Security Directory

W

WERMO AS

wermo.ee

40

WERMO AS is an established Estonian furniture manufacturer with over 75 years of experience in crafting high-quality furniture for living rooms, home offices, and dining rooms. The company leverages traditional craftsmanship combined with modern production technologies to meet discerning customer expectations. Their website reflects a medium-sized manufacturing business targeting consumers and businesses seeking premium furniture products. Technically, the website is built on WordPress using popular plugins such as Yoast SEO, WPBakery Page Builder, and Contact Form 7, with multilingual support via WPML. The site is hosted likely by Zone Media OÜ, an Estonian registrar and hosting provider. Security-wise, the site uses HTTPS with good SSL configuration and integrates Google reCAPTCHA to protect forms. However, it lacks explicit privacy, cookie, and security policies, as well as vulnerability disclosure mechanisms, which are important for compliance and trust. Overall, the website is professional and functional but could improve its privacy and security transparency.

SDF Group is a globally recognized manufacturer and distributor of tractors, diesel engines, and agricultural machinery, operating under multiple well-known brands. The company targets farmers and contractors seeking advanced farming technology and precision agriculture solutions. The website demonstrates a mature digital presence with a modern tech stack based on Nuxt.js and Vue.js, incorporating analytics and cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security best practices like security headers and explicit incident response policies could be improved. The absence of WHOIS data reduces domain registration trust but is offset by professional branding and comprehensive content. Overall, the site is well-structured, mobile-optimized, and compliant with privacy regulations, supporting a strong business credibility profile.

C

Change Ventures

changeventures.com

55

Change Ventures is a seed stage venture capital fund focused on backing ambitious Baltic founders globally. The company provides pre-seed investments ranging from €100k to €500k, along with hands-on support to help startups reach product-market fit and access to a network of later stage investors and partners. Their portfolio includes innovative technology companies across sectors such as energy, fintech, and software. The website presents a professional and consistent brand image with detailed team profiles and portfolio highlights, targeting founders and investors interested in the Baltic startup ecosystem. Technically, the website is built on Webflow and uses modern web technologies including Google Analytics and Tag Manager for tracking, with content delivered via a CDN. The site is mobile optimized and features good SEO practices. However, some accessibility features could be improved. Security posture is generally good with HTTPS enforced and secure form handling, but lacks explicit security headers and published security policies. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration transparency. Despite this, the website content and business information appear legitimate and professional. There are no privacy or cookie policies found, indicating compliance gaps with GDPR and other privacy regulations. Contact information includes a verified company email and physical address in Estonia, but no phone numbers are explicitly provided. Overall, the website is well designed and informative, supporting a credible business presence. However, improvements in privacy compliance, security policy transparency, and domain registration clarity are recommended to enhance trust and reduce risk.

P

Powerfleet (formerly Fleet Complete)

fleetcomplete.com

66

Powerfleet (formerly Fleet Complete) is a leading provider of connected fleet management and asset tracking solutions, targeting businesses ranging from small-medium enterprises to large Fortune 500 companies. The company offers a comprehensive suite of products including fleet management software, AI dash cameras, asset trackers, and telematics integrations, positioning itself as a key player in the transportation and logistics sector. The website reflects a mature digital presence with consistent branding and a focus on data intelligence to optimize fleet operations. Technically, the website is built on WordPress with Elementor, leveraging modern analytics and marketing tools such as Google Analytics, Google Tag Manager, LinkedIn Insight, and 6sense. The site is mobile-optimized, SEO-friendly, and includes privacy and cookie consent mechanisms, indicating a good level of digital maturity and compliance with privacy regulations like GDPR. From a security perspective, the site enforces HTTPS and includes basic security headers, but lacks some advanced headers and a public security or incident response policy. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data transparency slightly reduces trust but does not outweigh the professional and active nature of the website. Overall, the risk profile is moderate to low with recommendations to enhance security headers, publish explicit security policies, and consider vulnerability disclosure mechanisms to further strengthen trust and compliance.

T

TJO Konsultatsioonid

tjo.ee

52

TJO Konsultatsioonid is a leading Estonian consulting firm specializing in management systems development, strategic management, and production efficiency enhancement. The company offers a range of consulting services and training programs targeted at businesses seeking to improve operational effectiveness and comply with international standards. Their market position is strong within Estonia, supported by multiple ISO certifications and a robust client base. The website infrastructure is built on WordPress, utilizing modern plugins such as Yoast SEO and Ninja Forms, integrated with Google Analytics and Google Tag Manager for performance and user behavior tracking. The site is mobile-optimized and demonstrates good SEO practices, contributing to a positive digital maturity profile. Security posture is solid with HTTPS enforced, use of Google reCAPTCHA on forms, and indications of security plugins like Wordfence. However, some security headers are not explicitly confirmed and could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website and business present a trustworthy and professional image with no critical security issues detected. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and considering a formal incident response policy to further strengthen security and compliance.

B

Barrington Group

smartek.com

74

Smartek, operated by Barrington Group, is a mature Australian-based technology company specializing in workforce compliance and contractor management solutions. Their SaaS platform offers modules for compliance management, inductions, visitor management, asset management, and permit to work, supported by a team of compliance experts. The company serves a broad range of industries including healthcare, government, and construction, with a strong market presence evidenced by a large user base and notable clients such as Qantas and City of Melbourne. The website reflects a professional and consistent brand with comprehensive service descriptions and client testimonials. Technically, the website is built on WordPress with modern plugins and tracking technologies including Google Analytics, Facebook Pixel, LinkedIn Insight, and HubSpot. Hosting is managed via Azure DNS, and the site uses HTTPS with a good SSL configuration. However, DNSSEC is not enabled, and some recommended security headers are not explicitly detected. The site lacks a cookie consent mechanism, which may impact GDPR compliance. Forms use reCAPTCHA v3 to mitigate spam. From a security perspective, the domain is well-established with a long registration history and protective domain status flags. No WAF or blocking mechanisms were detected, and no critical vulnerabilities were found in the visible content. The absence of a published security policy or incident response contact is a gap. Overall, the site demonstrates a solid security posture with room for improvement in DNS security and privacy compliance. Strategically, Smartek is positioned as a reliable compliance management solution with strong business credibility and digital maturity. Recommendations include enabling DNSSEC, implementing security headers, publishing security and incident response policies, and adding a cookie consent mechanism to enhance privacy compliance and user trust.

S

Spliethoff

spliethoff.com

76

Spliethoff is a well-established Dutch shipping company specializing in worldwide dry cargo ocean transport. With a fleet of over 50 modern vessels and a history dating back to 1921, the company positions itself as a reliable and high-quality partner in the maritime transport sector. Their website reflects a professional and comprehensive digital presence, targeting businesses requiring specialized cargo shipping services across various market segments including bulk cargo, containers, metals, and project cargo. Technically, the website employs modern frontend technologies such as Tailwind CSS, Alpine.js, and Swiper JS, alongside Google Tag Manager and Google Analytics for marketing and analytics purposes. The site is mobile responsive, well-structured, and optimized for SEO, providing a good user experience. Privacy compliance is evident through a cookie consent banner and a detailed privacy policy, indicating adherence to GDPR standards. From a security perspective, the site uses HTTPS and implements secure forms with anti-forgery tokens. However, it lacks explicit security headers like Content-Security-Policy and X-Frame-Options, which could enhance protection. The absence of WHOIS data transparency reduces domain trust slightly, though the website content and business information strongly support legitimacy. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements in security headers and WHOIS transparency would further enhance trust and security posture.

E

Elkdata OÜ

keeleagentuur.ee

41

Keeleagentuur is a small Estonian language agency founded in 2022, specializing in language education and translation services primarily for Estonian and Russian languages. The company offers goal-oriented language courses for adults, including exam preparation and thematic courses. The website is built on WordPress using the Astra theme, Elementor page builder, and WooCommerce for e-commerce capabilities. It employs modern web technologies and integrates Google Analytics for visitor tracking. The website is well-structured, mobile-optimized, and SEO-friendly, but lacks explicit privacy and terms of service policies. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers could be improved. Overall, the business appears legitimate and consistent with its domain registration data.

T

TTK - Leak Detection System

ttkuk.com

70

TTK Leak Detection is a specialized manufacturer of liquid leak detection systems, focusing on water, acids, and oil leak detection for commercial and industrial applications. The company positions itself as a global leader with a strong presence in multiple international markets, offering products made in France with a notable 10-year warranty. Their target audience includes data centers, industrial facilities, airports, and other critical infrastructure sectors requiring reliable leak detection solutions. The website reflects a mature digital presence with comprehensive product information, case studies, and certifications that reinforce their market credibility. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Matomo, and Google Tag Manager for analytics and marketing. The site is well-optimized for SEO and mobile devices, with good performance and accessibility standards. Security measures include HTTPS, reCAPTCHA on forms, and cookie consent mechanisms, although some advanced security headers are not detected. From a security perspective, the site demonstrates good practices but lacks explicit security policies or incident response information. The absence of WHOIS data for the domain is a notable anomaly that reduces trustworthiness from a domain registration standpoint. Despite this, the professional website, certifications, and client references suggest a legitimate and established business. Overall, the risk assessment is moderate with recommendations to enhance domain registration transparency, implement additional security headers, and publish vulnerability disclosure policies to improve trust and compliance.

M

Manimal OÜ

manimaldesign.com

46

Manimal OÜ is a small Estonian digital media and design studio specializing in web design, SEO, and social media services. Founded in 2016, the company targets local businesses and individuals seeking creative digital solutions. The website reflects a professional and consistent brand image with a clear portfolio and client references. Technically, the site is built on WordPress with modern plugins such as Elementor and WooCommerce, and includes tracking via Google Analytics and Facebook Pixel. Security measures include HTTPS and Google reCAPTCHA on the contact form, but lack advanced security headers and explicit privacy or cookie policies. Overall, the site is functional and credible but would benefit from enhanced privacy compliance and security hardening.

T

Tallinna Tehnikakõrgkool

tktk.ee

49

Tallinna Tehnikakõrgkool is a reputable higher education institution in Estonia specializing in technical and engineering education. The website serves multiple audiences including prospective and current students, continuing education learners, and business partners. It offers comprehensive information on study programs, admissions, continuing education, and institutional news. The institution maintains a solid market position as a key technical education provider in Estonia. Technically, the website is built on WordPress using the Elementor page builder, enhanced with Yoast SEO and Usercentrics for GDPR-compliant cookie management. It integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and a chat widget, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS and uses a consent management platform, but lacks explicit security headers like Content-Security-Policy and does not publicly disclose security policies or incident response procedures. No vulnerability disclosure or security.txt file is present, which could be improved to enhance transparency and trust. Overall, the website is professional, trustworthy, and well-maintained, with moderate to good scores in content quality, technical implementation, and security posture. Strategic improvements in security headers, privacy policy publication, and incident response transparency are recommended to further strengthen compliance and security maturity.

W

Walless

derling.ee

64

Walless is a modern Baltic law firm established in 2008, offering innovative and bespoke legal solutions primarily targeting businesses in the Baltic region. The firm emphasizes client trust, openness, and innovation, positioning itself as a growing and reputable player in the regional legal market. Their key services include legal advisory, arbitration, and dispute resolution. The website reflects a professional and consistent brand image with multi-language support and clear navigation. Technically, the site is built on WordPress, leveraging modern tools such as Google Analytics, MailerLite for marketing, and Google reCAPTCHA for form security. Hosting and DNS services are provided by reputable providers including Cloudflare and Tucows Domains Inc. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. Privacy compliance is well addressed with comprehensive privacy and cookie policies. Overall, the site is trustworthy and professionally maintained, with no signs of malicious activity or suspicious domain registration patterns.

S

Softwerk

softwerk.ee

43

Softwerk OÜ is an Estonian technology company specializing in custom business software solutions including business intelligence (BI), ERP implementations (notably Microsoft Dynamics 365), and web development using modern frameworks such as .NET and React. Established in 2012, Softwerk has positioned itself as a trusted partner for businesses in Estonia and Europe, offering tailored solutions that improve operational efficiency and data-driven decision making. The company emphasizes long-term client relationships and quality service delivery, supported by positive client testimonials and recognized partnerships such as Microsoft. Technically, the website is built on WordPress with WPBakery Page Builder, leveraging common web technologies like jQuery and FontAwesome, and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is solid with HTTPS enforced and secure form handling, but lacks advanced security headers and explicit security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, Softwerk demonstrates a mature digital presence with room for improvement in privacy and security transparency.

B

Big Penny

trumansbeer.co.uk

53

Big Penny is a hospitality operator based in Walthamstow, London, managing large community venues that offer food, drink, and live events. The company emphasizes inclusivity and community connection, operating flagship venues such as Big Penny Social and Flukes. The website is professionally designed using Webflow CMS and integrates modern technologies including Google Analytics and cookie consent mechanisms. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS usage and cookie consent, but lacks visible security headers and formal security policies. Privacy compliance is basic with a privacy policy and cookie banner present but no GDPR explicit statements or data retention policies. Business credibility is strong with clear contact information and consistent branding. Overall, the website is functional and trustworthy for its hospitality business purpose.

L

Latitude59

latitude59.ee

53

Latitude59 is a well-established flagship startup and technology event based in Estonia, with a history dating back to 2012. It serves as a key platform for startups, investors, partners, and media to connect and showcase innovation. The website reflects a mature event organization with a strong international presence, offering pitch competitions, investor days, and satellite events worldwide. The business model centers on event management and ecosystem development within the technology sector. Technically, the website is built on WordPress using Elementor and integrates modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and PixelYourSite. The site is optimized for SEO and mobile devices, with a good user experience and clear navigation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is good, with a comprehensive privacy and cookie policy and GDPR adherence. However, the site lacks explicit security policies, incident response contacts, and terms of service pages, which could enhance trust and compliance. Overall, Latitude59's website demonstrates a professional, secure, and privacy-conscious digital presence aligned with its business objectives.

F

FM Capital Consulting Ltd.

capital-consulting.com

48

FM Capital Consulting Ltd. is a well-established Estonian finance consulting firm specializing in worldwide company registration, bookkeeping, compliance, legal support, and tax planning services. The company targets businesses and entrepreneurs, including startups and fintech companies, offering tailored corporate and tax advantage solutions. Their market position is that of a niche consulting provider with expertise in cross-border transactions and fintech licensing. The website is professionally designed with good content quality and clear navigation, supporting their business credibility. Technically, the website is built on WordPress with common plugins such as Yoast SEO, Slider Revolution, and WPBakery Page Builder. It uses modern tracking and analytics tools including Google Analytics and LinkedIn Insight Tag. Performance and mobile optimization are good, though accessibility is basic. The hosting provider is not explicitly identified but the domain is registered with GoDaddy and uses DNS servers from zone.eu and zone.ee. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. No privacy or cookie policies are present, which is a compliance gap especially given the use of tracking technologies. Contact information is clearly provided, enhancing trust. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the website presents a moderate risk profile with strengths in business credibility and technical implementation but weaknesses in privacy compliance and security best practices. Strategic improvements in privacy policy implementation, cookie consent, and security headers would enhance their security posture and compliance standing.

I

Iutecredit

iutecredit.md

62

Iutecredit is a Moldovan financial services company specializing in instant credit products, refinancing, and smart shopping solutions. The company leverages a mobile application (Myiute) and an extensive ATM network to provide convenient access to financial services. The website reflects a mature digital presence with a focus on user experience and mobile accessibility. The business is positioned as a trusted player in the Moldovan microfinance sector with over 15 years of operational history through its parent company, Iute Group AS. Technically, the website is built on WordPress and integrates multiple analytics and marketing tools, indicating a well-developed digital marketing strategy. Security posture is strong with HTTPS, security headers, and reCAPTCHA usage, though some improvements in cookie consent and incident response transparency are recommended. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

R

R Haldus OÜ

rhaldus.ee

45

R Haldus OÜ is a small Estonian company specializing in property management services for commercial and residential real estate. Their website presents a focused business model offering competent and quality property maintenance and management services. The site is primarily in Estonian with options for English and Russian, targeting property owners seeking professional management solutions. Technically, the website is built on the Voog CMS platform and uses common JavaScript libraries such as jQuery and Modernizr, along with Google Analytics and Google Tag Manager for tracking. The site is moderately optimized for mobile devices and has basic SEO and accessibility features. Security-wise, the website uses HTTPS but lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. There is no visible incident response or vulnerability disclosure information, which limits transparency in security matters. Overall, the website is functional but basic, with room for improvement in privacy, security, and content depth.

M

Mobalytics

mobalytics.gg

69

Mobalytics is a technology company specializing in gaming performance analytics and companion software, targeting competitive gamers across multiple popular titles such as League of Legends, TFT, Diablo 4, and others. The platform boasts over 10 million users and maintains partnerships with esports organizations, positioning itself as a leading player in the gaming analytics market. Their business model revolves around providing personalized game insights, in-game overlays, and esports data services, primarily delivered via a WordPress-based website and a Windows desktop application integrated through Overwolf. Technically, the website leverages a modern tech stack including WordPress CMS, Google Fonts, multiple analytics and marketing tools (Google Analytics, Mixpanel, Hotjar, Ahrefs, Comscore), and integrates Riot Games APIs for game data. The site is well-optimized for performance, mobile responsiveness, and SEO, with fast loading times and clear navigation. Hosting appears to be cloud-based with CDN usage for static assets. From a security perspective, the site uses HTTPS with good SSL configuration and employs asynchronous loading of scripts to minimize performance impact. However, explicit security headers are not evident, and there is no visible security policy or incident response contact information. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service found in the provided content. No direct company contact emails or phone numbers are visible, which may impact user trust and support accessibility. Overall, Mobalytics presents a professional and trustworthy online presence with strong business credibility and technical maturity. To enhance security posture and compliance, the company should publish clear privacy and security policies, implement security headers, and provide direct contact information. These improvements would further solidify user trust and regulatory adherence.

S

Spring

springadvertising.com

62

Spring is an independent creative advertising agency based in Vancouver, Canada, established in 2005. The company offers a broad range of services including strategy, design, advertising, branding, digital, and on-demand creative services. They have a strong market presence with a focus on real estate marketing and have worked with over 100 brands across more than 70 industries. The website reflects a professional and consistent brand image with clear navigation and good content quality. Technically, the site is built on WordPress with modern plugins and SEO tools, hosted by Automattic Inc., ensuring reliable infrastructure and good performance. Security posture is solid with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is basic but present, with privacy and cookie policies including consent mechanisms. Contact information is complete and easily accessible, enhancing business credibility. Overall, the website is trustworthy and well-maintained, suitable for its target audience.

O

Ouman Oy

ouman.fi

67

Ouman Oy is a Finnish company specializing in building automation and energy efficiency solutions, targeting property owners, automation contractors, housing companies, and related sectors primarily in the Baltic Sea region. The company offers smart controllers, IoT solutions, and energy optimization services, positioning itself as a key player in energy-efficient building management. The website reflects a mature digital presence with professional design, multilingual support, and comprehensive product and solution information. Technically, the site is built on WordPress with modern analytics and marketing integrations such as Google Analytics, HubSpot, and Facebook Pixel. Security measures include HTTPS enforcement and CAPTCHA-protected forms, though explicit security headers and policies are not fully implemented. Overall, the site demonstrates good security hygiene and business credibility, with room for improvement in privacy compliance documentation and security transparency.

Namespace OÜ is a small Estonian digital agency specializing in full-service software development with expertise in Python, API, and React.js technologies. The company targets businesses seeking custom digital applications and API integrations, positioning itself as a niche technology service provider with a portfolio of notable projects such as Navirec, GSMtasks, and Parcelfellows. The website reflects a professional and consistent brand image with clear contact information and project showcases. Technically, the website is built using modern frameworks including React.js and Next.js, with integrations for Google Analytics, Google Tag Manager, and Cal.com scheduling. The site is mobile-optimized and performs moderately well, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and uses standard analytics scripts but lacks explicit security headers and visible security policies. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. The WHOIS data aligns well with the business claims, showing a consistent and legitimate registration. Overall, the website presents a moderate risk profile with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

R

Roadplan

roadplan.ee

48

Roadplan is an Estonian company specializing in road project design, outdoor space projects, and consulting services. Founded in 2013, it positions itself as a leading road project designer in Estonia, targeting clients who require sustainable and innovative solutions for their outdoor environments. The website content is primarily in Estonian and focuses on communicating the company's expertise and service offerings. Technically, the website is built on WordPress and uses modern web technologies including Google Fonts, Google Analytics, Google Tag Manager, and reCAPTCHA for form security. The site is hosted by Zone Media OÜ, a known Estonian hosting provider. Performance and mobile optimization are good, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the website uses HTTPS with a valid SSL certificate and employs reCAPTCHA to protect forms. However, it lacks important security headers and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional and functional but lacks comprehensive privacy and cookie policies, explicit contact information, and detailed security disclosures. These gaps reduce its privacy compliance and slightly impact trustworthiness. Strategic improvements in these areas would enhance the site's security posture and user trust.

Berbank AS operates as a small Estonian financial institution providing traditional banking services including private and business banking, loans, deposits, and internet banking. The website targets Estonian private individuals and business clients, offering localized financial products. The domain is registered since 2019, consistent with a relatively new or niche bank. The technical infrastructure is basic, relying on jQuery and Google Analytics, with no modern frameworks or CMS detected. The website lacks HTTPS enforcement and security headers, which are critical for banking sites, indicating a weak security posture. Privacy compliance is poor, with no visible privacy or cookie policies, and no GDPR compliance indicators. Contact information is present but limited, and no incident response or security policy details are provided. Overall, the site shows moderate business credibility but requires significant improvements in security and privacy to meet industry standards.

D

Dispak

dispak.ee

45

Dispak is an Estonian retail business specializing in the sale of paper and fabric bags, primarily targeting customers seeking packaging solutions for gifts and corporate gifts. The company claims over two decades of experience and offers custom logo printing services with a minimum order quantity. The website is primarily in Estonian and serves the local market with a product-focused approach. Technically, the site uses jQuery and jQuery UI libraries along with Google Analytics and Tag Manager for tracking. The hosting and domain registration are consistent with an Estonian business identity. However, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its compliance posture. Security headers and advanced security practices are not evident, and no incident response or vulnerability disclosure information is provided. Overall, the site is functional with moderate technical implementation but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

L

Laser Diagnostic Instruments

ldi.ee

44

Laser Diagnostic Instruments (LDI) is an Estonian-based company specializing in advanced oil spill detection systems and water monitoring sensors. Their flagship product, the ROW (Remote Optical Watcher), provides autonomous, non-contact detection of oil spills and algal blooms, serving industrial and environmental clients globally. The company has a strong niche market position with installations across multiple continents and industries including energy, water treatment, and shipping ports. The website reflects a professional and consistent brand image with detailed product information and client testimonials, supporting their credibility in the environmental monitoring sector. Technically, the website is built on WordPress with modern plugins and frameworks, offering good performance and mobile optimization. Security posture is solid with HTTPS and standard best practices, though improvements are recommended in cookie consent and security headers. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, LDI presents a trustworthy and professional digital presence aligned with their business objectives.

D

Dajani Pharmacy Ltd

dajanipharmacy.com

63

Dajani Pharmacy Ltd is a well-established healthcare provider based in Central London, offering a comprehensive range of pharmacy and medical clinic services including prescribing pharmacists, GP services, allergy and blood testing, aesthetic treatments, and COVID-19 testing. The company has a strong local presence with two physical locations and a history spanning over 40 years. Their website reflects a professional and user-friendly digital presence with clear service offerings and multiple contact channels. Technically, the site uses modern web technologies such as Bootstrap, jQuery, Google Analytics, and Microsoft Clarity, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is basic, with privacy and cookie policies present but lacking active consent mechanisms. Overall, the website demonstrates a credible and trustworthy business with room for technical and security enhancements.

T

Thorgate

thorgate.eu

55

Thorgate is a well-established technology company specializing in software development, web design, and mobile applications with a strong focus on Python and related technologies. Operating primarily in the Nordics and Baltics with offices in Estonia, UK, Norway, and Poland, the company targets businesses and startups seeking expert development and design services. Their market position is strong within the Nordic region, supported by a professional online presence and a diversified service portfolio including startup investments. Technically, the website leverages modern frameworks such as Django and React, integrates multiple analytics and marketing tools including Google Analytics, Hotjar, Facebook Pixel, and HubSpot, and maintains good mobile optimization and SEO practices. While performance is moderate, the site is well-structured and content-rich, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses Sentry for error tracking, but lacks explicit security headers and published security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website presents a high level of professionalism and trustworthiness with minor areas for improvement in security policy transparency and accessibility. The risk profile is low, and the company demonstrates a solid foundation for secure and compliant digital operations.

Polhem International is a marketing and communications agency operating primarily in Scandinavia and the Baltics. The company offers a broad range of services including marketing, communication, public relations, events, influencer marketing, digital advertising, social media, and media training. The website reflects a professional and consistent brand presence with a modern technical infrastructure leveraging Nuxt.js and Bootstrap 5 frameworks. Tracking and analytics are implemented via Google Analytics and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC, which could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the domain is well-established and legitimate, supporting the credibility of the business.

S

SRINI OÜ

srini.ee

45

SRINI OÜ is an Estonian software development company specializing in custom software solutions primarily for government and private sector clients. Founded in 2019, the company operates from Tallinn and Tartu with approximately 80 employees. Their business model focuses on delivering tailored software design, development, and maintenance services, leveraging modern methodologies such as SCRUM and XP. The company has a positive market position supported by government contracts and a spin-off subsidiary, Modena. Technically, the website is built on WordPress, uses Java-based technologies, and integrates Google Analytics and Google Maps APIs. The site is mobile-optimized and SEO-friendly but lacks published privacy and cookie policies, which impacts compliance. Security posture is good with HTTPS enforced, but missing security headers and incident response contacts are areas for improvement. Overall, SRINI presents a credible and professional digital presence with moderate risk and room for enhanced privacy and security practices.

M

Moonwalk

moonwalk.ee

46

Moonwalk is an Estonian music agency specializing in artist management, music production, and event promotion. The company represents notable artists such as Stefan, Getter Jaani, Black Velvet, and Mr Happyman, positioning itself as a recognized player in the Estonian music industry. The website reflects a professional and consistent brand image, targeting music fans and industry professionals. Technically, the site is built on Squarespace, leveraging modern web technologies and standard analytics tools like Google Analytics and Facebook Pixel. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website uses HTTPS but lacks several important security headers such as HSTS and Content-Security-Policy, which could improve its security posture. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap given the use of tracking technologies. Overall, the website is credible and functional but would benefit from enhanced security and privacy measures to align with best practices and regulatory requirements.

W

Weekdone

weekdone.com

64

Weekdone is a technology company specializing in SaaS-based OKR (Objectives and Key Results) software designed to help businesses align goals, track progress, and manage performance. The company offers a suite of services including OKR management, weekly progress reporting, project tracking, and continuous performance management. Positioned as a leading provider in the OKR software market, Weekdone targets businesses and teams seeking structured goal-setting and transparent progress reporting tools. The website reflects a professional and consistent brand image with clear navigation and relevant content aimed at its target audience. Technically, the website is built on WordPress CMS and leverages modern front-end technologies such as jQuery, Google Analytics, Google Tag Manager, and CookieYes for consent management. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with multiple external resources loaded from reputable domains. The technical infrastructure is supported by GoDaddy as the registrar and hosting provider. From a security perspective, the website enforces HTTPS with excellent SSL configuration and employs a comprehensive cookie consent mechanism that aligns with GDPR requirements. However, it lacks explicit security headers, published security policies, incident response contacts, and vulnerability disclosure mechanisms. No exposed sensitive data or vulnerable libraries were detected in the HTML content. The security posture is solid but could be improved by implementing additional security best practices and transparency measures. Overall, Weekdone presents a trustworthy and professional online presence with a mature domain and consistent business information. The main risks relate to the absence of published privacy and security policies and limited contact information. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and improving accessibility compliance to further strengthen trust and compliance.

J

JAS Worldwide Inc.

jas.com

71

JAS Worldwide Inc. is a well-established global freight forwarding and logistics company offering a comprehensive range of services including airfreight, ocean freight, ground freight, customs brokerage, cargo insurance, contract logistics, and green solutions. The company positions itself as a leader in international shipping and supply chain support with over four decades of industry experience. Their market presence is supported by partnerships such as with Lufthansa Cargo and a network of subsidiaries including JAS Jet Air Service S.p.A., Multilogistics S.p.A., and Setoa S.p.A. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Tag Manager, Google Analytics, and Facebook Pixel for analytics and marketing. The site demonstrates good performance, excellent mobile optimization, and solid SEO practices. Accessibility is good, though there is room for further enhancement. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes security headers. It implements a GDPR-compliant cookie consent mechanism and maintains privacy and cookie policies. However, there is no explicit security policy or incident response contact information visible, and no vulnerability disclosure or security.txt file is present. The absence of WHOIS data for the domain is a notable concern, though the website content and branding strongly indicate legitimacy. Overall, the website presents a professional, trustworthy, and secure digital presence for JAS Worldwide, with recommendations to improve transparency around security policies and domain registration details to further enhance trust and compliance.

T

TBD Pharmatech

biodiscovery.eu

52

TBD Pharmatech is a European-based Contract Development and Manufacturing Organization (CDMO) specializing in Active Pharmaceutical Ingredients, advanced intermediates, and fine chemicals production. Founded in 2021, the company positions itself as a reliable partner for pharmaceutical companies seeking development and manufacturing services. The website reflects a professional and consistent brand image with clear business focus and relevant service offerings. Technically, the site is built on WordPress with modern analytics and tracking tools integrated, including Google Analytics and Google Tag Manager. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and comprehensive security headers. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security practices to align with regulatory requirements and industry best practices.

L

LVM Kinnisvara

lvm.ee

46

LVM Kinnisvara is a well-established Estonian real estate company providing comprehensive property services including sales, valuation, development, and brokerage. The company operates across major Estonian cities with multiple office locations and a professional online presence. Their website is built on WordPress with modern plugins and integrates marketing and analytics tools to engage and track users effectively. Security measures such as HTTPS, CAPTCHA on forms, and cookie consent mechanisms are implemented, though some security headers could be improved. The domain registration data aligns well with the business profile, indicating legitimacy and a mature online presence.

J

Jolos

jolos.eu

44

Jolos is a full spectrum creative agency based in Estonia, specializing in world-class event production, branding, campaigns, and live and virtual events. The company positions itself as a high-quality, professional agency focused on delivering unique and memorable experiences for brands and organizations. The website reflects a mature digital presence built on WordPress, leveraging modern optimization and analytics tools such as Google Analytics and Tag Manager with IP anonymization enabled. The site is well-designed, mobile-optimized, and rich in multimedia content, showcasing detailed case studies and team profiles that enhance trust and professionalism. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of security headers and formal security policies suggests room for improvement. Privacy compliance is limited due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the domain registration aligns with the business claims, indicating legitimacy and trustworthiness.

R

RESCUE®

rescuefirst.com

64

RESCUE® is a specialized roadside assistance provider operating primarily in Bengaluru, India, offering 24/7 vehicle breakdown services including puncture repair, battery jumpstart, towing, emergency fuel delivery, and key recovery. The company positions itself as a premier and reliable service provider with OEM trained mechanics and a fleet of state-of-the-art tow trucks, servicing over 100,000 vehicles since 2011. Their business model focuses on rapid dispatch of mechanics and tow trucks within 30 minutes to customer locations, targeting vehicle owners in need of emergency roadside help. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Analytics, Google Tag Manager, and Google reCAPTCHA for analytics and security. The site is mobile optimized with good SEO practices and moderate performance. Accessibility is basic but functional. The hosting and infrastructure appear stable and professionally managed. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. Forms are protected with reCAPTCHA, and no sensitive data is exposed in the HTML. However, the site lacks a visible cookie consent mechanism and formal security or incident response policies, which are areas for improvement. No vulnerabilities or suspicious activities were detected. Overall, RESCUE® demonstrates a solid business presence with a trustworthy domain registration and consistent branding. The website quality is good, supporting the business credibility. Strategic recommendations include implementing cookie consent for privacy compliance, publishing security policies, and enhancing accessibility to further strengthen trust and compliance.

L

Luxury Produtos & Ecommerce

luxurysex.com.br

58

Luxury Sex is a Brazilian e-commerce retailer specializing in adult pleasure products, founded in 2018. The company offers a wide range of products including cosmetics, accessories, vibrators, and fetish items, targeting adult consumers seeking to enhance their intimate experiences. The business emphasizes fast delivery, discreet packaging, and multiple payment options including Pix with discounts, positioning itself as a niche market leader in Brazil. The website is professionally designed with consistent branding and clear contact information, supporting a trustworthy online shopping experience. Technically, the site leverages a modern tech stack including the Yampi e-commerce platform, Google Analytics, Microsoft Clarity, and Mixpanel for analytics and user tracking. It uses HTTPS with a secure checkout subdomain and integrates various marketing and retargeting tools. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Cookie consent mechanisms are implemented, but a dedicated privacy policy page is missing. From a security perspective, the website enforces HTTPS and uses secure payment processing domains. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data is consistent with the business information, indicating legitimate domain ownership. Overall, the site demonstrates a good security posture but could improve transparency and compliance documentation. The overall risk is moderate with no critical issues detected. Strategic recommendations include implementing security headers, publishing a security policy and incident response contacts, adding a vulnerability disclosure mechanism, and enhancing accessibility. These improvements would strengthen the site's security posture and compliance, further boosting customer trust and business credibility.

K

Kinema

kinema.eu

56

Kinema OÜ is a small Estonian company specializing in the sale, installation, and maintenance of modern garage doors, industrial lifting doors, loading equipment, and access control systems. The company targets both industrial and private customers within Estonia, positioning itself as a local provider of comprehensive door and automation solutions. The website is built on WordPress with WooCommerce components, integrating modern analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and Cookiebot for consent management. The technical infrastructure is modern and moderately optimized for performance and mobile use, though accessibility features are basic. Security posture is good with HTTPS enabled and cookie consent implemented, but could be improved by adding explicit security headers and publishing formal privacy and security policies. No contact emails or phone numbers were found in the provided content, which limits direct customer engagement visibility. Overall, the website reflects a professional small business with consistent branding and a clear business focus, but with room for improvement in privacy compliance and security transparency.

T

Tickmill Europe Ltd

tickmill.com

69

Tickmill Europe Ltd operates as a regulated online forex and CFD broker targeting European clients. The company offers a range of trading instruments including forex, cryptocurrencies, stocks, indices, bonds, and commodities through popular platforms such as MetaTrader 4 and 5. The website demonstrates a strong market position with emphasis on low spreads, fast execution, and comprehensive client support. The digital infrastructure leverages modern technologies including Google Analytics, HubSpot, and Cloudflare, ensuring robust performance and user experience. Security posture is solid with HTTPS enforcement, bot management, and cookie consent mechanisms, although explicit security headers and incident response contacts could be enhanced. The absence of WHOIS domain registration data introduces some uncertainty in domain legitimacy, but the professional presentation and regulatory references mitigate this concern. Overall, the website is well-designed, compliant with GDPR, and employs extensive analytics and advertising tools to support its business model.

S

SandFox OÜ

sandfox.ee

42

SandFox OÜ is a small Estonian company founded in 2016 specializing in integrated energy storage solutions, smart battery management, solar panel integration, and Linux-based IT infrastructure services. The company targets industrial clients and businesses in the energy sector, offering critical IT and industrial automation solutions. Their market position is supported by partnerships with major technology vendors such as RedHat, IBM, Huawei, and SUSE, and they emphasize business-critical IT solutions and energy management. Technically, the website uses a basic but functional stack including jQuery, Google Analytics, and Google Translate, hosted likely by Zone Media OÜ. The site is accessible and moderately optimized but lacks advanced mobile responsiveness and accessibility features. Security posture is adequate with HTTPS enabled but lacks important security headers and visible privacy compliance mechanisms. Overall, the company presents a credible and trustworthy business presence with room for improvement in privacy compliance and technical modernization.

M

MyHome OÜ

myhome.ee

42

MyHome OÜ operates a professional real estate brokerage and property management business primarily serving the Estonian market with additional offerings in Spain. The company provides services including property sales, rentals, management, and interior design. The website reflects a well-established small business with a consistent brand and a focus on quality customer service, as evidenced by testimonials and detailed property listings. The technical infrastructure is based on WordPress with common plugins and integrations such as Google Analytics, Google Tag Manager, and Mailchimp, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, with structured data enhancing search visibility. Security posture is adequate with HTTPS and some security best practices, but lacks advanced headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security transparency.

F

Ferdio

ferdio.com

57

Ferdio is a Denmark-based visual communication agency founded in 2014, specializing in creating infographics, animations, presentations, and other visual storytelling content. The company targets businesses and organizations that require professional visual explanations of complex information. Their market position is supported by a portfolio featuring notable clients and a consistent brand presence across their website and social media channels. Technically, the website is built on WordPress hosted on WP Engine, utilizing modern web technologies such as jQuery, Vimeo API, and Google Analytics, with good mobile optimization and SEO practices. Security-wise, the site uses HTTPS with a valid SSL certificate and implements cookie consent mechanisms compliant with GDPR. However, there is room for improvement in security headers and publishing formal security policies or incident response plans. Overall, Ferdio presents a professional, trustworthy, and well-maintained digital presence with moderate technical maturity and good privacy compliance.

M

Myoton AS

myoton.com

60

Myoton AS is a specialized company providing advanced digital palpation devices (MyotonPRO) for measuring muscle tone, stiffness, and elasticity. Their products serve medical professionals, sports scientists, and researchers, positioning them as a niche leader in soft tissue assessment technology. The company has a well-established online presence with a website created on a WordPress platform, optimized for SEO and mobile use, and supported by modern analytics tools such as Google Analytics and Plausible Analytics. Hosting and DNS services are managed via Cloudflare, ensuring reliable performance and security. Security posture is solid with HTTPS enforced and domain transfer protections in place, though improvements could be made by adding security headers and a cookie consent mechanism to enhance GDPR compliance. The WHOIS data confirms the domain's legitimacy with a long registration history dating back to 2004 and no privacy protection, aligning with the company's transparency. Overall, the website is professional, trustworthy, and well-suited for its target audience, with minor recommendations to improve privacy compliance and security headers.

C

Celsius Healthcare

celsius.ee

42

Celsius Healthcare is a leading Estonian medical information company specializing in delivering comprehensive healthcare communication solutions. Their services include the largest medical web publication Med24, organizing medical conferences and training, and publishing specialized healthcare journals. The company targets healthcare professionals such as doctors, nurses, pharmacists, and decision-makers within Estonia, positioning itself as a key player in the national healthcare media and event sector. Founded in 2010, Celsius Healthcare has established a strong market presence supported by public grants and cluster memberships.

R

Raumaster Oy

raumaster.fi

61

Raumaster Oy is a Finnish company founded in 1984 specializing in advanced material handling systems primarily for the energy, pulp, and paper industries. The company positions itself as a global leader in its sector, offering a range of products and services including fuel yards, pneumatic conveying, wood handling, and related services. The website reflects a professional and consistent brand image with clear navigation and relevant content targeted at industrial B2B customers. The presence of a subsidiary, Raumaster Paper, indicates business diversification within related industrial sectors. Technically, the website uses modern analytics tools such as Google Analytics and Snoobi, hosted on the Flockler platform, and is optimized for mobile devices with good SEO practices. However, there is room for improvement in accessibility and explicit privacy compliance features.

N

Nordic Automation Systems

nasys.no

62

Nordic Automation Systems is a specialized technology company providing end-to-end LoRaWAN-based smart city and remote metering solutions. Their offerings include smart streetlight controllers, utility metering products for gas, water, and heat, as well as gateways and energy monitoring solutions. The company targets smart city planners, utility providers, telco operators, and system integrators, positioning itself as a niche provider with in-house R&D and production capabilities enabling rapid market rollout. The website is professionally designed, content-rich, and well-structured, supporting a positive user experience and clear navigation. Technically, the site is built on WordPress with WooCommerce, leveraging modern JavaScript libraries and SEO plugins, and is mobile-optimized with moderate performance. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers are missing and no explicit incident response or vulnerability disclosure policies are published. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is justified for this business type. Overall, the website reflects a credible and professional business presence with room for security and privacy improvements.

B

BCS Auto - Baltic Car Solutions

bcsauto.ee

48

BCS Auto - Baltic Car Solutions is a well-established Estonian company specializing in long-term car rental, vehicle sales, commission sales, and automotive services since 2007. The company targets both private individuals and businesses seeking flexible and cost-effective vehicle solutions. Their market position is strong within Estonia, supported by recognition from the Transport Authority and positive customer testimonials. The website is built on a modern WordPress platform with WooCommerce and Elementor, integrating SEO and marketing tools such as Yoast SEO, Google Analytics, Microsoft Clarity, and MailerLite. Social media presence on Facebook and Instagram further supports their brand visibility. Security posture is adequate with HTTPS and no exposed sensitive data, though improvements in security headers and explicit security policies are recommended. Privacy compliance is basic with a cookie consent mechanism but lacks a visible privacy policy or terms of service. Overall, the website is professional, user-friendly, and trustworthy, reflecting a medium-sized transportation business with a solid digital presence.

R

Recrur

recrur.com

55

Recrur is a recruitment software company offering an applicant tracking system designed to connect HR teams, hiring managers, and candidates to simplify and automate the hiring process. The website positions itself as a SaaS platform focused on enhancing recruitment efficiency and transparency. The company appears to be a small-sized technology business founded in 2016, with hosting on DigitalOcean and a WordPress CMS platform. The technical infrastructure includes modern analytics and marketing tools such as Google Analytics, Facebook Pixel, Microsoft Clarity, and MailerLite for email marketing. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the website is professional and functional but could improve transparency and security documentation to enhance trust and compliance.

H

Horizon Pulp & Paper Ltd

horizon.ee

53

Horizon Pulp & Paper Ltd is a well-established European manufacturer specializing in 100% virgin sack kraft paper, serving packaging applications and exporting to over 70 countries. The company has a solid market position as a leading manufacturer in its sector, with a business model focused on manufacturing and international export. The website reflects a professional corporate presence with good content quality and consistent branding, targeting industrial and business clients in need of packaging materials. Technically, the website is built on a modern WordPress platform using WooCommerce for e-commerce capabilities, Elementor for page building, and Yoast SEO for search engine optimization. The site demonstrates good mobile optimization and moderate performance, with integration of analytics tools such as Google Analytics and Plausible Analytics. Hosting appears to be managed by Elkdata OÜ, consistent with the domain registration data. From a security perspective, the site uses HTTPS with excellent SSL configuration and no visible exposed sensitive data. However, there is a lack of explicit security headers and no published security or incident response policies. Privacy compliance is partially addressed through a cookie consent mechanism, but the absence of a clear privacy policy and terms of service pages represents a compliance gap. No contact information or incident response contacts were found, limiting user trust and support options. Overall, the website is functional, professional, and secure in basic terms but would benefit from enhanced privacy and security disclosures to improve compliance and user trust. Strategic recommendations include publishing comprehensive privacy and terms policies, adding security headers, and providing clear contact channels for security incidents and data protection inquiries.