Security Directory

K

Klick

k-arvutisalong.ee

54

Klick is a prominent Estonian e-commerce retailer specializing in electronics, digital goods, and home appliances. The website offers a broad product range with installment payment options and fast delivery, targeting retail consumers primarily in Estonia. The platform is built on modern web technologies including Vue.js and Vue Storefront, indicating a mature digital infrastructure. The site integrates analytics and tracking tools such as Google Analytics and Hotjar, and employs Cookiebot for cookie consent management. Security posture is solid with HTTPS enforced, but lacks visible security policies or incident response information. Privacy compliance is partial due to the absence of explicit privacy and terms of service pages. Overall, Klick presents as a professional and credible online retailer with room for improvement in transparency and security documentation.

T

TM Development

tmd.ee

45

TM Development is a specialized exhibition design and development studio based in Estonia, operating since 2010. The company offers a comprehensive range of services including interactive design, technical planning, production, audiovisual solutions, installation, and maintenance primarily targeting museums, science centers, and production companies. Their portfolio includes over 50 exhibitions and hundreds of interactive exhibits, positioning them as an experienced niche player in the exhibition development market. The website is professionally designed using WordPress with modern plugins and technologies, providing good user experience and mobile optimization. Security posture is adequate with HTTPS enforced and error monitoring via Bugsnag, but lacks explicit security headers and privacy compliance documentation. The domain registration data is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website reflects a credible and professional business with room for improvement in privacy and security policy transparency.

M

MSMedia

msmedia.ee

45

MSMedia is a small Estonian communication consultancy specializing in strategic communication, media relations, crisis communication, marketing, social-political communication, and training services. Founded in 2012, the company offers a communication manager rental service alongside other consulting and content creation offerings. The website reflects a professional and consistent brand presence with clear service descriptions and active social media engagement. Technically, the site is built on WordPress with modern plugins such as Revolution Slider and Yoast SEO, and it employs Google Analytics for visitor tracking. Cookie consent is implemented via CookieYes, supporting GDPR compliance, although no explicit privacy policy or terms of service pages were found. Security posture is good with HTTPS enabled, but security headers are not explicitly detected. WHOIS data confirms domain legitimacy and consistency with the business claims.

F

Flameko Forwarding OÜ

flamekofr.com

51

Flameko Forwarding OÜ is a small Estonian logistics company specializing in fast air freight services worldwide, offering delivery times between 1 to 8 days. The company targets businesses and individuals requiring expedited shipping solutions. The website is professionally designed using the Wix platform, featuring structured data that clearly presents company contact information including phone and physical address. Technically, the site employs modern web technologies and includes security hardening scripts, with HTTPS enabled ensuring secure communications. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Additionally, the website lacks essential privacy and cookie policies, and no contact emails or social media links are provided, which limits user engagement and trust. Overall, while the business and website appear professional, the missing domain registration data and privacy compliance gaps present risks that should be addressed.

A

Anvol

anvol.eu

58

Anvol is a well-established international company specializing in the distribution and retail of toys, games, and trending products primarily in the Baltic Sea region and neighboring markets. With over 30 years of experience, it operates a large network of clients and retail stores branded as XS Toys. The company emphasizes quality partnerships and sustainable business practices. Technically, the website is built on WordPress with modern libraries and supports multiple languages, indicating a mature digital presence. Security posture is good with HTTPS and no visible vulnerabilities, but lacks some security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the business appears credible and professional, but should improve privacy and security transparency to enhance trust and compliance.

A

ADB Gjensidige

gjensidige.lt

68

ADB Gjensidige is a well-established insurance company operating in Lithuania, offering online insurance products and services. The company leverages its 200-year history and affiliation with the Gjensidige Group to maintain a strong market position. The website targets Lithuanian customers seeking convenient online insurance solutions, including policy purchase and claims registration. The business model focuses on digital engagement and customer self-service, supported by a professional and consistent brand presence. Technically, the website employs modern web technologies such as ASP.NET, Google Tag Manager, and Cookiebot for consent management, ensuring a good level of digital maturity and user experience. Security-wise, the site enforces HTTPS, uses security headers, and implements CSRF protections, reflecting a solid security posture. However, the absence of visible contact information and terms of service pages slightly detracts from business credibility. Overall, the site is compliant with GDPR, featuring comprehensive privacy and cookie policies with user consent mechanisms. The WHOIS data for the domain is unavailable, limiting domain registration trust verification, but the website content and branding strongly indicate legitimacy.

I

IPF Digital

ipfdigital.com

54

IPF Digital is a credit solutions provider established in 2015, offering fast, flexible, and user-friendly credit services. The website targets businesses and consumers seeking credit solutions, positioning itself as a niche player in the finance sector. The company appears to be small in size with consistent branding and a professional online presence. The website is built using modern technologies such as Vue.js and integrates Google Analytics for user tracking. Hosting is managed via EuroDNS S.A., with domain registration consistent with the company's founding date. Security posture is moderate with HTTPS enabled and domain status clientTransferProhibited, but lacks DNSSEC and security headers. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy policy or terms of service. Contact is available only through a web form, with no direct emails or phone numbers found. Overall, the website is functional and professional but could improve in privacy and security transparency.

D

Dolm IT

dolmit.com

55

Dolm IT is a specialized software development company based in Estonia, focusing on delivering complex enterprise and government software solutions. Established in 2015, the company positions itself as a customer-obsessed partner offering services including software engineering, product management, consulting, and UX architecture. Their clientele spans private and public sectors, including notable companies and government organizations, highlighting a trusted market position in the technology industry. Technically, the website employs modern web technologies such as Bootstrap, Google Tag Manager, and Google Analytics, indicating a moderate level of digital maturity. The site is mobile-optimized with good SEO practices, though accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not implement DNSSEC, which could enhance domain security. The absence of privacy and cookie policies, as well as no visible incident response or vulnerability disclosure mechanisms, indicates gaps in compliance and security transparency. Overall, Dolm IT presents a professional and credible online presence with a solid business foundation. To improve risk posture and compliance, the company should implement comprehensive privacy and cookie policies, enhance security headers, and publish security and incident response information.

P

PoliLingua

neontranslations.com

70

PoliLingua is a professional translation agency established in 2002, offering a wide range of language services including translation, localization, voice-over, subtitling, and interpreting. The company serves corporate, government, and private sector clients globally, with specialization in over 100 languages and multiple industry sectors. The website demonstrates a mature digital presence with comprehensive service descriptions, certifications, and client testimonials, positioning PoliLingua as a reputable player in the language services market. Technically, the website employs modern JavaScript frameworks such as Alpine.js and integrates multiple analytics and marketing tools including Google Tag Manager, Facebook Pixel, and Ahrefs Analytics. The site is mobile-optimized, SEO-friendly, and uses HTTPS with good security practices, although some HTTP security headers are not explicitly detected. Cookie consent and privacy policies are implemented with GDPR compliance. From a security perspective, PoliLingua shows a solid posture with ISO 17100 certification indicating quality management. However, the absence of WHOIS registration data and lack of visible contact emails or incident response information slightly reduce trust. No WAF or blocking mechanisms were detected, and no critical vulnerabilities were found in the visible content. Overall, PoliLingua presents a professional and trustworthy online presence with minor areas for improvement in transparency and security disclosures. The domain WHOIS inconsistency warrants further verification to ensure full legitimacy.

Avor Kindlustusmaakler OÜ is an established insurance brokerage firm based in Estonia, founded in 2010. The company specializes in providing insurance brokerage services to both private individuals and corporate clients, focusing on risk reduction, insurance planning, contract management, and claims assistance. Their market position is that of a trusted intermediary registered with the Estonian financial supervisory authority, offering tailored insurance solutions. The website is professionally designed, primarily in Finnish, and targets the Estonian market with clear navigation and relevant content. Technically, the site uses modern web technologies including Alpine.js, jQuery, and Google Analytics, hosted on the Voog CMS platform, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and incident response disclosures. Overall, the website reflects a credible and professional business with appropriate digital maturity and compliance awareness.

G

Government Technology Agency

nhb.gov.sg

71

gov.sg is the official Singapore Government portal managed by the Government Technology Agency, established in 1996. It serves as a comprehensive platform for disseminating government policies, initiatives, and public engagement opportunities to Singapore residents and stakeholders. The website demonstrates a strong market position as the primary government information source, with extensive content and trusted branding. Technically, the site leverages modern frameworks such as React and Next.js, hosted on Akamai infrastructure, ensuring fast performance and excellent mobile optimization. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although DNSSEC is not enabled. Privacy compliance is partial, with a comprehensive privacy policy but lacking explicit cookie consent mechanisms. Business credibility is high, supported by consistent WHOIS data and official government ownership.

E

Estanc AS

estanc.ee

68

Estanc AS is an Estonian-based manufacturing company specializing in static process equipment for high-impact industries such as pulp & paper, chemical, petrochemical, carbon capture, energy, hydrogen, and marine sectors. The company offers end-to-end services including design, engineering, manufacturing, project management, quality control, delivery, and installation. Their website reflects a professional and modern digital presence with a focus on user experience and clear communication of their core values and services. Technically, the site is built on WordPress, leveraging modern performance and consent management tools, and is hosted behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response information are not publicly disclosed. Privacy compliance is partially addressed with a comprehensive cookie consent mechanism but lacks a dedicated privacy policy page. Overall, the website is trustworthy and credible, supported by consistent WHOIS data and a clear business focus.

D

Dignified Children International

dignifiedchildreninternational.org

57

Dignified Children International is a non-profit organization focused on child development and protection in Kenya, serving vulnerable children. The website is built on the Wix platform and uses standard Wix technologies along with Google Analytics and Google Tag Manager for visitor tracking. The site is accessible over HTTPS with a valid SSL certificate, indicating a secure connection. However, the absence of visible privacy and cookie policies, as well as missing contact information, limits the site's privacy compliance and user trust. The WHOIS data is unavailable due to a malformed request, which reduces transparency about domain ownership. Overall, the website presents a professional appearance but would benefit from enhanced privacy disclosures and security headers to improve compliance and trustworthiness.

Y

YFU Eesti

yfu.ee

42

YFU Eesti is a non-profit organization dedicated to fostering an open and active civic society by providing international educational exchange programs for youth aged 14-18 and Estonian families. The organization operates a well-structured website built on WordPress with WooCommerce and Elementor, reflecting a mature digital presence. The site includes comprehensive information about their programs, volunteer opportunities, and support for host families and students. Technically, the website employs modern tracking and analytics tools such as Google Analytics, TikTok Pixel, and Facebook Pixel, integrated via Google Tag Manager, ensuring effective marketing and user engagement tracking. Security-wise, the site enforces HTTPS, implements key security headers, and avoids exposing sensitive data, though it lacks a dedicated security policy or incident response page. Overall, the website demonstrates a solid security posture and good privacy compliance, with clear contact channels and GDPR-aligned data protection information. Strategic recommendations include publishing explicit security policies, enhancing accessibility, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

T

Tallinna Ülikooli Akadeemiline Raamatukogu

tlulib.ee

59

Tallinna Ülikooli Akadeemiline Raamatukogu is the academic library of Tallinn University, serving both the university community and the general public. It offers extensive resources including 15 reading rooms and over 2.6 million items, supporting research, study, and academic activities. The website is professionally designed with clear navigation and multilingual support, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins and SEO optimizations, ensuring good performance and mobile responsiveness. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security policies and vulnerability disclosure channels. Overall, the website is trustworthy and credible, aligned with the institution's academic mission.

P

Positium

positium.com

60

Positium is a specialized data analytics company focused on transforming anonymised mobile positioning data into actionable statistical insights primarily for mobility, tourism, and population sectors. Established in 2003 and based in Estonia, Positium serves government and private sector clients with data-driven solutions that support sustainable decision-making. The company holds a strong market position as a leader in mobile phone data analytics, supported by partnerships with notable organizations such as Eurostat and the International Telecommunication Union. Technically, the website is built on the Voog CMS platform and integrates modern analytics and marketing tools including Google Analytics, Hotjar, and LinkedIn Insight Tag. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some improvements in security headers and DNSSEC implementation are recommended. The hosting appears stable with no signs of blocking or WAF interference. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, there is no explicit security policy or incident response contact information published, which could be enhanced to improve trust and compliance. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, Positium's website reflects a professional and trustworthy digital presence with solid privacy compliance and business credibility. Strategic recommendations include enabling DNSSEC, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen security posture and stakeholder confidence.

S

Sajos & Portress

sajosportress.lv

47

Sajos & Portress is a Latvian retail business specializing in garage doors, door automation, and related home access products, prominently featuring Hormann brand promotions. The company targets local customers interested in home improvement and automotive accessories, leveraging event participation such as the Auto 2025 exhibition to enhance market presence. The website is built on the Mozello CMS platform, hosted via Amazon CloudFront CDN, and employs common JavaScript libraries including jQuery and Fancybox. It features a cookie consent mechanism and Google Analytics for user tracking, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and no visible exposed sensitive data; however, the absence of security headers and a formal privacy policy page are notable gaps. The lack of WHOIS registration data for the domain raises concerns about domain legitimacy and trustworthiness, which impacts overall business credibility. Strategic improvements in compliance documentation, security headers, and domain registration transparency are recommended to strengthen trust and security.

Q

Quretec OÜ

quretec.com

57

Quretec OÜ is an Estonian technology company specializing in the development of secure and reliable information systems, with a strong focus on healthcare, government, and transportation sectors. Their offerings include software development services, a proprietary Qure platform for building web-based information systems, and specialized solutions such as health registries, laboratory software, and business information systems. The company targets organizations requiring robust and trustworthy IT solutions, particularly in regulated environments. Technically, the website is built using Mobirise Website Builder with Bootstrap 5, incorporating modern web technologies such as Google Fonts, Animate.css, and parallax effects. The site is mobile-optimized and presents a professional design with clear navigation. However, performance is moderate and accessibility features are basic. Google Analytics is used for user tracking without visible privacy or cookie consent mechanisms. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No forms with data input were detected on the main page, reducing immediate risk exposure. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration status, which impacts overall trust. Overall, while the business and website appear professional and focused on secure IT solutions, the missing WHOIS data and lack of privacy compliance documentation represent notable risks. Strategic improvements in security headers, privacy policies, and domain registration transparency are recommended to enhance trust and compliance.

H

Harmet

harmet.ee

40

Harmet is an established Estonian manufacturer specializing in modular houses and construction cabins since 1997. The company operates multiple related domains and maintains a professional web presence with clear contact information and social media channels. Their business model focuses on manufacturing and delivering turnkey modular building solutions to clients seeking efficient construction alternatives. The website is built on WordPress with multilingual support, leveraging modern JavaScript libraries and Google Analytics for tracking. While the site is well-structured and provides good user experience, it lacks visible privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS enabled but missing key security headers and incident response information. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

4

4Room

4room.ee

48

4Room is an Estonian manufacturer and retailer specializing in tailor-made design lighting products such as pendant lamps, ceiling lamps, and fabric shades. The company targets customers seeking high-quality, design-oriented lighting solutions, positioning itself as a niche player with a focus on Estonian design aesthetics. The website is professionally designed with good mobile optimization and clear navigation, supporting the business model of online retail and custom manufacturing. Technically, the site uses a ShopRoller CMS platform with common JavaScript libraries and tracking tools like Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and explicit incident response policies. Privacy compliance is basic with a privacy policy and terms of service present, but no cookie consent mechanism is implemented. Overall, the website is trustworthy and functional, though improvements in security and privacy transparency are recommended.

D

Dzingel AS

dzingel.ee

42

Hotel Dzingel is a medium-sized hospitality business based in Tallinn, Estonia, operating since 2010. The company offers accommodation, dining, and conference services targeting both business and leisure travelers. The website is professionally designed with multilingual support and clear navigation, reflecting a mature digital presence. Technically, the site is built on WordPress with modern SEO and consent management tools, ensuring GDPR compliance and user privacy. Security posture is good with HTTPS and consent mechanisms, though explicit security policies and headers could be improved. Overall, the website and domain registration data indicate a legitimate and trustworthy business with moderate tracking and advertising practices.

S

Snowhound

snowhound.eu

66

Snowhound is a technology company specializing in software development, consulting, and training services primarily targeting businesses and organizations. Their market position is that of a trusted software development partner focused on delivering quality solutions that simplify and optimize client operations. The company operates mainly in Estonia with offices in Tartu and Tallinn. The website presents a professional and consistent brand image with detailed case studies and client testimonials, indicating a strong business credibility. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder and Slider Revolution. It employs modern web technologies including lazy loading for images and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized and performs moderately well, though accessibility features are basic. Hosting details are not explicitly disclosed. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policies, incident response information, and security headers which are recommended best practices. Privacy compliance is partial, with a cookie consent banner present but no privacy policy or terms of service pages found, representing a compliance gap. Overall, the website is professional and trustworthy with good business and technical foundations. The main risks relate to privacy compliance and security policy transparency. Addressing these gaps would enhance trust and regulatory adherence.

G

GiftTime Rugby

gifttimerugby.com

42

GiftTime Rugby is a niche media website dedicated to rugby-related content including news, podcasts, interviews, and movie reviews. Founded in 2013, it serves rugby enthusiasts with a variety of multimedia content and advertising opportunities. The website is built on WordPress with Elementor, leveraging modern web technologies and Google services for analytics and monetization. The site demonstrates good content quality and user experience with consistent branding and clear navigation. Security posture is adequate with HTTPS enabled and domain registration protections, but lacks advanced security headers and explicit privacy or cookie policies. Overall, the site is legitimate and functional but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

L

LTH-Baas

lth-baas.com

47

LTH-Baas operates as a specialized marine technical and outfitting contractor providing integrated ship services. The website presents a professional and well-structured digital presence targeting maritime industry stakeholders such as ship owners and marine contractors. The technical infrastructure is based on WordPress CMS with common plugins and Google Analytics integration, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and use of reCAPTCHA and cookie consent mechanisms; however, the absence of security headers and explicit security policies limits the overall security maturity. The lack of WHOIS registration data and absence of privacy and contact information represent notable gaps in business credibility and compliance. Overall, the website is functional and professional but requires improvements in transparency and security documentation to enhance trust and compliance.

P

Patrika News

rajasthanpatrika.com

56

Patrika News is a prominent Hindi-language news portal focused on Rajasthan state news, offering a wide range of content including political, crime, sports, tourism, education, business, cultural, and social news. The website targets Hindi-speaking audiences interested in regional news and provides multimedia content such as photos, videos, short videos, web stories, live TV, and e-paper services. Technically, the site is built using modern web technologies including React, Next.js, Tailwind CSS, and AMP, and integrates multiple analytics and advertising platforms such as Google Analytics, Chartbeat, Comscore, and Google DoubleClick. The site is mobile-optimized and SEO-friendly with good navigation and content relevance. Security-wise, the site enforces HTTPS and uses asynchronous script loading but lacks visible security headers and formal security policies or incident response contacts. The WHOIS data is unavailable, which raises concerns about domain transparency but the active and professional nature of the site suggests legitimacy. Privacy and cookie policies are not found, indicating a gap in compliance. Overall, the site is a well-established regional news platform with room for improvement in privacy and security transparency.

ByteLife Solutions OÜ is an established Estonian IT infrastructure company specializing in providing comprehensive IT infrastructure solutions including cloud services, network and server infrastructure, security, and log management. The company positions itself as a pioneer in the Estonian market with strong partnerships with major technology vendors such as Cisco, Dell/EMC, Nutanix, VMware, and Fortinet. Their services target government agencies, financial institutions, healthcare, telecommunications, and energy sectors, emphasizing flexibility and comprehensive lifecycle management of IT services. Technically, the website is built on WordPress with modern frontend technologies like Tailwind CSS and integrates analytics and customer engagement tools such as Google Analytics and Zoho SalesIQ. The site is well-optimized for mobile and accessibility, with fast performance and good SEO practices. However, explicit privacy and cookie policies are missing, which is a compliance gap. From a security perspective, ByteLife demonstrates maturity with ISO 9001 and ISO 27001 certifications and HTTPS enforcement. There is room for improvement in publishing security headers, incident response contacts, and vulnerability disclosure mechanisms. The absence of WHOIS registration data reduces domain trustworthiness, but the professional presentation and business information support legitimacy. Overall, ByteLife Solutions presents a professional and credible IT service provider with strong market positioning in Estonia and the Baltics. Strategic improvements in privacy compliance and security transparency would enhance trust and regulatory adherence.

T

Tridens

tridens.si

51

Tridens is a technology company specializing in digital solutions for monetization, billing, and EV charging, targeting industries such as Communications, Energy & Utility, Media, Software, and e-Mobility. Founded in 2018, the company positions itself as a B2B service provider with a focus on innovative digital transformation solutions. The website reflects a professional and consistent brand image with a clear business focus. Technically, the website is built on WordPress using the Elementor framework, hosted on AWS infrastructure with Cloudfront CDN. It integrates multiple analytics and tracking tools including Google Analytics, Facebook Pixel, LinkedIn Insight Tag, Hotjar, and Microsoft Clarity, indicating a mature digital marketing approach. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site enforces HTTPS and implements key security headers, contributing to a solid security posture. However, DNSSEC is not enabled, and there is a lack of explicit security policies or incident response contacts. Privacy compliance is limited due to the absence of a dedicated privacy policy and terms of service pages, which are critical for GDPR and other regulations. Overall, the website is functional, professional, and secure but would benefit from enhanced privacy compliance and transparency measures to improve trust and regulatory adherence.

E

Eastern Mediterranean University Cyprus

emu.edu.tr

60

Eastern Mediterranean University Cyprus is a prominent state university in North Cyprus offering a wide range of associate, undergraduate, and postgraduate degree programs. The institution holds a strong market position as the only state university in the region, supported by multiple accreditations, recognitions, and international rankings. The website reflects a comprehensive academic and administrative structure targeting prospective students, current students, alumni, and academic partners. The university emphasizes research, continuing education, and international exchange programs, indicating a mature and diverse educational business model. Technically, the website employs modern web technologies including Bootstrap, FontAwesome, Google Fonts, and integrates advanced analytics and marketing tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine understanding. Hosting and performance appear moderate, with no detected CMS but likely a custom or proprietary system. From a security perspective, the site enforces HTTPS with excellent SSL configuration and uses secure external scripts. However, it lacks visible security headers and explicit security or incident response policies. There is no cookie consent mechanism, which is a compliance gap given GDPR relevance. No vulnerabilities or exposed sensitive data were detected, indicating a generally strong security posture. Overall, the website is professional, trustworthy, and well-maintained, with minor improvements recommended in privacy compliance and security transparency to enhance user trust and regulatory adherence.

S

Stereo Creative

stereocreative.com

60

Stereo Creative is a global creative agency specializing in culturally charged branding and marketing services. The website presents a professional and visually rich experience, showcasing recent projects and emphasizing brand building that engages audiences culturally. The agency targets brands seeking innovative and culturally relevant creative campaigns. Technically, the website is built using Framer, a modern web design platform, and integrates analytics tools such as Google Analytics, HubSpot, and LinkedIn Insight Tag, indicating a moderate level of digital maturity. The site is mobile optimized and performs moderately well, with good SEO and accessibility basics in place. Security-wise, the site uses HTTPS and does not expose sensitive data, but lacks important security headers and formal privacy or cookie policies, which are critical for compliance and user trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content itself appears professional and active. Overall, the site scores moderately on content quality and technical implementation but falls short on privacy compliance and business credibility due to missing contact and legal information.

B

Bikeep

bikeep.com

54

Bikeep is a medium-sized Estonian company founded in 2012, specializing in smart micromobility infrastructure including commercial bike racks, smart bike lockers, and e-scooter stations. The company targets municipalities, transit companies, commercial and residential properties, positioning itself as a global leader in smart bike parking and charging solutions. The website is built on WordPress with modern plugins and tracking tools, optimized for performance and mobile use. Security posture is good with HTTPS and domain transfer protections, but lacks DNSSEC and some security headers. Privacy compliance is partial with cookie consent but no explicit privacy policy found. Business credibility is high with clear company information, testimonials, and references. Overall, the website is professional and trustworthy but could improve privacy and security transparency.

M

Merko

merko.ee

48

Merko is a well-established Estonian construction and real estate development company with a strong regional presence in the Baltics and Norway. The company offers comprehensive construction services including building, infrastructure, and material production, serving clients seeking residential and commercial properties. Their website reflects a mature digital presence with multi-language support, detailed project portfolios, and integration of modern analytics and marketing tools. The technical infrastructure is based on WordPress CMS with common industry-standard technologies and good mobile optimization. Security posture is strong with HTTPS enforced and no obvious vulnerabilities detected, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, enhancing trust and compliance. Overall, Merko demonstrates a professional and credible online presence aligned with their business operations.

R

Reach-U

reach-u.com

63

Reach-U is a technology company specializing in location-based solutions for telecommunications, security, and smart city sectors. With a claimed 30 years of experience and operations across 34 countries, they serve a large subscriber base globally. The website is professionally designed, hosted on the Weebly platform, and incorporates standard analytics and cookie consent mechanisms. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and transparency. Security posture is generally good with HTTPS and cookie consent, but outdated libraries and missing security headers suggest room for improvement. Contact information is limited, and no explicit security or incident response policies are published.

N

Novian Group

andmevara.ee

60

Novian Group is a well-established IT services and solutions provider operating primarily in Estonia and the Baltic region, with subsidiaries in Lithuania, Norway, and Rwanda. The company specializes in IT infrastructure management, software development, digitization, and e-government solutions, serving both enterprise and public sector clients. Their market position is strong, supported by over 30 years of experience and a broad portfolio of services tailored to complex IT needs. The website reflects a mature digital presence with multilingual support and comprehensive service descriptions. Technically, the site is built on WordPress with modern plugins and libraries, optimized for performance and SEO. Security posture is solid with HTTPS, cookie consent management, and use of reCAPTCHA, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site demonstrates professionalism, compliance with GDPR, and effective use of analytics and marketing tools, positioning Novian as a credible and trustworthy technology partner.

R

RRK Logistics Parks Rental Warehouses Logistics Services

rrk.ee

45

RRK Logistics Parks Rental Warehouses Logistics Services operates a professional website offering rental warehouse and logistics park spaces primarily in Estonia. The company positions itself as the largest provider of warehouse and production spaces, targeting businesses requiring logistics and storage solutions. The website is multilingual, supporting Estonian, English, and Russian, enhancing accessibility to a broader audience. The business appears medium-sized with a domain age consistent with an established presence since 2010. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and Yoast SEO for optimization. Google Analytics and Google reCAPTCHA are integrated for analytics and security. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate with no critical technical issues detected. From a security perspective, the site uses HTTPS and implements invisible reCAPTCHA on forms, indicating attention to bot mitigation. However, no security headers were detected, and there is a lack of published privacy, cookie, or security policies, which are important for compliance and trust. No contact emails or phone numbers were found in the provided content, limiting direct communication channels. Overall, the website is professional and functional but has gaps in privacy compliance and security best practices. Strategic improvements in policy publication, security headers, and contact transparency would enhance trust and compliance.

E

Eesti Evangeelne Luterlik Kirik

eelk.ee

46

The Eesti Evangeelne Luterlik Kirik (Estonian Evangelical Lutheran Church) operates a well-structured official website providing comprehensive information about the church's history, organization, clergy, and community activities. The site targets church members and the Estonian public, offering religious content, news, and contact details. The website is built on WordPress with Bootstrap and includes integrations such as Google Analytics and Facebook SDK for user engagement and tracking. While the site is professionally designed with good navigation and mobile optimization, it lacks explicit privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing advanced security headers and DNSSEC. The domain is well-established since 2010, registered through a reputable Estonian registrar, aligning with the church's official status. Overall, the website is credible and functional but would benefit from enhanced privacy compliance and security hardening.

L

LVL UP OÜ

levelup.ee

45

LVL UP OÜ operates the website levelup.ee as a digital recruitment agency specializing in fast and efficient talent acquisition for Estonian businesses. The company leverages digital marketing, social media, and recruitment software to identify and attract candidates aligned with client needs. The website presents a professional and modern digital presence with clear branding and multimedia content to engage visitors. Technically, the site is built on WordPress with Elementor and Yoast SEO, supported by Cloudflare DNS and CDN services, ensuring good performance and SEO readiness. Security posture is solid with HTTPS and bot protection scripts, though explicit security headers are not fully evident. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Contact information is available primarily via email and contact forms, with social media integration enhancing trust. Overall, the site is credible and well-positioned in its niche but would benefit from enhanced privacy and security disclosures.

L

Loovuskohvik OÜ

loovuskohvik.ee

40

Loovuskohvik OÜ operates a creative wellbeing studio website focused on personal development, creativity, and empowerment. The company offers workshops, trainings, and creative therapy services targeting individuals and teams interested in holistic growth. The website is professionally designed using WordPress with Elementor and Astra theme, showing moderate technical maturity and good mobile optimization. Security posture is adequate with HTTPS enabled and nonce tokens in forms, but lacks some security headers and explicit privacy and cookie policies. The domain is well-established since 2010, registered with a reputable Estonian registrar, consistent with the business profile. Overall, the site is trustworthy but would benefit from enhanced privacy compliance and security hardening.

T

Tallinna Teeninduskool

teeninduskool.ee

47

Tallinna Teeninduskool is a well-established vocational education institution in Estonia specializing in hospitality, catering, spa services, and commerce. The website reflects a medium-sized educational entity with a strong focus on practical training and international cooperation, including Erasmus+ projects. The digital infrastructure is built on WordPress with modern plugins and analytics tools, providing a good user experience and mobile optimization. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Privacy compliance is robust, with clear policies and GDPR adherence. Overall, the website presents a trustworthy and professional image consistent with its educational mission.

C

Comedy Estonia

comedyestonia.com

52

Comedy Estonia is a small media company specializing in promoting stand-up comedy culture and talent management across Estonia. The website serves as a platform for event promotion, talent showcases, and audience engagement through newsletters and social media. The technical infrastructure is based on WordPress with common plugins for events and forms, integrating Google Analytics and Facebook Pixel for marketing and tracking. Security posture is generally good with HTTPS and CAPTCHA protections, but lacks advanced security headers and formal privacy/cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and social presence indicate an active business. Overall, the site is functional and professional but requires improvements in compliance and domain transparency.

A

AS Orient Office

kontorikaubad.ee

46

AS Orient Office operates a professional e-commerce website offering a broad range of office supplies, paper goods, household items, food products, and electronics primarily targeting Estonian businesses and consumers. The company has an established market presence since 2011 and provides a comprehensive product catalog with clear navigation and a consistent brand presentation. The website is built on Drupal CMS and leverages common web technologies including jQuery, Bootstrap, and Google Analytics for tracking and marketing purposes. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure; however, the absence of security headers and incident response contacts indicates room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which poses a compliance risk under GDPR. Overall, the website is trustworthy and credible but would benefit from enhanced privacy and security practices to strengthen user trust and regulatory compliance.

S

SA Estonian Business School

ebs.ee

47

Estonian Business School (EBS) is a reputable educational institution based in Estonia, specializing in business and entrepreneurship education. The website reflects a mature organization with a broad offering including bachelor, master, doctoral, executive education, and micro-credentials. The institution also operates a gymnasium and has an international presence in Helsinki. The site is well-structured, professionally designed, and provides comprehensive content relevant to its audience of students, alumni, and business professionals. Technically, the site is built on Drupal 9 and integrates multiple modern analytics and marketing tools, ensuring good digital maturity. Security posture is strong with HTTPS, security headers, and privacy compliance mechanisms including GDPR-aligned cookie consent and privacy policy. WHOIS data confirms legitimacy with a government-related registrar and consistent domain age. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy and security best practices.

O

OT Malta Ltd

onetouch.io

62

OneTouch is a Malta-based mobile casino game developer specializing in premium mobile-first games, including the world’s best mobile Baccarat. The company operates under OT Malta Ltd and holds a Malta Gaming Authority B2B Critical Supply License, positioning it as a trusted supplier in the iGaming industry. The website reflects a professional and consistent brand with clear industry partnerships and testimonials, targeting mobile casino operators and players globally. Technically, the site is built on WordPress with modern SEO and analytics tools, delivering a good user experience with mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, though improvements in security headers and cookie consent are recommended. WHOIS data is unavailable, limiting domain transparency, but regulatory licensing and business information support legitimacy. Overall, the site is credible, well-structured, and aligned with industry standards.

D

DataFeedWatch by Cart.com

datafeedwatch.com

70

DataFeedWatch by Cart.com is a leading SaaS platform specializing in product feed management and optimization for eCommerce brands, retailers, and agencies globally. The platform supports integration with over 2000 shopping channels and marketplaces, offering advanced features such as AI-generated product titles and descriptions, feed validation, and custom campaign labels. The company positions itself as a top-rated solution with a strong client base including major brands like adidas and Decathlon. Technically, the website is built on HubSpot CMS with React, leveraging a modern tech stack and multiple analytics and marketing tools, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are not published. The absence of WHOIS data introduces some trust concerns, but overall the site demonstrates professionalism and strong business credibility.

M

Moosedog Oy

moosedog.fi

52

Moosedog Oy is a Finnish innovation company specializing in patenting, trademark protection, and intellectual property rights (IPR) services globally. Established in 2010, the company offers a comprehensive suite of services including patent searches, trademark registrations, design protections, innovation workshops, and patent commercialization. Moosedog has built significant patent portfolios for numerous startups, contributing to a combined exit valuation exceeding fifteen billion euros. The company is a founding member of the Aalbun international network, enabling cost-effective patent services worldwide. Additionally, Moosedog embraces virtual environments for innovative service delivery.

S

SELF II

self.ee

41

SELF II is an established Estonian training and development company operating since 1989, specializing in practical, activity-based training, consulting, and coaching services aimed at individuals, teams, and organizations. The company offers a broad range of services including leadership development, personnel consulting, and change management support. Their market position is that of a trusted, small-sized education provider with a long-standing presence in Estonia. Technically, the website is built on WordPress using Elementor and Yoast SEO, hosted by Zone Media OÜ, and employs modern web technologies with good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though the site lacks published security policies and security headers. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security transparency.

F

Fin-Tek Ozone Water Treatment

fin-tek.com

60

Fin-Tek Ozone Water Treatment is a specialized service provider with over 30 years of experience in the design, installation, maintenance, and optimization of ozone generating systems. The company focuses on delivering environmentally responsible water treatment solutions, targeting industrial and commercial customers requiring ozone generator services and related maintenance. Their market position is that of a niche, experienced provider with a clear emphasis on quality and reliability. The website reflects this with detailed service descriptions and regional contact phone numbers, supporting their global reach in the US, Asia/Pacific, and Europe. Technically, the website is built on WordPress using modern plugins and themes such as Astra and Beaver Builder, with integration of CleanTalk Anti-Spam and Google Analytics for spam protection and analytics respectively. The site is mobile optimized and performs moderately well, with good SEO and accessibility basics. Hosting details are limited but the domain registrar is Hostopia Canada Corp, consistent with the company's Canadian origin. From a security perspective, the site uses HTTPS and anti-spam measures but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. No privacy or cookie consent mechanisms are present, indicating partial GDPR compliance. No incident response or security policies are published, which could be improved to enhance trust and readiness. Overall, the website is professional and trustworthy with a solid business foundation. Strategic improvements in security headers, privacy compliance, and published security policies would strengthen their security posture and regulatory adherence, supporting continued business growth and customer confidence.

M

Metaprint AS

metaprint.com

49

Metaprint AS is an international manufacturing group specializing in metal containers, with a well-established presence since 2006. The company targets industrial clients requiring metal packaging solutions, positioning itself as a reliable medium-sized manufacturer in the sector. Their website reflects a professional and consistent brand image, providing clear business information and contact details. Technically, the site is built on WordPress with modern libraries such as jQuery and Bootstrap, and integrates Google Analytics and Tag Manager for marketing insights. The site is mobile-optimized and SEO-friendly, though performance is moderate. From a security perspective, the website employs HTTPS and a comprehensive cookie consent mechanism that supports GDPR compliance. However, there is room for improvement in security headers and explicit security policies. No incident response or vulnerability disclosure information is provided, which could enhance trust and preparedness. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, with no privacy protection masking registrant details. Overall, the website demonstrates a solid digital maturity with good privacy compliance and business credibility. The main risks relate to the absence of detailed security policies and vulnerability disclosure mechanisms. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security and incident response policies, and introducing terms of service to strengthen legal and compliance posture.

V

Viron ulkoilmamuseo

evm.ee

54

Viron ulkoilmamuseo (Estonian Open Air Museum) operates as a cultural and educational institution showcasing Estonia's rural heritage through exhibitions, events, and educational programs. The museum targets families, tourists, and cultural enthusiasts, positioning itself as a leading open-air museum in Estonia with a medium organizational size and a history dating back to 2010. The website is professionally designed, multilingual, and provides comprehensive visitor information and event details. Technically, the site uses modern web technologies including Voog CMS, Google Analytics, Facebook Pixel, and Leaflet.js for interactive maps. It is hosted by Zone Media OÜ, an Estonian registrar and hosting provider. Security posture is good with HTTPS enforced and secure forms, though some security headers and cookie consent mechanisms are missing. Privacy compliance is adequate with a clear privacy policy and consent on newsletter subscription, but lacks a cookie banner. Overall, the site is trustworthy and credible with active social media presence and clear contact information.

C

Comodule

comodule.com

59

Comodule is a specialized IoT solutions provider focused on connectivity for e-bikes and light electric vehicles. Their offerings include flexible IoT solutions tailored for manufacturers, fleet operators, and software developers, positioning them as a leading player in the emissionless transport technology sector. The website reflects a professional digital presence with clear navigation and targeted content for their audience. Technically, the site is built on Squarespace with integration of multiple analytics and marketing tools, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced and use of reCAPTCHA, but lacks advanced security headers and explicit security policies. The absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, though the overall business presentation and related domains support credibility. Privacy compliance is partially addressed via cookie consent but lacks a visible privacy policy or terms of service. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and security policies, and improving WHOIS transparency to strengthen trust.

T

Trustek

trustek.eu

45

Trustek is a medium-sized European manufacturing company specializing in roof trusses and construction materials. The company targets construction professionals and contractors across multiple European countries, as evidenced by its multilingual websites. The business model focuses on B2B manufacturing and supply with additional services such as delivery and installation. The website is professionally designed using WordPress with the Divi theme, integrating modern analytics and consent management tools. Security posture is good with HTTPS enforced, security headers present, and use of reCAPTCHA on forms. However, the absence of a public security policy and incident response information indicates room for improvement in transparency and preparedness. Overall, the website and business appear legitimate and trustworthy, though WHOIS privacy limits domain registration transparency.