Security Directory

O

Oxalis scop

oxalis-scop.org

42

Oxalis SCOP is a French cooperative business supporting entrepreneurs by providing administrative, financial, and social assistance to help them develop their activities in a secure and collective environment. The cooperative has a strong market position with over 20 years of experience and a diverse membership of 150 métiers. The website reflects a professional and consistent brand image with clear business information and testimonials that enhance trust. Technically, the website is built on Joomla! CMS and uses a combination of JavaScript libraries including MooTools and an older version of jQuery. It integrates privacy-conscious analytics tools such as Matomo and Plausible. The site is moderately optimized for performance and mobile use, with good SEO practices but lacks some modern security headers and cookie consent mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data, but the absence of security headers and outdated libraries present moderate risks. The missing WHOIS data reduces transparency and trust slightly, though the overall business credibility remains high based on the website content and contact information. Overall, the website is functional, professional, and trustworthy with room for improvement in security hardening and privacy compliance to better align with best practices and regulatory requirements.

W

WS Interactive

ws-interactive.net

59

WS Interactive is a small, established web agency based in Toulouse, France, with 25 years of experience providing tailored web development, mobile app creation, SEO, UX/UI design, and digital marketing services. The company targets businesses seeking professional digital solutions and positions itself as a high-quality service provider in the local market. Technically, the website is built on WordPress with modern JavaScript libraries and includes analytics and optimization tools, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses CAPTCHA on contact forms, and implements cookie consent with Google Consent Mode, but lacks explicit security policies and incident response information. The absence of WHOIS domain registration data reduces trust in domain legitimacy, though the website content and branding are professional and consistent. Overall, the site scores well on content quality, technical implementation, and security posture, with room for improvement in business credibility and transparency.

R

Robin Labadie

lrob.net

59

Robin Labadie operates a specialized French web hosting service focused on WordPress users, emphasizing professional, fast, secure, and ecological hosting solutions. The company targets web professionals, agencies, and WordPress site owners, offering a comprehensive suite of services including domain registration, server management with Plesk, security audits, and webmastering. The website reflects a small but professional business with a clear market niche in the French hosting industry. Technically, the site is built on WordPress with modern plugins and technologies, delivering good performance and mobile optimization. Security posture is strong with HTTPS, cookie consent, and active monitoring, though some security headers and explicit policies could be improved. Privacy compliance is good with GDPR cookie consent and use of privacy-friendly analytics (Matomo). WHOIS data is privacy protected but consistent with the business profile. Overall, the site is trustworthy, professional, and well-positioned in its market segment.

V

Viveris

viveris.fr

68

Viveris is a French IT engineering group specializing in embedded systems, digital transformation, and cybersecurity services. The company operates across multiple cities in France, Belgium, and Morocco, offering a broad portfolio including projects, training, and consulting. Their market position is that of a medium-sized, established technology service provider with a focus on innovation and simplification of IT solutions for enterprises. Technically, the website is built on WordPress with modern JavaScript libraries and analytics tools, showing a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though additional security headers and incident response information could enhance their stance. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, though the absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy.

H

Hochschule Darmstadt

h-da.de

10

Hochschule Darmstadt (h_da) is a well-established German university of applied sciences focused on education, research, and transfer in technology, society, and art. The website serves as a comprehensive portal for students, staff, and partners, offering detailed information about academic programs, research initiatives, campus development, and services. The institution maintains a strong regional and international presence, including partnerships such as the European University of Technology (EUT+). Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine understanding. Performance is moderate, with modern web technologies and responsive design. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and formal security policies such as vulnerability disclosure or incident response contacts. Privacy compliance is partial, with no explicit privacy or cookie policies detected on the main page. The WHOIS data is minimal but consistent with the institution's identity, supporting legitimacy. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in privacy transparency and security policy publication would enhance compliance and user trust.

M

Musée national et domaine du château de Pau

chateau-pau.fr

56

The Château de Pau website represents the official digital presence of the Musée national et domaine du château de Pau, a French national museum under the Ministry of Culture. The site offers comprehensive information about the museum's history, collections, exhibitions, events, and visitor services, targeting a broad audience including tourists, educators, researchers, and cultural professionals. The business model is government-funded, focusing on cultural preservation and public education. The museum maintains a strong market position as a recognized heritage site with partnerships with national cultural organizations.

The website www.paujeunes.fr serves as an official local government platform dedicated to supporting youth in Pau, France. It provides comprehensive information and resources related to education, employment, social engagement, and local aids for young people. The platform is well-branded with consistent city imagery and messaging, targeting students and young adults in the region. Technically, the site is built on Drupal 10 and integrates Matomo analytics with user consent mechanisms, reflecting a moderate level of digital maturity. The site is mobile-optimized and accessible, with good navigation and content relevance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some advanced security headers and explicit security policies. The absence of WHOIS data is a notable gap but does not detract significantly from the site's legitimacy given its official branding and content. Overall, the platform is a trustworthy and valuable resource for its intended audience.

S

Site officiel de la Ville de Tarbes

tarbes.fr

48

The website www.tarbes.fr serves as the official digital portal for the city of Tarbes, France, providing residents and visitors with comprehensive information about municipal services, news, urban planning, social programs, and cultural activities. The site is positioned as a key communication channel for the local government, offering a broad range of public service information and administrative resources. The target audience primarily includes local citizens, businesses, and visitors seeking official city information. Technically, the website is built on the WordPress CMS platform, utilizing popular plugins such as Yoast SEO for search engine optimization and Matomo for analytics, alongside Google Analytics which is disabled by default pending user consent. The site incorporates modern web technologies including jQuery, FontAwesome, and Leaflet for interactive maps. Mobile optimization and navigation clarity are well addressed, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR principles. However, the absence of a published privacy policy, terms of service, and incident response contact information represents gaps in compliance and transparency. The WHOIS data is unavailable, which slightly reduces trustworthiness but does not detract significantly given the official nature and branding of the site. Overall, the website demonstrates a solid foundation in content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and security best practices. Strategic recommendations include publishing comprehensive privacy and terms documents, enhancing security headers, and establishing clear incident response channels to strengthen trust and compliance.

Pau Agglomération operates an official government website serving the city of Pau and its surrounding agglomeration in France. The site provides comprehensive information on daily life, urban planning, social services, culture, environment, and more, targeting residents and visitors. It is positioned as a key local government communication and service platform. Technically, the website is built on Drupal 10, employs Matomo for analytics, and uses modern web technologies ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with privacy and cookie policies and consent mechanisms. However, explicit contact emails and phone numbers are not directly visible, and no terms of service or vulnerability disclosure pages were found. Overall, the website is professional, trustworthy, and well-maintained, reflecting a mature digital presence for a government entity.

V

Ville de Lyon

lyon.fr

69

The website www.lyon.fr is the official digital portal for the City of Lyon, France, providing comprehensive information on administrative procedures, cultural events, practical life, and urban projects. It serves residents and visitors with a well-structured, content-rich platform that reflects the city's public service mission. The site leverages Drupal 9 CMS and employs privacy-focused analytics (Matomo) with a robust cookie consent mechanism, demonstrating a strong commitment to user privacy and GDPR compliance. Technically, the site is modern, mobile-optimized, and accessible, though it could benefit from enhanced security headers and a published security policy. The WHOIS data confirms the domain's legitimacy and consistency with the municipal identity. Overall, the site presents a high level of professionalism, trustworthiness, and compliance, suitable for a large government entity.

M

Métropole de Lyon

grandlyon.com

68

The Métropole de Lyon website serves as the official digital presence of the metropolitan government authority for Lyon, France. It provides comprehensive information and services to residents and professionals across 58 communes and a population of 1.4 million. The site focuses on public services such as waste management, housing, transportation, citizen engagement, and economic development, positioning itself as a key regional government resource. The website is well-branded, professionally designed, and consistent with government standards, targeting a broad audience within the metropolitan area. Technically, the site is built on TYPO3 CMS with modern front-end technologies including Bootstrap 5 and Popper.js, ensuring responsive design and good accessibility. It employs privacy-respecting analytics via Matomo and uses a robust cookie consent management system (Tarteaucitron.js), reflecting a mature digital infrastructure with strong privacy compliance. The site is performant with good SEO and accessibility features. From a security perspective, HTTPS is enforced, and privacy best practices are observed, including cookie consent and minimal tracking. However, the absence of visible security headers and a published security policy or incident response contact suggests room for improvement in security transparency and defense-in-depth. No vulnerabilities or suspicious content were detected. Overall, the website is a trustworthy, professional government portal with excellent content quality and privacy compliance. The lack of WHOIS data is a minor concern but likely due to querying limitations or privacy protection. Strategic recommendations include enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure channel to further strengthen trust and security posture.

W

Windcoop SCIC SA

wind.coop

52

Windcoop SCIC SA is a French maritime cooperative based in Lorient specializing in low-carbon cargo transport using sail-powered container ships. The company operates an innovative business model focused on sustainability and cooperative ownership, targeting individuals, businesses, and communities interested in ethical and ecological maritime transport. Their flagship project is a 90-meter sail cargo ship designed to reduce CO2 emissions by 60% compared to conventional vessels, with operations planned between Marseille and Madagascar starting in 2027. The website reflects a professional and modern digital presence built on WordPress, featuring comprehensive content, multimedia, and clear calls to action for investment and membership. Technical infrastructure includes Matomo analytics and Google Tag Manager, with a strong emphasis on privacy and cookie consent compliance. Security posture is good with HTTPS and domain transfer protections, though improvements such as DNSSEC and explicit security policies are recommended. Overall, Windcoop presents a credible, transparent, and innovative player in the sustainable transportation sector.

Mobicoop.fr is a French-based free and commission-free carpooling platform established in 2017. The website offers a service aimed at facilitating daily and occasional ride sharing as a common good, targeting a general audience interested in sustainable and economical transportation options. The platform positions itself as a niche player in the transportation sector, emphasizing openness and community values. Technically, the website is hosted by OVH and uses HTTPS with a moderate performance profile. It employs Matomo analytics with a consent-based tracking mechanism, reflecting a privacy-conscious approach. The site uses modern web fonts and icons but does not appear to rely on a major CMS or framework. Mobile optimization and SEO are adequately addressed, though accessibility features are basic. From a security perspective, the site benefits from HTTPS and respects user consent for analytics. However, it lacks explicit security headers and formal security policies such as a privacy policy, terms of service, or vulnerability disclosure. No contact information or incident response channels are clearly provided, which could be improved to enhance trust and compliance. Overall, Mobicoop.fr presents a trustworthy and professional online presence for its business model but would benefit from enhanced transparency in privacy and security policies, as well as improved contact and incident response information to strengthen its security posture and compliance with regulations.

T

TeleCoop

telecoop.fr

51

TeleCoop is a French cooperative telecommunications operator founded in 2012, offering transparent, no-contract mobile plans with a strong focus on ecological and social responsibility. Positioned as the first cooperative telecom operator in France, it targets consumers who value sustainability and democratic governance in telecom services. The company provides a variety of mobile plans including options for children and teenagers, leveraging the 4G network of Orange, France's leading mobile network. TeleCoop emphasizes customer service based in France and promotes digital sobriety and ecological impact reduction among its subscribers. Technically, the website is built on the Kirby CMS platform and employs modern web technologies such as Matomo for analytics, Google Tag Manager, and Axeptio for cookie consent management. The site is well-optimized for mobile devices, fast loading, and accessible, with good SEO practices and structured data enhancing search engine visibility. Hosting and domain registration are managed by GANDI, a reputable registrar, with consistent WHOIS data supporting the legitimacy of the business. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers like Content-Security-Policy and does not publish a dedicated security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a comprehensive privacy policy and cookie management in place. The business credibility is reinforced by clear contact information, verified customer reviews, and social proof. Overall, TeleCoop presents a professional, trustworthy, and well-maintained online presence aligned with its cooperative and ecological mission. Strategic improvements could include publishing a security policy, adding security headers, and establishing a vulnerability disclosure channel to further enhance trust and security posture.

E

Enercoop

enercoop.fr

54

Enercoop is a French cooperative network providing 100% renewable electricity sourced from a broad network of citizen and local authority-owned production sites. The company positions itself as a key player in the energy transition with a cooperative and citizen-focused business model. Their services include electricity supply, energy efficiency consulting, and support for renewable energy producers. The website is professionally designed, mobile-optimized, and uses modern technologies including Prismic CMS, Matomo analytics, and Google Tag Manager. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit privacy and terms of service pages are not detected in the provided content. Overall, Enercoop demonstrates a mature digital presence aligned with its cooperative values and market positioning.

A

Aquitem & Aliénor.net

aquitem.fr

50

Aquitem & Aliénor.net is a French technology and retail-focused group with over 35 years of expertise in data services, digital marketing, and hosting solutions. The company operates under the parent Groupe FIDUCIAL and offers a range of services including data hosting, data visualization, loyalty program management, web digital strategy, and AI-powered marketing solutions. Their market position is that of an established medium-sized B2B service provider targeting retailers and businesses seeking advanced data and digital solutions. Technically, the website is built on WordPress with modern SEO and analytics tools, including Yoast SEO, Google Tag Manager, and Matomo. The site is mobile-optimized and uses hCaptcha for form security. Security posture is good with HTTPS and some best practices, but lacks explicit security headers and published security policies. WHOIS data is unavailable, likely due to privacy protection, which is reasonable for this business type. Overall, the website is professional and trustworthy, though it could improve compliance by publishing privacy and terms of service pages explicitly.

M

MaCarteFid'

macartefid.fr

56

MaCarteFid' by FIDUCIAL is a French-based SaaS provider specializing in customer loyalty solutions tailored for independent merchants. The company offers a 100% web-based platform that requires no hardware or software installation, making it accessible and easy to use. Positioned as an affordable and intuitive solution, it targets small retail businesses seeking to enhance customer retention. The website reflects a professional and consistent brand image, supported by client references and social media presence. Technically, the site is built on WordPress using the Enfold theme, integrating modern analytics tools like Matomo and Google Tag Manager, and employs hCaptcha for form security. The security posture is strong with HTTPS enforced and no critical vulnerabilities detected, although security headers could be improved. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the website demonstrates a mature digital presence with solid business credibility and security practices.

A

Aquitem & Aliénor.net

groupe-aquitem.fr

50

Aquitem & Aliénor.net is a French technology company specializing in data services, retail marketing, loyalty program management, AI-driven customer targeting, and digital agency services. With over 35 years of expertise and a medium-sized business profile, it serves retail and e-commerce clients primarily in France. The company is part of the FIDUCIAL Group and operates several subsidiaries and partner brands such as ZeFid’ and MyDataviz’. The website reflects a mature digital presence with professional content, consistent branding, and a clear focus on data-driven business solutions. Technically, the site is built on WordPress with modern plugins and analytics tools, offering good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and CAPTCHA protections, though there is room for improvement in publishing explicit security policies and incident response information. Privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the domain WHOIS data is privacy protected but consistent with a legitimate business entity. The website is safe, professional, and trustworthy, with no signs of malicious activity or content blocking.

W

wegewerk GmbH

wegewerk.com

65

wegewerk GmbH is a specialized communication agency based in Germany, focusing on campaigns and online communication for political and societal topics. Their key services include campaign management, web design, and social media strategies primarily targeting non-profit organizations, NGOs, associations, and political entities. The website demonstrates a professional and consistent brand presence with excellent content quality and user experience. Technically, the site is built on TYPO3 CMS with integrations of modern JavaScript libraries and analytics tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies are absent. The absence of WHOIS registration data is a notable anomaly that requires further verification to confirm domain legitimacy. Overall, the website is trustworthy, well-structured, and compliant with GDPR requirements.

L

Lutice

lutice.com

58

Lutice is a French technology company specializing in hosting and integrating BigBlueButton, a virtual classroom and web conferencing platform. Their services focus on providing secure, private, and fully managed dedicated server hosting for BigBlueButton, targeting small and medium businesses, educational institutions, and independent trainers primarily in France. The website is professionally designed using WordPress and Elementor, with a focus on French data privacy and local support. Technically, the site uses modern web technologies including Bootstrap and Matomo analytics, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks some security headers and explicit privacy and cookie policies, which are recommended for compliance and trust. The absence of WHOIS data for the domain is a concern, as it is inconsistent with the active and professional nature of the website, lowering the overall trust score. Strategic recommendations include publishing comprehensive privacy and cookie policies, adding security headers, and providing explicit contact and security incident response information to enhance trust and compliance.

R

Robin Labadie

lrob.fr

59

Robin Labadie operates a French web hosting service specializing in WordPress hosting with a strong emphasis on performance, security, ecological sustainability, and human support. The company targets French-speaking WordPress users, agencies, and businesses seeking premium hosting solutions with added value such as security audits, webmastering, and migration services. The website presents a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on WordPress with modern plugins and optimizations, delivering fast performance and good mobile responsiveness. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and policies could be improved. The absence of WHOIS data limits transparency but is justified by privacy protection for a small business. Overall, the site is trustworthy and well-positioned in its niche.

O

Oxalis scop

oxalis-scop.fr

42

Oxalis SCOP is a French cooperative of entrepreneurs providing a supportive framework for professionals to develop their activities with administrative, financial, and social assistance. The cooperative emphasizes collective and ethical entrepreneurship, targeting freelancers and small business owners. The website is built on Joomla CMS and integrates privacy-conscious analytics tools such as Matomo and Plausible. The technical infrastructure is moderate in performance with some outdated libraries that pose minor security risks. Security posture is generally good with HTTPS enforced but lacks some modern security headers and explicit cookie consent mechanisms. Business credibility is high with clear contact information, testimonials, and certifications like Qualiopi. Overall, the website is professional, trustworthy, and well-aligned with the cooperative's mission.

M

MéthaFrance

methafrance.fr

41

MéthaFrance operates as a national informational portal focused on methanisation, a renewable energy process in France. The website provides comprehensive educational content, event information, FAQs, and resources targeted at the general public, agricultural stakeholders, and energy sector participants. It positions itself as a leading resource in the French renewable gas sector. Technically, the site is built on Drupal 10 with Bootstrap for responsive design and uses privacy-conscious analytics (Matomo) and cookie consent management (tarteaucitron). Security posture is good with HTTPS and captcha protections, though explicit security headers and policies are lacking. The absence of WHOIS registrant data slightly reduces trust but does not detract significantly from the site's legitimacy. Contact is available via a webform but lacks direct email or phone contacts. Overall, the site is professional, informative, and well-structured, serving its educational mission effectively.

S

Énergies Renouvelables : le savoir-faire français à l'international - Accueil

savoirfairefrancais-enr.fr

45

The website www.savoirfairefrancais-enr.fr serves as an informational and promotional platform highlighting French renewable energy projects worldwide. It is supported by reputable French organizations such as the Syndicat des énergies renouvelables and ADEME, positioning it as a niche but credible resource within the energy sector. The site offers an interactive map and sector-specific project information aimed at a general audience interested in renewable energy. Technically, the site employs modern JavaScript libraries, analytics tools like Matomo and Google Analytics, and cookie consent management via tarteaucitron.js, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, though accessibility features could be improved. Security-wise, the site uses HTTPS and includes bot protection via reCAPTCHA, but lacks visible security headers and explicit privacy or security policies, which are areas for improvement. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced transparency and security practices.

S

Stiftung Genshagen

stiftung-genshagen.de

50

Stiftung Genshagen is a non-profit foundation dedicated to fostering European dialogue, particularly focusing on German-French and German-Polish relations and the Weimarer Dreieck. The foundation aims to strengthen Europe’s cultural diversity, political capacity, social cohesion, and economic dynamism through various projects, events, and educational initiatives. The website serves as a platform for information dissemination, event promotion, and cultural exchange, targeting political stakeholders, academics, and the broader European public. Technically, the website is built on TYPO3 CMS, hosted by SchlundTech, and employs modern web technologies including JavaScript and Matomo analytics for user tracking with consent. The site is well-optimized for mobile devices, accessible, and SEO-friendly. Security is adequate with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent banner. However, the site lacks explicit terms of service and incident response contact information, which could be enhanced to improve trust and compliance. Overall, Stiftung Genshagen’s website reflects a professional, trustworthy, and well-maintained digital presence suitable for its non-profit mission. Strategic recommendations include enhancing security headers, publishing incident response details, and providing clearer contact information to further strengthen security and user trust.

I

IDDRI

iddri.org

52

IDDRI is an independent French think tank specializing in sustainable development research and policy analysis. It operates as a multi-stakeholder dialogue platform and collaborates with prominent institutions such as Sciences Po. The website is professionally designed, content-rich, and targets policymakers, researchers, and stakeholders interested in environmental and sustainable development issues. Technically, the site is built on Drupal CMS and integrates multiple analytics tools including Matomo, Google Analytics, and Hotjar, with a strong emphasis on privacy compliance and cookie consent mechanisms. Security posture is solid with HTTPS enforced, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a mature digital presence aligned with its mission and audience.

C

Coffra Group

coffra.de

64

Coffra Group is a specialized Franco-German consulting firm offering services in auditing, taxation, accounting, labor law, and strategic business expansion. The company targets international businesses, particularly those operating between France and Germany, providing integrated and multilingual expertise. The website reflects a professional and well-structured digital presence, leveraging modern web technologies and SEO best practices to reach its audience effectively. However, the absence of WHOIS registration data raises questions about domain registration transparency, although the website content and branding strongly indicate a legitimate business operation. Security measures such as HTTPS and Google reCAPTCHA are implemented, but the lack of published security policies and incident response contacts suggests room for improvement in security transparency and readiness.

M

M6 Unlimited

m6unlimited.fr

59

M6 Unlimited is a well-established multimedia advertising agency operating primarily in France, offering advertising solutions across TV, radio, and digital platforms. It is part of the larger Groupe M6, a significant player in the French media landscape. The company provides an integrated creative agency service and an online platform (My6) for streamlined advertising purchases. The website reflects a professional and consistent brand image with clear business focus and target audience of advertisers and marketing professionals. Technically, the site is built on WordPress with modern SEO and analytics tools, including Yoast SEO, Google Tag Manager, Matomo, and Hotjar, ensuring good digital maturity and performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although there is room for improvement in publishing explicit security policies and headers. Overall, the site is compliant with GDPR and provides clear contact information, enhancing trust and credibility.

H

Haploïde

haploide.com

51

Haploïde is a French technology company specializing in the design and optimization of eco-friendly, accessible, and performant websites. Founded in 2018, the company positions itself as a niche player focused on sustainable digital solutions, leveraging scientific rigor and partnerships such as with DK and adherence to ADEME and GHG Protocol standards. Their key services include optimization of existing sites, eco-designed redesigns, and new site conception with a strong emphasis on reducing carbon emissions and improving digital performance. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, integrates Matomo analytics configured for privacy, and is hosted by OVH sas. The site is fast, mobile-optimized, and accessible, following RGAA v4 guidelines. Security posture is good with HTTPS enforced and domain registration protections in place, though some security headers and explicit policies could be improved. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though no cookie consent mechanism is currently present. Overall, Haploïde demonstrates a mature digital presence with a strong focus on sustainability and compliance. The domain registration data is consistent and trustworthy, supporting the legitimacy of the business. No critical security issues or content safety concerns were identified, making the site reliable and professional. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, enabling DNSSEC, and implementing cookie consent mechanisms if cookies are used in the future.

L

LSVD⁺ – Verband Queere Vielfalt e.V.

lsvd.de

51

LSVD⁺ – Verband Queere Vielfalt e.V. is a prominent German non-profit organization advocating for the rights and interests of lesbian, gay, bisexual, trans*, intersex, and queer (LSBTIQ*) individuals. The organization focuses on political advocacy, legal advice, public awareness, and community support, positioning itself as a leading voice for queer diversity and human rights in Germany. Their website reflects a professional and comprehensive approach to content delivery, targeting both the queer community and allies with educational resources, event information, and legal guidance. Technically, the website employs modern web technologies including jQuery, Slick Carousel, and the Foundation framework, hosted on DomainControl nameservers, and uses Matomo analytics to maintain privacy-conscious user tracking. Security posture is adequate with HTTPS enforced and AJAX-based contact forms, but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. Overall, the site is accessible, well-structured, and trustworthy, with clear contact information and active social media engagement.

D

Deutscher Paritätischer Wohlfahrtsverband - Gesamtverband e. V.

paritaetische-akademie.de

50

Der Paritätische is a leading German non-profit umbrella organization representing social welfare associations. The website offers comprehensive information about their services, including purchasing advantages, quality management systems, education, project financing, and specialized support centers. Their target audience primarily consists of member organizations and social service providers. Technically, the site is built on TYPO3 CMS with modern frameworks like Bootstrap and uses privacy-conscious analytics (Matomo) with cookie consent mechanisms. Security posture is strong with HTTPS and privacy compliance evident, though some security headers could be improved. Overall, the website is professional, trustworthy, and well-structured, supporting the organization's mission effectively.

D

Delta Process

tadeo-vrs.com

64

Tadeo VRS is a specialized video relay service platform designed to empower deaf and hard of hearing individuals with autonomous communication capabilities in professional and personal environments. Developed by the French company Delta Process, the platform offers real-time sign language interpretation and transcription services through patented technology and trained professionals. The website is well-structured, content-rich, and targets a niche audience requiring accessibility solutions. Technically, the site employs modern web technologies including Bootstrap, jQuery, Matomo analytics, and HubSpot marketing tools, ensuring a responsive and user-friendly experience. Security measures such as HTTPS, captcha anti-spam, and cookie consent mechanisms are implemented, though some advanced security headers and policies are absent. The WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy, but the professional presentation and content quality mitigate some trust issues. Overall, the site demonstrates a solid digital presence with room for improvement in security transparency and domain registration clarity.

I

Internationale Hofer Filmtage

hofer-filmtage.com

60

The Hof International Film Festival is a well-established and important cultural event in Germany, focusing on independent and new cinema. Founded in 1967, it serves as a platform for emerging filmmakers and presents a diverse program of feature films, documentaries, and shorts. The festival is supported by a range of sponsors and partners, including government bodies and media organizations, and maintains a strong presence in the film industry. The website reflects a professional and user-friendly digital presence with comprehensive content and clear navigation. Technically, the site uses modern web technologies and Matomo analytics for user tracking, with good mobile optimization and accessibility. Security posture is solid with HTTPS and no obvious vulnerabilities, though improvements could be made by adding security headers and cookie consent mechanisms. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trust but does not detract from the overall legitimacy of the organization. Strategic recommendations include enhancing security policies, publishing incident response contacts, and improving privacy compliance transparency.

H

Hochschulübergreifendes Zentrum Tanz Berlin

hzt-berlin.de

42

The Hochschulübergreifendes Zentrum Tanz Berlin (HZT Berlin) is an academic and research institution specializing in dance, choreography, and body-based practices. It offers degree programs such as BA and MA, supports artistic projects, and engages in research activities. The website reflects a well-structured educational platform targeting students, researchers, and artists interested in contemporary dance and choreography. Technically, the site is built on TYPO3 CMS, employs Matomo for analytics, and uses CookieConsent2 for privacy compliance, indicating a modern and privacy-conscious infrastructure. Security posture is strong with HTTPS enforced and cookie consent implemented, though some security headers and incident response information are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, with no signs of malicious or adult content.

P

plus B GmbH

plusb.de

56

plus B GmbH is a Berlin-based digital service provider specializing in TYPO3 CMS development, app creation, consulting, and e-commerce solutions. With over 20 years of experience, the company serves agencies, medium-sized businesses, NGOs, and public institutions, emphasizing accessibility, 3D visualization, and AI integration. The website reflects a professional and consistent brand image, targeting a broad digital services market in Germany. Technically, the site is built on TYPO3 CMS, leveraging modern JavaScript modules and Matomo for analytics with a cookie consent mechanism ensuring GDPR compliance. The hosting uses domaincontrol.com name servers, indicating professional domain management. The site is mobile-optimized, accessible, and SEO-friendly, though some security headers could be improved. Security posture is solid with HTTPS enforced and no exposed sensitive data, but lacks explicit security policies or incident response information. No vulnerabilities or suspicious patterns were detected. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the website and business present a low-risk profile with a high degree of professionalism and trustworthiness. Strategic improvements in security headers and vulnerability disclosure would further enhance their security maturity.

D

Delta Process

acce-o.fr

61

Acceo-Tadeo, operated by Delta Process, is a specialized provider of accessibility solutions targeting deaf, hard of hearing, and non-French speaking individuals. Their offerings include workplace accommodations, accessible recruitment, education support, healthcare accessibility, and event accessibility services. The company holds recognized certifications such as Ugap and Service France Garanti, and serves a diverse clientele including major corporations and public entities in France. Technically, the website is built on a modern stack with Bootstrap 4, jQuery, and Matomo analytics, demonstrating good digital maturity and accessibility compliance. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data is a concern for domain legitimacy but does not detract from the professional presentation and trust signals on the site. Overall, the website is well-designed, content-rich, and trustworthy, serving an important niche in accessibility services.

The website kh-berlin.de represents Weißensee Kunsthochschule Berlin, a specialized public art university in Germany offering various art and design degree programs. The site is well-structured with detailed academic and institutional information targeting students, academics, and art professionals. The technical infrastructure is based on TYPO3 CMS with jQuery and Matomo analytics, indicating a moderate level of digital maturity. The site is mobile optimized and provides good navigation clarity. Security posture is moderate with HTTPS implied but lacking visible security headers and updated libraries. Privacy and cookie policies are not found, indicating compliance gaps. Overall, the site is professional but could improve in privacy compliance and security best practices.

The Universität der Künste Berlin (UdK Berlin) is a large, well-established public university in Germany specializing in artistic education, research, and cultural activities. It offers over 70 study programs to approximately 4,000 students, covering all artistic disciplines and related sciences. The university has a strong market position with a history spanning over 50 years in its current form and roots extending over three centuries. The website reflects a professional and comprehensive digital presence, targeting students, staff, alumni, and partners. It provides extensive information about faculties, events, news, and services.

H

Humboldt-Universität zu Berlin

hu-berlin.de

70

Humboldt-Universität zu Berlin is a prominent German university offering a wide range of academic programs and research initiatives. The website reflects its role as a leading educational institution with a strong emphasis on interdisciplinary research and social cohesion. It targets students, researchers, academic staff, and the general public interested in academic content. The university maintains a large-scale presence with consistent branding and professional content quality. Technically, the website is built on the Plone CMS platform, utilizing modern JavaScript libraries such as jQuery and bxSlider for interactive elements. It employs Matomo analytics with user consent mechanisms, indicating a mature approach to privacy. The site is hosted likely within academic networks in Germany, ensuring reliability and performance rated as moderate to good. Mobile optimization and accessibility features are well implemented. From a security perspective, the site enforces HTTPS and uses script integrity attributes, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. Business credibility is high, supported by certifications and trust signals. Overall, the website is professional, secure, and compliant, with minor recommendations to enhance security headers and publish vulnerability disclosure information to further strengthen trust and security posture.

H

Hochschule für Wirtschaft und Recht Berlin

hwr-berlin.de

54

Hochschule für Wirtschaft und Recht Berlin (HWR Berlin) is a large public university in Germany specializing in economics, law, and administration. The website offers comprehensive information about its 55 degree programs including Bachelor, Master, MBA, and dual study options, targeting students, prospective students, and academic staff. The site is well-structured with extensive navigation and content in German and English, reflecting a mature digital presence. Technically, the site is built on TYPO3 CMS and uses a self-hosted Matomo analytics platform, indicating a focus on data control and privacy. Security posture is adequate with HTTPS and asynchronous script loading, but lacks visible security headers and explicit privacy or cookie policies. No contact emails or phone numbers were found in the provided content, which may impact user support and trust. Overall, the site is professional, safe, and trustworthy but could improve privacy compliance and security transparency.

H

Hochschule für Technik und Wirtschaft Berlin

htw-berlin.de

63

HTW Berlin is a prominent University of Applied Sciences located in Germany, offering a wide range of Bachelor, Master, and MBA programs across multiple disciplines including engineering, business, design, and health. The institution is well-ranked nationally and provides extensive research and continuing education services. The website reflects a mature digital presence with clear navigation, multilingual support, and active engagement with its target audiences such as prospective students, current students, alumni, and industry partners. Technically, the site uses modern web standards, integrates Matomo analytics with user consent, and maintains good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved and explicit security policies are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

H

Hochschule für Schauspielkunst Ernst Busch

hfs-berlin.de

60

Hochschule für Schauspielkunst Ernst Busch is a prestigious German higher education institution specializing in performing arts education, offering six specialized degree programs including acting, directing, dramaturgy, puppetry, play and object, and choreography. The institution enjoys a strong international reputation and serves students, faculty, and theater enthusiasts primarily in Germany. The website is well-structured, professionally designed, and rich in relevant content, supporting the institution's educational mission and community engagement. Technically, the site is built on TYPO3 CMS, uses privacy-conscious Matomo analytics, and integrates partner and donation widgets, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and no exposed sensitive data, though improvements are recommended in cookie consent and security headers. Overall, the website demonstrates high business credibility and trustworthiness with clear contact information and social media presence.

The website metz.fr serves as the official digital portal for the Ville de Metz, providing residents and visitors with comprehensive information about city services, events, public policies, and cultural activities. It holds a strong market position as the authoritative source for municipal information in Metz, France. The site targets a broad audience including local citizens, tourists, and stakeholders interested in city governance and community engagement. Key services include news updates, event calendars, administrative procedures, and social support information. Technically, the website employs modern JavaScript libraries such as Swiper.js for UI components, Matomo for privacy-conscious analytics, and Google Custom Search for site search functionality. The cookie consent mechanism is implemented using tarteaucitron.js with high privacy settings, reflecting good compliance with GDPR. The site is mobile-optimized and presents a professional design with clear navigation, although accessibility features are basic. From a security perspective, the site enforces HTTPS and uses privacy-respecting analytics without setting cookies by default. However, no explicit security headers were detected in the HTML content, and there is no published security policy or incident response contact information. No vulnerabilities or exposed sensitive data were found. Overall, the security posture is good but could be improved by adding security headers and formalizing security policies. The overall risk assessment is low, with the site demonstrating strong legitimacy, consistent branding, and compliance with privacy regulations. Strategic recommendations include enhancing security transparency, improving accessibility, and publishing incident response and vulnerability disclosure information to further strengthen trust and security culture.

D

DK

d-k.io

62

DK is a French company specializing in carbon measurement and management solutions tailored for the communication, media, and advertising sectors. Their platform offers harmonized and standardized carbon footprint measurement tools, including an API for automated calculations, targeting advertisers, agencies, publishers, and media companies. The company positions itself as a market reference in France with notable media clients and a strong emphasis on sustainability and environmental impact reduction. Technically, the website is well-built with modern technologies such as Matomo analytics and Google Tag Manager, hosted by OVH SAS. It demonstrates excellent mobile optimization, accessibility, and SEO practices. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, but the absence of security headers and incident response information are areas for improvement. Overall, the website is professional, trustworthy, and content-rich, reflecting a credible business with a clear mission. The domain registration data aligns well with the business claims, enhancing legitimacy. Privacy compliance and security transparency could be strengthened to improve user trust and regulatory adherence.

G

Groupe M6

groupem6.fr

67

Groupe M6 is a prominent French media group operating multiple TV channels, radio stations, and a streaming platform. The corporate website reflects a mature media business with a broad audience reach and diversified content offerings including news, sports, films, and original series. The site is professionally designed, well-branded, and provides comprehensive investor and governance information, indicating a transparent and established organization. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO and Matomo, demonstrating a commitment to digital maturity and privacy-conscious analytics. The site is mobile-optimized and accessible, with a cookie consent mechanism compliant with GDPR, reflecting good privacy practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, or vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. Overall, the website presents a low-risk profile with strong business credibility and compliance. The lack of WHOIS data is likely due to privacy protection norms in France and does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and security culture.

C

Churchill

agence-churchill.fr

44

Churchill is a premium French web agency specializing in custom website creation, redesign, SEO, and digital marketing services primarily targeting market leaders and businesses in France. The company emphasizes bespoke solutions using WordPress and WooCommerce, integrating advanced SEO and marketing strategies to maximize client ROI. Their market position is supported by over 10 years of experience and more than 120 completed projects, with strong trust signals including high Google review ratings and notable client logos. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses performance optimizations such as WP Rocket and lazy loading. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies. WHOIS data is unavailable, which slightly reduces domain trust but is mitigated by strong business and branding indicators. Overall, the website presents a professional, trustworthy, and technically sound digital presence.

A

Aquitem & Aliénor.net

alienor.net

50

Aquitem & Aliénor.net is a French technology and retail-focused group with over 35 years of expertise in data management, marketing, and digital solutions. They provide a broad range of services including data hosting in France, data visualization tools, AI-driven marketing solutions, and retail management software. The company positions itself as a trusted partner for large retail brands and independent merchants, supported by its affiliation with Groupe FIDUCIAL. Technically, the website is built on WordPress with modern SEO and analytics tools, showing good digital maturity. Security posture is adequate with HTTPS and CAPTCHA protections, but lacks some security headers and formal security policies. Privacy compliance is partially implemented with cookie consent but no clear privacy policy page found. Overall, the site is professional and trustworthy, though WHOIS data absence raises some concerns about domain registration transparency.

G

GenoSafe

genosafe.com

59

GenoSafe is a specialized Contract Research Organization (CRO) based in France, with over 20 years of experience providing analytical services for innovative therapeutics including gene and cell therapies, vaccines, and DNA/RNA-based products. The company supports clients across all stages of development from preclinical to clinical phases, focusing on quality control and regulatory compliance. Their market position is that of a trusted mid-sized healthcare CRO with a professional digital presence and clear service offerings. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO and Matomo. It employs hCaptcha for bot protection and provides a GDPR-compliant cookie consent mechanism. The site is mobile-optimized, accessible, and well-structured, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS with good SSL configuration but lacks some advanced security headers and published security policies. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. However, incident response and vulnerability disclosure information are absent. Overall, GenoSafe presents a low-risk profile with a professional and trustworthy online presence. Strategic improvements in security policy transparency and enhanced security headers would further strengthen their posture.

B

Budgetbox

budget-box.com

75

Budgetbox is a French technology company specializing in omnichannel retail media platforms designed to engage consumers across all shopping journeys, both online and in-store. Established around 2021, it serves over 200 brands and partners with major retailers such as Carrefour, E.Leclerc, and Intermarché. The company offers tailored solutions for brands and distributors to activate retail media campaigns effectively. The website reflects a professional and consistent brand image with comprehensive business and privacy information, targeting retail and media sectors primarily in France. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses Matomo Analytics for privacy-conscious visitor tracking. It employs GDPR-compliant cookie management and integrates marketing tools such as Drift chat and Plezi. The site is mobile-optimized with good SEO practices, though some security headers could be enhanced. Performance is moderate, with a clean and user-friendly design. From a security perspective, the site enforces HTTPS and has implemented cookie consent mechanisms, but lacks explicit security headers like CSP or X-Frame-Options. No vulnerabilities or sensitive data exposures were detected in the content. The absence of WHOIS registration data is a concern but does not outweigh the professional presentation and detailed compliance documentation. Overall, Budgetbox presents a credible and trustworthy online presence with strong privacy compliance and a solid technical foundation. Strategic improvements in security headers and ongoing domain registration monitoring are recommended to maintain and enhance trust and security posture.