Security Directory

S

Smart MasterKey

blelocking.com

57

Smart MasterKey is a technology company specializing in cloud-based access control solutions that unify mobile smart keys with property systems. The company offers a SaaS platform with features such as digital access administration, multiple access types, integration with existing security infrastructure, and white-label options. Positioned as an innovator with TÜV SÜD certifications and industry awards, Smart MasterKey targets businesses and organizations across sectors including energy, real estate, hospitality, and critical infrastructure. The website demonstrates a high level of professionalism, clear navigation, and multilingual support, reflecting a mature digital presence for a company founded in 2024. Technically, the website is built on WordPress hosted on Amazon AWS infrastructure, utilizing modern JavaScript libraries and analytics tools such as Google Analytics and HubSpot. Performance and mobile optimization are good, with SEO best practices implemented. Security posture is solid with HTTPS enforced and no exposed sensitive data, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. Overall, the security posture is strong but could be enhanced by publishing explicit security policies and incident response contacts, enabling DNSSEC, and adding vulnerability disclosure mechanisms. The domain registration is consistent with the company's founding timeline and shows no suspicious patterns, supporting legitimacy. Strategic recommendations include improving DNS security, enhancing transparency around security policies, and continuing to build trust through certifications and clear contact channels.

U

Unique Hotels Group

uhotelsgroup.com

47

Unique Hotels Group operates a small portfolio of lifestyle hotels in Estonia, focusing on boutique hospitality experiences with historical ambiance and modern amenities. Their services include hotel accommodations, dining, spa treatments, seminars, and gift cards, targeting tourists and business travelers. The website is professionally designed using WordPress with modern technologies and supports multiple languages. Privacy and cookie policies are implemented, and contact information is clearly provided. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy, though the website content and business information appear authentic. Security posture is generally good with HTTPS enforced, but security headers are missing, and no incident response or vulnerability disclosure information is provided. Overall, the website is functional, trustworthy, and well-positioned in the hospitality market in Estonia.

I

Iglu

iglu.ee

58

Iglu is an Estonian software development company specializing in business analysis, UI design, and development of e-services, self-service portals, and Java portals. Founded in 2013, it serves a range of clients including telecommunications, banking, and government sectors, positioning itself as a reliable partner with strong client relationships and a focus on agile development. The website reflects a professional and modern digital presence built on Gatsby and React technologies, with integration of Google Analytics and Tag Manager for performance and user tracking. Security posture is solid with HTTPS enabled and no exposed sensitive data, though the absence of security headers and formal security policies indicates room for improvement. Privacy compliance is lacking as no privacy or cookie policies are found, which is a notable gap given GDPR requirements. Overall, the site is well-designed and trustworthy, but enhancing privacy and security transparency would strengthen its compliance and user trust.

S

SecureOps

secureops.com

68

SecureOps is a Canadian-based boutique cybersecurity service provider with over 25 years of industry experience, offering managed security services including 24/7 SOC monitoring, security infrastructure management, vulnerability management, and professional services. The company emphasizes personalized, collaborative, and scalable cybersecurity solutions tailored to enterprise clients across multiple sectors globally. Their market position is strengthened by a SOC 2 Type 2 certification and a strong reputation for quality service delivery. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, HubSpot, and multiple marketing and tracking tools. The site is well-optimized for SEO and mobile devices, with good performance and accessibility features. Hosting and domain registration are consistent with the business claims, with Amazon Registrar as the registrar and a domain age of over 20 years. Security posture is strong with HTTPS enforced, use of reCAPTCHA on forms, and no visible sensitive data exposure. However, DNSSEC is not enabled and security headers are not explicitly detected, indicating room for improvement. Privacy compliance is good with a clear privacy policy and cookie consent mechanism, though no explicit GDPR statement or data retention policies were found. Overall, SecureOps presents a professional and trustworthy online presence with comprehensive service offerings and solid technical infrastructure. Strategic improvements in security headers, incident response transparency, and vulnerability disclosure would further enhance their security posture and trustworthiness.

G

GT Tarkvara

soft.ee

37

GT Tarkvara is a well-established Estonian technology company specializing in software and cloud solutions, with over 25 years of market presence. The company positions itself as the largest software and related services provider in Estonia, targeting businesses and educational institutions. Their offerings include cloud solutions, software licensing, consulting, implementation, and ongoing support. The website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the website is built on WordPress with a modern tech stack including Gravity Forms, Google Analytics, Google Tag Manager, and LinkedIn Insight Tag. Hosting is managed via Azure DNS, indicating a reliable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search visibility. From a security perspective, the site uses HTTPS with good SSL configuration and employs reCAPTCHA v3 to protect forms. However, explicit security headers and published security policies are absent, and no incident response or vulnerability disclosure information is provided. Privacy compliance is partially addressed with a privacy and cookie policy present, but no active consent mechanism is implemented. Overall, GT Tarkvara's website demonstrates a strong business credibility and technical foundation with room for improvement in security policy transparency and privacy compliance mechanisms.

Solaris is a well-established cultural and commercial center located in the heart of Tallinn, Estonia. Founded in 2010, it offers a diverse range of services including retail shops, restaurants, entertainment venues, office spaces, and parking facilities. The website reflects a professional and modern digital presence, targeting local visitors and shoppers with relevant content and event information. The business maintains a solid market position as a key destination for shopping and cultural activities in Tallinn.

I

Industry62

industry62.com

60

Industry62 is a small, employee-owned digital design company operating primarily in Finland and Estonia, with offices in Helsinki, Turku, Tallinn, and Tampere. The company focuses on creating impactful digital services and positions itself as a human-centric, value-driven organization. Their website reflects a professional and consistent brand image, targeting businesses seeking digital design and development services. The technical infrastructure is based on the Squarespace platform, leveraging modern web technologies including Google Analytics and YouTube integrations, providing a moderate performance and good mobile optimization. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies, which is a notable gap given GDPR requirements. The domain WHOIS data is missing, raising concerns about domain registration legitimacy, though the website content and social media presence support the business's authenticity. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and clearer domain registration transparency.

A

AS Kevelt

kevelt.ee

41

AS Kevelt is an established Estonian pharmaceutical company specializing in the manufacturing, resale, and subcontracting of pharmaceuticals. The company emphasizes scientific approaches and strict quality controls to produce original and generic medicines, with ongoing research and innovation efforts to support long-term growth. The website targets healthcare industry stakeholders, partners, and investors, presenting a professional and consistent brand image with multilingual support in English, Russian, and Estonian. The business model focuses on pharmaceutical production and related services, positioning AS Kevelt as a reputable player in the Estonian healthcare sector. Technically, the website is built on WordPress CMS using a modern tech stack including Bootstrap, jQuery, Google Maps API, and several plugins such as Yoast SEO and Contact Form 7. The site is mobile-optimized with good SEO practices and moderate performance. Hosting and domain registration are managed by Zone Media OÜ, a legitimate Estonian registrar, with the domain active since 2010, aligning with the company's history. From a security perspective, the site enforces HTTPS and integrates Google reCAPTCHA v3 for form protection. However, it lacks several security headers and does not publish a security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial, with no cookie consent mechanism or detailed privacy policy visible, which could be improved to meet GDPR standards fully. Overall, AS Kevelt's website demonstrates a solid business presence with good technical implementation and a moderate security posture. Strategic improvements in privacy compliance and security policy transparency would enhance trust and regulatory adherence, supporting the company's professional image and operational security.

D

DUX

dux.ee

43

DUX is a small, established UX and UI design studio based in Estonia, founded in 2014. They specialize in creating digital experiences including mobile and desktop applications, websites, e-commerce platforms, and SaaS products. Their portfolio showcases over 200 projects, targeting NGOs, startups, SMEs, and global/local leaders, positioning them as a reputable design partner in the technology sector. The website is professionally designed with excellent content quality and clear navigation, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, Google Analytics, and Google Tag Manager, hosted by Elkdata OÜ, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no exposed sensitive data, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

Sportlyzer LLC. operates a SaaS platform focused on player development and team management software tailored for youth and amateur sports clubs. The platform facilitates membership management, invoicing, attendance tracking, communication, and athlete homework assignments, serving coaches, managers, players, and parents globally. The company maintains a professional web presence with mobile apps on iOS and Android, and a consistent brand image emphasizing ease of use and comprehensive sports club management. The website content is well-structured, informative, and targets sports organizations seeking digital management solutions. Technically, the website employs modern JavaScript frameworks and integrates multiple marketing and analytics tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized and uses HTTPS exclusively, ensuring secure data transmission. However, some security best practices like security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site shows no signs of vulnerabilities or exposed sensitive data. The lack of WHOIS data transparency is a moderate concern but does not outweigh the professional presentation and trust signals on the site. Privacy and terms of service pages are present and comprehensive, indicating attention to compliance, though explicit cookie consent is absent. Overall, the security posture is good but could benefit from additional transparency and policy disclosures. Strategically, Sportlyzer is positioned as a specialized SaaS provider in the sports management niche with a solid user base and positive testimonials. The company should focus on improving security headers, cookie consent, and publishing incident response policies to strengthen trust and compliance. Enhancing WHOIS transparency or providing verified domain registration details would also improve legitimacy perception.

H

HELMES

helmes.ee

74

Helmes is a well-established software development company specializing in custom software solutions, digital transformation, and consulting services. With over 30 years of experience and a global presence spanning 20 offices, Helmes serves more than 500 international clients including major organizations such as Airbus, Telia, OECD, and CERN. Their service portfolio includes mobile app development, legacy software modernization, data analytics, design, and cybersecurity services, positioning them as a comprehensive digital innovation partner for enterprises. Technically, the website is built on WordPress with modern SEO practices implemented via Yoast SEO. It integrates multiple analytics and consent management tools such as Google Analytics, Microsoft Clarity, Google Tag Manager, and Conseno for GDPR compliance. The site is mobile-optimized, accessible, and demonstrates good performance, although some security headers are not explicitly detected. The company holds ISO certifications (27001, 9001, 14001), reflecting a strong commitment to security and quality management. From a security perspective, Helmes employs HTTPS, Google reCAPTCHA, and a consent management platform to protect user data and ensure compliance. However, the absence of WHOIS registration data and lack of visible incident response contacts or security.txt file slightly reduce the overall trust score. No critical vulnerabilities or exposed sensitive data were detected in the analysis. Overall, Helmes presents a professional, trustworthy, and technically mature digital presence suitable for enterprise clients. Strategic recommendations include enhancing security headers, publishing incident response information, and verifying domain registration details to improve trust and compliance further.

H

HOOANDJA MTÜ

hooandja.ee

54

Hooandja is a well-established Estonian non-profit crowdfunding platform that enables creative, cultural, social, and community projects to find funding through public support. It holds a strong market position in Estonia with a significant number of successfully funded projects and a large supporter base. The platform offers project discovery, community engagement, and crowdfunding services primarily targeting individuals and organizations within Estonia. Technically, the website is built on Drupal 7, utilizing common web technologies such as jQuery, Google Analytics, Facebook Pixel, and Google Maps API. The site demonstrates moderate performance and basic mobile optimization. Security-wise, HTTPS is enforced, and basic input validation is implemented; however, the absence of security headers and cookie consent mechanisms indicates room for improvement in security posture and privacy compliance. Overall, the website is professional, trustworthy, and content-rich, but it would benefit from enhanced security practices and GDPR compliance measures.

P

Proekspert

proekspert.ee

65

Proekspert is an established technology company founded in 2005, specializing in full-cycle software services for device and machine manufacturers. Their offerings include smart product development, device-to-cloud connectivity, and digital services, positioning them as a key player in digital business transformation within the technology sector. The company targets B2B clients, particularly manufacturers seeking to enhance their products with software and connectivity solutions. Technically, the website is built on WordPress with multilingual support, leveraging modern tools such as Google Analytics, Google Tag Manager, and Cookiebot for analytics and privacy compliance. The site demonstrates good design quality, mobile optimization, and SEO practices, although accessibility features are basic. Security-wise, the site enforces HTTPS, uses clientTransferProhibited domain status, and implements cookie consent mechanisms, but lacks DNSSEC and explicit security headers. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website reflects a mature digital presence with room for improvement in security policies and contact transparency.

H

Hotel Telegraaf

telegraafhotel.com

55

Hotel Telegraaf is a luxury 5-star hotel located in Tallinn’s Old Town, operating under the Marriott Autograph Collection brand. The hotel offers upscale accommodation, spa services, fine dining at Restaurant Tchaikovsky, and event hosting facilities. It targets luxury travelers and business guests seeking premium hospitality experiences. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern libraries and SEO best practices, supported by Google Analytics and cookie consent mechanisms ensuring GDPR compliance. Security posture is strong with HTTPS and no visible vulnerabilities, though security headers could be improved. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and registration transparency, which impacts overall business credibility. Strategic verification of domain registration is recommended to reinforce trust. Overall, the site demonstrates a solid business and technical foundation with room for security and compliance enhancements.

B

Brightway.ro

brightway.ro

46

Brightway.ro is a Romanian company specializing in professional and personal development training, coaching, consulting, recruitment, and team building services. Established since 2004, it offers a broad portfolio of courses and programs aimed at individuals and organizations seeking to enhance leadership, sales, technical skills, and organizational culture. The company leverages expert trainers and innovative methodologies to deliver value and growth opportunities to its clients. The website reflects a mature digital presence with comprehensive content, client testimonials, and multiple service offerings.

Universal Industries is a manufacturing and product development company based in Estonia, offering comprehensive services from product analysis and design to final manufacturing. The company positions itself as a competent partner with a global client base, leveraging modern technologies and years of expertise. The website is built on the Weebly platform and uses common web technologies including jQuery and Google Analytics. While the site is accessible and provides relevant business information, it lacks critical privacy and security documentation such as privacy policies and cookie consent mechanisms. The security posture is moderate, with HTTPS enabled but using an outdated jQuery version and missing security headers. Overall, the website presents a professional image but would benefit from enhanced security and privacy compliance measures.

Liewenthal Electronics Ltd. is a small Estonian engineering and R&D company specializing in embedded systems, electronics, and software design. With over 15 years of experience, the company serves diverse sectors including telecom, medical, industrial, aerospace, and consumer electronics. Their website reflects a professional B2B service provider with a clear portfolio of key services such as system design, software and electronics design, FPGA/PLD design, testing, and small volume production. The company holds ISO 9001 certification and is recognized as an AMD Adaptive Computing Partner, enhancing its market credibility. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Slider Revolution, and uses Google Analytics and Tag Manager for analytics. The site is mobile optimized and has good SEO practices, though performance is moderate. Cookie consent is implemented via Cookiebot, but a domain authorization error is present, indicating a configuration issue. No WAF or blocking mechanisms were detected, and the site uses HTTPS with good SSL configuration. Security posture is moderate; HTTPS is enforced but lacks explicit security headers and dedicated security or incident response policies. No vulnerability disclosure or security.txt files were found. Privacy compliance is basic with a privacy policy present but no strong GDPR compliance indicators. Contact information is clearly provided, supporting business credibility. Overall, the website is trustworthy and professional but could improve security practices and privacy compliance. Strategic recommendations include fixing Cookiebot errors, adding security headers, publishing security and incident response policies, and implementing vulnerability disclosure mechanisms.

T

tõlkebüroo Interlex

interlex.ee

52

Tõlkebüroo Interlex is a well-established Estonian translation bureau founded in 2010, offering a wide range of professional translation and interpreting services including written, oral, AI-assisted, and sworn translations. The company holds internationally recognized certifications ISO 17100 and ISO 18587, underscoring its commitment to quality and industry standards. Their market position is strong within Estonia and internationally, supported by a diverse client base and subsidiary operations such as Dussan OÜ specializing in sworn interpreting. The website reflects a mature digital presence with multilingual support, professional design, and comprehensive service descriptions.

E

Europanel

europanel.com

61

Europanel is a collaborative international consumer panel business that integrates multiple leading household purchase panels worldwide to provide deep shopper insights and support brand growth strategies. The website reflects a mature, well-established business with a strong partner ecosystem including Kantar, YouGov, Ipsos, and others. Technically, the site is built on WordPress with modern web technologies and is hosted on Azure DNS infrastructure. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS and reCaptcha protections, but lacks advanced security headers and explicit privacy and cookie policies. Overall, the domain registration data supports the legitimacy and maturity of the business. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving security headers to strengthen trust and compliance.

E

Eesti Rahva Muuseum

erm.ee

48

Eesti Rahva Muuseum (ERM) is a prominent national museum in Estonia dedicated to preserving and showcasing Estonian ethnography, culture, and history. Operated under the Estonian Ministry of Education and Research, ERM offers a wide range of exhibitions, educational programs, events, and visitor services including a restaurant and retail shop. The museum targets a broad audience including the general public, educators, researchers, and cultural enthusiasts, positioning itself as a leading cultural institution in Estonia. Technically, the website is built on Drupal CMS with modern web technologies such as jQuery, Bootstrap, and various JavaScript libraries for enhanced user experience. It integrates analytics and marketing tools like Google Analytics, Google Tag Manager, and Facebook Pixel, demonstrating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and employs Google reCAPTCHA on forms to prevent abuse. However, it lacks some security headers that could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is evident through a GDPR-compliant privacy policy, though a cookie consent mechanism is not clearly present. Overall, ERM's website reflects a professional, trustworthy, and well-maintained digital presence suitable for a government cultural institution. The domain registration aligns with the official entity, reinforcing legitimacy. Strategic improvements in security headers and cookie consent transparency could further strengthen the site's security and compliance posture.

B

BLRT Grupp

blrt.ee

64

BLRT Grupp is a leading industrial holding company in the Baltic Sea region, managing over 50 subsidiaries across multiple countries including Estonia, Latvia, Lithuania, Poland, Ukraine, Finland, and Norway. The company operates in diverse sectors such as shipbuilding, ship repair, manufacturing of high-tech equipment, metal processing, mechanical engineering, transport services, equipment rental, port and stevedoring services, industrial and medical gas production, casting production, and real estate development. Their market position as the largest industrial holding in the Baltics is supported by a broad portfolio and extensive regional presence. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery, Swiper.js, and Fancybox, and integrates Google Tag Manager and Google Analytics for marketing and analytics purposes. The site is hosted with Cloudflare DNS and uses HTTPS with good SSL configuration, providing a secure browsing experience. Mobile optimization and SEO practices are implemented at a good level, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA v3 to protect forms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no published security or incident response policies are found. Cookie consent mechanisms are in place, indicating GDPR compliance, but more comprehensive privacy and security documentation could enhance trust. Overall, the website reflects a professional and credible industrial business with a solid digital presence. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic improvements in security policy transparency and enhanced security headers are recommended to strengthen the security posture and compliance.

S

Signi

signi.com

71

Signi is a technology company specializing in digital signing and workflow solutions, targeting business and professional users. The website is built on WordPress and employs modern web technologies including Google Analytics, LinkedIn Insight, and Cookiebot for privacy compliance. The site is well-structured, mobile-optimized, and uses HTTPS with Cloudflare DNS services. Security measures include reCAPTCHA for bot protection and a cookie consent mechanism, though explicit privacy policy and terms of service pages are not detected in the scanned content. The domain is long-established since 2000, registered with a reputable registrar, and shows no suspicious patterns. Overall, the website demonstrates a moderate to good level of digital maturity and security posture.

C

Cesta domů, z.ú.

cestadomu.cz

55

Cesta domů, z.ú. is a Czech non-profit organization providing specialized home hospice and palliative care services to terminally ill patients and their families primarily in Prague. Established in 2001, it operates a multidisciplinary team offering medical, social, and psychosocial support, alongside educational and awareness programs to improve end-of-life care. The organization is funded through donations, grants, and income from its own activities, maintaining a strong community presence and transparent operations. The website reflects a mature digital presence with good content quality, clear navigation, and mobile optimization, supporting its mission effectively. Technically, the site runs on Drupal 7 with modern JavaScript libraries and integrates video content and analytics tools. Security posture is moderate, with HTTPS enforced and cookie consent implemented, but the use of an older CMS version and lack of some security headers suggest areas for improvement. WHOIS data is unavailable, limiting domain legitimacy verification, but the website content and business information align with a credible healthcare non-profit. Overall, the site is professional and trustworthy, serving a critical healthcare niche with room for technical and security enhancements.

P

Patron dětí

patrondeti.cz

47

Patron dětí is a Czech non-profit organization established in 2017, dedicated to supporting children who have faced adversity. The website serves as a platform to share stories of these children and connect donors and volunteers willing to help. The organization positions itself as a trusted charity within the Czech Republic, leveraging modern web technologies such as Nuxt.js and Vue.js to provide a responsive and user-friendly experience. The site integrates standard analytics and marketing tools including Google Analytics, Facebook Pixel, and Hotjar, while maintaining GDPR compliance through cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response procedures are not publicly disclosed. Overall, the website demonstrates a good balance of professional design, technical implementation, and privacy compliance, supporting its mission effectively.

C

Czechitas z.ú.

shop-czechitas.cz

55

Czechitas z.ú. operates a pilot mini e-commerce shop offering branded merchandise and vouchers to support its mission of empowering women and children in the Czech Republic to explore IT. The website is professionally designed, mobile-optimized, and built on the Shoptet platform, integrating standard analytics and marketing tools such as Google Analytics and Facebook Pixel. Contact information and social media presence are clearly provided, enhancing trust and engagement. Technically, the site uses HTTPS with CSRF protection on forms and a cookie consent mechanism, reflecting a good security posture. However, the absence of WHOIS data limits domain legitimacy verification, and security headers are not explicitly detected, suggesting room for improvement. No explicit security policies or incident response contacts are published. Overall, the website demonstrates a solid foundation in content quality, privacy compliance, and business credibility, but would benefit from enhanced transparency in domain registration and security practices. The risk level is moderate with no critical vulnerabilities detected, but verification of domain registration details is recommended to strengthen trust.

4

42 Abu Dhabi

42abudhabi.ae

57

42 Abu Dhabi is a tuition-free coding school based in Abu Dhabi, UAE, operating as part of the global 42 Network. The school emphasizes peer-to-peer learning and project-based education, targeting aspiring coders aged 18 and above. The website reflects a professional and consistent brand image, with clear navigation and good content quality. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools. Security posture is solid with HTTPS and anti-clickjacking measures, though lacks some security headers and explicit privacy policies. The domain registration is consistent with the business location and purpose, enhancing trustworthiness. Overall, the website is well-positioned in the education sector with a strong market presence but should improve privacy compliance and security headers to enhance user trust and regulatory adherence.

4

42 Prague

42prague.cz

64

42 Prague is a tuition-free coding institute that offers innovative, peer-to-peer software engineering education as part of the global 42 Network. The website reflects a strong market position within the education and technology sectors, targeting aspiring coders worldwide with a unique, gamified, and project-based learning model. Technically, the site employs modern analytics and marketing tools, including Google Tag Manager, TikTok Pixel, and Hotjar, with a cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

S

Stop Parkinson vzw

stopparkinson.be

47

Stop Parkinson vzw is a Belgian non-profit organization dedicated to raising awareness and funds for Parkinson's disease research. The website serves as a platform to inform the public, engage donors, and promote fundraising events such as Peloton Parkinson and Trappenloop. The organization targets individuals, companies, and communities interested in supporting Parkinson's research. Technically, the website is built on WordPress using the Divi theme, integrated with Gravity Forms for data collection, and employs modern analytics and tracking tools including Google Analytics and Facebook Pixel. The site is hosted by Combell nv, a reputable provider, and uses HTTPS to secure communications. Security posture is generally good with no visible vulnerabilities, but lacks explicit security headers and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the website is professional and trustworthy, with a solid business model focused on community engagement and fundraising.

B

Bazzacco Srl

bazzacco.net

58

Bazzacco Srl is an Italian technology company specializing in digital solutions, software management systems, and digital marketing services tailored primarily for SMEs, bookstores, and stationery shops. Their product portfolio includes proprietary software such as Lybro and 3Click, alongside services like web design, digital signage, and brand identity development. The company maintains a professional online presence with clear contact channels and active social media engagement, positioning itself as a reliable regional player in the digital transformation sector for retail and small business clients. Technically, the website is built on WordPress using Elementor and related plugins, integrating modern web technologies including Google Tag Manager, Google Analytics, and Google reCAPTCHA for security and analytics. The site is mobile-optimized, SEO-friendly, and exhibits good performance metrics. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response policies are not evident. The WHOIS data is unavailable due to EURid privacy policies, which is common for European domains, but the website content and business information are consistent and professional, supporting legitimacy. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site demonstrates a mature digital infrastructure and business credibility suitable for its market segment. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and conducting regular security audits to maintain resilience. Continued focus on accessibility improvements and transparency will further strengthen trust and compliance.

L

Leadaki

leadaki.com

67

Leadaki is a specialized digital marketing agency focusing on full funnel strategies leveraging data-driven marketing techniques. The company holds reputable certifications such as Google Premier Partner and Google Marketing Platform, positioning itself as a trusted player in the Argentine and broader Spanish-speaking digital marketing landscape. Their service offerings include performance campaigns, brand campaigns, programmatic buying, e-commerce marketing, and marketing automation through Cliengo. Technically, the website employs a modern tech stack with multiple analytics and marketing tools integrated, including Google Analytics, TikTok Analytics, Facebook Pixel, Hotjar, and VWO, indicating a mature digital infrastructure. The site is mobile-optimized and uses service workers for PWA capabilities, though accessibility features are basic. Security posture is strong with HTTPS and no exposed sensitive data, but lacks some security headers and formal policies. The absence of WHOIS data raises concerns about domain legitimacy, though the website content and certifications suggest a legitimate business. Privacy and cookie policies are missing, which impacts compliance. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and domain registration transparency.

N

Nyrstar

nyrstar.com

59

Nyrstar is a well-established company specializing in the manufacturing and processing of zinc, lead, and other metals with a strong commitment to sustainability. The website presents a professional and comprehensive overview of their operations, products, and corporate responsibility initiatives, targeting industrial customers and partners in the metals and mining sectors. The company positions itself as a leading player with over 150 years of history, although domain registration data is not available to confirm this age. Technically, the website uses modern JavaScript frameworks such as Alpine.js and integrates analytics and tracking tools like Google Analytics and Hotjar. The presence of a cookie consent banner indicates some level of privacy compliance, but explicit privacy and terms of service policies are not found in the provided content. Security posture appears adequate with HTTPS usage and CSRF protections, but lacks visible security headers and incident response information. Overall, the website is functional and professional but would benefit from improved transparency in domain registration, privacy policies, and contact information to enhance trust and compliance.

V

Visualead Ltd.

visualead.com

56

Visualead Ltd. operates a specialized online platform offering visual QR code generation services aimed at businesses and marketers seeking enhanced engagement through branded and mobile-optimized QR codes. The company positions itself as a medium-sized technology firm with a global client base including major brands, providing a SaaS model with campaign management and analytics capabilities. The website is professionally designed with good content quality, clear navigation, and mobile optimization, supporting a positive user experience. Technically, the site employs modern JavaScript libraries and tracking tools, with HTTPS enforced and secure form handling, though some security headers are missing. Privacy compliance is partially addressed with clear privacy and terms of use pages, but lacks a cookie consent mechanism. The absence of WHOIS data for the domain is a notable concern, potentially indicating registration or privacy issues, but the active and consistent web presence mitigates some trust concerns. Overall, the site demonstrates a solid digital maturity with room for improvement in security transparency and privacy practices.

S

Souboj Kuchařů

soubojkucharu.cz

51

Souboj Kuchařů is a Czech gastronomy event website promoting the 6th edition of a chef competition featuring notable chefs Igor Chramec and Lukáš Hlaváček. The site targets Czech-speaking gastronomy enthusiasts and event attendees, offering information about the event and its culinary experience. Technically, the website is built on the Wix platform, utilizing Wix's standard scripts and Google Analytics for tracking. The site is mobile optimized and uses HTTPS with good SSL configuration, but lacks advanced security headers and visible privacy or cookie policies. No contact information or WHOIS data is available, which limits trust and transparency. Overall, the website presents a professional event promotion but requires improvements in privacy compliance and security best practices.

The website www.czesha.cz represents the Union of School Associations of the Czech Republic (CZESHA), a non-profit organization focused on educational advocacy and coordination among school associations. The site provides meeting resolutions, policy documents, and information relevant to educational stakeholders in the Czech Republic. The business model centers on member representation and policy influence rather than commercial activities. Technically, the website uses a traditional tech stack including jQuery 1.10.2, Bootstrap, Google Fonts, and Google Analytics. The site is mobile responsive and moderately performant but uses an outdated jQuery version which could pose security risks. The site lacks modern CMS indicators and does not expose hosting provider details. From a security perspective, the site enforces HTTPS and uses secure form submission for login. However, it lacks important security headers and does not provide privacy or cookie policies, indicating compliance gaps with GDPR and related regulations. No WHOIS data is available, which reduces domain trustworthiness and transparency. Overall, the site is functional and professionally presented but requires improvements in privacy compliance, security headers, and domain registration transparency to enhance trust and security posture.

T

TVAR, výrobní družstvo Klatovy

tvar-kt.cz

50

TVAR, výrobní družstvo Klatovy, is a Czech manufacturing company specializing in furniture production primarily for educational institutions such as kindergartens and primary schools, as well as offices, hotels, and other commercial spaces. Established in 1951, the company has a long-standing market presence and offers a wide range of products including wooden chairs, tables, storage units, and specialized items like changing tables and plastic drawers from the English brand Gratnells. Their products are certified and regularly tested to meet safety and health standards. The company operates two manufacturing plants and employs nearly 60 skilled workers, providing both standard and custom furniture solutions.

M

Mikroskop-shop.cz

mikroskop-shop.cz

42

Mikroskop-shop.cz is a specialized Czech e-commerce retailer focused on microscopes and related accessories, serving schools, professionals, and hobbyists. The website offers a broad product range from reputable manufacturers, expert advice, and customer support, positioning itself as a trusted niche player with over 17 years of experience. Technically, the site uses a legacy CMS (SUPERCART 2.0.7) with older JavaScript libraries but integrates modern analytics and tracking tools. Security posture is generally good with HTTPS and cookie consent mechanisms, though some improvements like updated libraries and security headers are recommended. The absence of WHOIS data limits domain trust verification but the website content and business information appear legitimate and professional. Overall, the site provides a solid user experience with clear navigation, comprehensive product information, and compliance with privacy regulations.

2

2K CONSULTING s.r.o.

bezpecnaorganizace.eu

43

2K CONSULTING s.r.o. operates the Bezpečná organizace project, providing certification and comprehensive services in organizational safety, GDPR compliance, cybersecurity, occupational safety, fire protection, and archival services. The company targets educational institutions, healthcare and social facilities, firms, and non-profit organizations primarily in the Czech Republic. Their market position is that of a specialized provider with a strong partnership network and recognized certifications. Technically, the website employs modern frameworks such as Bootstrap and jQuery, integrates Google Analytics and reCAPTCHA, and is hosted by a reputable provider. Security posture is solid with HTTPS and anti-bot measures, though security headers and incident response details could be improved. Privacy compliance is present but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-structured, supporting the company’s credibility and business goals.

N

NetDirect

shopcentrik.cz

69

NetDirect is a Czech Republic-based technology company specializing in custom e-commerce solutions, with over 23 years of experience. The company has established itself as a leader in the Czech market, having developed major e-shops such as Alza.cz and Notino.cz. Their business model focuses on B2B services including custom e-shop development, B2B portals, IT outsourcing, and online marketing. The website reflects a mature digital presence with professional design and clear service offerings. Technically, the website leverages modern web technologies including Angular framework, Google Fonts, Google Tag Manager, and Facebook SDK. The site is mobile optimized and performs moderately well, though accessibility features could be improved. Security posture is generally good with HTTPS enforced and secure form implementations, but lacks some security headers and explicit security policies. From a security perspective, the absence of WHOIS data and lack of explicit privacy and security policies are notable gaps. The site uses multiple third-party analytics and marketing tools, indicating moderate user tracking. Cookie consent mechanisms are implemented, supporting GDPR compliance to some extent. Overall, the site is trustworthy but would benefit from enhanced transparency and security disclosures. Strategic recommendations include implementing comprehensive privacy and security policies, adding security headers, publishing incident response contacts, and improving accessibility. These steps will enhance trust, compliance, and security posture, supporting NetDirect's market leadership and digital maturity.

N

Nakladatelství Fraus, s.r.o.

fraus.cz

64

Nakladatelství Fraus, s.r.o. is a well-established Czech educational publisher with over 34 years of experience, specializing in printed and digital educational materials for primary, secondary, and language schools. The company holds a strong market position supported by European awards and a comprehensive portfolio including textbooks, digital publications, online exercises, and professional development services for educators. Their target audience includes schools, teachers, parents, and students within the Czech Republic. Technically, the website employs modern JavaScript frameworks, Google Analytics, and Google Tag Manager, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and consent management implemented, though explicit security headers and incident response information are lacking. Overall, the site presents a professional, trustworthy, and user-friendly experience, though the absence of WHOIS data slightly reduces domain trustworthiness. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms.

T

Terasa U Zlaté studně

terasauzlatestudne.cz

45

Terasa U Zlaté studně is a well-established fine dining restaurant located in Prague, Czech Republic, founded in 2004. The business offers a premium hospitality experience featuring a rooftop terrace with panoramic views, a variety of menus including à la carte and degustation, private dining options, and event hosting services. The website reflects a professional and consistent brand image targeting local and tourist diners seeking high-quality culinary experiences. The business model includes direct reservations and an e-shop for gift vouchers, indicating diversified revenue streams. The restaurant maintains partnerships with luxury hotels and other restaurants, enhancing its market position. Technically, the website employs a modern tech stack including jQuery, Fancybox, Google Fonts, and integrates Google Analytics and Sentry for monitoring. The site is hosted likely by WEDOS, consistent with the domain registrar data. The website is mobile-optimized with good SEO practices and moderate performance. Cookie consent is implemented with granular user controls, reflecting awareness of privacy compliance requirements, although no explicit privacy policy or terms of service pages were found. From a security perspective, the site enforces HTTPS and uses error monitoring tools but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The site uses tracking and retargeting services with user consent mechanisms in place, indicating moderate user tracking levels. Overall, the security posture is good but could be improved with additional headers and formal policies. The overall risk assessment is moderate with no critical issues detected. Strategic recommendations include publishing a privacy policy and terms of service, implementing security headers, and establishing a vulnerability disclosure or incident response policy to enhance trust and compliance. The website quality and business credibility are high, supporting the restaurant's premium market positioning.

Golden Well Hotel is a luxury boutique hotel located in central Prague, near Prague Castle. The website presents a professional and visually appealing platform offering detailed information about rooms, suites, dining, facilities, and special offers. The site integrates a booking engine powered by TravelClick, allowing users to make reservations directly. The technical infrastructure includes modern web technologies, analytics, and cookie consent mechanisms, reflecting a mature digital presence. Security posture is good with HTTPS and Content Security Policy headers, though additional security headers could enhance protection. The absence of WHOIS data and explicit privacy and security policies slightly reduce trust and compliance confidence. Overall, the website is well-positioned in the hospitality market, targeting luxury travelers seeking premium accommodation in Prague.

A

Azara, s.r.o.

azara.sk

54

Azara, s.r.o. is a Slovakian software company specializing in custom software solutions, including information systems, integration, and automation. The company emphasizes agile development methodologies and uses modern frameworks to deliver high-value products. Their target audience includes businesses seeking tailored IT solutions. The website is built on WordPress with a professional design and good SEO practices, featuring client logos and detailed contact information. Technical infrastructure includes popular plugins such as Yoast SEO, Contact Form 7, and Leaflet Maps Marker, with Google Analytics for user tracking. Security posture is solid with HTTPS enforced and cookie consent implemented, though some improvements are needed such as adding security headers and a privacy policy. Overall, the website reflects a credible and professional small technology company with a clear market focus.

M

Mapei

mapei.com

66

Mapei is a well-established enterprise specializing in adhesives, sealants, and chemical products for the building industry, boasting approximately 80 years of market presence. The website reflects a professional and comprehensive digital presence, targeting construction professionals and distributors globally. The company leverages a modern technical infrastructure including Sitefinity CMS, Google Tag Manager, and Cookiebot for privacy compliance. The site is well-optimized for mobile and accessibility, with clear navigation and rich content describing their products and services. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are lacking. The absence of WHOIS data introduces some uncertainty regarding domain registration transparency, but the overall website professionalism and content quality support the legitimacy of the business. Strategic improvements in security policy publication and contact information visibility would enhance trust and compliance.

E

EZARRI, S.A.

ezarri.com

54

Ezarri, S.A. is a specialized manufacturer of glass mosaic tiles serving markets including swimming pools, large projects, interior design, wellness, and spas. The company positions itself as a leader with over 30 years of international experience and offers a broad range of mosaic collections, custom designs, and technical resources for architects and designers. Their business model focuses on manufacturing with direct engagement through digital tools such as a mosaic configurator and calculator, supported by certifications like ISO 9001 and ISO 14021, underscoring quality and environmental responsibility. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, Matomo, and Google reCAPTCHA for security and analytics. The site is mobile-optimized with a professional design and good SEO practices. However, some security headers are not explicitly detected, and no CMS or hosting provider information is evident from the source. From a security perspective, the site uses HTTPS and implements reCAPTCHA on forms, which is positive. There is no exposed sensitive data or vulnerable libraries detected. The absence of explicit security policies or incident response contacts is noted. The missing WHOIS data for the domain is a concern for domain legitimacy verification, although the website content and certifications suggest a legitimate business. Overall, the website presents a professional and trustworthy front with good privacy compliance and user experience. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and verifying domain registration details to improve trust and compliance.

G

Grafoman

grafoman.be

55

Grafoman is a Belgian creative communication agency specializing in branding, web design, and online marketing services tailored to client needs. The company positions itself as a trusted partner for businesses seeking impactful branding and digital growth. The website reflects a professional and consistent brand image with clear service offerings and a strong regional presence. Technically, the site is built on WordPress with modern marketing and analytics integrations, demonstrating a good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could enhance protection. The domain WHOIS data is privacy protected, which is typical for small agencies and does not detract from the site's legitimacy. Overall, Grafoman presents a credible and trustworthy online presence with room for technical security improvements.

C

Concrete Sustainability Council

csc.eco

52

The Concrete Sustainability Council (CSC) operates a global certification system focused on responsibly sourced ready-mixed and precast concrete, promoting sustainability in the construction materials sector. The organization targets concrete producers, suppliers, and construction professionals, positioning itself as a key authority in sustainable concrete certification. The website is built on WordPress with modern technologies including Bootstrap and Google Maps integration, providing a professional and user-friendly experience. Security posture is adequate with HTTPS enabled and domain registration consistent with the business entity, though there are gaps in privacy compliance and vulnerability disclosure. Overall, the site is trustworthy and functional but would benefit from enhanced privacy and security transparency.

B

Bethere

bethere.be

45

Bethere is a small communication and digital services company based in Waregem, Belgium, founded in 2006. The company specializes in branding, website and webshop design, and marketing services targeted primarily at local businesses and organizations. Their website reflects a professional and consistent brand image with a focus on clear communication and client references. Technically, the site is built on WordPress using modern frameworks like Bootstrap and integrates Google Analytics and reCAPTCHA for analytics and security. The site is mobile optimized and provides a user-friendly experience with clear navigation. Security posture is good with HTTPS enforced and spam protection on forms, though there is room for improvement in security headers and published policies. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms. Overall, the domain registration data supports the legitimacy and trustworthiness of the business. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility.

K

Kindful

kindful.com

58

Kindful is a specialized SaaS platform focused on providing nonprofit organizations with fundraising tools, donor management, and communication solutions. It operates as a product under the parent company Bloomerang, targeting nonprofits seeking to enhance their fundraising capabilities through integrated technology. The website demonstrates a strong market position with comprehensive content, clear branding, and a consistent message tailored to nonprofit professionals. Technically, the site is built on WordPress with a modern technology stack including multiple marketing and analytics integrations such as Google Analytics, Hotjar, Marketo, and Facebook Pixel. Hosting and DNS services are managed via Cloudflare, ensuring robust performance and security. The site is well-optimized for SEO and mobile responsiveness, providing an excellent user experience. From a security perspective, the website enforces HTTPS and employs domain transfer protections. However, DNSSEC is not enabled, and there is no explicit cookie consent mechanism visible, which could be improved for better privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms a legitimate and consistent domain registration aligned with the business claims. Overall, Kindful presents a professional, trustworthy, and technically sound online presence with minor areas for improvement in privacy compliance and security policy transparency.

T

The People's Music School

peoplesmusicschool.org

53

The People's Music School is a well-established non-profit organization founded in 2000, providing completely free music education to children in the Chicago metropolitan area. The website reflects a focused mission on accessible music education with a clear target audience of children and families in Chicago. The organization positions itself uniquely as the only tuition-free music school in the region, offering a variety of programs including lessons, ensembles, music theory, and leadership mentorship. The website is professionally designed using WordPress with modern tools such as Elementor and Astra theme, and integrates analytics and marketing tools like Google Analytics and Mailchimp. Social media presence on Facebook and Twitter supports community engagement. From a technical perspective, the site is moderately performant, mobile-optimized, and SEO-friendly with structured data and meta tags implemented effectively. Security posture is adequate with HTTPS enabled and domain registration consistent with the organization's identity; however, there is room for improvement in DNS security and HTTP security headers. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

S

San Francisco Public Press

sfpublicpress.org

61

San Francisco Public Press is an independent nonprofit media organization focused on providing in-depth local news coverage for the San Francisco Bay Area. Their offerings include investigative journalism, special reports, podcasts, and radio broadcasts. The organization targets local residents interested in civic and community issues and operates primarily through donations and grants. The website is built on WordPress with a modern tech stack including Yoast SEO and Google Analytics, reflecting a moderate to good level of digital maturity. The site is mobile-optimized and provides a professional user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit policies are missing. Privacy compliance is basic, lacking a cookie consent mechanism and detailed GDPR indicators. WHOIS data is incomplete, which slightly reduces domain trustworthiness, but the website content and branding are consistent and professional. Overall, the site presents a trustworthy and credible nonprofit media presence with room for improvement in privacy and security transparency.