Security Directory

P

Publicon OÜ

publicon.ee

0

Publicon OÜ is a professional conference organizer based in Estonia with over 10 years of experience. The company specializes in organizing traditional, virtual, and hybrid conferences both locally and internationally. The website is built on the Wix platform, indicating a moderate level of digital maturity with standard Wix technologies and scripts. The site is mobile-optimized and presents a professional design with clear navigation and relevant content for its target audience. Security posture is adequate with HTTPS enforced and some JavaScript hardening, but lacks explicit security headers and visible privacy or cookie policies. Overall, the website is trustworthy but could improve in privacy compliance and security transparency.

A

AS Emor

emor.ee

0

Kantar Emor is a reputable Estonian market research and data analytics company providing comprehensive services such as trend studies, social research, brand and communication analysis, and media research. The company targets businesses and organizations in Estonia seeking reliable data to make informed decisions. The website reflects a mature digital presence built on WordPress with modern SEO and analytics integrations, demonstrating good technical infrastructure and content management practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit incident response policies are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting the company's credibility in the market research sector.

M

Marketex Offshore Constructions

moc.ee

0

Marketex Offshore Constructions is a specialized manufacturer of complex steel structures serving the Offshore Oil & Gas, Renewables, Infrastructure, and Industrial sectors. Founded in 2014 and operating under the parent company BLRT Grupp, the company emphasizes quality and compliance with industry standards such as NORSOK, DNV GL, ABS, and BV. Their modern facilities support large fabrication projects primarily targeting the North Sea region and beyond. The website reflects a professional digital presence with clear business information and a focus on safety and quality through their QHSE policies. Technically, the site is built on WordPress with modern libraries and includes Google Analytics and Tag Manager for tracking, complemented by a cookie consent mechanism.

C

Catapult Labs

catapultlabs.eu

0

Catapult Labs is a specialized software development and systems integration company based in Estonia, focusing on critical infrastructure and systems integrators globally. The company offers end-to-end software development, consulting, and integration services, with a strong portfolio including clients such as Ericsson, Pipedrive, and Fujitsu. They also act as an official reseller for Microsoft and Adobe business software licenses. Technically, the company employs a modern technology stack including Node.js, Java, React, Flutter, and cloud platforms like AWS and Azure, demonstrating a mature digital infrastructure. Security-wise, the website uses HTTPS and modern tracking tools but lacks explicit security headers and privacy/cookie policies, indicating room for improvement in compliance and security posture. Overall, the business appears credible and professional with a strong market position in its niche, though it should enhance privacy compliance and security transparency to further strengthen trust.

A

Avitus

avitus.ee

0

Avitus is a small Estonian health portal providing information and practical advice on mental and physical health, nutrition, exercise, vitamins, and supplements. The website targets Estonian-speaking users interested in improving their health and wellbeing through informed lifestyle choices. The business operates primarily as an informational platform without visible e-commerce or direct service offerings. Technically, the site is built on WordPress using the GeneratePress theme, with modern web technologies and good mobile optimization. The hosting and domain registration are consistent with the business location and age. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is minimal, with only a basic privacy policy present and no cookie consent mechanism. Contact information is limited to a single company email address, with no phone or physical address provided. Overall, the site is professionally designed and trustworthy but could improve in privacy and security practices.

N

Nordic Aviation Group

nordica.ee

0

Nordic Aviation Group is a medium-sized airline group based in Estonia, operating subsidiaries Nordica and Xfly. The company provides air transportation services and aircraft leasing. Recently, the group filed for bankruptcy, ceasing daily operations and initiating bankruptcy proceedings. The website serves as a corporate communication channel, providing press releases and company information. The technical infrastructure is based on WordPress with modern web technologies such as Bootstrap and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly but lacks some advanced accessibility features. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are missing. Privacy compliance is basic, with no cookie consent mechanism detected. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

B

Balti Uuringute Instituut

ibs.ee

0

Balti Uuringute Instituut is an established independent think tank founded in 1996, specializing in political and socio-economic research primarily focused on Estonia, the Baltic Sea region, and Europe. The organization provides high-quality applied research and policy analysis aimed at supporting evidence-based public policymaking. Their target audience includes policymakers, public sector entities, researchers, and international partners. The website reflects a professional and consistent brand image with clear navigation and relevant content showcasing their expertise and projects. Technically, the site is built on WordPress with modern libraries such as Bootstrap and Swiper.js, and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well, though accessibility could be enhanced. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies and headers. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site demonstrates strong business credibility but requires improvements in privacy and security transparency.

N

Nordecon AS

nordecon.com

0

Nordecon AS is a leading construction and real estate development company based in Estonia, with a strong market presence since 1989. The company operates in Estonia and neighboring countries including Finland, Sweden, and Ukraine. It offers comprehensive services including building and facility construction, project management, and real estate development. The company is publicly listed on the Nasdaq Tallinn stock exchange since 2006, reinforcing its market credibility. The website reflects a professional and modern digital presence with clear navigation, multilingual support, and detailed project showcases. Technically, the site is built on WordPress with modern JavaScript libraries and tracking tools, optimized for mobile and accessibility. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some improvements like DNSSEC and security headers could enhance protection. Overall, the website and domain registration data align well with the company's business claims, indicating high legitimacy and trustworthiness.

BENUEVO OÜ is a small Estonian software development company specializing in advanced web and mobile application solutions for industries such as FinTech, eHealth, SaaS, Supply-Chain, and Automotive. Their business model focuses on delivering mission critical software development and maintenance services to corporate clients. The website presents a professional and consistent brand image with clear navigation and responsive design, targeting companies seeking high quality software engineering. Technically, the website uses modern web technologies including JavaScript, Bootstrap, and Turbolinks, hosted behind Cloudflare infrastructure. Performance and mobile optimization are good, though accessibility and SEO optimizations are basic. Security practices include HTTPS with CSRF token implementation, but lack important HTTP security headers and published security policies. The security posture is moderate with no critical vulnerabilities detected, but improvements are needed in DNS security (DNSSEC), security headers, and formal privacy and cookie policies to enhance compliance and trust. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security hardening to improve trustworthiness and regulatory adherence.

E

Envoice

envoice.eu

0

Envoice is a technology company specializing in AI-driven expense management and bookkeeping automation solutions targeted at businesses and accounting firms. The platform offers key services such as expense reporting, invoice creation, approval workflows, and seamless integration with popular accounting software like Xero and QuickBooks. Positioned as a modern and efficient tool, Envoice emphasizes automation to reduce manual bookkeeping tasks and improve operational efficiency. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the website is built on WordPress with a robust tech stack including jQuery, Google Tag Manager, HubSpot, Segment Analytics, and Intercom for customer engagement and analytics. The site is mobile optimized and SEO friendly, leveraging Rank Math SEO plugin and multilingual support via WPML. Performance is moderate with good mobile responsiveness and accessibility basics in place. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the business claims, showing consistent registration with an Estonian registrar. Overall, the security posture is solid but could be enhanced by adding security policies and vulnerability disclosure mechanisms. The overall risk assessment is low with strong business credibility and technical implementation. Strategic recommendations include implementing security headers, publishing a security policy and incident response contacts, and establishing a vulnerability disclosure program to further strengthen trust and compliance.

S

Saaremaa Golf & Country Club

saaregolf.ee

0

Saaremaa Golf & Country Club is a small hospitality business based in Estonia, specializing in golf tourism and resort services. The company offers a world-class golfing experience with well-maintained courses and resort amenities targeting golf enthusiasts and families. The website is professionally designed using WordPress with the Divi theme and incorporates modern SEO and analytics tools, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks some advanced security headers and explicit incident response information. Privacy compliance is weak due to missing privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the website is trustworthy and functional, supporting the business's market position as a regional golf resort.

Ritsu is an established Estonian manufacturer specializing in log houses, including glued laminated timber and round log houses, with nearly 30 years of experience and over 4000 buildings produced. The company targets customers valuing natural materials, good indoor climate, and quality craftsmanship. Their market position is strengthened by ISO 9001:2015 certification and exports to over 40 countries. The website is built on WordPress with modern UI libraries and SEO optimizations, providing a good user experience and mobile responsiveness. Security posture is solid with HTTPS and secure forms, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is clearly provided, including email, phone, physical addresses, and a detailed contact form.

N

Norma

norma.ee

0

Norma is a well-established manufacturing company specializing in automotive safety system components, operating as a subsidiary of the global Autoliv group. The company serves major automotive manufacturers worldwide, leveraging over 135 years of experience. The website reflects a professional and consistent brand image, targeting automotive industry stakeholders and potential employees. The technical infrastructure is based on WordPress with modern web technologies such as Bootstrap and jQuery, providing a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and sandboxed embedded content, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the website is functional and trustworthy but would benefit from improved privacy and security disclosures.

E

Eesti Disaini Maja / Estonian Design House

estoniandesignhouse.ee

0

Estonian Design House is a platform dedicated to promoting Estonian design and supporting local designers. The website serves as a showcase for Estonian design products and aims to connect designers with a broader audience interested in unique, locally crafted design. The business operates within a niche market focused on design enthusiasts and customers valuing Estonian cultural products. Technically, the website is built on WordPress with SEO optimization via Yoast and includes social media integration, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS, but lacks advanced security headers and explicit security or privacy policies, which could be improved to enhance trust and compliance. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security disclosures.

T

Tartu Loomemajanduskeskus

lmk.ee

0

Tartu Loomemajanduskeskus (LMK) is a well-established creative industries development center and incubator based in Tartu, Estonia, founded in 2009. It focuses on supporting creative enterprises through incubation programs, mentoring, training, and providing rental spaces. The organization targets creative startups and existing businesses in the South Estonia region, aiming to boost innovation and export potential in sectors such as fashion, contemporary art, film, and performing arts. The website reflects a professional and consistent brand presence with active social media engagement and regularly updated news content. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating modern JavaScript libraries like Swiper.js and jQuery. It employs Google Analytics and Jetpack for visitor tracking and performance monitoring. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Hosting and domain registration are stable and consistent with the business's geographic location. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers and formal security or incident response policies. No privacy or cookie policies were found, indicating potential compliance gaps with GDPR requirements. No vulnerability disclosure or security.txt files are present, which could be improved to enhance trust and transparency. Overall, the website is functional, professional, and credible but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

G

Geo S.T.

geo.ee

0

Geo S.T. is an established Estonian company specializing in geodetic measurements, 3D laser scanning, construction geodesy, and cadastral services. Founded in 2010, it serves clients in energy, transportation, and real estate sectors, offering precise surveying and modeling solutions. The company maintains a professional web presence with clear service descriptions and partner affiliations, targeting construction and industrial clients. Technically, the website is built on WordPress with common libraries like jQuery and Bootstrap, integrating Google Analytics and Google Tag Manager for user tracking. The site is mobile-optimized and moderately performant, though accessibility and SEO could be improved. Security posture is solid with HTTPS and secure forms, but lacks advanced security headers and explicit security policies. Privacy compliance is basic with a cookie policy but no consent mechanism or detailed privacy policy. Overall, the domain registration is consistent and trustworthy, supporting the company's legitimacy.

Tallinn Dolls operates as a specialized e-commerce retailer focusing on fashion apparel and accessories for women, men, and children. The website offers a variety of collections including pre-order and immediate purchase options, targeting consumers interested in curated fashion products. The company has a stable market presence with a domain registered since 2008, indicating longevity and business continuity. The site supports multilingual content in English and Estonian, enhancing accessibility for its target audience. Technically, the website leverages modern marketing and analytics tools such as Google Analytics, Facebook Pixel, Klaviyo, and Weglot for translations. It is built on the Sylius e-commerce platform, which is a modern and flexible solution. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Performance is moderate, with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, it lacks DNSSEC and does not publish security policies or incident response contacts. No privacy or cookie policies were detected, which is a compliance gap especially under GDPR. Tracking technologies are extensively used, but without visible consent mechanisms, raising privacy concerns. Overall, Tallinn Dolls presents a credible and professional e-commerce presence with solid technical foundations but requires improvements in privacy compliance and security transparency to enhance trust and regulatory adherence.

M

Meta Advisory Group OÜ

metaadvisory.ee

0

Meta Advisory Group OÜ is a professional PR and government relations agency based in Estonia, operating as part of the Rud Pedersen Group. The company offers a broad range of communication services including government relations, reputation management, crisis communication, marketing communication, and digital strategies. The website reflects a mature business with a strong market position, evidenced by its recognition as the Aasta Kommunikatsiooniagentuur 2025 and its presence in multiple European cities. The target audience includes clients seeking expert communication and PR services with a strategic approach. Technically, the website is built on WordPress with modern tools such as Google Tag Manager and Facebook Pixel for analytics and marketing. Performance and mobile optimization are good, with SEO best practices implemented via Yoast SEO. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting the company's credibility and business goals.

W

WERMO AS

wermo.ee

0

WERMO AS is an established Estonian furniture manufacturer with over 75 years of experience in crafting high-quality furniture for living rooms, home offices, and dining rooms. The company leverages traditional craftsmanship combined with modern production technologies to meet discerning customer expectations. Their website reflects a medium-sized manufacturing business targeting consumers and businesses seeking premium furniture products. Technically, the website is built on WordPress using popular plugins such as Yoast SEO, WPBakery Page Builder, and Contact Form 7, with multilingual support via WPML. The site is hosted likely by Zone Media OÜ, an Estonian registrar and hosting provider. Security-wise, the site uses HTTPS with good SSL configuration and integrates Google reCAPTCHA to protect forms. However, it lacks explicit privacy, cookie, and security policies, as well as vulnerability disclosure mechanisms, which are important for compliance and trust. Overall, the website is professional and functional but could improve its privacy and security transparency.

S

SinuLab

sinulab.ee

0

SinuLab is a technology company specializing in software solutions for strategic performance management and people development, primarily targeting small and medium-sized enterprises. Their SaaS offerings include modules for people data management, performance tracking, employee development, and talent management, complemented by e-learning courses. The company has a consistent brand presence and a professional website that clearly communicates its services and target audience. Technically, the website is built on WordPress with modern plugins and integrates marketing and analytics tools such as HubSpot and Google Tag Manager. Security posture is good with HTTPS enforced and domain transfer protections in place, though improvements like enabling DNSSEC and adding security headers are recommended. Privacy compliance is basic but includes a cookie consent mechanism and a privacy policy page. Overall, the website and business present a trustworthy and professional image with room for enhanced security and compliance maturity.

A

Advokaadibüroo Nordx Legal OÜ

nordxlegal.com

0

Advokaadibüroo Nordx Legal OÜ is a specialized law firm founded in 2014, focusing on technology-driven and digital businesses. Their core services include corporate transactions, data protection, privacy, cybersecurity, technology law, and intellectual property. The firm targets startups and multinational corporations within the technology sector, positioning itself as a niche legal service provider with a strong emphasis on emerging technologies. The website reflects a professional and consistent brand image with clear service offerings and active social media engagement. Technically, the website is built on WordPress using modern frameworks such as Foundation and libraries like jQuery and Slick Carousel. SEO is enhanced via the Yoast SEO plugin. The site demonstrates good mobile optimization and moderate performance. Security is well addressed through strict Content-Security-Policy headers and HTTPS enforcement, although DNSSEC is not enabled. No cookie consent mechanism or explicit security policies are published, which are areas for improvement. The security posture is strong with no visible vulnerabilities or exposed sensitive data. However, the absence of incident response contact details and vulnerability disclosure policies indicates room for maturity. The domain registration is consistent and legitimate, supporting the business credibility. Overall, the website scores well in professionalism, technical implementation, and security, but privacy compliance could be enhanced. Strategic recommendations include implementing a cookie consent mechanism, publishing comprehensive security and incident response policies, enabling DNSSEC, and adding terms of service to improve legal completeness and user trust.

C

Change Ventures

changeventures.com

0

Change Ventures is a seed stage venture capital fund focused on backing ambitious Baltic founders globally. The company provides pre-seed investments ranging from €100k to €500k, along with hands-on support to help startups reach product-market fit and access to a network of later stage investors and partners. Their portfolio includes innovative technology companies across sectors such as energy, fintech, and software. The website presents a professional and consistent brand image with detailed team profiles and portfolio highlights, targeting founders and investors interested in the Baltic startup ecosystem. Technically, the website is built on Webflow and uses modern web technologies including Google Analytics and Tag Manager for tracking, with content delivered via a CDN. The site is mobile optimized and features good SEO practices. However, some accessibility features could be improved. Security posture is generally good with HTTPS enforced and secure form handling, but lacks explicit security headers and published security policies. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration transparency. Despite this, the website content and business information appear legitimate and professional. There are no privacy or cookie policies found, indicating compliance gaps with GDPR and other privacy regulations. Contact information includes a verified company email and physical address in Estonia, but no phone numbers are explicitly provided. Overall, the website is well designed and informative, supporting a credible business presence. However, improvements in privacy compliance, security policy transparency, and domain registration clarity are recommended to enhance trust and reduce risk.

Z

Zone Media OÜ

rahinge.ee

0

Rahinge.ee is a small Estonian website focused on promoting and providing information about Rahinge Wakepark, a water sports and relaxation destination near Tartu, Estonia. The site offers content about wakeboarding, SUP boards, canoe and kayak rentals, and leisure facilities such as beaches and ball courts. The business model centers on regional water sports enthusiasts and visitors seeking recreational activities. The website is built on WordPress with popular plugins and themes, showing moderate performance and good mobile optimization. SEO practices are adequately implemented with proper meta tags and structured data. Security posture is basic with HTTPS enabled but lacks DNSSEC and security headers, and no cookie consent mechanism is present. Contact information is limited to a contact form without explicit emails or phone numbers. The domain is newly registered in 2025 by Zone Media OÜ, a known Estonian registrar and hosting provider, consistent with the website's launch timeframe. Overall, the site is functional and professionally designed but could improve in privacy compliance and security best practices.

L

Leibur

leibur.ee

0

Leibur is a well-established Estonian bakery company with a rich history dating back to 1762. The company operates primarily in the retail sector, offering a variety of bread and bakery products. The website reflects a medium-sized business with a consistent brand presence and a focus on product promotion, company history, and sustainability. The parent company is Lantmännen, indicating a solid corporate backing. Technically, the website uses modern frameworks such as Bootstrap and integrates multiple marketing and analytics tools including Google Tag Manager, Matomo, HubSpot, and Microsoft Application Insights. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks some recommended security headers and explicit security policies. Privacy compliance is basic, with a cookie banner present but no clear privacy policy or terms of service pages detected. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website is functional and professional but could improve in privacy transparency and security best practices.

B

Brightspark

brightspark.ee

0

Brightspark OÜ is an Estonian software development company founded in 2011, specializing in developing modern web-based information systems primarily for the trade sector. The company has evolved from providing software development services across multiple countries to focusing on its own product development, including cloud-based platforms like Lexi.Market, rehabilitation software (Reha), and digital document management services (Infore). The website reflects a professional and consistent brand presence with clear contact information and social media engagement. Technically, the site is built on WordPress with modern plugins and themes, offering good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and published policies. Overall, Brightspark presents as a credible small technology company with a focused business model and established market presence.

T

TJO Konsultatsioonid

tjo.ee

0

TJO Konsultatsioonid is a leading Estonian consulting firm specializing in management systems development, strategic management, and production efficiency enhancement. The company offers a range of consulting services and training programs targeted at businesses seeking to improve operational effectiveness and comply with international standards. Their market position is strong within Estonia, supported by multiple ISO certifications and a robust client base. The website infrastructure is built on WordPress, utilizing modern plugins such as Yoast SEO and Ninja Forms, integrated with Google Analytics and Google Tag Manager for performance and user behavior tracking. The site is mobile-optimized and demonstrates good SEO practices, contributing to a positive digital maturity profile. Security posture is solid with HTTPS enforced, use of Google reCAPTCHA on forms, and indications of security plugins like Wordfence. However, some security headers are not explicitly confirmed and could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website and business present a trustworthy and professional image with no critical security issues detected. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and considering a formal incident response policy to further strengthen security and compliance.

I

interUX Usability Engineering Studio OÜ

interux.com

0

interUX Usability Engineering Studio OÜ is a small, Estonia-based consultancy specializing in user experience and usability engineering services across Estonia, Latvia, and Russia. With over 20 years of professional expertise, the company offers a comprehensive suite of UX services including user interface design, expert evaluations, field studies, usability testing, and eye tracking. Their client base spans multiple industries such as retail, insurance, travel, and telecommunications, positioning them as a trusted usability partner in the region. Technically, the website employs a basic but functional technology stack consisting of HTML, CSS, JavaScript, and Google Analytics for visitor tracking. The site is moderately optimized for performance and SEO, with basic mobile responsiveness and accessibility features. However, there is no evidence of a CMS or advanced frameworks, indicating a relatively simple infrastructure. From a security perspective, the domain is well-established with a consistent WHOIS record and domain status protections. However, the website lacks critical security headers, DNSSEC is not enabled, and there is no visible HTTPS enforcement or privacy compliance mechanisms such as privacy or cookie policies. Google Analytics is used without a cookie consent banner, which may raise GDPR compliance concerns. Overall, the website presents a professional and credible business front but requires improvements in privacy compliance and security best practices to reduce risk and enhance trust. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, enforcing HTTPS, and providing incident response information.

A

Agrello

agrello.io

0

Agrello is a technology company specializing in secure e-signature and contract management solutions tailored primarily for small and medium-sized enterprises (SMEs). The platform offers a comprehensive suite of services including document automation, bulk contract creation, and legally binding electronic signatures compliant with EU and UK regulations. Positioned as a time-saving and efficient alternative to manual contract workflows, Agrello emphasizes ease of use, security, and compliance. The company operates from Estonia and provides multilingual support, reflecting a focus on European markets. Technically, the website is built on modern web technologies including Webflow CMS, Google Fonts, and integrates analytics and marketing tools such as Microsoft Clarity and Google Tag Manager. The platform supports integrations via Zapier and offers API access, indicating a mature digital infrastructure. The site is well-optimized for performance, mobile responsiveness, and SEO, with clear navigation and professional design. From a security perspective, Agrello enforces HTTPS, uses reCAPTCHA for form protection, and implements cookie consent mechanisms. While explicit security headers are not fully documented in the HTML, the overall posture is strong with no visible vulnerabilities or exposed sensitive data. The WHOIS data is privacy protected, which is typical for SaaS providers, and the domain appears actively maintained. Overall, Agrello presents a trustworthy, professional, and technically sound online presence suitable for its target market. Strategic recommendations include enhancing transparency around security policies and incident response, and publishing vulnerability disclosure information to further build trust.

E

Elkdata OÜ

keeleagentuur.ee

0

Keeleagentuur is a small Estonian language agency founded in 2022, specializing in language education and translation services primarily for Estonian and Russian languages. The company offers goal-oriented language courses for adults, including exam preparation and thematic courses. The website is built on WordPress using the Astra theme, Elementor page builder, and WooCommerce for e-commerce capabilities. It employs modern web technologies and integrates Google Analytics for visitor tracking. The website is well-structured, mobile-optimized, and SEO-friendly, but lacks explicit privacy and terms of service policies. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers could be improved. Overall, the business appears legitimate and consistent with its domain registration data.

D

Diivaniparadiis

paradiis.ee

0

Diivaniparadiis is a well-established Estonian furniture retailer operating since 1998, offering a wide range of home and office furniture through both online and physical stores. The website reflects a mature e-commerce platform with clear navigation, product listings, and customer account management features. The business targets Estonian consumers seeking quality furniture and home decor products. The domain age and WHOIS data align with the company's market presence, reinforcing its legitimacy. Technically, the website employs modern JavaScript libraries such as Swiper.js for sliders, Fancybox for image galleries, and integrates marketing tools like Google Tag Manager and Facebook Pixel for analytics and advertising. The presence of CSRF tokens and HTTPS indicates a reasonable security posture, although some security headers could be improved. Mobile optimization and SEO practices are adequately implemented, providing a good user experience across devices. Security-wise, the site uses HTTPS with a good SSL configuration and includes CSRF protection in forms. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security transparency and compliance. Privacy compliance is basic but includes a cookie consent banner and a privacy policy page in Estonian. Overall, Diivaniparadiis presents a trustworthy and professional online presence with solid business credibility and technical implementation. Strategic enhancements in security policies, accessibility, and legal documentation would further strengthen its compliance and user trust.

A

Agrello

agrello.id

0

Agrello is a technology company based in Estonia specializing in secure e-signature and contract management solutions tailored primarily for small and medium-sized enterprises. Their platform enables users to create, sign, and manage legally binding agreements efficiently, reducing contract signing time by up to 60%. The company offers a SaaS subscription model with tiered plans, including a free trial and custom enterprise options, positioning itself as a niche player in the legaltech space with compliance to EU and UK regulations such as eIDAS. Technically, Agrello's website is built on modern web technologies including Webflow CMS, Google Tag Manager, Microsoft Clarity, and integrates with popular tools like Zapier and Microsoft Word templates. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement, use of reCAPTCHA, and cookie consent mechanisms, although explicit security headers and a dedicated security policy page are not publicly evident. From a security posture perspective, the platform demonstrates strong adherence to best practices with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear privacy and cookie policies aligned with GDPR requirements. However, the absence of a public incident response or vulnerability disclosure page suggests room for improvement in transparency and security readiness. Overall, Agrello presents a trustworthy and professional online presence with a clear value proposition for SMEs seeking to streamline contract workflows. The domain WHOIS data is privacy protected, which is typical for SaaS providers, and does not raise immediate concerns. Strategic recommendations include enhancing security header implementation, publishing a security policy and incident response information, and providing DPO contact details to further strengthen compliance and trust.

R

ROI

roi.ee

0

ROI is an established Estonian company specializing in corporate gifts, promotional items, and branded apparel, serving businesses seeking quality branded products since 1992. The website is built on a modern Angular framework, incorporating standard web fonts and styles, and integrates Google Tag Manager and CookieHub for analytics and cookie consent management. The technical infrastructure is solid with HTTPS enforced and a cookie consent mechanism that supports GDPR compliance. However, explicit contact information and detailed security policies are not present on the site, which could be improved to enhance trust and compliance. The domain registration data is consistent and indicates a legitimate and stable business presence. Overall, the website demonstrates good digital maturity and a moderate security posture, with room for enhancements in security headers and incident response transparency.

A

AS Eesti Loto

eestiloto.ee

0

AS Eesti Loto operates as the official national lottery provider in Estonia, offering a variety of lottery games such as Eurojackpot, Vikinglotto, Bingo loto, Keno, Jokker, and e-kiirloterii. The website serves as a platform for ticket sales, results checking, and account management, targeting Estonian residents interested in legal lottery gaming. The company holds a strong market position as a government-licensed entity with a medium-sized operational scale. The website's content is well-structured, professionally designed, and provides comprehensive information about games, responsible gaming, and user support.

E

eHost OÜ

aksohaus.ee

0

Investor.ee is a small Estonian educational website focused on providing practical advice and information about investing, portfolio management, risk management, and financial knowledge. The site targets individuals and organizations interested in growing their capital through various investment strategies. The business operates primarily as a content and informational platform, with a niche focus on the Estonian-speaking investment community. The domain is registered to eHost OÜ since 2019, consistent with the website's scope and scale. Technically, the website is built on WordPress using a modern theme and standard libraries such as Bootstrap, jQuery, and FontAwesome. It integrates Google Tag Manager for analytics and Google reCAPTCHA v3 for spam protection on forms. The site is hosted behind Cloudflare DNS and uses HTTPS, ensuring secure communication. Mobile optimization and SEO practices are good, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks explicit security headers like Content-Security-Policy and X-Frame-Options, and does not publish privacy or cookie policies, which are critical for GDPR compliance. No incident response or security policy information is available. External links are configured to open in new windows with noopener for security. Overall, the website is functional, professionally designed, and provides relevant content for its audience. The main risks relate to privacy compliance gaps and missing security headers. Strategic improvements in these areas would enhance trust and regulatory adherence.

M

Manimal OÜ

manimaldesign.com

0

Manimal OÜ is a small Estonian digital media and design studio specializing in web design, SEO, and social media services. Founded in 2016, the company targets local businesses and individuals seeking creative digital solutions. The website reflects a professional and consistent brand image with a clear portfolio and client references. Technically, the site is built on WordPress with modern plugins such as Elementor and WooCommerce, and includes tracking via Google Analytics and Facebook Pixel. Security measures include HTTPS and Google reCAPTCHA on the contact form, but lack advanced security headers and explicit privacy or cookie policies. Overall, the site is functional and credible but would benefit from enhanced privacy compliance and security hardening.

T

Tallinna Tehnikakõrgkool

tktk.ee

0

Tallinna Tehnikakõrgkool is a reputable higher education institution in Estonia specializing in technical and engineering education. The website serves multiple audiences including prospective and current students, continuing education learners, and business partners. It offers comprehensive information on study programs, admissions, continuing education, and institutional news. The institution maintains a solid market position as a key technical education provider in Estonia. Technically, the website is built on WordPress using the Elementor page builder, enhanced with Yoast SEO and Usercentrics for GDPR-compliant cookie management. It integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and a chat widget, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS and uses a consent management platform, but lacks explicit security headers like Content-Security-Policy and does not publicly disclose security policies or incident response procedures. No vulnerability disclosure or security.txt file is present, which could be improved to enhance transparency and trust. Overall, the website is professional, trustworthy, and well-maintained, with moderate to good scores in content quality, technical implementation, and security posture. Strategic improvements in security headers, privacy policy publication, and incident response transparency are recommended to further strengthen compliance and security maturity.

M

Morek Group

morek.eu

0

Morek Group is a medium-sized Estonian company specializing in manufacturing and distributing high-quality electrical components and electric vehicle charging solutions. With 20 years of industry experience, Morek positions itself as a trusted partner in the energy and transportation sectors, focusing on infrastructure development for electricity and electric cars. The company targets electrical industry professionals and infrastructure developers across Europe, supported by multilingual website content and a clear product catalog. Technically, the website is built on WordPress with modern JavaScript integrations, including Google Tag Manager and Facebook Pixel for analytics and marketing. The site demonstrates good performance, mobile optimization, and SEO practices, with a consent management system for cookies ensuring privacy compliance. The technical infrastructure reflects a mature digital presence suitable for a medium-sized enterprise. From a security perspective, the site enforces HTTPS and uses consent mechanisms but lacks explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. Security headers could be improved to enhance protection. Overall, the security posture is solid but could benefit from formalized policies and additional headers. The domain WHOIS data is consistent with the business claims, showing no privacy protection and a domain age appropriate for the company's 20-year history. Contact information is clearly presented, including emails, phone numbers, and physical address, enhancing business credibility. Social media presence on LinkedIn and Facebook supports trust and engagement. Recommendations include publishing security and incident response policies, adding security headers, and considering a vulnerability disclosure program to strengthen security culture and compliance.

A

Ambient Sound Investments

asi.ee

0

Ambient Sound Investments (ASI) is a private asset management firm established in 2003 by four founding engineers of Skype. The company operates as a family office with a focus on investments across venture capital, private equity, listed equity, and real assets, with assets geographically located in Europe, the US, and Asia. The website presents a professional image with clear navigation and relevant business content, targeting investors and professionals interested in diversified asset management. The business model is niche and specialized, leveraging the founders' technology and finance backgrounds. Technically, the website is built on the Voog CMS platform, utilizing standard web technologies such as JavaScript, CSS, and HTML5. The site is mobile optimized and performs moderately well, though accessibility features are basic. The hosting and domain registration are consistent with the business location in Estonia, with no signs of privacy protection or suspicious WHOIS data. External scripts are limited and primarily related to the CMS platform. From a security perspective, the website benefits from HTTPS with a valid SSL certificate, but lacks important security headers and visible security policies. There are no privacy or cookie policies, nor contact information for security incidents or data protection officers. No vulnerabilities or exposed sensitive data were detected, but the absence of key compliance documents and security headers represents a moderate risk. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to strengthen trust and regulatory adherence.

S

Softwerk

softwerk.ee

0

Softwerk OÜ is an Estonian technology company specializing in custom business software solutions including business intelligence (BI), ERP implementations (notably Microsoft Dynamics 365), and web development using modern frameworks such as .NET and React. Established in 2012, Softwerk has positioned itself as a trusted partner for businesses in Estonia and Europe, offering tailored solutions that improve operational efficiency and data-driven decision making. The company emphasizes long-term client relationships and quality service delivery, supported by positive client testimonials and recognized partnerships such as Microsoft. Technically, the website is built on WordPress with WPBakery Page Builder, leveraging common web technologies like jQuery and FontAwesome, and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is solid with HTTPS enforced and secure form handling, but lacks advanced security headers and explicit security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, Softwerk demonstrates a mature digital presence with room for improvement in privacy and security transparency.

B

Boomerang

boomerang.ee

0

Boomerang is a well-established third-party logistics provider specializing in eCommerce fulfillment and returns management, primarily serving the Nordic region and global markets. The company positions itself as the largest return handling operator in the Nordics, offering tailored and flexible logistics solutions to online webshops. The website reflects a professional and consistent brand image with good content quality and clear business focus. Technically, the site is built on WordPress with Elementor, leveraging modern technologies such as Usercentrics for cookie consent and Google Tag Manager for analytics, indicating a moderate level of digital maturity. Security-wise, the website enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published security policies, which are areas for improvement. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

The website www.sotsiaalkindlustusamet.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks access to the actual content. As a result, no business information, contact details, or policy documents are available for review. The site is protected by Cloudflare's WAF, indicating a focus on security but preventing external analysis. Without access to the real content, it is not possible to assess the company's market position, services, or compliance posture. The technical infrastructure relies on Cloudflare services, but performance and SEO cannot be evaluated. Security posture cannot be fully assessed beyond the presence of Cloudflare protection. Overall, the site appears to be a government-related entity from Estonia, but detailed insights are unavailable due to access restrictions.

L

Latitude59

latitude59.ee

0

Latitude59 is a well-established flagship startup and technology event based in Estonia, with a history dating back to 2012. It serves as a key platform for startups, investors, partners, and media to connect and showcase innovation. The website reflects a mature event organization with a strong international presence, offering pitch competitions, investor days, and satellite events worldwide. The business model centers on event management and ecosystem development within the technology sector. Technically, the website is built on WordPress using Elementor and integrates modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and PixelYourSite. The site is optimized for SEO and mobile devices, with a good user experience and clear navigation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is good, with a comprehensive privacy and cookie policy and GDPR adherence. However, the site lacks explicit security policies, incident response contacts, and terms of service pages, which could enhance trust and compliance. Overall, Latitude59's website demonstrates a professional, secure, and privacy-conscious digital presence aligned with its business objectives.

S

Sviiter Studio

sviiter.ee

0

Sviiter Studio is a small, independent full-service design-oriented studio based in Estonia, specializing in branding, digital, and print design services. The company positions itself as innovative and client-focused, targeting businesses and organizations seeking comprehensive design solutions. The website is professionally designed using the Squarespace platform, featuring clear navigation, responsive design, and integration with social media channels such as Instagram, Facebook, and Behance. Technical infrastructure leverages modern web technologies and content delivery networks to ensure moderate performance and good user experience across devices. Security posture is strong with HTTPS enforced, HSTS enabled, and a cookie consent mechanism in place, although explicit privacy policies and incident response information are absent. Overall, the website reflects a trustworthy and credible business presence with room for improvement in privacy compliance and security transparency.

F

FM Capital Consulting Ltd.

capital-consulting.com

0

FM Capital Consulting Ltd. is a well-established Estonian finance consulting firm specializing in worldwide company registration, bookkeeping, compliance, legal support, and tax planning services. The company targets businesses and entrepreneurs, including startups and fintech companies, offering tailored corporate and tax advantage solutions. Their market position is that of a niche consulting provider with expertise in cross-border transactions and fintech licensing. The website is professionally designed with good content quality and clear navigation, supporting their business credibility. Technically, the website is built on WordPress with common plugins such as Yoast SEO, Slider Revolution, and WPBakery Page Builder. It uses modern tracking and analytics tools including Google Analytics and LinkedIn Insight Tag. Performance and mobile optimization are good, though accessibility is basic. The hosting provider is not explicitly identified but the domain is registered with GoDaddy and uses DNS servers from zone.eu and zone.ee. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. No privacy or cookie policies are present, which is a compliance gap especially given the use of tracking technologies. Contact information is clearly provided, enhancing trust. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the website presents a moderate risk profile with strengths in business credibility and technical implementation but weaknesses in privacy compliance and security best practices. Strategic improvements in privacy policy implementation, cookie consent, and security headers would enhance their security posture and compliance standing.

R

R Haldus OÜ

rhaldus.ee

0

R Haldus OÜ is a small Estonian company specializing in property management services for commercial and residential real estate. Their website presents a focused business model offering competent and quality property maintenance and management services. The site is primarily in Estonian with options for English and Russian, targeting property owners seeking professional management solutions. Technically, the website is built on the Voog CMS platform and uses common JavaScript libraries such as jQuery and Modernizr, along with Google Analytics and Google Tag Manager for tracking. The site is moderately optimized for mobile devices and has basic SEO and accessibility features. Security-wise, the website uses HTTPS but lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. There is no visible incident response or vulnerability disclosure information, which limits transparency in security matters. Overall, the website is functional but basic, with room for improvement in privacy, security, and content depth.