbara Bula Arhitekti is a small architectural and interior design studio based in Latvia, specializing in architecture and interior design projects for commercial and residential clients. The website showcases a comprehensive portfolio of projects, indicating an established presence since 2005. The technical infrastructure is built on GravCMS with Gantry5 framework and UIkit frontend, incorporating modern web technologies and Google Analytics for visitor insights. The site is mobile optimized and provides a cookie consent mechanism aligned with privacy best practices. Security posture is moderate with HTTPS enabled and IP anonymization for analytics, but lacks explicit security headers and detailed privacy policies. Overall, the website presents a professional and trustworthy image but would benefit from enhanced transparency and security documentation.

S

Sintec UK Limited

sintec.uk.com

54

Sintec UK Limited is a medium-sized international contractor specializing in mechanical and electrical installation services with a global footprint including offices in the UK, USA, and UAE. The company offers a comprehensive suite of services including electrical installation, design, procurement, commissioning, and project management, serving industries such as manufacturing, automotive, retail, and logistics. Their website reflects a professional and consistent brand image with clear business messaging and a portfolio of over 200 completed projects. Technically, the website is built on WordPress with modern web technologies and includes analytics tools like Google Analytics and Yandex Metrika, indicating a mature digital presence. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit security or incident response policies are published. The absence of WHOIS registration data for the domain sintec.uk.com is a notable concern, potentially indicating domain registration issues or privacy protection, which slightly impacts the overall trustworthiness assessment. Overall, the website and business appear legitimate and professional, but domain registration verification is recommended to fully confirm legitimacy.

C

CCF Baltija SIA

ccfbaltija.com

51

CCF Baltija SIA is a well-established wholesale and distribution company operating primarily in the Baltic States, specializing in premium sweets, candies, coffee, personal care, and household items. The company positions itself as a leading logistics and brand marketing service provider in Latvia, serving a broad range of retail and HoReCa clients. Their business model integrates marketing, distribution, logistics, and e-commerce services, supported by partnerships with major retailers such as Lidl, Rimi, and Maxima. The website reflects a professional digital presence with clear branding and comprehensive business information.

I

Intergaz

intergaz.lv

57

Intergaz is a medium-sized energy company operating in Latvia, specializing in the import and supply of liquefied gas and related gas systems for both residential and business customers. It holds a strong market position as the second largest liquefied gas importer in the Baltic region. The website is professionally designed, built on the Tilda CMS platform, and offers clear navigation with segmented services for private individuals, businesses, and service offerings. Key services include gas supply systems, gas cylinders, liquefied gas delivery, and technical maintenance. The company provides a customer portal and technical inspection services through related subdomains. The website demonstrates a moderate to good level of digital maturity with modern analytics and marketing tools integrated.

A

Arbor Medical Korporācija

arbor.lv

45

Arbor Medical Korporācija is a Latvian-based medical equipment and supplies company serving the Baltic region. The company operates a professional website offering a broad catalog of medical, veterinary, beauty, and safety products, positioning itself as an official Philips Healthcare representative in Latvia. Their business model focuses on B2B sales, equipment rental, user training, and servicing, targeting hospitals, clinics, and healthcare providers. The website content is well-structured, primarily in Latvian, and includes active social media engagement and participation in medical congresses and exhibitions, indicating a solid market presence. Technically, the website is built on the PrestaShop CMS platform, utilizing common web technologies such as jQuery, Font Awesome, Google Fonts, and integrates Google Analytics and Facebook Pixel for tracking. The site is HTTPS secured with a cookie consent mechanism compliant with GDPR. However, some security best practices like security headers and vulnerability disclosure policies are missing, and WHOIS data could not be retrieved due to query limits, limiting full domain legitimacy verification. From a security perspective, the site demonstrates a moderate security posture with HTTPS enforcement and no visible sensitive data exposure. The absence of security headers and lack of explicit incident response or security policies are areas for improvement. Privacy compliance is good with a clear privacy policy and cookie consent, but contact information lacks direct emails or phone numbers, which could affect user trust. Overall, Arbor Medical Korporācija presents a professional and credible online presence with room for technical and security enhancements. The lack of WHOIS data reduces the trust score slightly, but the business appears legitimate and well-established in its sector.

E

EMJ Metals

emjmetals.lv

64

EMJ Metals is a leading Latvian metalworking and sheet metal fabrication company, recognized as the largest in the Baltic states. They specialize in laser cutting, metal bending, plasma cutting, and aftertreatment services, serving a diverse client base including civilian and military sectors. Their extensive production facilities and advanced machinery enable them to process large volumes of metal daily, supporting over 1000 clients annually. The company emphasizes long-term partnerships and continuous growth since its founding in 2010. Technically, the website is built on a modern stack including jQuery, Skrollr.js, and integrates advanced analytics tools such as Google Analytics, Google Tag Manager, and Snowplow. The site is hosted on a CDN infrastructure ensuring moderate performance and good mobile optimization. SEO and accessibility are adequately addressed, though accessibility could be improved. From a security perspective, the site enforces HTTPS and uses CAPTCHA mechanisms to protect forms. However, it lacks visible security headers and explicit cookie consent mechanisms, which are important for GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data is unavailable due to query limits, limiting domain registration trust verification. Overall, EMJ Metals presents a professional and trustworthy online presence aligned with its business stature. Strategic improvements in privacy compliance and security headers would enhance their security posture and regulatory adherence.

I

INTEA

intea.lv

61

INTEA is a digital learning agency specializing in full-cycle services including strategy, technology, content production, and outsourcing, with a focus on helping large organizations overcome digital learning challenges. The company claims a history dating back to 2008/2009 and targets enterprise clients primarily in the education sector. The website is professionally designed using the Tilda platform, featuring a modern tech stack with jQuery and Google Analytics for tracking. Social media presence is robust, enhancing brand visibility. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is moderate with IP anonymization in analytics but lacks explicit security headers and privacy policies. Overall, the site is functional and professional but would benefit from improved transparency and security practices.

P

Primum

primum.lv

44

Primum is a leading accounting firm based in Latvia, offering world-class accounting, financial management, tax, legal, and employment services across the Baltic states. The company targets local and international businesses seeking professional financial and legal support. The website is built on the Tilda CMS platform, leveraging modern web technologies including Google Analytics for visitor tracking. The design is professional and mobile-optimized, providing a good user experience with clear navigation. However, the site lacks explicit privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate, with HTTPS implied but no visible security headers and use of an outdated jQuery version posing potential risks. Overall, the domain registration is consistent with the business claims, indicating legitimacy. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and regulatory adherence.

A

Aerodium Technologies

aerodium.technology

60

Aerodium Technologies is a pioneering company specializing in the design, manufacture, and operation of vertical wind tunnels used globally for entertainment, professional training, and military applications. With a history dating back to 1979 and over 115 projects in more than 46 countries, Aerodium holds a strong market position as an innovator and leader in vertical wind tunnel technology. Their website reflects a professional and content-rich presence targeting retail, entertainment venues, and specialized training sectors. Technically, the website employs modern tracking and analytics tools, is hosted with reputable providers, and demonstrates good performance and mobile optimization. Security posture is solid with HTTPS and domain protections, though explicit security policies and incident response information are absent. Privacy compliance is well addressed with cookie consent and a privacy policy. Overall, the site is trustworthy and professionally managed, supporting Aerodium's credibility in its niche market.

I

IBSC

ibsc.lv

48

IBSC operates the RESICO platform, providing integrated sales and business management solutions tailored for retail, hospitality, and e-commerce sectors primarily in Latvia. Their offerings include certified POS systems, ERP software, digitalization services, and e-commerce integrations with popular platforms like Shopify and WooCommerce. The website is professionally designed using WordPress and Elementor, with modern analytics and marketing tools integrated alongside GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and consent-based tracking, though explicit security policies and headers could be improved. The domain is hosted on Google Cloud DNS, indicating a professional infrastructure. Overall, the business presents a credible and mature digital presence with room for enhanced privacy and security disclosures.

A

ALUKON

alukon.lv

52

ALUKON is a Latvian company specializing in the design, manufacture, and installation of glass facades using Schüco aluminum and Jansen steel systems. Established in 1994, it has over 25 years of experience and a portfolio of more than 200 projects. The company operates its own production facilities equipped with modern machinery and serves both local and export markets. The website reflects a professional business with clear contact information and a focus on quality engineering and fabrication services. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Google Analytics, and reCAPTCHA v3, ensuring a responsive and interactive user experience. The site is well-structured with good SEO practices and mobile optimization. Security measures include HTTPS and form protection via reCAPTCHA, though some security headers are missing. From a security perspective, the site shows a good baseline posture with encrypted connections and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policies, incident response information, and cookie consent mechanisms, which are important for GDPR compliance and user trust. Overall, ALUKON's website presents a credible and professional business presence with moderate technical maturity and a solid security foundation. The absence of WHOIS data limits full domain legitimacy verification, but the site content and business details align well with a legitimate manufacturing company in Latvia.

O

OptiCom

opticom.lv

62

OptiCom is a well-established Latvian IT integrator and solutions provider founded in 1994, specializing in IT infrastructure, cybersecurity, and professional training services. The company holds ISO 27001:2022 and ISO 9001:2015 certifications, underscoring its commitment to quality and information security. OptiCom targets businesses in Latvia seeking comprehensive IT and cybersecurity solutions, positioning itself as a leading market player with a broad portfolio including SOC services, penetration testing, and authorized service centers. Technically, the website is built on Joomla CMS with modern frontend technologies such as Bootstrap, jQuery, and AOS for animations. The site is mobile-optimized and includes SEO best practices, though accessibility features are basic. Google Analytics is used for user tracking with a cookie consent mechanism in place, reflecting moderate digital maturity. From a security perspective, the site enforces HTTPS and implements secure forms with CSRF tokens. However, no explicit HTTP security headers were detected in the provided data, and there is no visible vulnerability disclosure or security.txt file. The company demonstrates strong security posture through certifications and SOC capabilities but could improve by adding explicit security headers and a vulnerability disclosure policy. Overall, the website is professional, content-rich, and trustworthy, with clear contact information and strong branding. The absence of WHOIS data limits domain trust verification, but business legitimacy is supported by certifications and active community memberships. Strategic recommendations include enhancing HTTP security headers, improving accessibility, and formalizing vulnerability disclosure processes.

ARCO REAL ESTATE is a Latvian real estate agency established in 1992, offering brokerage, property valuation, consulting, and marketing services primarily focused on residential and commercial properties within Latvia. The website presents a professional and content-rich platform targeting property buyers, sellers, renters, and investors in the Latvian market. The company maintains an active social media presence and provides clear contact information, enhancing trust and accessibility. Technically, the website employs modern web technologies including jQuery, Foundation CSS framework, Leaflet.js for maps, and integrates Google Analytics for user tracking. The site is mobile-optimized with good navigation and content structure, though accessibility features are basic. Security practices include HTTPS usage and a cookie consent mechanism, but explicit security headers and incident response policies are not evident from the HTML content. The security posture is moderate with no visible vulnerabilities or exposed sensitive data, but improvements are recommended in security header implementation and incident response transparency. Privacy compliance is basic with GDPR-related cookie consent and a privacy policy page available. WHOIS data could not be retrieved due to query limits, limiting domain legitimacy verification, but website content and business information appear consistent with a legitimate real estate business. Overall, the website is professional and trustworthy with room for enhanced security and compliance measures. Strategic recommendations include strengthening security headers, publishing incident response and terms of service documents, and improving accessibility compliance to further solidify the company's digital maturity and trustworthiness.

O

OLIMPS

olimps.lv

44

OLIMPS is a well-established multidisciplinary engineering company based in Latvia, operating since 1991 with a strong presence in the Baltic, European, and CIS markets. The company specializes in project design, industrial automation systems, and construction services primarily in the energy and transport sectors. Their portfolio includes over 1000 projects and ISO certifications, reflecting a reputable market position. The website is professionally designed using WordPress CMS, featuring modern technologies such as Google Analytics and Typekit fonts, with good mobile optimization and user experience. Security posture is solid with HTTPS enforced and email obfuscation implemented, though lacking advanced security headers and explicit privacy/cookie policies. The absence of WHOIS data limits domain registration transparency but does not detract from the apparent legitimacy of the business. Overall, OLIMPS demonstrates a mature digital presence aligned with its business operations.

AGroup is a technology company specializing in Human Capital Management solutions, offering a comprehensive suite of HR digitalization services and software modules including payroll, core HR, time and attendance, performance evaluations, recruitment, and more. The company targets businesses primarily in Latvia, Estonia, Lithuania, and Poland, positioning itself as a regional leader in HR management technology. The website is built on WordPress CMS with modern technologies and provides a professional, content-rich user experience. Security posture is solid with HTTPS and reCAPTCHA implemented, though some security headers and explicit privacy policies are missing. Tracking is done via Google Analytics and Facebook Pixel (commented out), with cookie consent managed by CookieYes. WHOIS data is unavailable due to query limits, limiting full domain trust assessment. Overall, the site is professional and trustworthy with room for improvement in privacy and security transparency.

D

DTS LTD

dts.lv

67

DTS LTD operates a professional e-commerce platform specializing in original OEM auto spare parts for a wide range of car manufacturers. With over 25 years of experience and more than 500 active B2B clients, the company positions itself as a reliable supplier offering fast worldwide deliveries and technical expertise. The website is well-structured, multilingual, and provides comprehensive catalogs and inquiry services to assist customers in finding genuine parts efficiently. Technically, the website employs modern JavaScript libraries such as jQuery, Flatpickr, Font Awesome, Alpine.js, and Swiper.js, alongside analytics tools like Google Analytics and Microsoft Clarity. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism implemented via Usercentrics CMP. HTTPS is enforced, ensuring secure communications. From a security perspective, the site demonstrates good practices including secure forms with CSRF tokens and no exposed sensitive data. However, there is a lack of explicit security policies, incident response information, and vulnerability disclosure mechanisms. The absence of WHOIS data due to query limits limits full domain legitimacy verification, but the website content and trust indicators suggest a legitimate and established business. Overall, DTS LTD presents a strong digital presence with professional design, solid technical infrastructure, and good privacy compliance. Strategic improvements in security transparency and WHOIS data availability would further enhance trust and compliance.

S

Sigma Industry Power & Energy

sigmaindustrype.se

47

Sigma Industry Power & Energy is a consulting company specializing in industrial electricity, automation, electrical power, and energy solutions. It operates under the larger Sigma Group umbrella, which has a significant presence across 13 countries with 5000 employees, owned by Danir AB. The company targets industrial and energy sector clients primarily in Sweden, offering expert consulting services to address complex challenges in these fields. The website reflects a professional and consistent brand image aligned with its parent group. Technically, the website is built on Drupal 10, leveraging modern libraries such as jQuery and Bootstrap for responsive design and user experience. It employs Google Analytics for visitor tracking but lacks a cookie consent mechanism, which is a privacy compliance gap. The site is mobile-optimized and has good SEO practices but could improve accessibility features. Hosting details suggest a reliable provider, though DNSSEC is not enabled. From a security perspective, the site uses HTTPS but lacks advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected, but the absence of cookie consent and security.txt files indicates room for improvement in compliance and transparency. The domain registration is consistent with the business profile, showing legitimacy and appropriate age. Overall, the website presents a solid business and technical foundation with moderate security and privacy compliance. Strategic improvements in security headers, privacy mechanisms, and policy disclosures would enhance trust and compliance posture.

H

HundrED

hundred.org

68

HundrED is a mission-driven non-profit organization dedicated to transforming K12 education globally by curating, amplifying, and implementing impactful and scalable education innovations. It holds a leading market position as a global curator and partner in the education sector, serving a broad audience including educators, innovators, and youth. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content focused on education innovation and community engagement. Technically, the site employs modern JavaScript frameworks, analytics tools like Matomo and Google Analytics, and follows good practices such as HTTPS enforcement and cookie consent mechanisms. Security posture is solid with room for improvement in security headers and explicit security policies. The domain is longstanding and privacy-protected, consistent with a reputable global non-profit. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

SODECA is a manufacturer specializing in industrial ventilation solutions including fans, smoke evacuation systems, and pressurization controls. The company operates internationally with multiple country-specific websites, indicating a strong global presence. Their business model focuses on manufacturing and direct sales complemented by consulting services for ventilation projects. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, supporting a positive user experience. Technically, the site uses modern frontend technologies such as Bootstrap 5, Font Awesome, and Google Analytics for tracking. It employs HTTPS with a good SSL configuration and includes a cookie consent mechanism compliant with GDPR. However, some security headers are missing, and no explicit security or incident response policies are published, which could be improved. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed through cookie consent and a comprehensive privacy policy. The WHOIS data is redacted, typical for privacy protection, but the website's professionalism and consistency across multiple domains support its legitimacy. Overall, the site presents a low risk profile with recommendations to enhance security headers and publish incident response information to further strengthen trust and compliance.

SODECA is an established manufacturer specializing in industrial ventilation solutions including fans, smoke exhaust systems, and pressurisation control for staircases and evacuation routes. The company operates internationally with multiple country-specific websites, indicating a broad market presence and a focus on industrial and engineering clients. Their website provides comprehensive product information, technical tools, and consulting services, positioning them as a key player in the industrial ventilation manufacturing sector. Technically, the website employs modern frontend technologies such as Bootstrap 5, Font Awesome, and Google Fonts, with Google Analytics integrated for user tracking. The site is HTTPS secured with a valid SSL certificate and includes a cookie consent mechanism compliant with GDPR standards. Mobile optimization and SEO practices are well implemented, contributing to a positive user experience. From a security perspective, the site demonstrates good practices including HTTPS enforcement and cookie consent management. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for comprehensive security posture. The absence of WHOIS data due to domain naming irregularities reduces trustworthiness from a domain registration standpoint. Overall, the website is professional, functional, and secure for typical business operations, but improvements in transparency around security policies and domain registration legitimacy would enhance trust and compliance.

SODECA is a Portuguese manufacturer specializing in industrial ventilation and exhaust solutions, including smoke control, tunnel ventilation, stair pressurization, and indoor air quality improvement. The company maintains a strong international presence with multiple country-specific websites, targeting industrial clients and technical professionals. Their business model combines manufacturing with direct sales, supported by online tools and technical consultancy services. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the website employs modern web technologies such as Bootstrap, Font Awesome, and integrates analytics and advertising tools like Google Analytics, Google Tag Manager, and Bing Ads. The site is mobile-optimized and performs moderately well, with good SEO practices and accessibility at a basic level. Security-wise, the site uses HTTPS and a cookie consent mechanism but lacks explicit security headers and published security policies or incident response contacts. Overall, the security posture is solid but could be improved by implementing additional security headers, publishing a security policy, and establishing a vulnerability disclosure process. The domain WHOIS data aligns well with the business claims, supporting legitimacy. The website provides comprehensive contact information and privacy compliance features, enhancing trustworthiness. Strategic recommendations include enhancing security headers, publishing incident response and security policies, improving accessibility, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

SODECA is a medium-sized Spanish manufacturing company specializing in industrial ventilation solutions, including smoke extraction, pressurization systems, and air quality improvement. The company maintains a strong international presence with multiple country-specific websites, indicating a well-established market position. Their website offers comprehensive product information, technical resources, and consulting services, targeting industrial clients and engineering professionals. Technically, the website employs modern web technologies such as Bootstrap, Font Awesome, and Google Analytics, ensuring a responsive and user-friendly experience. The site is well-structured with clear navigation and multilingual support. Security-wise, HTTPS is enforced, and cookie consent mechanisms are implemented, though some security headers are missing. No critical vulnerabilities or exposed sensitive data were detected. The lack of accessible WHOIS data due to Red.es restrictions limits domain registration transparency, but the professional presentation and consistent branding support the site's legitimacy. Contact information is clearly provided, enhancing business credibility. Overall, the website demonstrates good digital maturity with room for improvement in security policies and incident response disclosures. Strategically, SODECA should focus on enhancing security headers, publishing explicit security and incident response policies, and maintaining GDPR compliance to strengthen trust and regulatory adherence.

A

AERMEC NA

aermec-na.com

49

AERMEC NA is a regional branch of a leading global air conditioning manufacturer, providing products, services, and green solutions tailored to commercial, residential, multifamily, data center, public space, education, and healthcare markets. The website reflects a professional and modern digital presence built on WordPress with Elementor, integrating SEO and analytics tools such as Google Analytics and Microsoft Clarity. Security posture is solid with HTTPS and Cloudflare DNS, though there is room for improvement in security headers and explicit security policies. Privacy compliance is currently weak due to the absence of privacy and cookie policies. The domain is newly registered, indicating a recent launch or regional expansion. Overall, the site is credible and trustworthy but should enhance privacy and security transparency to align with best practices.

Elva Sport is a local sports and culture organization serving the Elva municipality in Estonia. The website provides information about sports facilities, training, events, and community engagement, with a focus on children and youth sports as well as outdoor activities. The organization appears to be a public or non-profit entity, founded around 2019, with a clear local community focus. Technically, the website is built on WordPress using common plugins such as MonsterInsights for analytics and GDPR Cookie Compliance for privacy management. The site is moderately performant, mobile-optimized, and uses HTTPS with a good SSL configuration. Security practices are adequate but could be improved by adding security headers and explicit security policies. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy page in Estonian. Contact information is clearly presented, enhancing business credibility. Overall, the website is professional, trustworthy, and serves its community purpose effectively.

SODECA is an international manufacturer specializing in industrial ventilation solutions, including smoke exhaust, tunnel ventilation, and pressurisation systems for staircases and evacuation routes. The company supports its product offerings with technical consulting and digital tools such as product selectors and CAD models, targeting industrial clients and engineering firms globally. The website is professionally designed, multilingual, and provides comprehensive product and corporate information, reflecting a mature business presence. Technically, the website employs modern frameworks like Bootstrap and FontAwesome, integrates Google Analytics for user insights, and implements a cookie consent mechanism aligned with GDPR requirements. The site is mobile-optimized and offers good SEO and accessibility features, although some security headers are missing. The SSL configuration is excellent, ensuring secure communications. From a security perspective, the site shows good practices such as HTTPS enforcement and cookie consent but lacks explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS registration data for the domain is a notable concern, reducing trustworthiness and suggesting the need for further verification. Overall, SODECA presents a solid digital presence with good security and privacy compliance but should address WHOIS transparency and enhance security headers to improve trust and resilience.

E

E-kataloog ESTER

ester.ee

55

E-kataloog ESTER is a centralized digital catalog service aggregating the collections of major Estonian libraries. It serves as a key resource for library users including students, researchers, and the general public in Estonia, providing unified search capabilities and access to various library resources. The platform integrates institutional authentication via CAS and offers accessibility features for visually impaired users. Technically, the website employs standard web technologies such as JavaScript, jQuery, and Modernizr, and uses Google Analytics for user tracking. While the site is functional and professionally designed, it lacks visible privacy and cookie policies, which impacts its privacy compliance posture. Security-wise, HTTPS is implied, and session timeout mechanisms are implemented, but explicit security headers are missing. Overall, the site is a trusted educational resource but would benefit from enhanced privacy disclosures and security hardening.

L

Liikumisharrastuse kompetentsikeskus

liikumisaasta.ee

49

Liikumisharrastuse kompetentsikeskus is a government-affiliated non-profit organization established by the Estonian Olympic Committee in 2022 to promote physical activity and healthy lifestyles across Estonia. The website serves as a central hub for information, resources, and events related to physical movement, targeting a broad audience including youth, adults, seniors, and partners in the health and sports sectors. The organization positions itself as a leader in driving a national movement towards increased physical activity and wellness.

Maaturism.ee is the official website of MTÜ Eesti Maaturism, a non-profit organization dedicated to promoting rural tourism in Estonia. The website offers comprehensive information about accommodation, active holidays, food services, health tourism, family vacations, themed farms, museums, seminars, weddings, and cooperation networks. It also highlights various projects aimed at developing rural tourism products and services, targeting tourists interested in nature and cultural experiences in Estonia and the Baltic region. The organization has a strong local presence and a network of members, positioning itself as a key player in Estonia's rural tourism sector. Technically, the website employs a modern tech stack including jQuery, Leaflet.js for mapping, Google Tag Manager, and Google Analytics for tracking. It uses HTTPS with a hosting provider Elkdata OÜ, an Estonian registrar and hosting company, ensuring secure connections. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. From a security perspective, the site uses HTTPS and asynchronous script loading, but no explicit security headers were detected. There is no visible vulnerability disclosure or incident response contact information. The WHOIS data is transparent and consistent with the website's business and location, supporting legitimacy. Overall, the site demonstrates a moderate to good security posture but could improve compliance and security best practices. The overall risk assessment is moderate with recommendations to implement privacy and cookie policies, add security headers, and establish vulnerability disclosure mechanisms to enhance trust and compliance.

Z

Zone Media OÜ

spoku.ee

40

Spoku.ee is a government-focused support application and processing system primarily serving Estonian municipalities and institutions. The platform offers a comprehensive suite of features including application submission, payment integration, digital contract signing, and data integration with national registries. The website is built on WordPress with modern plugins and technologies, reflecting a moderate level of digital maturity. While the technical implementation is solid and the site is mobile-optimized with good SEO practices, there is a lack of published privacy, cookie, and security policies, which impacts compliance and trust. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and formal incident response documentation. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

P

Piksel OÜ

arno.ee

41

Arno.ee is a professionally developed WordPress-based website representing Piksel OÜ's software system for managing educational services in Estonia. The platform targets municipalities, schools, kindergartens, and hobby schools, offering modules for youth work, parental consent, invoicing, and digital signing via Smart-ID. The website demonstrates a consistent brand presence and good content quality, with a clear focus on the Estonian education sector. Technically, the site uses modern web technologies including WordPress 6.8.1, Kadence Blocks, and integrates Google Analytics for user tracking. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements are recommended in security headers and incident response transparency. Privacy compliance is partial; a privacy policy is present and GDPR compliance is indicated, but cookie consent mechanisms are missing. Overall, the domain registration data aligns well with the business profile, supporting legitimacy and trustworthiness.

P

Põllumajanduse Registrite ja Informatsiooni Amet (PRIA)

pria.ee

55

PRIA (Põllumajanduse Registrite ja Informatsiooni Amet) is the official Estonian government agency responsible for managing agricultural subsidies, registers, and providing information services to farmers and rural entrepreneurs. The website serves as a comprehensive portal offering subsidy information, registers, news, and e-services such as the e-PRIA login portal. The site targets Estonian agricultural stakeholders and the general public interested in rural development. Technically, the website is built on Drupal 10, employs modern web technologies, and integrates analytics and business intelligence tools, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms compliant with GDPR, and shows no signs of exposed sensitive data or vulnerabilities. Overall, the website demonstrates a strong security posture and good privacy compliance, supporting its role as a trusted government resource.

M

MTÜ Eesti Raamatukoguvõrgu Konsortsium

elnet.ee

46

MTÜ Eesti Raamatukoguvõrgu Konsortsium operates as a non-profit consortium dedicated to serving the public interests of Estonian libraries. The organization provides key shared services such as the E-kataloog ESTER, Eesti artiklite andmebaas, Eesti märksõnastik, and the E-varamu portaal, targeting libraries, researchers, and the general public interested in library resources. The website reflects a medium-sized, well-established entity with a consistent brand and a clear focus on education and information services within Estonia. Technically, the website is built on a modern WordPress platform using the Enfold theme and several plugins including Yoast SEO and Ajax Search Pro. It employs HTTPS with good SSL configuration and integrates Google Analytics with user consent mechanisms. The site demonstrates good mobile optimization and accessibility features, including options for visually impaired users. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security policies, incident response information, and vulnerability disclosure channels. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's claims, reinforcing the legitimacy of the domain. Overall, the website presents a trustworthy and professional digital presence for the consortium, with room for improvement in security transparency and incident response readiness.

I

Infohunt

infohunt.ee

41

Infohunt.ee is a government-backed Estonian youth information portal providing localized event and activity information for young people. The platform aggregates data on youth events, hobby education, and projects, supporting youth engagement and participation. It is operated under the auspices of the Estonian Ministry of Education and Research (Haridus- ja Teadusministeerium) and hosted by EENet, reflecting a strong institutional foundation. The website uses WordPress with modern SEO and accessibility features, ensuring good user experience and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though some improvements in security headers and explicit policies could enhance trust. Privacy compliance is partial, with privacy and terms pages present but lacking cookie consent mechanisms. Overall, Infohunt.ee is a credible, well-maintained portal serving the Estonian youth sector effectively.

M

MTÜ Lastekaitse Liit

markalast.ee

41

MTÜ Lastekaitse Liit operates the 'Märka Last' web portal, a non-profit platform dedicated to promoting child rights and welfare in Estonia. The website offers a variety of content including opinion articles, podcasts, news updates, and educational resources targeting parents, children, youth, and child protection professionals. The organization is well-established with a domain registered since 2019 and maintains a consistent brand presence online. Technically, the site is built on WordPress using modern themes and plugins, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS enforced and basic security practices in place, though improvements such as enabling DNSSEC and publishing a security.txt file are recommended. Privacy compliance is partially addressed with a cookie consent mechanism, but no explicit privacy policy or terms of service pages were found in the provided content. Overall, the website is professional, trustworthy, and serves its non-profit mission effectively.

H

Haridus- ja Teadusministeerium (EENet)

elurikkus.ee

44

eElurikkus is a government-backed public portal aggregating biodiversity data for Estonia, integrating scientific, monitoring, and citizen science datasets. It serves researchers, environmental agencies, and the public by providing access to species taxonomy, occurrence records, and monitoring projects. The platform is built on the PlutoF biodiversity data infrastructure and collaborates with global partners like GBIF. Technically, the website uses modern JavaScript libraries such as Leaflet for mapping and Google Analytics for user tracking. The site is mobile-optimized with a clear navigation structure and good content relevance. Security posture is solid with HTTPS enforced and no exposed sensitive data, though it lacks some security headers and formal security policies. Privacy compliance is basic, with no visible cookie consent mechanism or detailed privacy policy links. Overall, the site is trustworthy and professionally maintained, reflecting its governmental and research affiliations.

L

Lääne-Viru Omavalitsuste Liit

virol.ee

46

Lääne-Viru Omavalitsuste Liit is a regional government association serving the municipalities of Lääne-Viru County, Estonia. The organization focuses on regional development, public health, safety, education, tourism, entrepreneurship, and cooperation among local governments. The website reflects a well-established entity with a domain registered since 2010, consistent with its government association status. The site targets local government officials, residents, and regional partners, providing information on programs, events, and strategic initiatives. Technically, the website is built on WordPress with modern plugins and technologies, including GDPR-compliant cookie consent and Google Analytics integration. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

C

Caotica

caotica.eu

54

Caotica is a small technology service provider specializing in web development and online marketing, targeting medium-sized companies primarily in Estonia and internationally. The company offers a broad range of digital services including SEO, Google Ads, social media campaigns, email marketing, and content management. The website is professionally designed using WordPress with modern SEO and analytics tools integrated, reflecting a mature digital presence. Security posture is good with HTTPS enforced and a comprehensive cookie consent mechanism, although some security headers are missing and no explicit incident response or security policy pages are available. The lack of publicly available WHOIS data due to EURid privacy policies limits transparency but is common for .eu domains. Overall, the website is trustworthy and functional with room for improvement in contact transparency and security best practices.

M

Moss

getmoss.com

69

Moss is a technology company offering a SaaS platform focused on corporate spend management, including unlimited corporate credit cards, expense management, and accounts payable automation. The website positions Moss as a modern financial technology provider targeting businesses seeking to optimize their spending processes. The platform aims to accelerate month-end financial closing and streamline corporate expenses. Technically, the website is built using modern frameworks such as React and Next.js, with integrations for analytics and consent management, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS and consent management tools but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. The absence of WHOIS data for the domain raises concerns about domain legitimacy, although the professional website and use of reputable third-party services suggest a legitimate business. Overall, the website is functional and professional but would benefit from enhanced transparency and security practices.

S

Sotsiaalkindlustusamet

tarkvanem.ee

46

Tarkvanem.ee is a government-affiliated Estonian website operated by Sotsiaalkindlustusamet, providing comprehensive parenting information and resources targeted at parents of children of all ages. The site offers educational content on child development, parenting styles, health, and safety, supported by tests, videos, and expert advice. It holds a strong market position as a trusted public information portal in Estonia. Technically, the website is built on WordPress and leverages modern analytics and marketing tools such as Google Analytics, Matomo, Hotjar, and Facebook Pixel, alongside SEO optimization via Yoast. The site is mobile-optimized and accessible with good navigation and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Contact information is limited but includes a verified company email and a contact form. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures.

Techindustry.lv is the official website for the largest and most significant industry exhibition in the Baltic region, focusing on machine building, metal processing, automation, electronics, and related technologies. The event is organized by BT 1, a leading Baltic exhibition organizer, and targets industry professionals and companies seeking to showcase and discover innovations. The website provides comprehensive information about exhibitors, news, and event details, supported by partner organizations and ticketing platforms. Technically, the site uses modern tracking and analytics tools, including Google Analytics and Facebook Pixel, and implements cookie consent mechanisms. However, it lacks explicit privacy and terms of service pages, and security headers are not detected, which are areas for improvement. The site is accessible without WAF or blocking mechanisms, and contact information is clearly provided with named personnel.

W

Webware

webware.ee

46

Webware OÜ is an established Estonian technology company specializing in comprehensive and flexible information and document management solutions through its flagship platform, WebDesktop. With over 23 years of experience, Webware serves a broad client base including major organizations in Estonia and Northern Europe, positioning itself as a market leader in the info management sector. The company offers a range of services including software analysis, development, hosting, training, and workflow and risk management, targeting both private and public sector organizations. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support.