Security Directory

H

Holstre Külaselts

holstre.ee

0

Holstre Külaselts is a local community association representing the village of Holstre in Viljandi County, Estonia. The website serves as an informational portal providing news, cultural heritage trail details, local projects, and community events. The organization appears to be a small non-profit entity focused on promoting local culture and community engagement. The website is built on WordPress using the Astra theme and Elementor page builder, incorporating modern web technologies and plugins such as Google Analytics and 360-degree image viewers. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content for its target audience. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is minimal, with no visible privacy or cookie policies, which is a gap for GDPR compliance. Overall, the website is trustworthy and professionally maintained but could improve in privacy and security transparency.

Sysdec is an Estonian software company specializing in financial and economic software solutions, primarily through its SAF product line. The website focuses on providing updates about software versions, regulatory compliance changes, and company achievements such as the 'Edukas Eesti Ettevõte 2025' certification and a Creditinfo AA rating. The target audience is primarily Estonian businesses requiring accounting and tax software solutions. Technically, the website uses standard web technologies including HTML5, CSS3, and JavaScript with jQuery 1.12.4, but the use of an outdated jQuery version presents a security risk. The site is accessible without any WAF or blocking mechanisms, but lacks visible privacy, cookie, or terms of service policies, which impacts compliance and user trust. Security headers are not evident, and no contact information or incident response channels are provided on the analyzed page, limiting transparency and security posture. Overall, the website is functional and professional but would benefit from modernization and enhanced security and privacy practices.

The website rik.ee is currently inaccessible due to a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content or business information. The domain is registered since 2010 to Elkdata OÜ, an Estonian registrar, indicating a legitimate and stable registration. However, no privacy policies, cookie notices, terms of service, contact information, or business descriptions are available on the accessible page. The technical infrastructure is heavily reliant on Cloudflare's security and analytics services, but no further technology stack or CMS details are discernible. Due to the content block, the website's security posture, privacy compliance, and business credibility cannot be properly assessed, resulting in a low overall AI score.

D

Directo äritarkvara

directo.ee

0

Directo äritarkvara is a well-established Estonian business software provider specializing in ERP, accounting, financial management, warehouse, production, and CRM solutions. The company holds a strong market position in Estonia with the largest user base for web-based business software. Their business model is SaaS, targeting Estonian and regional businesses, supported by multilingual websites for neighboring countries. Technically, the website is built on WordPress with modern integrations such as Google Tag Manager, Facebook Pixel, and Cookiebot for consent management. The site is mobile-optimized and SEO-friendly, though some accessibility features are basic. Security posture is good with HTTPS and cookie consent mechanisms, but there are gaps such as missing advanced security headers and a misconfiguration in Cookiebot domain group authorization. No privacy policy or terms of service pages were detected, which impacts compliance and trust. WHOIS data confirms domain legitimacy with consistent registration since 2010. Overall, the website is professional and credible but would benefit from enhanced privacy and security disclosures.

Merit Aktiva operates as a provider of accounting software solutions, targeting companies seeking simplified accounting processes. With over 40,000 companies relying on their software and 25 years of experience, the company holds a solid market position primarily in Estonia and neighboring countries. The business model centers on delivering easy-to-use accounting software combined with customer support, catering to small and medium-sized enterprises in the finance sector. Technically, the website employs legacy technologies such as Bootstrap 3.3.7 and jQuery 1.8.3, indicating a need for modernization to improve security and performance. The site is moderately optimized for mobile and accessibility but lacks advanced SEO and modern frameworks. No CMS or hosting details were identified, and performance is assessed as moderate. From a security perspective, the site lacks visible security headers and privacy-related policies, which are critical for GDPR compliance and user trust. There is no evidence of HTTPS enforcement or incident response mechanisms. The absence of contact information and security disclosures further limits transparency. However, the domain WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website presents a functional but basic digital presence with room for significant improvements in security posture, privacy compliance, and technical modernization. Strategic enhancements in these areas will strengthen trust, compliance, and user experience.

S

Semetron Ltd

mmh.ee

0

Golden Hour MMH is a specialized provider of rapid deployment mobile modular hospitals, offering a range of modular units transportable by air, sea, or land. The company targets healthcare providers, emergency responders, and government agencies, positioning itself as a niche manufacturer of modular medical solutions. The website reflects a professional and consistent brand presence with good content quality and clear navigation. Technically, the site is built on WordPress with Elementor and uses modern web technologies, providing a moderate performance and good mobile optimization. Security posture is strong with HTTPS and no obvious vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is credible but could improve transparency and compliance aspects.

U

UPGREAT

upgreat.ee

0

UPGREAT is an Estonian-based e-commerce retailer specializing in used and guaranteed Apple devices such as iPhones, MacBooks, iPads, and Apple Watches. The company positions itself as the largest provider of checked used Apple products in Estonia, offering a two-year warranty to customers. The website is built on WordPress with WooCommerce, leveraging modern marketing and analytics tools including Google Tag Manager, TikTok Pixel, Hotjar, and Klaviyo, indicating a mature digital marketing infrastructure. Cookie consent is managed via Cookiebot, ensuring compliance with cookie regulations. However, explicit privacy and terms of service policies are not detected in the provided content, which may impact compliance and user trust.

S

SleepAngel Global

sleepangel.eu

0

SleepAngel Global operates a specialized e-commerce platform focused on filtered bedding products that provide clinically clean comfort and protection against allergens and pathogens. The company positions itself as an innovator in medical-grade bedding technology, with notable partnerships such as the Movistar Cycling Team. The website is built on Shopify, leveraging modern e-commerce technologies and third-party integrations for multilingual support, customer reviews, and marketing analytics. Privacy and cookie compliance are well implemented, reflecting GDPR adherence. Security posture is solid with HTTPS and form protections, though explicit security policies and incident response details are absent. Overall, the site presents a professional and trustworthy front with room for enhanced security transparency.

N

Neway

neway.ee

0

Neway is an award-winning brand and experience design agency based in Estonia, with a domain age consistent with its claimed business history since 2007. The company specializes in creating brands and experiences from strategy through execution, targeting businesses seeking high-quality creative services. The website showcases a professional portfolio with multimedia content and highlights multiple industry awards, positioning Neway as a reputable player in the creative agency market. Technically, the website uses modern JavaScript frameworks such as Vue.js, integrates multiple analytics and marketing tools, and is hosted by Zone Media OÜ. Security posture is strong with HTTPS enforced, reCAPTCHA on forms, and cookie consent implemented, though explicit security policies and incident response information are absent. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the website is professional, trustworthy, and technically sound, with room for improvement in privacy and security transparency.

E

Eesti Kirjandusmuuseum

er500.ee

0

The website www.er500.ee is an educational and cultural platform managed by the Estonian Literary Museum (Eesti Kirjandusmuuseum). It focuses on presenting the 500-year history of Estonian books, including important publications, literary works, and historical events. The platform offers thematic content, timelines, and allows users to create and share stories, targeting literature enthusiasts, researchers, and the general public interested in Estonian cultural heritage. Technically, the site is built on Drupal 10 CMS, utilizing modern JavaScript libraries such as Zoomist and FontAwesome, and integrates Google Analytics for user tracking. The site is mobile-optimized with a clear navigation structure and professional design. Security-wise, the site uses HTTPS and asynchronous script loading but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. Overall, the domain registration aligns well with the website's cultural mission, indicating legitimacy and trustworthiness.

The website folklore.ee is an authoritative academic and cultural platform managed by the Estonian Literary Museum's Folklore Department. It provides extensive resources on Estonian folklore, oral traditions, and related research projects, targeting scholars, students, and the interested public. The site is primarily in Estonian with some multilingual content and serves as a key national repository and dissemination channel for folklore knowledge. Technically, the site uses a stable but basic infrastructure with FreeBSD and PostgreSQL, and includes Google Analytics for visitor tracking. However, it lacks modern CMS features and advanced mobile optimization. Security posture is moderate with HTTPS implied but no explicit security headers or incident response information published. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Business credibility is high given the institutional backing and consistent domain registration. Overall, the site is functional and trustworthy but would benefit from enhanced privacy, security, and technical modernization.

A

Andevis

virosoft.ee

0

Andevis is an Estonian software development company specializing in integrated HR and payroll management solutions, including their flagship Virosoft HR system. The company targets businesses seeking tailored personnel accounting, work time tracking, payroll, training, and self-service portals. The website is professionally designed using WordPress and includes multiple contact forms secured with Google reCAPTCHA v2. The technical infrastructure is modern but lacks some advanced security headers. The domain is well-established since 2010 and registered with an Estonian registrar consistent with the business location. However, the site lacks visible privacy and cookie policies, which impacts compliance scores. Overall, the website presents a credible and professional business presence with room for improvement in privacy and security practices.

The domain hm.ee is registered to the Estonian Ministry of Education and Research, indicating a government-operated website focused on education and research sectors. However, the website content is currently inaccessible due to a Cloudflare Turnstile captcha security challenge, preventing direct analysis of the site's content, policies, or contact information. The technical infrastructure leverages Cloudflare for security and performance, but DNSSEC is not enabled, representing a minor security gap. The security posture is difficult to assess fully due to the blocked content, but the use of Cloudflare's WAF and captcha indicates a proactive approach to mitigating automated threats. Overall, the domain registration data is consistent and legitimate, reflecting a stable government entity. Strategic recommendations include enabling DNSSEC, publishing clear privacy and security policies, and ensuring accessibility without excessive security barriers to improve user experience and transparency.

E

eKool

ekool.eu

0

eKool is a well-established educational platform based in Estonia, offering a comprehensive school management system that facilitates communication, administrative tasks, and academic tracking for schools, parents, and students. The platform is positioned as a trusted solution with a strong presence in the Estonian education sector, supported by multiple certifications and partner integrations with notable educational service providers. Technically, the website is built on Webflow CMS and leverages modern web technologies such as GSAP and Swiper.js to deliver a responsive and engaging user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some improvements in security headers and explicit policies could enhance trust. Privacy compliance is generally good, with a comprehensive privacy policy present, but lacks a cookie consent mechanism. Overall, eKool demonstrates a mature digital presence with strong business credibility and a high-quality website experience.

E

Eesti Õpilasesinduste Liit

escu.ee

0

Eesti Õpilasesinduste Liit is the largest youth organization in Estonia representing approximately 90,000 students through its member schools. The organization focuses on advocating for student interests, organizing events, and providing resources to member schools. The website is built on WordPress using the Avada theme and integrates Gravity Forms for contact and application forms. It demonstrates a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and spam prevention in forms, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the website is professional and trustworthy, serving an essential role in the Estonian education sector.

S

Star Cloud OÜ

opiq.ee

0

Opiq is a well-established Estonian cloud-based educational platform operated by Star Cloud OÜ, offering a comprehensive digital learning environment aligned with the national curriculum. It serves a broad audience including schools, teachers, students, parents, and private users, providing interactive textbooks and learning materials from leading Estonian publishers. The platform supports multiple user roles and integrates with popular school management systems, enhancing its utility and market position. Technically, the website leverages modern JavaScript frameworks, Microsoft Azure cloud hosting, and Application Insights for telemetry and analytics. The platform is accessible via web browsers and dedicated mobile apps for iOS and Android, ensuring good mobile optimization and user experience. The site demonstrates good SEO and accessibility practices, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS, uses anti-forgery tokens in forms, and implements cookie consent mechanisms. However, it lacks a publicly available security policy and incident response contact information, which are recommended for enhanced trust and compliance. No critical vulnerabilities or suspicious patterns were detected, and the domain registration details align well with the business claims, indicating high legitimacy. Overall, Opiq presents a professional, secure, and user-friendly digital education platform with strong business credibility and compliance posture. Strategic improvements in security transparency and incident response readiness would further strengthen its position.

E

Edumus Education OÜ

edumus.ee

0

Edumus Education OÜ operates the Edumus platform, offering engaging and practical online courses targeted at primary and secondary school youth in Estonia and Ukraine. The platform emphasizes hybrid learning with live online classes and self-paced assignments, supported by expert-created curricula. The company has established a credible market presence with over 100 specialists contributing to education content and partnerships with educational foundations. Technically, the website is built on Squarespace, leveraging modern analytics and marketing tools, and provides a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements in security headers are recommended. Overall, Edumus demonstrates a trustworthy and professional online presence aligned with its educational mission.

M

MTÜ Noorteühing Tugiõpilaste Oma Ring Eestis

tore.ee

0

MTÜ Noorteühing Tugiõpilaste Oma Ring Eestis (TORE) is a well-established Estonian non-profit organization focused on youth peer support, mentoring, and training programs. The organization operates nationally with a history of nearly three decades, offering structured events such as summer and autumn schools, conferences, and supervision sessions. Their target audience includes Estonian students and their mentors, aiming to empower youth through systematic engagement and education. The website reflects this mission with relevant content, event announcements, and training information. Technically, the website is built on WordPress 6.8.1 with popular plugins like Yoast SEO and Modern Events Calendar Lite, indicating a mature digital infrastructure. The site uses HTTPS with a good SSL configuration, Google Fonts, and jQuery libraries. Performance is moderate with good mobile optimization and basic accessibility features. SEO is well addressed through meta tags and structured data. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, demonstrating awareness of privacy compliance. However, it lacks explicit privacy and terms of service pages, security headers, and incident response contacts, which are areas for improvement. No WAF or blocking mechanisms were detected, and no vulnerabilities were apparent in the HTML content. Overall, the website is credible and professional, with strong business legitimacy and consistent branding. The main risks relate to privacy compliance and security best practices, which can be addressed to enhance trust and regulatory adherence.

T

Taimne Teisipäev | Sest elu on tähistamist väärt!

taimneteisipaev.ee

0

Taimne Teisipäev is a niche Estonian website dedicated to promoting healthier eating habits by encouraging more plant-based food consumption. The site targets health-conscious consumers interested in lifestyle changes towards plant-based diets. The business model appears to be informational and advocacy-focused, without direct e-commerce or transactional services. The website uses modern frontend technologies including Bootstrap and Nuxt.js, and integrates popular analytics and tracking tools such as Google Analytics and Facebook Pixel, indicating a moderate level of digital maturity. However, the absence of explicit privacy, cookie, and terms of service policies suggests gaps in compliance and transparency. Security posture is moderate with HTTPS usage implied, but lacks published security policies or incident response contacts. Overall, the domain registration is consistent and legitimate, supporting the website's credibility. Strategic improvements in privacy compliance and security transparency are recommended to enhance trust and regulatory adherence.

P

Peaasi.ee

peaasi.ee

0

Peaasi.ee is a well-established Estonian non-profit organization dedicated to supporting youth mental health through a comprehensive online portal. The website offers extensive mental health information, e-counseling services, first aid tools, and training programs aimed at improving mental wellbeing among Estonian youth and those working with them. The organization maintains a strong market position as a leading mental health resource in Estonia, supported by multiple partnerships and funding sources. Technically, the site is built on WordPress with a modern tech stack including WooCommerce, Bootstrap, and various analytics and marketing tools, demonstrating a mature digital infrastructure. The website is multilingual and optimized for mobile devices, providing a good user experience and accessibility. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and explicit cookie consent mechanisms are missing, representing areas for improvement. Overall, the site is professional, trustworthy, and compliant with GDPR, though enhancing privacy compliance and security policies would strengthen its risk profile.

L

Lastekaitse Liit

kiusamisestvabaks.ee

0

Kiusamisest vabaks is a non-profit educational platform operated by Lastekaitse Liit, focused on bullying prevention in Estonia. The website offers multilingual educational materials and awareness content targeting nurseries, kindergartens, and grade schools. It collaborates with reputable partners including the Estonian Ministry of Education and Research and international child protection organizations. The platform is well-positioned within its niche, serving educators, parents, and children with relevant resources. Technically, the website is built on WordPress with modern technologies such as Bootstrap, jQuery, and Google services for analytics and tag management. It employs multilingual support via WPML and uses SEO best practices including structured data and Open Graph metadata. The site is mobile-optimized and performs moderately well, with a consistent and professional design. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the website demonstrates a solid business credibility and technical foundation with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

R

Ridango AS

pilet.ee

0

Pilet.ee is a well-established Estonian online platform specializing in public transportation ticket sales and management of the Ühiskaart travel card. Operated by Ridango AS, the service provides users with convenient access to tickets across multiple regions and transport types in Estonia. The website offers clear navigation and service descriptions targeting public transport users, supporting multiple languages including Estonian, English, and Russian. The platform integrates with regional ticketing subdomains and partners such as Omniva for card sales. Technically, the website employs standard web technologies including JavaScript, jQuery, and Google Analytics for user tracking. DNS is managed via Cloudflare, but DNSSEC is not enabled. The site uses HTTPS, ensuring encrypted communications, but lacks advanced security headers which could improve protection against common web threats. Mobile optimization and accessibility are basic but functional. From a security perspective, the site demonstrates a moderate posture with no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, as well as a consent mechanism despite the use of Google Analytics, indicates compliance gaps with GDPR and privacy best practices. No incident response or security policy information is publicly available. Overall, Pilet.ee is a credible and professional service with a solid market position in Estonia's transportation sector. Strategic improvements in privacy compliance, security headers, and user consent mechanisms would enhance trust and regulatory adherence, supporting long-term operational security and customer confidence.

N

Norrison OÜ

norrison.ee

0

Norrison OÜ is an established Estonian company specializing in the manufacturing and retail of knitwear, workwear, school uniforms, and fashion apparel. Founded in 2010, it holds a strong market position as the largest school uniform producer and quality knitwear creator in Estonia. The website serves as a professional e-commerce platform targeting Estonian consumers interested in locally produced, ethically made clothing. The company emphasizes quality, local production, and customer satisfaction, supported by testimonials and a consistent brand presence across social media channels. Technically, the website is built on the PrestaShop CMS platform, leveraging modern web technologies including jQuery, Matomo analytics, and Facebook Pixel for marketing and tracking. The site is hosted by Zone Media OÜ, a reputable Estonian hosting provider. The website demonstrates good mobile optimization, SEO practices, and user experience, although accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, reflecting compliance with GDPR requirements. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not evident, and the extensive use of third-party tracking scripts may raise privacy considerations. No incident response or security policy information is publicly available, indicating an area for improvement. Overall, the website is trustworthy and professionally maintained, with a solid business foundation and digital presence. Strategic enhancements in security headers, privacy transparency, and incident response readiness would further strengthen its security posture and compliance standing.

I

Infopank

infopank.ee

0

Infopank is Estonia's largest business information platform, providing a comprehensive suite of services including competition reports, marketing lists, sales agent tools, certificates, data interfaces, debt registers, and background information. The platform targets Estonian businesses and professionals seeking reliable business data to support growth and decision-making. Technically, the website leverages modern frameworks such as Next.js and React, integrates Google Tag Manager, Facebook Pixel, Hotjar, and a consent management platform (Didomi), indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit privacy and security policies are not found in the provided content. Overall, the site is professional, functional, and trustworthy, with room for improvement in privacy compliance documentation and accessibility.

E

Eesti Maksumaksjate Liit

maksumaksjad.ee

0

Eesti Maksumaksjate Liit (EML) is a well-established Estonian non-profit organization founded in 1995, dedicated to protecting taxpayers' interests, providing tax consultation, education, and advocacy. The website serves as a portal offering news, training, legal advice, and publications related to taxation in Estonia. The organization targets Estonian taxpayers and businesses seeking reliable tax information and support. Technically, the website is built on WordPress, utilizing modern libraries such as jQuery and Slick Slider, with Google Analytics and CookieYes for tracking and consent management. The site is hosted by Radicenter OÜ and uses HTTPS with a good security posture, including a comprehensive cookie consent mechanism. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the website is professional, accessible, and trustworthy, with good SEO and privacy compliance, supporting EML's role as a credible tax advocacy entity.

E

ETKA Andras

andras.ee

0

ETKA Andras is a well-established Estonian non-profit organization dedicated to adult education and lifelong learning. The website serves as a hub for adult learners and educators, providing information on training, certification, and community events. The organization partners with the Estonian Ministry of Education and Research and benefits from European Social Fund programs, reinforcing its credibility and national importance. The site is multilingual, primarily in Estonian, with English and Russian options, enhancing accessibility for diverse audiences. Technically, the website is built on WordPress with modern plugins and frameworks, offering a good user experience and moderate performance. Security measures include HTTPS and reCAPTCHA integration, though additional security headers and explicit privacy policies are recommended to enhance compliance and trust. Overall, the site reflects a professional, trustworthy educational entity with a clear mission and stable digital presence.

E

Eesti Töötukassa

tootukassa.ee

0

Eesti Töötukassa is the official Estonian Unemployment Insurance Fund, providing employment services, unemployment benefits, and labor market support to Estonian residents and employers. The website serves as a government portal offering information and access to services related to employment and social security. It targets job seekers, employers, and the general public in Estonia. The site is well-branded, consistent, and professionally designed with good content relevance and navigation clarity. The presence of language options enhances accessibility for non-Estonian speakers. Technically, the website is built on modern Angular framework (version 18.2.13) and uses contemporary web technologies including Google Fonts, Material Icons, and Matomo analytics. The site is mobile-optimized and demonstrates good performance and accessibility standards. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities. Cookie consent mechanisms are implemented, supporting GDPR compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not found, which could be improved to enhance transparency and trust. The WHOIS data confirms the domain is legitimately registered to the Estonian government entity, supporting high trustworthiness. Overall, the website is a reliable and professional government resource with a solid technical and security foundation. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure information, and providing direct security contact channels to improve security posture and user trust.

L

Luwi OÜ

luwi.ee

0

Luwi OÜ operates as a specialized training center in Estonia, providing a broad range of educational services including group and individual training courses, psychological and addiction counseling, and supervision services. The company is recognized as a partner of the Estonian Unemployment Insurance Fund's training card program, which enhances its credibility and market position. The website is professionally designed, multilingual, and offers clear navigation to various training categories and services, targeting individuals and organizations seeking professional development in Estonia. Technically, the website is built on WordPress with a modern technology stack including Bootstrap, jQuery, and several optimization and security plugins. It employs Google reCAPTCHA v3 for form protection and uses cookie consent mechanisms to comply with privacy regulations. The site is hosted by Zone Media OÜ, a known Estonian hosting provider, and demonstrates moderate performance and good mobile optimization. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers and published security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic but present, with a privacy policy and cookie consent banner. Business credibility is strong with clear contact information, company registration details, and trust signals such as partnerships and certifications. Overall, Luwi OÜ's website presents a trustworthy and professional online presence with room for improvement in security header implementation and formal security policies. The risk level is moderate with no critical issues detected, making it a reliable platform for its users.

E

EyeVi Technologies

eyevi.tech

0

EyeVi Technologies is a small Estonian company founded in 2020 specializing in AI-powered geospatial data production for road infrastructure management. Their innovative platform combines car-mounted hardware, automated AI data processing, and a web application for data verification and integration, targeting road survey agencies, infrastructure operators, and consultants. The website is professionally designed, mobile-optimized, and provides clear contact information and cookie consent mechanisms, reflecting a mature digital presence. Technically, the site leverages modern frameworks like Webflow, Google Tag Manager, and Facebook Pixel, ensuring good performance and SEO. Security posture is strong with HTTPS and consent-based tracking, though explicit security policies and vulnerability disclosure mechanisms are absent. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

Nasdaq Baltic operates as the regional stock exchange platform for the Baltic countries of Estonia, Latvia, and Lithuania, providing trading services for shares, bonds, and funds. The website serves investors, companies, brokers, and advisers by offering real-time market data, news, and capital raising facilitation. It is part of the larger Nasdaq Inc. corporate group, reflecting a strong market position in the finance sector. The site is professionally designed with consistent branding and clear navigation, targeting financial market participants and stakeholders in the Baltic region. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap, jQuery, Swiper.js, and Highstock for data visualization. It integrates Google Analytics and Tag Manager for user tracking and marketing insights. The site is mobile optimized and SEO friendly, with structured data enhancing search engine understanding. Hosting and domain registration are managed by reputable providers, ensuring stable infrastructure. From a security perspective, the site enforces HTTPS and employs domain status locks to prevent unauthorized changes. However, DNSSEC is not enabled, and no explicit security headers or incident response policies are published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. Overall, Nasdaq Baltic's website demonstrates a mature digital presence with strong business credibility and good security hygiene. Strategic improvements could focus on enhancing DNS security, publishing formal security policies, and expanding incident response transparency to further strengthen trust and compliance.

The website 'Spordin puhtalt!' is an Estonian e-learning platform dedicated to educating amateur athletes about antidoping rules, prohibited substances, and healthy sports practices. It is operated by SA Eesti Antidoping and supported by notable Estonian sports figures and international partners such as UNESCO. The platform offers educational content, exercises, videos, and testimonials to promote clean sports. Technically, the site is built on WordPress with common plugins and uses HTTPS with a moderate performance profile. However, it lacks visible privacy and cookie policies and security headers, which are areas for improvement. The absence of explicit contact emails or phone numbers limits direct communication channels, though a contact form is present. Overall, the site is trustworthy and professionally presented but could enhance its privacy compliance and security posture.

E

Ettevõtja infovärav Aktiva

aktiva.ee

0

Aktiva.ee is an Estonian business information portal focused on supporting entrepreneurs at various stages, including startups, operating companies, and those expanding internationally. The platform offers practical guidance, resources, and insights to help businesses succeed, with content tailored to the Estonian market and language. The website is positioned as a trusted resource for business knowledge and development in Estonia, with a clear focus on entrepreneurship and business growth.

F

FCI Levadia

fcilevadia.ee

0

FCI Levadia is an Estonian football club with an online presence primarily focused on providing football-related content and engaging with local sports fans. The website is built on WordPress and utilizes common plugins such as Yoast SEO and WP Rocket to enhance SEO and performance. The technical infrastructure is moderate, hosted by Zone Media OÜ, a known Estonian registrar and hosting provider. The site is accessible without any WAF or security challenge blocking content. However, the website lacks critical privacy and cookie policies, contact information, and published security or incident response policies, which are important for compliance and trust. Security posture is basic with no advanced headers or vulnerability disclosures evident. Overall, the site is functional but would benefit from improvements in privacy compliance, security best practices, and business transparency.

C

Citadele pank

citadeleleasing.ee

0

Citadele pank is a well-established financial institution in Estonia offering leasing services primarily focused on vehicle financing. The website provides detailed leasing options, including a calculator and a dedicated leasing portal for customers to manage their contracts and applications. The business targets private individuals seeking flexible leasing solutions with personalized interest rates and competitive terms. The company is part of the larger Citadele Group, indicating a strong market position in the Baltic financial sector. Technically, the website employs modern web technologies such as jQuery, Bootstrap, and Google Tag Manager, with a CMS likely being October CMS. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security-wise, the site enforces HTTPS, uses security headers, and implements cookie consent mechanisms, though explicit security and incident response policies are not publicly available. WHOIS data confirms the domain's legitimacy and consistency with the business identity. Overall, the website reflects a professional and trustworthy financial service provider with room for improvement in transparency around security policies and incident response.

C

Citadele

xrewards.ee

0

The website www.xrewards.ee represents the C REWARDS loyalty and discount program affiliated with Citadele bank, targeting C card holders primarily in Estonia and the Baltic region. The platform offers users the ability to earn points on purchases and redeem them for discounts and prizes, integrating banking services with retail loyalty. The website is built on Magento CMS with modern frontend technologies including RequireJS and jQuery, and is monitored using New Relic and Google Tag Manager. The site is well-optimized for mobile devices and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not published. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the site demonstrates a mature digital infrastructure aligned with the business goals of Citadele bank's loyalty program.

S

Sustinere

sustinere.eu

0

Sustinere is a medium-sized advisory firm specializing in ESG and sustainability transformation services primarily in the Baltic region. Founded in 2016, the company offers a blend of expert consulting and digital solutions to help clients navigate ESG regulations, develop sustainability strategies, and assess climate impact. Their market position is supported by a team of over 25 experts and a client base spanning 11 sectors, including energy, banking, manufacturing, and retail. The website reflects a professional and consistent brand image with good content quality and clear navigation.

E

Eesti Lauatenniseliit

eltl.ee

0

Eesti Lauatenniseliit is a national sports organization dedicated to table tennis in Estonia, providing news, event calendars, club information, player rankings, and regulatory details. The website serves as an information hub for players, clubs, and enthusiasts within the Estonian table tennis community. Technically, the site uses modern web technologies including JavaScript modules and CSS, hosted on DigitalOcean with DNS managed by the same provider. The site appears to be built on WordPress, indicating a standard CMS approach. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and formal security policies. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms. Business credibility is supported by consistent WHOIS data showing local Estonian registration and a new domain appropriate for the organization's recent founding. Overall, the site is functional and professional but would benefit from enhanced privacy, security, and contact transparency.

The website kul.ee is registered to Haridus- ja Teadusministeerium (EENet), an Estonian government entity, with a domain age dating back to 2010. The site is currently inaccessible due to a Cloudflare security challenge page requiring human verification, which blocks access to actual website content. Consequently, no business description, contact information, or user-facing content is available for analysis. The technical infrastructure relies on Cloudflare services for security and performance, including the Turnstile captcha and Cloudflare Insights for analytics. Security posture cannot be fully assessed due to the blocked content, but the use of Cloudflare indicates a baseline security approach. Privacy and cookie policies are not detectable on the challenge page, and no forms or data collection mechanisms are visible beyond the security verification. Overall, the domain registration data supports legitimacy as a government entity website, but the lack of accessible content limits comprehensive evaluation.

K

Kultuurkapital

kulka.ee

0

Kultuurkapital is a key Estonian non-profit government-related institution dedicated to supporting culture and cultural heritage through targeted funding and grants. The website provides extensive information about various cultural programs, expert groups, and funding opportunities, primarily targeting Estonian cultural organizations and artists. The domain is well-established since 2010 and registered with a reputable Estonian registrar, supporting the legitimacy of the organization. Technically, the website uses the Voog CMS platform and integrates Google Analytics and Tag Manager for user tracking. The site is moderately optimized for performance and mobile devices, with a clear navigation structure and professional design. However, explicit privacy and cookie policies are missing, and no contact emails or phone numbers are directly visible in the HTML content, which may impact user trust and privacy compliance. Security headers are not detected, indicating room for improvement in security posture. Overall, the website is professional and trustworthy but could enhance privacy compliance and security best practices.

R

Rollmer OÜ

rollmer.ee

0

Rollmer OÜ is an established Estonian company specializing in the sale of industrial accessories including bearings, seals, and power transmission products. The company operates both retail and wholesale channels with physical stores located in Tallinn and Tartu, targeting industrial, agricultural, forestry, service, and retail businesses. The website reflects a professional presence with clear product categories and consistent branding, supporting its market position as a regional supplier. Technically, the site is built on WordPress using the Enfold theme and Yoast SEO plugin, indicating moderate digital maturity. However, the absence of HTTPS enforcement and security headers represents a significant security gap. Privacy compliance is weak, with no visible privacy or cookie policies and no consent mechanisms. The site lacks active analytics tracking despite plugin presence, suggesting limited user data collection. Overall, the security posture is moderate but requires improvements to meet modern standards. Strategic recommendations include implementing HTTPS, adding security headers, establishing privacy and cookie policies, and enhancing incident response capabilities to strengthen trust and compliance.

E

Eesti Olümpiakomitee

eok.ee

0

Eesti Olümpiakomitee is the official umbrella organization for sports and Olympic activities in Estonia, providing support to athletes, organizing events, and promoting sports culture nationally. The website reflects a well-established non-profit entity with strong partnerships and sponsorships, targeting the Estonian sports community and general public interested in Olympic sports. Technically, the site uses a modern stack including Bootstrap, jQuery, and Voog CMS, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some improvements in security headers and library updates are recommended. Privacy compliance is moderate with a clear cookie consent mechanism but lacking explicit privacy policy and terms of service pages. Overall, the site is professional, trustworthy, and functional with room for technical and compliance enhancements.

E

Eesti Antidopingu ja Spordieetika Sihtasutus

eadse.ee

0

Eesti Antidopingu ja Spordieetika Sihtasutus is a government-affiliated non-profit organization dedicated to promoting fair play, anti-doping measures, and ethical conduct in sports within Estonia. The organization provides education, prevention, and regulatory oversight services to athletes, sports organizations, and the public. The website serves as an informational and educational platform with resources, news, and training offerings related to sports ethics and anti-doping. Technically, the website is built on WordPress using the Avada theme and integrates modern plugins such as Yoast SEO and Revolution Slider. It employs Google Analytics for visitor tracking but lacks visible cookie consent mechanisms and privacy policy disclosures, which are critical for GDPR compliance. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but security headers and incident response information are absent. Overall, the website is professional, well-branded, and trustworthy, though it would benefit from enhanced privacy compliance and explicit contact details.

T

Turundajate Liit ehk TULI

turundajateliit.ee

0

Turundajate Liit ehk TULI is a professional association in Estonia that unites marketing agencies and brands to develop and improve the marketing sector. The organization acts as a connector, promoter, and evaluator within the marketing industry, offering news, events, job postings, training, and competitions such as the Kuldmuna awards. The website reflects a well-established entity with a clear focus on the Estonian marketing community, providing relevant and regularly updated content. Technically, the site is built on WordPress with modern plugins and analytics tools, ensuring good performance and mobile optimization. Security measures include HTTPS, reCAPTCHA on forms, and standard security headers, though explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates a strong security posture and compliance with privacy regulations, including GDPR. Contact information and social media presence are clearly provided, enhancing business credibility.

Credy operates as a financial affiliate network specializing in consumer loans, connecting publishers and advertisers with lenders across multiple countries. The company positions itself as a leader in the consumer credit advertising market with a focus on short-term loans and related financial products. The website content is professionally presented, targeting publishers and advertisers seeking monetization and lead generation opportunities. The business is registered as Traffic Control OÜ in Estonia, with a physical address and contact email provided, supporting its legitimacy from a business perspective. Technically, the website uses modern frontend technologies including Bootstrap, jQuery, and Slick Carousel, delivering a responsive and user-friendly experience. However, the absence of visible privacy and cookie policies, as well as missing WHOIS registration data, raises concerns about compliance and domain legitimacy. Security posture is moderate with no visible vulnerabilities but lacks security headers and formal policies. Overall, the site is functional and professional but requires improvements in compliance and domain registration transparency to enhance trust.

T

Tervise ja Heaolu Infosüsteemide Keskus

terviseportaal.ee

0

Terviseportaal is the official Estonian government digital health portal operated by the Tervise ja Heaolu Infosüsteemide Keskus (TEHIK). It provides comprehensive health-related information and services to Estonian residents, including access to personal health data, appointment booking, prescriptions, health certificates, and screening programs. The portal is well-positioned as the primary national health service gateway, integrating with key partners such as Tervisekassa and the Estonian Health Development Institute. The website demonstrates a high level of digital maturity with modern technologies like React and Next.js, excellent mobile optimization, and good accessibility features. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not published. Overall, the portal is trustworthy, professional, and compliant with GDPR and cookie regulations, serving a large user base effectively.

R

Redwall OÜ

redwall.ee

0

Redwall OÜ is a well-established Estonian web agency with over 13 years of experience, specializing in full-service web solutions including design, development, maintenance, and consulting. The company targets businesses and organizations seeking professional and user-centric digital presence. Their market position is solid within the local Estonian market, supported by a consistent brand and a comprehensive portfolio of services. Technically, the website is built on WordPress with modern performance optimizations such as WP Rocket, lazy loading, and deferred scripts. The site is mobile-optimized and accessible, integrating advanced analytics and marketing tools with GDPR-compliant consent mechanisms. Security posture is strong with HTTPS enforced, CAPTCHA on forms, and no visible vulnerabilities, though explicit security policies and incident response documentation are absent. Overall, the website reflects a professional, trustworthy, and technically mature digital presence.

L

Lumi Capital OÜ

lumikodud.ee

0

Lumi Kodud is a small Estonian real estate company specializing in rental apartments in Tallinn, offering 1-, 2-, and 3-room modern apartments managed reliably. The website is professionally designed using Joomla CMS with modern frameworks like Bootstrap and includes multi-language support. It integrates common analytics and marketing tools such as Google Analytics, Facebook Pixel, and Hotjar, and employs Google reCAPTCHA for form security. Privacy and cookie policies are present and indicate GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though additional security headers could enhance protection. Overall, the site is trustworthy and well-positioned for its local rental market niche.

T

Telema AS

telema.ee

0

Telema AS is a well-established Estonian technology company specializing in Electronic Data Interchange (EDI) and e-invoicing services, primarily serving the Baltic region. The company positions itself as a market leader and standard developer with a strong focus on seamless and automated business document exchange. Their services cater to businesses seeking efficient and reliable data exchange solutions, supported by a network of certified software partners and global roaming capabilities. The website reflects a mature digital presence with multi-language support and regional domains. Technically, the site is built on WordPress with modern front-end libraries and integrates advanced marketing and analytics tools, including consent management for GDPR compliance. Security posture is strong, evidenced by ISO 27001 certification and HTTPS enforcement, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

N

Nordic Symphony Orchestra

nordicsymphony.com

0

Nordic Symphony Orchestra is a small cultural organization based in Estonia, specializing in classical symphony performances with a focus on Nordic composers and artists. The website serves primarily as an informational portal providing concert schedules, streaming links, and contact details for management and artistic leadership. The business operates in the media sector, targeting classical music audiences in Estonia and the Nordic region. The domain age of nearly two decades supports the legitimacy and established presence of the organization. Technically, the website is built with basic HTML and CSS without modern frameworks or CMS platforms. It lacks mobile optimization and accessibility features, which limits user experience on diverse devices. There is no evidence of advanced analytics, tracking, or advertising technologies, indicating a minimalistic digital footprint. Hosting and DNS are managed through EuroDNS and elkdata name servers, but DNSSEC is not enabled, and no security headers are detected. From a security perspective, the site does not demonstrate strong security practices. There is no visible HTTPS confirmation in the provided data, no privacy or cookie policies, and no incident response or security contact information. These gaps represent compliance and security risks, especially under GDPR regulations. However, the domain registration is consistent and transparent, with no privacy protection or suspicious WHOIS patterns, which supports trustworthiness. Overall, the website is functional but basic, with significant room for improvement in security, privacy compliance, and technical modernization. Strategic recommendations include implementing HTTPS, publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and improving mobile and accessibility standards to enhance user trust and regulatory compliance.

I

Itera BI

bi365.ee

0

BCS Itera, operating under the brand Itera BI, is a specialized provider of business intelligence and data analytics solutions primarily leveraging Microsoft technologies such as Power BI, BI4Dynamics, and Azure. Founded in 2019 and based in Estonia, the company offers a comprehensive portfolio of services including BI strategy development, data warehouse architecture, BI implementation, cloud BI solutions, version upgrades, and advanced forecasting models. The website demonstrates a mature digital presence with rich content, client case studies, and educational resources, positioning the company as a trusted expert in the BI domain within its regional market. Technically, the site is built on WordPress with modern plugins and analytics integrations, delivering a good user experience and mobile optimization. Security posture is solid with HTTPS and secure form handling, though improvements in security headers and privacy compliance are recommended. Overall, the company presents a credible and professional image with clear contact channels and certifications, though it should enhance its privacy and cookie policies to meet compliance standards.