Security Directory

The website www.adfc-radtourismus.de is operated by the Allgemeiner Deutscher Fahrrad-Club e.V., a recognized non-profit organization promoting cycling tourism in Germany. It offers a comprehensive range of cycling routes, quality certifications, and tourism services targeted at cycling enthusiasts and tourists. The site is well-branded, professionally designed, and provides useful content in German, focusing on regional and thematic cycling tours. Technically, the site is built on TYPO3 CMS with modern web technologies including jQuery, Bootstrap modals, Matomo analytics configured for privacy, and Google Ad Manager for advertising. The site is mobile optimized and has good SEO practices. Cookie consent is implemented with detailed user options, reflecting GDPR compliance. From a security perspective, the site uses HTTPS and has implemented cookie consent and privacy measures. However, explicit security headers are not detected, and no dedicated security or incident response policies are published. WHOIS data is minimal but not suspicious, aligning with the organization's legitimacy. Overall, the site presents a low-risk profile with good privacy compliance and a solid business reputation. Strategic improvements could include adding security headers, publishing security policies, and providing incident response contacts to enhance trust and security posture.

Cookiedatabase.org is a specialized project launched in 2019 to enhance transparency around online tracking technologies such as cookies, pixels, and local storage. It provides a comprehensive database and Data Passports describing the data collection practices of various services and organizations. Supported by privacy-focused sponsors like Complianz and SIDN Fund, the website targets privacy-conscious users and website operators seeking detailed tracking information. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging modern plugins for consent management and analytics. The infrastructure is hosted behind Cloudflare with HTTPS enforced, ensuring secure access. Security posture is solid but could be improved by adding security headers and enabling DNSSEC. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site is trustworthy, professional, and serves a niche market with good content quality and user experience.

A

AB Tasty

abtasty.com

70

AB Tasty is a well-established digital experience optimization platform offering a comprehensive suite of services including web experimentation, feature experimentation, content personalization, rollouts, recommendations, and merchandising. The company targets businesses seeking to optimize their digital customer experiences and operates a professional, content-rich website that reflects its market position as a leading technology provider in this space. The website is built on WordPress with modern SEO and analytics tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS enforced and consent management implemented, although there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is trustworthy and professional, though the lack of publicly available WHOIS data slightly reduces transparency. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

V

Volkswagen Financial Services Schweiz AG

garantieabschluss.ch

57

Volkswagen Financial Services Schweiz AG operates a dedicated online platform for warranty extension services under the CarLife Plus/CarLife brand, targeting Volkswagen vehicle owners in Switzerland. The website offers an online calculator and contract conclusion for warranty insurance products, including specialized coverage for hybrid and electric vehicle batteries. The company leverages modern web technologies such as Bootstrap, jQuery, and Matomo analytics, combined with Adobe's tag management, to deliver a responsive and user-friendly experience. Privacy and cookie compliance are well implemented, reflecting GDPR adherence. Security posture is solid with HTTPS and input validation, though lacking explicit security headers and published incident response policies. Overall, the site demonstrates a professional and trustworthy digital presence aligned with Volkswagen's corporate standards.

A

ADFC Bett+Bike Service GmbH

bettundbike.de

49

Bett+Bike is a well-established German company specializing in the certification of bicycle-friendly accommodations, serving as a trusted quality standard in bicycle tourism for over 30 years. The company operates a professional website built on TYPO3 CMS, offering accommodation search, certification information, and tourism tips primarily targeting cycling tourists and accommodation providers in Germany. The website demonstrates a good level of digital maturity with modern technologies such as jQuery, Bootstrap, and Matomo analytics integrated, along with a responsive design and cookie consent mechanisms ensuring GDPR compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although security headers and explicit incident response policies are not publicly disclosed. Overall, the site is professional, trustworthy, and aligned with its business objectives.

O

OpenAgenda

openagenda.com

53

OpenAgenda is a well-established French technology company specializing in event agenda management solutions. The platform caters to organizations, federations, territories, and large event organizers by providing tools to create, interconnect, and moderate event agendas. It supports event export, integration, and offers dedicated support, positioning itself as a reliable SaaS provider in the event management space. The company has a solid market presence with notable clients and media partnerships, reflecting a mature business model and a medium-sized operational scale. Technically, the website employs a moderately modern tech stack including jQuery, Bootstrap, Matomo analytics, and Crisp chat for customer interaction. Hosting appears to be on Amazon AWS infrastructure, inferred from DNS servers. The site is mobile optimized with good SEO and accessibility basics, though some modernization opportunities exist, especially in upgrading JavaScript libraries and enhancing accessibility features. From a security perspective, the site uses HTTPS and includes script integrity hashes, but lacks visible security headers and DNSSEC is not enabled. There is no explicit security policy or incident response information published, which could be improved. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but no cookie consent mechanism was detected. Overall, the security posture is moderate with room for enhancements. The overall risk assessment is low, with no critical vulnerabilities or suspicious indicators found. Strategic recommendations include implementing security headers, enabling DNSSEC, publishing security and incident response policies, and adding cookie consent mechanisms to improve GDPR compliance and user trust.

S

SECUTIX

secutix.com

79

SECUTIX is a well-established global leader in digital ticketing technology, offering a comprehensive SaaS platform that serves a wide range of event types including sports, festivals, and cultural institutions. The company emphasizes secure, mobile-first ticketing solutions, access control, and business intelligence to maximize revenue and enhance fan engagement. Their market position is reinforced by numerous partnerships with major sports federations and venues, as well as industry awards. Technically, the website is built on modern frameworks such as React and Next.js, with strong SEO, mobile optimization, and performance. Security posture is robust with HTTPS, security headers, bot protection partnerships, and consent management, although explicit security and incident response policies are not publicly detailed. WHOIS data is not publicly available, likely due to privacy protection, which slightly impacts trust but is common for businesses of this nature. Overall, SECUTIX presents a professional, secure, and compliant digital presence aligned with its business objectives.

F

Fédération Internationale de Motocyclisme

fim-live.com

61

The Fédération Internationale de Motocyclisme (FIM) is a globally recognized non-profit international federation governing motorcycle sports and related activities. The website serves as a comprehensive portal for motorcycling news, event calendars, official documents, and educational resources, targeting motorcycling enthusiasts, professionals, and members of the FIM family. The organization holds a strong market position as the authoritative body in motorcycle sport governance worldwide. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Google Tag Manager, Matomo Analytics, and YouTube API integrations. The site demonstrates good performance, mobile optimization, and accessibility, with a professional and consistent design that enhances user experience and trust. From a security perspective, the site enforces HTTPS and uses secure external scripts, but lacks explicit security headers and published incident response or vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR. Overall, the website presents a low risk profile with strong business credibility and digital maturity. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and regular security audits to maintain and improve trust and compliance.

P

Ports Francs et Entrepôts de Genève SA

geneva-freeports.ch

47

Ports Francs et Entrepôts de Genève SA is a well-established Swiss company specializing in warehousing and logistics services, particularly for valuable goods such as artworks, fine wines, and other high-value items. With a history spanning over 130 years, the company holds a leading position in the European market, offering tailored storage solutions, customs regimes, and complementary services including transport and insurance. Their target audience includes businesses and individuals requiring secure and specialized storage and logistics solutions. The website reflects a professional and consistent brand image, supported by partnerships with reputable organizations and compliance with European data protection regulations.

V

Volkswagen AG

volkswagen-newsroom.com

69

Volkswagen Newsroom is a corporate media platform operated by Volkswagen AG, providing press releases, images, videos, and media contacts primarily targeting journalists, bloggers, and media multipliers. The site serves as an official channel for disseminating the latest news and information about Volkswagen's models, technology, and corporate activities. The platform is well-branded, professionally designed, and optimized for accessibility and mobile use, reflecting Volkswagen's strong market position as a leading automotive manufacturer. Technically, the site employs modern web technologies including JavaScript, lazy loading, and Matomo analytics with user consent, ensuring a balance between performance and privacy. Security posture is good with HTTPS enforced and some security headers present, though additional headers could enhance protection. Privacy compliance is robust with clear policies and consent mechanisms. However, WHOIS data is unavailable, which is unusual but does not detract from the site's legitimacy given the corporate branding and content. Overall, the site is trustworthy, professional, and well-maintained.

V

Volkswagen Group

volkswagenag.com

72

Volkswagen Group is a leading global automotive manufacturer with a broad portfolio of brands including Volkswagen, Audi, Porsche, Bentley, Lamborghini, and others. The company is focused on innovation, sustainability, and shaping the future of mobility through its strategic roadmap extending to 2035. The website reflects a mature digital presence with comprehensive corporate information, investor relations, media resources, and career opportunities. Technically, the site employs modern web technologies, including Matomo analytics with user consent, lazy loading images, and responsive design, ensuring good performance and accessibility. Security posture is strong with HTTPS enforced and privacy mechanisms in place, though some security headers could be improved and explicit security policies published. The absence of WHOIS data limits domain registration transparency but the website's professional presentation and official social media presence support its legitimacy. Overall, the site is well-structured, trustworthy, and compliant with privacy regulations.

O

Office cantonal des assurances sociales

ocas.ch

64

The Office cantonal des assurances sociales (OCAS) of Geneva is a government entity responsible for managing and coordinating key social insurance schemes including old-age and survivors insurance, disability insurance, family allowances, and loss of earnings allowances. The website serves as an official portal providing comprehensive information, e-government services, and assistance to various stakeholders such as employers, employees, independents, students, and medical professionals. The site is well-positioned as the authoritative source for social insurance in the Geneva canton. Technically, the website is built on Drupal 11, leveraging modern web technologies including Matomo and Google Tag Manager for analytics, with a focus on privacy and accessibility. The site is mobile-optimized, well-structured, and uses recognized accessibility tools, reflecting a mature digital infrastructure suitable for a government agency. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms, and avoids exposing sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and security posture. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable resource for its target audience. Strategic improvements in security policy transparency and security headers would further strengthen its security maturity.

L

Landidyll Weinhotel Klostermühle

klostermuehle-saar.de

54

Landidyll Weinhotel Klostermühle is a family-run boutique hotel located in Ockfen/Saar, Germany, specializing in wine tourism and regional culinary experiences. The business offers hotel accommodations, a restaurant with regional specialties, wine tastings from its own vineyard, and various leisure activities such as hiking and cycling. The website reflects a strong regional identity and targets tourists interested in nature and wine culture in the Saar and Mosel regions. The company holds multiple certifications that emphasize quality and accessibility, enhancing its market position as a trusted regional hospitality provider. Technically, the website is built on a modern CMS platform (likely Shopware), utilizing JavaScript frameworks, SVG icons, and video content to deliver a rich user experience. It integrates advanced analytics tools including Matomo and Google Analytics 4, alongside a consent management platform to comply with privacy regulations. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and multilingual support. From a security perspective, the website enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business claims, showing consistent domain registration and no privacy protection, indicating transparency and legitimacy. Overall, the website demonstrates a high level of professionalism, content quality, and compliance with privacy standards, making it a trustworthy digital presence for the hospitality business. Strategic improvements in security headers and incident response disclosures could further enhance its security posture.

P

PAPA RHEIN Hotel & Spa

paparheinhotel.de

54

PAPA RHEIN Hotel & Spa is a modern hospitality business located in Bingen am Rhein, Germany, offering upscale accommodation, spa services, dining, and event hosting. The hotel emphasizes a unique urban style combined with regional cultural elements, targeting leisure travelers, families, and wellness guests. The website reflects a strong market position with multiple awards and a professional digital presence. Technically, the site uses modern web technologies including Angular components, jQuery UI, and Swiper.js, with integrated analytics and consent-based tracking. Security posture is solid with HTTPS and some security headers, though improvements like CSP and security.txt are recommended. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

S

SAVOY

savoy.de

54

SAVOY is a luxury hotel located in the heart of Cologne, Germany, offering upscale accommodation, spa and wellness services, dining, and event facilities. The website reflects a strong market position in the hospitality sector, targeting discerning travelers seeking premium experiences. The digital infrastructure employs modern web technologies including Matomo analytics and a consent management platform, indicating a mature approach to user privacy and data collection. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are absent. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

S

Scherer Gruppe

scherer-gruppe.de

52

Scherer Gruppe is a large, multi-brand automotive dealership group operating in Germany with 37 locations offering new and used vehicles, service, rental, and financing. The website reflects a mature digital presence with modern technologies including analytics and consent management, supporting a professional user experience. Security posture is solid with HTTPS and privacy consent mechanisms, though some security headers and incident response details are missing. Overall, the site is trustworthy and well-branded, targeting both retail and commercial automotive customers.

P

PerNaturam GmbH

pernaturam.de

56

PerNaturam GmbH operates a German-based e-commerce platform specializing in natural animal nutrition and supplements for dogs, cats, horses, and poultry. The company emphasizes natural ingredients, quality control, and veterinary recommendations, positioning itself as a trusted provider with over 30 years of experience. The website supports multiple languages and offers rich educational content including blogs, podcasts, and webinars, enhancing customer engagement and expertise sharing. Technically, the site employs modern analytics tools such as Matomo and Google Analytics with consent management, ensuring compliance with privacy standards. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though some security headers could be improved. Contact information is clearly presented, but formal privacy policies and terms of service were not found in the provided content. Overall, the site is professional, trustworthy, and well-structured, serving a niche retail market effectively.

S

SAAT MUNICH

saatmunich.com

52

SAAT MUNICH is a Munich-based full-service design studio specializing in corporate fashion, design consulting, and quality goods, primarily serving the hospitality and healthcare sectors. Founded in 2015, the company emphasizes unique uniform concepts that reflect corporate identity and sustainability principles. The website presents a professional and consistent brand image with clear navigation and relevant content tailored to corporate clients. Technically, the site is built on WordPress with modern plugins and analytics tools, including Matomo and Google Analytics with privacy-conscious configurations. Security posture is good with HTTPS enabled and cookie consent mechanisms, though DNSSEC is not enabled and some security headers are missing. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a clear privacy policy and cookie notice. Contact information is primarily via web forms, with no explicit emails or phone numbers published. Overall, the site is trustworthy, professional, and well-aligned with its business claims.

F

firstvoucher

firstvoucher.com

59

firstvoucher.com is a German-based e-commerce platform specializing in providing businesses with an online voucher and ticket sales system. The company targets a broad range of businesses, from small cafes to large hotel groups, enabling them to sell vouchers and tickets online with automated processes for issuance, personalization, and redemption. The website is professionally designed, content-rich, and includes customer testimonials and logos, indicating a strong market presence with over 3000 customers. Technically, the site uses modern web technologies including JavaScript libraries, tracking and analytics tools, and a consent management platform to comply with privacy regulations. Security posture is good with HTTPS enforced and privacy-conscious analytics configurations, though some security headers are missing and no explicit security policies are published. The WHOIS data is unavailable, which raises concerns about domain registration transparency, but the active and professional website mitigates some risk. Overall, the site is trustworthy and well-positioned in its niche, but domain registration details should be verified for full assurance.

P

Puzzle ITC

puzzle.ch

70

Puzzle ITC is a Swiss-based technology company specializing in open source software and sustainable IT solutions. They offer a broad range of services including digital transformation, software development, platform engineering, cloud infrastructure, AI, IT security, and mobility IT services. Their market presence is focused on Switzerland and parts of Germany, targeting businesses and organizations seeking innovative and sustainable IT solutions. The company demonstrates a solid market position with reputable client partnerships and a professional online presence. Technically, the website is built on WordPress with modern technologies such as Yoast SEO, Matomo analytics, and Google reCAPTCHA, indicating a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features could be improved. Performance is moderate, and the site uses structured data for enhanced search engine understanding. From a security perspective, the site enforces HTTPS and uses privacy-conscious analytics (Matomo). However, it lacks explicit security policies, incident response contacts, and security headers, which are areas for improvement. Privacy compliance is partial, with no visible privacy or cookie policies and no consent mechanisms, which could pose compliance risks. Overall, Puzzle ITC presents a trustworthy and professional business with a good security posture but should enhance privacy and security transparency to meet higher compliance standards and user trust expectations.

I

Inventage AG

inventage.com

70

Inventage AG is a Swiss-based technology company specializing in custom software solutions leveraging modern web technologies and open-source components. Established in 2000, the company targets businesses and organizations seeking tailored digital solutions. Their market position is that of a trusted, established provider with a focus on quality and innovation. The website reflects a professional and consistent brand image with clear contact information and social media presence, supporting credibility and trust. Technically, the website uses modern web standards with JavaScript and CSS, and integrates Matomo Analytics for privacy-conscious user tracking. Hosting is provided by Cloud DNS Ltd, and the domain is well-maintained with a long history. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured data. From a security perspective, HTTPS is enforced, and domain status includes clientTransferProhibited, indicating domain transfer protection. However, DNSSEC is not enabled, and no security headers were detected, which could be improved. No explicit security policies or incident response contacts are published, representing an area for enhancement. Privacy compliance is good with a comprehensive privacy policy, but no cookie consent mechanism was found. Overall, the website and business demonstrate a solid risk posture with no critical vulnerabilities or suspicious indicators. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security policies, and implementing cookie consent to enhance compliance and trust.

E

Eviden

eviden.com

78

Eviden is a technology enterprise and a subsidiary of the Atos Group, specializing in AI-enabled technologies across advanced computing, cybersecurity, mission-critical systems, and quantum computing. The company targets enterprise clients, public sector organizations, and defense agencies, offering a broad portfolio of digital solutions and infrastructure products. Eviden positions itself as a leader in innovation with a strong emphasis on sustainability and security. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation. Technically, Eviden leverages WordPress CMS with modern analytics and marketing tools, including Matomo and Marketo, while implementing a robust cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS enforcement and bot protection, though some security headers could be improved. The domain eviden.com is well-established since 2003, registered transparently, and consistent with the business identity. Overall, Eviden demonstrates a high level of digital maturity and business credibility.

E

ELCA Informatique SA

elca.ch

80

ELCA Informatique SA is a leading independent Swiss IT company specializing in business and technology solutions, including IT consulting, software development, and systems integration. With over 2300 employees and a turnover of CHF 339 million in 2024, ELCA holds a strong market position in Switzerland and Europe, serving diverse sectors such as energy, transportation, finance, and public administration. The company emphasizes tailored digital transformation solutions and maintains a broad portfolio of subsidiaries and partner companies. Technically, ELCA employs modern web technologies including Next.js and React, integrates advanced analytics tools like Matomo and Hotjar, and uses robust consent management via Cookiebot. The website is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and secure form handling, although a dedicated security policy and incident response contact channels are not explicitly published. Overall, ELCA demonstrates a professional, trustworthy online presence aligned with its business stature.

N

Netcetera AG

netcetera.com

64

Netcetera AG is a well-established Swiss technology company specializing in tailored software solutions for sectors including banking, payments, healthcare, mobility, and publishing. The company positions itself as a trusted partner with over 25 years of industry experience and a strong client base including major financial institutions. Their business model focuses on B2B software development, AI integration, and cloud services, emphasizing security and user experience. Technically, the website employs modern web technologies such as Google Tag Manager, Matomo Analytics, and Usercentrics for consent management, with responsive design and accessibility features. The site demonstrates good SEO practices and a professional user experience. However, some security best practices like explicit security headers and published security policies are missing. From a security perspective, the site uses HTTPS and secure forms but lacks visible incident response contacts and vulnerability disclosure mechanisms. The absence of WHOIS data for the domain is a notable anomaly, reducing trustworthiness despite the professional web presence. Overall, the website is high quality and trustworthy in content and design but would benefit from improved transparency in domain registration and enhanced security disclosures to strengthen its risk posture and compliance standing.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMBFSFJ)

bmfsfj.de

67

The Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMBFSFJ) is the German federal ministry responsible for education, family affairs, senior citizens, women, and youth. The website serves as an official government portal providing comprehensive information, policy updates, and public services related to these sectors. It targets a broad audience including families, seniors, women, youth, and stakeholders in education and social policy. The ministry operates as a large government entity with a strong market position as a federal authority in Germany. Technically, the website employs a modern and accessible design with a custom framework (Rebrush) and uses Matomo analytics configured for privacy compliance. The site is mobile-optimized, SEO-friendly, and hosted under a German research network DNS, indicating a robust infrastructure. The content quality is excellent with clear navigation and rich, relevant information. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR. While some advanced security headers are missing, no vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the official government domain usage, reinforcing legitimacy. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding a vulnerability disclosure mechanism to further strengthen the security posture.

T

TEKO Schweizerische Fachschule AG

teko.ch

56

TEKO Schweizerische Fachschule AG is a Swiss educational institution specializing in technical and business education with campuses in Basel, Bern, Luzern, Olten, and Zürich. The website presents a professional and well-structured platform offering a variety of higher education programs, seminars, and preparation courses for federal professional exams. The institution holds recognized certifications such as ISO and eduQua, reinforcing its credibility in the education sector. The target audience includes students and professionals seeking advanced education in technology and business fields within Switzerland. Technically, the website employs modern JavaScript frameworks and analytics tools including Google Tag Manager, Google Analytics, Facebook Pixel, Matomo, and Olark live chat. The CMS appears to be Pimcore, supporting a responsive and user-friendly design optimized for mobile devices. SEO and accessibility are adequately addressed, though accessibility could be enhanced further. From a security perspective, the site uses HTTPS with good SSL configuration and implements Google reCAPTCHA v3 for bot protection. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service pages found in the provided content. Overall, the website is trustworthy, professional, and secure with room for improvement in privacy and security policy transparency. The domain registration data aligns well with the website's claims, indicating legitimacy and consistency. Strategic recommendations include publishing comprehensive privacy and security policies, adding security headers, and enhancing accessibility features.

A

avisec ag

avisec.ch

43

avisec ag is a Swiss-based company specializing in high-quality construction site cameras, time-lapse cameras, panoramic cameras, crane cameras, and cloud-based image data solutions. Founded in 2009, the company positions itself as a market leader in Switzerland, providing comprehensive visual documentation and monitoring services for construction projects. Their offerings include hardware, cloud services, and professional film production including drone footage, targeting construction professionals, project managers, and marketing teams. The website demonstrates a mature digital presence with strong SEO, structured data, and multimedia content. Technically, the site is built on WordPress with modern plugins and analytics tools, optimized for performance and mobile devices. Security posture is good with HTTPS and anti-spam measures, though some security headers could be improved. Privacy compliance is basic with cookie consent but lacks explicit privacy and terms pages. Overall, avisec presents a trustworthy and professional online presence aligned with its business claims.

S

Società Elettrica Sopracenerina SA (SES)

ses.ch

65

Società Elettrica Sopracenerina SA (SES) is a regional Swiss energy company primarily engaged in the distribution and production of electricity, focusing on renewable sources such as hydroelectric and photovoltaic power. The company serves private customers, businesses, municipalities, and installers within Ticino and surrounding areas. SES maintains a strong market position as a trusted energy provider with a commitment to sustainability and customer service excellence. The website reflects a professional and well-structured digital presence, supporting customer engagement through multiple channels including online forms, newsletters, and social media. Technically, the website employs modern web technologies including jQuery and Matomo analytics, ensuring privacy-conscious user tracking. The site is mobile-optimized and demonstrates good performance and SEO practices. Security-wise, SES holds ISO/IEC 27001:2022 certification, indicating a mature information security management system. HTTPS is enforced, and security headers are present, contributing to a robust security posture. However, incident response contact details and vulnerability disclosure mechanisms are not explicitly provided. Overall, SES's website is a reliable and secure platform that effectively supports its business operations and customer interactions. The company demonstrates compliance with GDPR and cookie consent regulations, enhancing user trust. Strategic recommendations include publishing incident response contacts, enhancing accessibility, and formalizing vulnerability disclosure policies to further strengthen security and compliance.

P

prointernet GmbH & Co. KG

prointernet.de

56

prointernet GmbH & Co. KG is a well-established full-service internet agency based in Kastellaun, Germany, founded in 1998. The company specializes in web development, design, online shops, and voucher systems, serving a broad business clientele both regionally and worldwide. Their website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the site employs modern web technologies including Matomo and Google Analytics for tracking, along with a consent management platform to ensure GDPR compliance. The site is mobile optimized and SEO friendly, contributing to a positive user experience. Security-wise, the website enforces HTTPS and anonymizes IP addresses in analytics, but lacks explicit security headers and published security policies, which are areas for improvement. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy and trustworthiness of the company.

D

Deutsches Zentralinstitut für soziale Fragen

dzi.de

76

The Deutsches Zentralinstitut für soziale Fragen (DZI) is a well-established German non-profit organization specializing in social issues, donation advice, and certification of charitable organizations. It holds a strong market position as a trusted authority for donors and non-profits, offering key services such as the DZI Spenden-Siegel, donation consulting, and a specialized social literature database. The website reflects a mature digital presence built on WordPress with modern plugins and privacy-respecting analytics (Matomo). The site is well-structured, mobile-optimized, and SEO-friendly, providing excellent user experience and content relevance. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the domain and WHOIS data align well with the organization's identity, confirming legitimacy and trustworthiness.

P

prointernet GmbH & Co. KG

prointernet.com

56

prointernet GmbH & Co. KG is a well-established full-service internet agency based in Kastellaun, Germany, founded in 1998. The company specializes in web development, design, e-commerce solutions, and consulting services, targeting businesses seeking comprehensive digital solutions. Their market position is solid within their regional base with a worldwide client reach, supported by a professional website and active social media presence. Technically, the website employs modern technologies including Matomo and Google Analytics for tracking, Angular for consent management, and uses HTTPS with privacy-conscious configurations. The site is mobile optimized and SEO friendly, providing a good user experience. Security posture is strong with HTTPS and cookie consent mechanisms, though improvements could be made by adding security headers and publishing explicit security policies. Overall, the website is trustworthy, professional, and compliant with GDPR regulations, with no signs of blocking or suspicious activity.

M

Mühldorfer

muehldorfer.com

56

Mühldorfer is a German premium bedding manufacturer with a heritage spanning over 100 years, specializing in natural and synthetic down bedding products such as duvets, pillows, toppers, and mattress protectors. The company serves both end consumers and high-end hotel clients, positioning itself as a trusted supplier for luxury hospitality establishments worldwide. The website reflects a mature e-commerce platform with comprehensive product categorization and customer service features, including multilingual support and a dedicated hotline. Technically, the website is built on the Shopware 6 platform, integrating modern marketing and analytics tools such as Google Tag Manager, Matomo, and Uptain. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers are not explicitly present. HTTPS is enforced, and privacy compliance is well addressed with clear cookie consent mechanisms and a detailed privacy policy. From a security perspective, the site shows a solid baseline with encrypted connections and anonymized analytics data. However, the absence of explicit security headers and lack of published incident response or vulnerability disclosure policies indicate areas for improvement. The missing WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness despite the professional presentation. Overall, Mühldorfer's digital presence is robust and user-friendly, supporting its market position as a premium bedding provider. Addressing domain registration transparency and enhancing security headers would further strengthen its security posture and business credibility.

S

Schweizerische Bundeskanzlei (BK)

ch-info.swiss

60

The website ch-info.swiss is an official Swiss government portal managed by the Schweizerische Bundeskanzlei (Swiss Federal Chancellery). It primarily serves as an information dissemination platform providing editions of magazines about Switzerland's political system and governance. The site targets the general public interested in Swiss government affairs and offers multilingual content in English, German, French, and Italian. The business model is focused on government transparency and public education, positioning itself as a trusted official source within the government sector. Technically, the website employs modern frontend technologies including Vue.js and Vuetify, hosted via Hostpoint with DNS managed by Google Cloud DNS. The site demonstrates good mobile optimization and a moderate performance profile. Analytics are implemented using Matomo, indicating a preference for privacy-conscious tracking. However, the site lacks DNSSEC and security headers, which are recommended for enhanced security. From a security perspective, the site benefits from HTTPS and absence of exposed sensitive data or forms, reducing attack surface. Nonetheless, the lack of DNSSEC and security headers, as well as missing privacy and cookie policies, represent areas for improvement. No incident response or vulnerability disclosure information is present, which could be enhanced to improve security posture and compliance. Overall, the website is legitimate, trustworthy, and professionally maintained, but could improve privacy compliance and security hardening. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing privacy and cookie policies, and providing clear contact information for security and general inquiries.

B

Bundeskanzlei BK

bundeskanzlei.ch

72

The Bundeskanzlei BK website serves as the official digital presence of the Swiss Federal Chancellery, providing comprehensive information about its role in supporting the Federal Council, managing political rights, and driving digital transformation within the Swiss federal administration. The site is well-structured, multilingual, and rich in authoritative content, targeting Swiss citizens, government officials, and political stakeholders. It maintains a strong market position as a central government entity with clear branding and trust signals. Technically, the website leverages Adobe Experience Manager as its CMS, uses modern JavaScript libraries like jQuery and Granite UI, and employs Matomo for privacy-conscious analytics. The site is hosted on Swiss government infrastructure, optimized for mobile devices, and demonstrates good SEO and accessibility practices. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, includes anti-clickjacking measures, and uses CSRF protection scripts. However, it lacks explicit cookie consent mechanisms and published security policies or incident response contacts, which are recommended for enhanced compliance and transparency. No vulnerabilities or suspicious activities were detected. Overall, the website is trustworthy, professional, and secure, reflecting the high standards expected of a federal government portal. Strategic improvements in privacy compliance and security transparency would further strengthen its posture.

Workshop-Tage is a Swiss-based community event organizer focused on Open Source software and technology workshops. The website promotes a multi-day event featuring workshops on Open Source topics and soft skills, targeting enthusiasts and professionals in the Open Source community. The event has a history dating back to 2017 and is supported by notable Swiss educational institutions and organizations, positioning it as a reputable and established community event in the technology sector. Technically, the website is built on WordPress with a modern tech stack including Bootstrap 4 and jQuery. SEO is enhanced using Yoast SEO Premium, and privacy-conscious analytics are implemented via Matomo. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some privacy compliance elements such as explicit privacy and cookie policies are missing. From a security perspective, the site uses HTTPS with good SSL configuration and does not expose sensitive data. However, it lacks explicit security headers and does not provide incident response or vulnerability disclosure information, which are areas for improvement. The absence of privacy and cookie policies also impacts compliance with GDPR and related regulations. Overall, Workshop-Tage presents a trustworthy and professional online presence for its community event, with solid technical foundations and good business credibility. Strategic improvements in privacy compliance and security transparency would enhance its security posture and regulatory adherence.

Open Education Day is an educational event organized by CH Open, focusing on open source technologies and open educational resources in the Swiss education sector. The website presents a professional and well-structured platform for event information, partner promotion, and community engagement. The technical infrastructure is based on WordPress with modern plugins and frameworks, ensuring good performance and SEO optimization. Security posture is adequate with HTTPS and privacy-conscious analytics, though lacking explicit security policies and cookie consent mechanisms. Overall, the site is trustworthy and serves its niche audience effectively.

U

Université de Genève

unige.ch

69

Université de Genève is a prominent public university in Switzerland offering a wide range of academic programs and research activities. The website serves students, researchers, collaborators, and the public with information about faculties, courses, research, and services. The institution maintains a professional online presence with consistent branding and multilingual support. Technically, the website is built on the concrete5 CMS platform and utilizes modern JavaScript libraries such as jQuery, Isotope, and Nivo Slider. It employs Matomo for analytics and OneTrust for cookie consent management, indicating a moderate level of digital maturity and privacy awareness. The site is mobile optimized and provides a good user experience with clear navigation. From a security perspective, the website enforces HTTPS and includes a cookie consent mechanism, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data confirms the domain's legitimacy and consistency with the university's identity. Overall, the website is trustworthy and professionally maintained, with room for improvement in security policy transparency and contact information availability.

F

Fred Fischer

fredfischer.fr

54

Fred Fischer is a freelance web designer and WordPress expert based in Lille, France, offering specialized services including responsive WordPress theme development, plugin creation, SEO optimization, and web accessibility. The website presents a professional portfolio and emphasizes a user-centric approach combining form and function. The business targets clients directly and agencies seeking expert WordPress development and web design services. Technically, the site is built on WordPress with modern frameworks such as Materialize CSS and uses Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security posture is good with HTTPS enforced and minimal plugin use, though security headers and explicit privacy policies are lacking. The absence of WHOIS data limits domain legitimacy verification, which slightly impacts trust. Overall, the website is professional, secure, and well-positioned for its niche market.

A

avisec ag

panorama-camera.com

47

Avisec AG operates as a specialized technology company focused on panoramic camera systems, photo webcams, and cloud-based visualization solutions primarily targeting the hospitality and alpine tourism sectors. The company is positioned as a market leader in delivering high-resolution panoramic imaging solutions that enhance project quality and location marketing. Their offerings include advanced 360° panorama cameras, time-lapse video production, and drone filming services, catering to business customers and distribution partners. The website reflects a professional digital presence with strong branding and multimedia content showcasing their products and services. Technically, the site is built on WordPress with Themify Builder and optimized for performance and SEO, including privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and privacy-respecting analytics, though improvements are recommended in security headers and privacy compliance documentation. Overall, the domain registration is transparent and consistent with the business profile, supporting high legitimacy. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and publishing incident response and vulnerability disclosure information to strengthen trust and compliance.

A

avisec GmbH

baustellen-kamera.de

42

avisec GmbH operates a professional website focused on construction site cameras, offering a range of products including time-lapse cameras, panorama cameras, crane cameras, and cloud-based image management solutions. The company positions itself as a leading provider in this niche with over 15 years of experience and international presence in more than 17 countries. The website is well-structured, visually professional, and optimized for SEO and mobile devices, providing rich multimedia content such as embedded videos and detailed product descriptions. The technical infrastructure is based on WordPress with Themify Builder, enhanced by performance and SEO plugins, and uses privacy-conscious analytics tools like Matomo with cookies disabled.

H

Hotel Schweizerhof Bern & Spa

schweizerhof-bern.ch

50

Hotel Schweizerhof Bern & Spa is a premium 5-star luxury hotel located centrally in Bern, Switzerland. The hotel offers upscale accommodation, gourmet dining options, a spa and wellness center, and facilities for meetings and events. It targets luxury travelers, business guests, and event organizers, positioning itself as a leading hospitality provider in the Swiss capital. The website reflects a high level of professionalism with rich content, clear navigation, and strong branding consistent with a luxury hospitality business. Technically, the site uses modern web technologies including Vue.js, Google Tag Manager, and Matomo Analytics, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is basic with cookie consent implemented but no explicit privacy or terms of service pages detected. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

C

CURAVIVA

curaviva.ch

58

CURAVIVA is a Swiss-based professional association serving institutions and service providers for elderly and people with support needs. It holds a strong market position with approximately 3,100 members and offers a broad range of services including specialized courses, legal and insurance consulting, data protection, and innovation initiatives. The website reflects a mature digital presence with professional design, clear navigation, and relevant content tailored to its target audience of healthcare and social service providers. Technically, the site uses a modern CMS (sitesystem), integrates multiple analytics platforms (Matomo, Google Analytics, Facebook Pixel), and embeds multimedia content securely via HTTPS. Security posture is good with encrypted connections and privacy-conscious analytics configurations, though it lacks some security headers and explicit cookie consent mechanisms. Overall, the site is trustworthy, well-maintained, and compliant with GDPR principles, though it could improve transparency around cookies and incident response. The WHOIS data confirms legitimacy and consistency with the organization's Swiss location and branding.

I

INSOS

insos.ch

59

INSOS is a Swiss non-profit association serving as the industry federation for service providers supporting people with disabilities. It operates as a key player in the Swiss social sector, offering a broad range of services including legal advice, insurance services, inclusion measurement tools, and professional development courses. The organization is closely linked with the ARTISET federation and maintains a strong presence in the Swiss market with over 3,100 members. The website reflects a professional and consistent brand image, targeting service providers and professionals in the disability support sector. Technically, the website is built on the sitesystem CMS platform, utilizing modern JavaScript libraries such as jQuery and integrates analytics tools like Google Analytics and Matomo with privacy-conscious configurations. The site is mobile-optimized, accessible, and performs moderately well. However, it lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. From a security perspective, the site enforces HTTPS and employs error tracking via Sentry. Analytics are configured to anonymize IPs and disable cookies, indicating a baseline privacy awareness. No critical vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the website's claims, confirming legitimacy and transparency. Overall, INSOS presents a trustworthy and professional online presence with room to enhance privacy compliance and security hardening to meet best practices fully.

W

webways AG

sozjobs.ch

69

sozjobs.ch is a specialized online job portal focused on social and healthcare professions in Switzerland, operated by webways AG. It holds a strong market position as the largest Swiss job portal in its niche, offering comprehensive job listings, employer profiles, and user-friendly search and application features. The website is professionally designed, mobile-optimized, and provides clear navigation and detailed filtering options tailored to its target audience of job seekers and employers in the social and healthcare sectors. Privacy and cookie policies are well implemented, reflecting GDPR compliance.

G

gastroagentur

gastroagentur.ch

50

gastroagentur is a specialized communications agency focused on the hospitality and tourism sectors in Switzerland. They offer a comprehensive suite of services including content creation, media relations, storytelling, graphic design, and digital marketing tailored to the needs of the guest service industry. Their market position is that of a niche provider with deep industry knowledge, serving small to medium-sized clients in the hospitality domain. The website reflects a professional and consistent brand image with clear messaging and a user-friendly interface. Technically, the site is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The use of Matomo analytics and Google reCAPTCHA v3 demonstrates attention to privacy and security. The site is mobile optimized and performs moderately well, though some improvements in accessibility and security headers could be made. From a security perspective, the site uses HTTPS and has implemented anti-bot measures on its contact form. However, it lacks explicit security headers and does not provide a security policy or incident response contact, which are areas for improvement. No vulnerabilities or suspicious content were detected. Overall, gastroagentur presents a trustworthy and professional online presence with minor compliance gaps, particularly in privacy and cookie policies. Strategic enhancements in security policies and compliance documentation would further strengthen their digital maturity and trustworthiness.

A

Administration cantonale valaisanne

vs.ch

50

The website www.vs.ch serves as the official digital portal for the Administration cantonale valaisanne, representing the government of the Canton of Valais in Switzerland. It provides comprehensive information about governmental organization, public services, news, and thematic portals targeting residents and stakeholders within the canton. The site is well-branded with consistent governmental logos and offers multilingual support primarily in French and German. The business model is purely governmental, focusing on public service and information dissemination without commercial intent. Technically, the site is built on the Liferay CMS platform, leveraging modern web technologies including React, Alloy UI, AngularJS legacy components, and Matomo for analytics. The infrastructure appears robust with good mobile optimization, accessibility, and SEO practices. The site uses HTTPS with strong security headers and nonce-based Content Security Policy, indicating a mature security posture. Cookie consent mechanisms are implemented, reflecting GDPR compliance. Security-wise, the site demonstrates good practices such as secure authentication endpoints (OAuth2), no visible vulnerabilities, and no exposed sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Overall, the site is trustworthy, professional, and safe for general audiences. Strategically, the site should consider publishing detailed security and incident response policies, adding vulnerability disclosure information, and enhancing contact transparency to further strengthen trust and compliance.

K

Kanton Zug

zg.ch

71

The website zg.ch is the official online portal for the Canton of Zug, Switzerland, serving as a comprehensive resource for residents, businesses, and visitors. It provides extensive information on public services including education, health, economy, social services, mobility, environment, politics, and security. The site is well-structured with clear navigation and a professional design consistent with government standards. Technically, it employs modern web technologies such as Bootstrap and Matomo analytics, ensuring a responsive and moderately performant user experience. Security posture is adequate with HTTPS enforced and asynchronous script loading, but lacks explicit security headers and published security policies. Privacy compliance is limited due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the domain registration and WHOIS data confirm the site's legitimacy as a government entity, with no suspicious indicators detected.

The website represents the Tripartite Berufsbildungskonferenz (TBBK), a Swiss governmental entity under the Staatssekretariat für Bildung, Forschung und Innovation (SBFI). It serves as a coordination platform linking operational committees with national political vocational education meetings. The site provides news, reports, and information about vocational education initiatives, targeting stakeholders in Swiss vocational training and government officials. The business model is governmental coordination and information dissemination with a medium-sized organizational footprint in Switzerland. Technically, the site is built on Joomla CMS with Bootstrap and jQuery, using Matomo for privacy-conscious analytics. The site is mobile-optimized and professionally designed with consistent branding. Security posture is good with HTTPS and form protections but lacks security headers and explicit privacy/cookie policies, which are compliance gaps. Overall, the domain registration and WHOIS data align well with the website's governmental nature, indicating high legitimacy and trustworthiness.

S

Staatssekretariat für Bildung, Forschung und Innovation SBFI

berufsentwicklung.swiss

50

The website berufsentwicklung.swiss is an official platform managed by the Swiss State Secretariat for Education, Research and Innovation (SBFI). It serves as a comprehensive resource for vocational education and career development in Switzerland, providing detailed handbooks, ongoing revision information, and related documents. The site targets organizations of the working world and stakeholders involved in vocational training, positioning itself as a trusted government information portal. Technically, the site is built on WordPress with modern SEO and analytics tools like Matomo, hosted under a reputable registrar and DNS provider. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is solid with HTTPS and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is partial, with a privacy policy linked but no cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its governmental mission.

M

MrRENT Service GmbH

mrrent.com

55

MrRENT Service GmbH is a German company specializing in the rental of furniture, cooling cells, and accessories for events such as parties, weddings, and corporate functions. Established in 2005, the company positions itself as a reliable partner for event organizers seeking mobile and customizable event equipment. Their website reflects a professional and consistent brand image, targeting a broad audience within the hospitality and event planning sectors. The business model focuses on rental services, supported by a downloadable catalog and active social media presence.