Security Directory

N

New Generations

newgenerationsweb.com

36

New Generations is a European media and cultural platform focused on emerging architectural practices since 2013. It provides a space for knowledge exchange, events, publications, and networking for architects across Europe. The website is built on SilverStripe CMS, uses modern web technologies including Bootstrap and jQuery, and integrates Google Analytics and reCAPTCHA for user interaction and spam protection. The security posture is moderate with HTTPS enabled and reCAPTCHA implemented, but lacks some security headers and DNSSEC. Privacy and cookie policies are absent, which impacts compliance. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

S

Swisslos

swisslos.ch

71

Swisslos is a prominent Swiss lottery and betting operator offering a wide range of games including Swiss Lotto, EuroMillions, EuroDreams, and various skill and instant ticket games. The website targets adult players in Switzerland and emphasizes responsible gaming with visible 18+ player protection indicators. Technically, the site employs modern frameworks such as Vue.js, integrates Google Analytics and Tag Manager for analytics, uses Google reCAPTCHA v3 for bot protection, and manages cookie consent via Usercentrics, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement and CSRF token usage, though explicit privacy and terms of service pages are not clearly found in the provided content. Overall, the site presents a professional and trustworthy front with good branding and user experience.

M

Mobimo Holding AG

mobimo.ch

70

Mobimo Holding AG is a well-established Swiss real estate company specializing in property development, investment, and management. The company targets investors, tenants, and real estate professionals, positioning itself as a leading player in the Swiss real estate market. The website reflects a professional and comprehensive digital presence with clear business information and user-friendly navigation. Technically, the site employs modern technologies such as React, Google Analytics, and Google Maps API, ensuring good performance and mobile optimization. Security measures are robust, with HTTPS enforced and multiple security headers present, although explicit security policies and incident response details are not published. Overall, the site demonstrates a mature digital infrastructure and trustworthy business credibility.

K

Kies + Beton Münchwilen AG

kies-und-beton.ch

72

Kies + Beton Münchwilen AG is a Swiss-based company specializing in the manufacturing and supply of construction materials including sand, gravel, concrete, and recycled building materials. They also provide transport services related to these products. The company operates under the parent group ERNE Gruppe, indicating a solid market presence and backing. Their website is professionally designed using TYPO3 CMS and incorporates modern web technologies and analytics tools with GDPR-compliant consent mechanisms. The site offers clear contact information and detailed product and service descriptions, targeting construction industry professionals and businesses in Switzerland. Security posture is good with HTTPS enforced and cookie consent properly managed, though some security headers could be improved. Overall, the website reflects a trustworthy and credible business with a moderate to good digital maturity level.

J

👋 Allegra, ich bin Jovìn

jovin.ai

52

Jovìn.ai is a specialized AI chatbot service tailored for the tourism and hospitality sector, providing intelligent answers to questions about leisure activities, accommodations, weather, and events within a destination. The website presents a professional and consistent brand image, targeting tourism stakeholders and travelers. The technical infrastructure is built on the Framer platform and integrates Google Analytics and Tag Manager for user tracking and analytics. While HTTPS is properly configured, the site lacks important security headers and privacy compliance mechanisms such as privacy and cookie policies. The absence of WHOIS data due to privacy protection limits the ability to fully verify domain legitimacy, but the website content and contact information suggest a legitimate small business operation. Overall, the security posture is moderate but could be improved with additional security best practices and compliance documentation.

TouristDataShop AG operates as a specialized provider for the distribution, support, and management of Holidu Smart Destination services within Switzerland's tourism sector. The company targets destinations, cities, and accommodation providers, offering a suite of services including booking solutions, shared backoffice services, product data management, and customer support. Their market position is that of a niche player focused on enabling tourism businesses to make their offerings bookable online efficiently. Technically, the website is built on the Contao CMS platform, leveraging modern web technologies such as jQuery, Google Tag Manager, and YouTube APIs for multimedia content. The site is mobile-optimized with good SEO practices and moderate performance. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the website enforces HTTPS and uses trusted third-party analytics and tag management tools. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies, incident response contacts, and cookie consent mechanisms indicates gaps in compliance and security maturity. Overall, TouristDataShop AG presents a professional and trustworthy online presence with solid business credibility. Strategic enhancements in privacy compliance and security posture would further strengthen their risk profile and customer trust.

B

bexio AG

bexio.ch

74

bexio AG is a Swiss-based company founded in 2013, providing comprehensive business software solutions tailored for small businesses, startups, and self-employed individuals. Their SaaS platform offers a wide range of services including contact management, sales process automation, expense and accounting management, payroll, and integrated e-banking. Positioned as a trusted Swiss SME software provider, bexio serves over 90,000 customers and benefits from strong partnerships with reputable organizations such as Mobiliar and UBS. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website employs modern web technologies including Alpine.js, Google Tag Manager, and Usercentrics for consent management, ensuring a fast, mobile-optimized, and SEO-friendly platform. Security best practices are observed with HTTPS enforcement, security headers, and secure form handling. However, explicit security policies and incident response information are not publicly available, representing an area for improvement. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS domain registration details is a notable concern, slightly impacting business credibility, but the overall digital presence and trust signals mitigate this risk. Overall, bexio demonstrates a mature digital infrastructure and a secure, privacy-conscious environment suitable for its target SME audience. Strategic recommendations include publishing detailed security policies, incident response plans, and vulnerability disclosure information to enhance transparency and trust further.

S

Stammgast GmbH

stammgast.ch

56

Stammgast GmbH is a Swiss-based consultancy specializing in digital transformation, offer development, and interdisciplinary projects within the tourism and hospitality sectors. The company targets independent tourism businesses such as hotels, destination management organizations, mountain railways, and event providers in Switzerland. Their service portfolio includes software consulting, project management, digital marketing, coaching, and training, positioning them as a niche expert in the Swiss tourism digitalization market. Technically, the website is built on a Perch CMS platform, leveraging common web technologies like jQuery, Google Analytics, Google Tag Manager, and Facebook Pixel. The site is well-structured, mobile-optimized, and includes a cookie consent mechanism supporting GDPR compliance. Security posture is adequate with HTTPS enforced but lacks some advanced security headers and explicit security policies. Overall, the website reflects a professional and trustworthy business with clear contact information and certifications. No critical vulnerabilities or suspicious indicators were found.

R

RheinFlanke gGmbH

rheinflanke.de

62

RheinFlanke gGmbH operates as a German non-profit organization specializing in youth work, educational programs, and social integration services. The organization maintains a professional and accessible website built on WordPress, featuring multiple locations and a clear focus on community impact. Their digital presence includes active social media channels and a cookie consent mechanism, reflecting awareness of privacy regulations. Technically, the site employs modern plugins and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and some best practices, though explicit privacy policies and vulnerability disclosures are missing, representing areas for improvement. Overall, RheinFlanke presents a credible and trustworthy digital footprint aligned with its mission and audience.

H

HEK (Haus der Elektronischen Künste)

hek.ch

61

HEK (Haus der Elektronischen Künste) is a well-established Swiss cultural institution and museum specializing in digital and electronic arts. It serves as a platform for interdisciplinary projects, exhibitions, and workshops, connecting art, science, and technology. The website reflects a professional and modern digital presence with multilingual support and a rich program offering. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and privacy compliance including cookie consent mechanisms. However, some areas like explicit security policies, incident response contacts, and terms of service are missing or not publicly visible. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy entity.

K

kühne wicki GmbH

kuehnewicki.com

57

kühne wicki GmbH is a Swiss-based interdisciplinary futures research and consulting firm specializing in Futures Research, Development, Implementation, and Futures Literacy. Founded in 2017, the company serves organizations and individuals interested in strategic foresight, scenario planning, and transformative future-oriented processes. Their market position is that of a specialized boutique consultancy with a strong focus on innovation and future competencies, supported by a professional team and reputable clients. The website reflects a high level of professionalism, with detailed project case studies and team profiles, indicating a mature business presence. Technically, the website is built using modern JavaScript frameworks (Nuxt.js/Vue.js) and integrates Google Analytics and Tag Manager for tracking. Hosting is provided by Hostpoint AG, a reputable Swiss hosting provider. The site is mobile-optimized and performs moderately well, though some accessibility features could be improved. SEO practices are good with proper meta tags and Open Graph data. From a security perspective, the site uses HTTPS but lacks important security headers and DNSSEC is not enabled. No privacy or cookie policies are present, which is a compliance gap especially under GDPR. No incident response or security contact information is provided. The site does not show signs of vulnerabilities or malicious content but could improve its security posture by implementing recommended headers and policies. Overall, the website is trustworthy and professional with minor gaps in privacy compliance and security hardening. Strategic recommendations include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and publishing incident response information to enhance trust and compliance.

C

Home – catapult

catapultbasel.ch

56

The website catapultbasel.ch represents a youth-focused funding platform based in Basel, Switzerland. It aims to support young people by providing a platform for project submissions and community engagement. The site is built using modern web technologies including Vue.js and Nuxt.js, with multimedia support via Video.js and audio recording libraries. Google Analytics is used for visitor tracking, though no visible consent mechanism is present. The website content is primarily in German and targets the local youth demographic. Security posture is basic with no advanced headers or policies detected, and privacy compliance is minimal due to the absence of privacy and cookie policies. WHOIS data confirms the domain's legitimacy and local registration, supporting the trustworthiness of the platform.

K

Kunsttage Basel

kunsttagebasel.ch

59

Kunsttage Basel is a well-established cultural event organizer focused on contemporary and modern art in Basel, Switzerland. The website showcases a comprehensive program of exhibitions, workshops, talks, and performances involving over 60 institutions. The event targets art enthusiasts and the local cultural community, providing rich content and multiple engagement channels including social media and newsletters. Technically, the site is built on modern frameworks such as Nuxt.js and integrates Mapbox for location services, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and security headers, though cookie consent and explicit security policies are lacking. Overall, the site is professional, trustworthy, and compliant with GDPR, but could improve privacy compliance and incident response transparency.

P

Polit-Forum Bern

polit-forum-bern.ch

60

Polit-Forum Bern is a small non-profit organization based in Bern, Switzerland, dedicated to fostering political education and dialogue through events, exhibitions, and educational programs. The website serves as a platform to inform the public about upcoming debates, exhibitions, and offers for schools and youth. It maintains a consistent brand presence and targets a broad audience interested in political discourse and democratic engagement. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WPML for multilingual support. It integrates Google services including Analytics, Tag Manager, and reCAPTCHA, indicating a moderate level of digital maturity. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be improved. From a security perspective, the site uses HTTPS and includes reCAPTCHA to protect forms, but lacks explicit security policies and a cookie consent mechanism, which are important for GDPR compliance. No critical vulnerabilities or suspicious elements were detected, and the domain registration details align well with the organization's identity, supporting legitimacy. Overall, the website presents a professional and trustworthy image with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

H

Hostpoint AG

hostpoint.ch

72

Hostpoint AG is the largest Swiss web hosting provider, managing over 1.2 million domain names and offering a broad range of services including domain registration, web hosting, managed servers, and email solutions. The company targets businesses and individuals primarily in Switzerland, leveraging a strong local market presence and a reputation for reliability and modern infrastructure. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support, indicating a high level of digital maturity. Technically, the site uses modern tools such as Hugo for static site generation, Google Tag Manager, Google Analytics, and Hotjar for analytics and user behavior tracking, all integrated with a cookie consent mechanism to comply with privacy regulations. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. The company holds ISO 27001 certification, reinforcing its commitment to information security. Overall, the website and domain registration details align well, supporting the legitimacy and trustworthiness of the business.

K

Kniv-Web GmbH

kniv-web.ch

65

Kniv-Web GmbH is a Swiss-based digital agency specializing in web design, e-commerce solutions, SEO, and online marketing services. With over 25 years of experience, the company targets small and medium-sized businesses primarily in the March and Höfe districts of Switzerland. Their service offerings include professional website development, progressive web apps, online shops, branding, and video production, positioning them as a comprehensive digital partner for local businesses. Technically, the website leverages modern web technologies including PWA capabilities, Google Fonts, and integrates with analytics and cookie consent management tools. Hosting is provided by a Swiss company, Worldsoft AG, ensuring local infrastructure alignment. The site is mobile-optimized, SEO-friendly, and demonstrates good performance and accessibility standards. From a security perspective, the site enforces HTTPS and employs a robust cookie consent mechanism compliant with GDPR. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional, trustworthy, and compliant digital presence with strong business credibility. Strategic enhancements in security transparency and formal incident response processes would further strengthen their security posture and client trust.

B

BSA Bund Schweizer Architekten

bsa-fas.ch

55

The Federation of Swiss Architects (BSA Bund Schweizer Architekten) is a prominent membership organization uniting over 950 members recognized for their achievements in architecture and urban development in Switzerland. The website serves as a comprehensive platform offering information about the federation, its local groups, awards, research grants, publications, and events. It targets architects, urban planners, and related professionals within Switzerland, providing multilingual support to cater to the diverse linguistic regions of the country. The business model is centered on membership services, professional networking, and advocacy within the architectural sector.

Truwant + Rodet + is a small architecture and design studio based in Basel, Switzerland, specializing in innovative architectural projects, competitions, research studios, and exhibitions. Their portfolio includes a variety of projects primarily in Switzerland with some international collaborations, emphasizing adaptive reuse, artistic installations, and academic design studios. The website reflects a professional and artistic brand image targeting architecture professionals, clients, and academic institutions. Technically, the website employs modern JavaScript frameworks such as Alpine.js and GSAP, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, but lacks security headers and formal privacy or cookie policies. The presence of Google Analytics without a configured tracking ID and absence of privacy compliance mechanisms indicate areas for improvement. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security practices.

A

archaic studio

archaic-studio.com

58

Archaic Studio operates as an online magazine dedicated to architecture and architectural photography, based in Berlin, Germany. The website serves a niche audience interested in architectural aesthetics and design, offering curated content and an integrated online store for related products. The business model focuses on content curation and e-commerce within the architecture and photography domain. Technically, the site is built on the Squarespace platform, leveraging its CMS and hosting infrastructure, with additional integrations such as Google Analytics and Typekit fonts. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled; however, the absence of security headers and HSTS reduces overall security robustness. Privacy compliance is weak due to missing privacy and cookie policies. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy. Overall, the website is professionally designed and functional but requires improvements in security and compliance to enhance trust and reduce risk.

A

ArchitekturBasel

architekturbasel.ch

50

ArchitekturBasel is a niche media platform dedicated to architecture news and cultural events in Basel, Switzerland. The website provides news articles, event announcements, interviews, and job listings related to the architecture sector, targeting a general audience interested in regional architectural culture. Founded around 2017, it maintains a consistent brand presence with good content quality and professional design. Technically, the site is built on WordPress with modern web technologies including jQuery and Google Analytics, and it employs SEO best practices such as structured data and Open Graph tags. The site is mobile-optimized and performs moderately well in terms of speed and accessibility. Security-wise, the website uses HTTPS and some security best practices but lacks explicit security headers like Content-Security-Policy and does not provide a security.txt or vulnerability disclosure page. Privacy compliance is basic, with no visible cookie consent mechanism or detailed privacy policy indications. Overall, the site is trustworthy and legitimate, with domain registration details consistent with its business focus.

T

TSO AG

digital.fitness

42

Digital.Fitness® is a Swiss-based software solution focused on providing digital maturity assessments and benchmarking tools for businesses. Operated by TSO AG, the platform offers a modular SaaS product that includes a digital fitness app, a 7-C model framework developed in partnership with Fachhochschule Westschweiz (HES-SO), and a network membership for consultants, system providers, and educational institutions. The website targets business consultants, system providers, and educational entities seeking to evaluate and improve digital transformation levels within companies. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and integrates analytics tools like Google Analytics and Plausible. The site is mobile-optimized and well-structured, providing a professional user experience.

Ö

Öpfelchasper GmbH

oepfelchasper.ch

64

Öpfelchasper GmbH is a small Swiss company specializing in the delivery of organic fruits and vegetables to urban customers, including offices and private homes. Their business model centers on eco-friendly bicycle courier delivery, emphasizing bio-quality and CO2-neutral logistics. The company offers subscription services, gift vouchers, and extras to enhance customer experience. Their market position is that of a niche local provider with a strong sustainability focus. Technically, the website employs modern JavaScript libraries and tracking tools such as Google Tag Manager, Google Analytics, Facebook Pixel, and LinkedIn Insight Tag. The site is hosted behind Cloudflare CDN, ensuring good performance and security. The website is mobile-optimized, accessible, and SEO-friendly, with a professional design and clear navigation. From a security perspective, the site uses HTTPS with no visible vulnerabilities or exposed sensitive data. However, it lacks some advanced security headers and explicit incident response information. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR indicators. Contact information is transparent and consistent with WHOIS data, supporting business credibility. Overall, the website presents a trustworthy, professional, and user-friendly platform for its target audience. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and adding incident response contacts to further strengthen security posture.

C

Coucou

coucoumagazin.ch

53

Coucoumagazin.ch is an independent cultural and city magazine serving the residents of Winterthur, Switzerland. It provides critical, pointed descriptions and information about local culture, including a comprehensive online event calendar. The website is built on the WebZen CMS platform and uses standard web technologies including Google Analytics and Google Tag Manager for visitor tracking. The site is well-structured with good navigation and mobile optimization, targeting local cultural enthusiasts and residents. However, it lacks explicit privacy and cookie policies, which impacts its privacy compliance score. Security posture is moderate with HTTPS enabled but missing some security headers and no visible vulnerability disclosure or security contact information. Overall, the site is a legitimate, small media publication with a focus on local culture and events.

H

Hans Späti AG Wohnkultur

spaetiwohnkultur.ch

41

Hans Späti AG Wohnkultur operates a retail business specializing in design furniture, lighting, and textiles with physical showrooms in Wil and Winterthur, Switzerland. The company offers consulting services in planning, furnishing, and interior architecture, targeting design-conscious consumers and professionals. The website reflects a professional retail presence with good design and navigation but lacks comprehensive privacy and security disclosures. Technically, the site uses modern frontend technologies including Bootstrap and jQuery, with Google Analytics for tracking. Security posture is adequate with HTTPS enabled but missing important security headers and privacy policies. Overall, the site is legitimate and trustworthy but could improve compliance and security transparency.

V

Vulkan Verlag

vulkan-shop.de

52

Vulkan Shop is a German-based e-commerce platform specializing in the sale of technical books, magazines, and eBooks focused on energy, automation, water, and industrial sectors. The website is professionally designed using Magento 2, featuring a comprehensive catalog of specialized publications targeting professionals and specialists in these industries. The platform supports German and English languages and integrates Google Analytics for user behavior tracking. Cookie consent mechanisms are implemented to comply with GDPR requirements. Security posture is solid with HTTPS enforced and secure cookie settings, although explicit security headers and policies are not fully documented. Contact information and terms of service pages are not clearly presented in the analyzed content, which could impact user trust and compliance transparency.

R

Roomcard

roomcard.com

64

Roomcard is a UK-based digital hotel gift card platform offering access to over one million hotels worldwide. The service allows users to purchase personalized hotel gift cards that can be delivered digitally at a chosen time, with options for custom greetings and wrapping. Positioned as a sophisticated and global solution, Roomcard targets consumers seeking flexible and unique gifting options in the hospitality sector. The platform is supported by its parent company, HotelMap, and leverages a modern technical infrastructure including AWS hosting and multiple third-party analytics and marketing tools. Security posture is solid with HTTPS and domain transfer protections, though improvements are needed in DNS security and security headers. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the website is professional, user-friendly, and trustworthy, with extensive content and clear business information.

T

trainersuchportal

trainersuchportal.de

66

trainersuchportal.de is a specialized online job board platform focused on the sports sector, connecting trainers, coaches, and sports professionals with employers such as clubs, associations, and fitness studios primarily in Germany. The platform offers job listings, trainer profiles, and integrates partner job boards to expand reach. The website is professionally designed, mobile-optimized, and provides rich content including blogs and testimonials, positioning itself as a niche leader in the sports employment market. Technically, it employs modern web technologies including Google Tag Manager, Google Analytics, and Cloudflare DNS/CDN, ensuring good performance and security. Security posture is solid with HTTPS and error monitoring via Sentry, though explicit security headers and policies could be enhanced. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the site is trustworthy, user-friendly, and well-positioned in its market niche.

P

Praktikumsjahr GbR

praktikumsjahr.de

54

Praktikumsjahr GbR operates an educational platform focused on providing school leavers in Germany with the opportunity to explore multiple professions through a structured internship year. The platform facilitates digital management of applications, offers monthly stipends, and partners with over 100 companies, positioning itself as a niche leader in practical career orientation. The website is professionally designed, mobile-optimized, and rich in relevant content, including testimonials, partner logos, and press references, enhancing its credibility and trustworthiness. Technically, the site employs modern web technologies such as Bootstrap, Font Awesome, Google Analytics, Hotjar, and Cookiebot for consent management, hosted on Google Cloud infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though it lacks explicit security headers and a published security policy. Privacy compliance is strong with comprehensive GDPR-aligned policies and clear contact information. Overall, the site presents a low-risk profile with no detected vulnerabilities or suspicious content.

E

ENERGETIX GmbH & Co. KG

energetix.tv

62

ENERGETIX GmbH & Co. KG is a German company specializing in magnetic jewelry and wellness products, operating primarily through a direct sales business model. The website targets consumers interested in wellness and magnetic jewelry, as well as potential business partners and hosts for home parties. The company positions itself as a niche market leader in Europe with a focus on combining design and wellness benefits. Technically, the website is built on WordPress with Bootstrap and jQuery, featuring modern web technologies and analytics tools such as Google Analytics and Cloudflare Insights. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. Security posture is adequate with HTTPS enabled and privacy compliance through cookie consent and a comprehensive privacy policy. However, the absence of WHOIS data and lack of explicit security headers and incident response information slightly reduce trustworthiness. Overall, the website is professional, trustworthy, and compliant with GDPR, but could improve security transparency and WHOIS data availability.

株

株式会社Faber Company

audience-mieruca.com

53

Audience Mieruca is a Japanese SaaS platform specializing in AI-driven web analytics and optimization tools. The company, operated by 株式会社Faber Company, offers a suite of services including user behavior analysis, SEO and SERP monitoring, AI chatbot support, and monitoring of AI search engines. The platform targets a broad audience from beginners to agencies, focusing on mobile-friendly web optimization. Technically, the website is built using modern frameworks such as Next.js and React, hosted on AWS infrastructure, and integrates Google Analytics and Tag Manager for tracking. The site demonstrates good performance and mobile optimization but lacks some advanced SEO and privacy compliance features. Security posture is solid with HTTPS and no exposed sensitive data, though improvements are recommended in DNSSEC and security headers. Overall, the domain registration and business information are consistent and trustworthy, supporting a medium-sized technology company profile.

S

Single: the music & video app for Shopify

single.xyz

68

Single.xyz is a specialized e-commerce platform integrated with Shopify, enabling musicians and content creators to sell music, videos, and memberships directly to their audience. Founded in 2020, the company positions itself as a niche player in the digital media sales market, leveraging Shopify's infrastructure to provide seamless sales and livestream capabilities. The website demonstrates a good level of technical maturity, utilizing modern JavaScript frameworks, Shopify Liquid templates, and multiple marketing and analytics tools such as HubSpot, Facebook Pixel, and Google Analytics. Hosting is managed via AWS infrastructure with DNS services from Amazon Route 53, ensuring reliable performance and scalability. Security posture is adequate with HTTPS enforced and domain transfer protections in place; however, the absence of DNSSEC and some security headers indicates room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which could expose the company to regulatory risks. Overall, the website is professional and functional but would benefit from enhanced privacy and security transparency.

L

Laurids Jensen Photographer

lauridsjensen.com

48

Laurids Jensen operates a professional photography portfolio website showcasing editorial, commissioned, and moving image works. The business is positioned as a niche creative service provider in the media industry, targeting clients and collaborators in the art and editorial sectors. The website content is well-structured and visually oriented to highlight the photographer's work, with a consistent branding approach and good user experience. Technically, the website is built using standard web technologies including HTML5, CSS, JavaScript, and jQuery, hosted by cyon.ch. It employs Google Analytics and Google Tag Manager for visitor tracking but lacks advanced CMS or frameworks. The site is mobile optimized with moderate performance and basic accessibility features. However, there is room for improvement in SEO and technical modernization. From a security perspective, the site uses HTTPS and has domain transfer protections enabled but lacks DNSSEC and security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, and no incident response contacts are provided, indicating gaps in compliance and security readiness. The use of tracking scripts without visible consent mechanisms also raises privacy concerns. Overall, the website is a legitimate, small-scale professional portfolio with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and incident response readiness would enhance trust and reduce risk.

N

Nouvelle Noire Type Foundry

nouvellenoire.ch

57

Nouvelle Noire Type Foundry is a Swiss-based company specializing in the design, publication, and distribution of high-quality retail and custom typefaces. The company targets designers and corporate clients across various sectors, offering bespoke font solutions and logo refinement services. Their market position is that of a niche, high-quality Swiss type foundry with a focus on elevating design projects through typography. Technically, the website is built on a modern WordPress CMS platform with WooCommerce integration, utilizing common industry tools such as Google Analytics, Google Tag Manager, and Mailchimp for marketing and analytics. The site demonstrates good mobile optimization and SEO practices, supported by the Yoast SEO plugin and structured data markup. Security-wise, the site benefits from HTTPS encryption and a cookie consent mechanism, but lacks published privacy policies, terms of service, and incident response information, which are important for compliance and trust. Overall, the website is professional and functional but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

Typical Organization for Standards & Order is a creative entity showcasing a broad portfolio of design and publication projects including visual identity, exhibitions, packaging, films, and typeface design. The website serves primarily as a portfolio platform targeting creative professionals and clients interested in design services. The business appears to be a small-sized organization founded in 2014, with a consistent brand presence and a well-structured website built on WordPress CMS. Technically, the site uses modern web technologies including jQuery, WooCommerce, and Google Analytics, with good mobile optimization and SEO practices. However, the security posture is moderate with basic SSL but lacking DNSSEC and security headers, and no visible privacy or cookie policies, which impacts compliance and trust. Overall, the domain registration is consistent and legitimate, supporting the business claims. Strategic improvements in security and privacy compliance would enhance the organization's trustworthiness and risk profile.

A

AZDS Interactive Group

azds.com

67

AZDS Interactive Group is a specialized luxury hotel marketing agency focused on delivering digital solutions, web design, paid and earned media, and email marketing services to high-end hospitality brands. The company positions itself as a preferred digital partner for luxury travel brands, showcasing long-term client engagements and bespoke technology solutions such as custom booking engines. Technically, the website is built on WordPress with modern JavaScript libraries like jQuery and integrates analytics and marketing tools such as Google Analytics, Google Tag Manager, and HubSpot. The site demonstrates good SEO practices and mobile optimization, providing a professional user experience with rich multimedia content. Security posture is moderate with HTTPS implied but lacks explicit security headers and public security policies. Privacy compliance is basic with a cookie consent banner but no visible privacy or terms of service pages. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and client portfolio suggest a credible business. Strategic recommendations include improving transparency with privacy and security policies, enhancing security headers, and verifying domain registration details.

G

guidle

guidle.com

63

Guidle is a digital advertising and leisure planning platform primarily serving the DACH region, with a focus on providing diverse content such as events, restaurants, museums, and more. The platform targets both end consumers and business clients including municipalities and event organizers, offering services like digital ad mediation, managed content, and sector-specific solutions. The website demonstrates a professional and consistent brand presence with good content quality and user experience. Technically, the site leverages modern web technologies including Vue.js, Google Analytics, and CDN hosting via Amazon Cloudfront. It implements a comprehensive cookie consent mechanism aligned with GDPR requirements, ensuring user privacy and transparency. Performance and mobile optimization are good, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses cookie consent controls effectively. However, it lacks visible security headers and explicit security or incident response policies, which are recommended for enhanced protection. The absence of WHOIS data raises concerns about domain legitimacy, though the website content and structure suggest a legitimate business operation. Overall, Guidle presents a solid digital presence with room for improvement in security transparency and domain registration clarity. Strategic enhancements in security headers and incident response documentation would strengthen trust and compliance.

The Schweizerischer Städteverband is a Swiss non-profit organization representing the interests of cities and urban municipalities across Switzerland. The website serves as an information hub providing news, dossiers, publications, and event information relevant to urban policy and city governance. It targets city officials, policymakers, and the general public interested in urban development and political advocacy. Technically, the site uses a modern JavaScript stack including jQuery, bxSlider, and Google Analytics, hosted on a CMS platform by artasio.com. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

H

House of Winterthur

winterthur.com

61

House of Winterthur operates as a regional promotional entity focusing on tourism, culture, and business development in Winterthur, Switzerland. The website serves as a comprehensive portal for visitors and locals to explore cultural events, city tours, and business opportunities. The organization positions itself as a key regional player with a strong digital presence and partnerships with notable regional and national tourism bodies. Technically, the website is built on the Contao CMS platform, leveraging modern web technologies and third-party marketing and analytics tools such as Google Analytics and HubSpot. The site is mobile optimized and provides a good user experience with clear navigation and rich content. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements such as enabling DNSSEC and adding security headers could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear policies and consent mechanisms in place. Overall, the website reflects a professional and trustworthy regional promotion platform with moderate technical sophistication and good compliance practices.

K

Kinderregion

kinderregion.ch

46

Kinderregion is a Swiss regional platform dedicated to providing families with children ideas for excursions, family-friendly events, and regional information to facilitate leisure planning. The website targets families seeking engaging activities and cultural experiences in their local area. Technically, the site is built on WordPress, leveraging modern front-end technologies such as Lottie animations and slick carousels, and integrates Google Tag Manager and Analytics for tracking. The site demonstrates good digital maturity with mobile optimization and SEO best practices. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are absent. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, indicating GDPR awareness. Overall, the site is professional, trustworthy, and well-suited for its niche audience.

P

Piano Sigrist

pianosigrist.ch

55

Piano Sigrist is a specialized retail and service business based in Switzerland, focusing on the sale, rental, and maintenance of pianos and grand pianos. The company represents family-owned piano manufacturers and offers a range of services including tuning, repairs, expert appraisals, and music events. Their market position is strong within the Swiss piano retail sector, supported by a professional website with multilingual support and customer testimonials. Technically, the website is built on WordPress with modern plugins and analytics tools, optimized for performance and mobile use. Security posture is solid with HTTPS, security headers, and consent management, though lacking a published security policy or incident response details. Overall, the site demonstrates good privacy compliance and business credibility, making it a trustworthy platform for customers. Recommendations include publishing a security policy, incident response contacts, and vulnerability disclosure information to further enhance trust and compliance.

M

Musik Spiri

spiri.ch

47

Musik Spiri is a small regional retailer specializing in musical instruments including woodwind, brass, string, and percussion instruments, with physical locations in Winterthur and Meilen, Switzerland. The company offers sales, rentals, repair services, and an online shop, targeting musicians and music enthusiasts in the region. The website is built on the cm4all CMS platform and hosted by Hostpoint AG, utilizing legacy JavaScript libraries and Google Analytics for tracking. While the site provides useful business information and event details, it lacks visible contact emails or phone numbers in the HTML content and does not have explicit terms of service or comprehensive privacy compliance mechanisms. Security posture is moderate with HTTPS implied but missing explicit security headers and outdated JavaScript libraries. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

M

Musik Hug

musikhug.ch

73

Musik Hug is a well-established Swiss retailer specializing in musical instruments, sheet music, accessories, rental services, and repair workshops. The company operates multiple physical stores across Switzerland and maintains a comprehensive online presence, targeting musicians, students, and music enthusiasts. Their business model combines retail sales, rentals, and music education services, positioning them as a key player in the Swiss music retail sector. Technically, the website leverages modern JavaScript modules, integrates popular analytics and marketing tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and Hotjar, and uses the Opacc e-commerce platform. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS, implements strong security headers, and includes session timeout mechanisms, reflecting a mature security posture. However, explicit security policies and incident response contacts are not publicly available, and no vulnerability disclosure program is evident. Overall, the site is trustworthy, compliant with GDPR, and demonstrates good privacy practices with cookie consent management. Strategic recommendations include publishing a dedicated security policy, incident response information, and a vulnerability disclosure framework to enhance transparency and trust.

D

Daniel Bürki Musik

buerkimusik.ch

50

Daniel Bürki Musik is a small retail music store based in Switzerland specializing in the sale, rental, and servicing of musical instruments such as guitars, cajons, ukuleles, and the traditional Swiss Schwyzerörgeli. The business offers expert tuning, repairs, and music lessons, positioning itself as a local expert in traditional and modern musical instruments. The website is built on WordPress using the Divi theme and incorporates SEO best practices with Rank Math. It uses Google Analytics for visitor tracking but lacks a cookie consent mechanism and comprehensive GDPR compliance indicators. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. Overall, the website is professional, content-rich, and trustworthy for its target audience of music enthusiasts and local customers.

A

Andys Musicshop

andys-musicshop.ch

49

Andys Musicshop is a small retail business based in Uster, Switzerland, specializing in the sale of musical instruments and related equipment such as PA systems, studio recording gear, and keyboard instruments. The company operates both a physical store and an e-commerce platform, targeting musicians and music enthusiasts primarily within Switzerland. The website is professionally designed with consistent branding and clear navigation, providing essential business information including contact details and terms of service. Technical infrastructure indicates use of Shopware CMS and integration of Google Analytics with IP anonymization, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and basic privacy compliance, though improvements are needed in security headers and cookie consent mechanisms. Overall, the website is trustworthy and safe for general audiences, with no adult or questionable content detected.

B

Berlin 2023

berlin2023.org

61

Berlin 2023 is the official website for the Special Olympics World Games held in Berlin from June 17 to 25, 2023. The site serves as a comprehensive information hub for the event, targeting athletes with intellectual disabilities, volunteers, families, and the general public interested in inclusive sports. It provides event details, news updates, venue information, and links to partner sites and social media channels. The website is professionally designed with consistent branding and good content quality, reflecting its role as a major non-profit sports event organizer. Technically, the website employs modern web technologies including HTML5, CSS variables, JavaScript, and web components with polyfills for compatibility. It integrates third-party services such as Google Analytics and Facebook Pixel for tracking and uses privacy-enhanced YouTube embeds. The site is mobile-optimized and includes accessibility features, indicating a mature digital infrastructure. From a security perspective, the site uses HTTPS and privacy-conscious embeds but lacks visible security headers and explicit privacy or cookie policies in the provided content. No contact information for security or data protection officers is found, and no vulnerability disclosure mechanisms are evident. The WHOIS data is unavailable or privacy protected, which is common for non-profit organizations but limits domain registration transparency. Overall, the website is trustworthy and professionally maintained, with moderate tracking and basic privacy compliance. Strategic improvements include publishing comprehensive privacy and cookie policies, adding security headers, and providing clear contact information for data protection and incident response. These steps would enhance user trust and regulatory compliance.

N

Niedersächsischer Fußballverband e. V. (NFV)

nfv-fussballschule.de

46

The Niedersächsischer Fußballverband e. V. (NFV) operates the Matthäi-Fußballschule, a well-established football training school for youth aged 7 to 14, located in Barsinghausen, Germany. The school has a strong regional presence with over 22,000 participants since its founding in 2005 and benefits from partnerships with reputable brands such as adidas, Volkswagen, and AOK. The website effectively communicates its services, schedules, and news, targeting young football enthusiasts and their families. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and is mobile-optimized with good SEO practices. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms, and integrates Google Analytics with privacy considerations, though it lacks some advanced security headers and explicit security policies. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting the organization's credibility and user trust.

N

Niedersächsischer Fußballverband e.V.

junior-coach.de

50

The website junior-coach.de represents a youth football coaching education initiative by the Niedersächsischer Fußballverband e.V., targeting young football enthusiasts aged 14 to 18 in Niedersachsen, Germany. It offers structured training programs, events, and a reward system to encourage youth participation and development in football coaching. The site is well-branded, professionally designed, and supported by reputable partners including Volkswagen and government bodies. Technically, the site is built on TYPO3 CMS with modern web technologies and includes standard analytics and cookie consent mechanisms. Security posture is adequate with HTTPS and basic best practices, though some security headers and explicit policies are missing. Overall, the site is trustworthy, compliant with GDPR, and serves its educational mission effectively.

S

Studio B54

studio-b54.de

45

Studio B54 is a local fitness and wellness studio located in Barsinghausen, Germany, offering a wide range of services including fitness training, aqua-fitness, yoga, massages, and personal training. The business targets health-conscious individuals seeking modern training facilities and wellness services. The website is built on TYPO3 CMS and incorporates modern frontend technologies such as Bootstrap and FontAwesome, with Google Analytics integrated for visitor insights while respecting privacy through IP anonymization. The site is well-structured, mobile-optimized, and provides clear navigation and contact options including phone, email, and a newsletter subscription form. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers could be improved. Overall, the website reflects a professional and trustworthy business presence with strong local partnerships and customer engagement.

W

werkraum Digitalmanufaktur GmbH

werkraum.net

63

werkraum Digitalmanufaktur GmbH is a well-established digital agency based in Karlsruhe, Germany, specializing in TYPO3 and Shopware CMS solutions, e-commerce platforms, and custom web development. With over 20 years of experience, the company offers a comprehensive suite of services including web design, SEO, hosting, SaaS development, and digital accessibility. Their market position is strengthened by recognized certifications such as TYPO3 Association Gold Membership and active participation in regional media and business networks. The website reflects a professional and consistent brand image with detailed project references and active news updates, targeting businesses seeking advanced digital solutions. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and analytics tools, optimized for mobile and accessibility. Security practices include HTTPS, cookie consent with opt-out, and CAPTCHA on forms, though some security headers and policies could be improved. Overall, the website is secure, compliant with GDPR, and trustworthy, with no critical vulnerabilities detected.

D

Dennis Dasios

ddasios.com

42

The website ddasios.com serves as a personal portfolio for Dennis Dasios, showcasing a history of web design and development projects primarily for corporate clients and informational sites. The site positions itself as a niche personal branding platform within the technology industry, targeting potential clients or collaborators interested in web design services. The business model is centered around portfolio presentation rather than direct e-commerce or service transactions. Technically, the site employs a modest technology stack including jQuery, typed.js, and Google Analytics for tracking, hosted on Contabo servers. The site demonstrates basic mobile optimization and SEO practices but lacks advanced accessibility features or modern frameworks. Security posture is minimal; while the domain is registered with a reputable registrar and protected against unauthorized transfers, the site lacks DNSSEC, visible HTTPS enforcement, and security headers. No privacy, cookie, or terms of service policies are published, and no contact information is provided, limiting trust and compliance. Overall, the site is functional as a portfolio but requires improvements in security, privacy compliance, and contact transparency to enhance credibility and user trust.