Security Directory

S

ShelterBox

shelterbox.org

0

ShelterBox is a well-established UK-based non-profit organization specializing in providing emergency shelter and disaster relief to families affected by conflict and natural disasters worldwide. With a domain age dating back to 2001 and a network of international affiliates, ShelterBox holds a strong market position in the humanitarian aid sector. Their website is professionally designed, content-rich, and targets donors, volunteers, and affected communities effectively. Technically, the site is built on WordPress, leveraging modern analytics and tracking tools such as Google Analytics, Facebook Pixel, and Hotjar, with Cloudflare providing DNS and CDN services. Security posture is solid with HTTPS enforced, though there is room for improvement in security headers and explicit incident response documentation. Privacy compliance is well addressed with comprehensive privacy and cookie policies, and GDPR adherence is evident. Overall, the website demonstrates high professionalism, trustworthiness, and operational maturity.

I

International Committee of the Red Cross

icrc.org

0

The International Committee of the Red Cross (ICRC) is a globally recognized humanitarian organization dedicated to providing assistance and protection to people affected by armed conflict and violence. The website reflects the organization's mission of neutrality, impartiality, and independence, offering extensive information on their activities, global presence, and urgent appeals for donations. The site is multilingual and professionally designed, targeting a broad audience including donors, affected populations, and humanitarian partners. Technically, the website is built on Drupal 10, employs modern security and privacy technologies such as hCaptcha and Usercentrics CMP, and integrates Google Tag Manager for analytics. Security posture is strong with HTTPS enforced and secure form handling, though explicit security headers and a public security policy are absent. Overall, the website is trustworthy, compliant with GDPR, and provides a safe user experience.

A

Access Info Europe

access-info.org

0

Access Info Europe is a non-profit organization dedicated to promoting the right to information and transparency. The website serves as a platform for advocacy, public interest campaigns, and legal research related to access to information. The organization targets civil society, transparency advocates, and the general public. The website is built on WordPress using the Avada theme and WPML for multilingual support, indicating a mature digital infrastructure. Google Analytics and Tag Manager are employed for visitor tracking, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit privacy or cookie policies, which are areas for improvement. Overall, the website is professional and trustworthy, with content relevant to its mission and audience.

G

Geldersch Landschap en Kasteelen

glk.nl

0

Geldersch Landschap en Kasteelen (GLK) is a well-established Dutch non-profit organization founded in 1929, dedicated to the conservation and management of nature areas, castles, and estates in the Gelderland region. The organization offers public engagement through excursions, activities, and donor programs, positioning itself as a trusted steward of cultural and natural heritage. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to nature enthusiasts and local communities. Technically, the site leverages modern web technologies including WordPress CMS, imgix for image delivery, and Google Tag Manager for analytics, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and standard security headers, though there is room for improvement in publishing explicit security policies and incident response information. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, GLK's website demonstrates high trustworthiness, professionalism, and alignment with its mission and audience.

A

Asociatia Fumatorilor

asociatiafumatorilor.ro

0

Asociatia Fumatorilor is a Romanian non-profit organization advocating for smokers' rights and lifestyle freedom. It operates a community and private club network called Clubul Fumatorilor™, promoting equal access for smokers and non-smokers. The website serves as an information hub and community platform with content in Romanian and some English linkage. Technically, the site is built on Drupal CMS with common web technologies and includes Google Analytics and Google Adsense for tracking and monetization. Security posture is moderate with HTTPS enabled and IP anonymization in analytics, but lacks explicit security headers and privacy policy documentation. The domain WHOIS data is privacy protected by ROTLD, which is typical for Romanian domains, and no registrant details are publicly disclosed. Overall, the site is functional and moderately professional but could improve in privacy compliance and security best practices.

N

NATIONAL ENDOWMENT FOR DEMOCRACY

ned.org

0

The National Endowment for Democracy (NED) operates as a large, well-established non-profit organization dedicated to supporting democratic institutions worldwide through grantmaking, fellowships, research, and events. The website reflects a professional and comprehensive digital presence, targeting NGOs, democracy advocates, and the general public interested in democracy promotion. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Analytics, and New Relic monitoring, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS, security headers, and monitoring tools, though incident response and vulnerability disclosure mechanisms are not explicitly visible. Overall, the site is trustworthy, well-branded, and compliant with privacy regulations, though WHOIS data is unavailable, likely due to privacy protection common in non-profits.

C

Center za informiranje, sodelovanje in razvoj nevladnih organizacij (CNVOS)

cnvos.si

0

CNVOS is a well-established Slovenian non-profit umbrella organization supporting over 1600 NGOs through advocacy, legal advice, training, and sector promotion. The website reflects a mature digital presence with clear navigation, professional design, and relevant content tailored to the NGO sector. Technically, the site uses modern frameworks like Bootstrap and integrates privacy-conscious analytics (Plausible). Security posture is solid with HTTPS and secure form handling, though improvements in security headers and published policies are recommended. Overall, CNVOS demonstrates strong business credibility and sector leadership with a trustworthy online presence.

D

Danes je nov dan - Inštitut za druga vprašanja

danesjenovdan.si

0

Danes je nov dan is a Slovenian non-profit institute focused on advancing digital rights, democratic participation, transparency, and community solidarity. Established in 2012, it operates through advocacy, research, public engagement, and publication of a monthly newsletter. The organization maintains a strong online presence with active social media channels and collaborative projects with recognized partners such as EDRi and Pravno mrežo za varstvo demokracije. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website employs modern JavaScript libraries including Alpine.js and htmx, and uses Plausible Analytics for privacy-respecting user tracking. The site is hosted by a Slovenian registrar HITROST.COM and demonstrates fast performance and excellent mobile optimization. However, there is room for improvement in security headers and explicit cookie consent mechanisms. From a security perspective, the site uses HTTPS and secure forms with consent checkboxes, but lacks published security policies and incident response contacts. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is good but could be enhanced by adopting additional best practices. The overall risk assessment is low, with the site being trustworthy and professionally maintained. Strategic recommendations include implementing cookie consent banners, publishing security and incident response policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

D

Danes je nov dan - Inštitut za druga vprašanja

djnd.si

0

Danes je nov dan is a Slovenian non-profit institute focused on digital rights, democratic participation, transparency, and community solidarity. Established in 2012, it operates various advocacy and awareness projects, publishes a monthly newsletter, and maintains an active presence in media and social platforms. The organization targets Slovenian-speaking audiences interested in digital and democratic issues. Technically, the website uses modern JavaScript libraries such as Alpine.js and htmx, with privacy-respecting analytics via Plausible. The site is well-designed, mobile-optimized, and provides clear navigation and rich content. Security posture is good with HTTPS enforced and no visible vulnerabilities, though it lacks some security headers and explicit security policies. Privacy compliance is mostly good, with a clear privacy policy but missing cookie consent mechanisms. Overall, the website is professional, trustworthy, and reflects an active, credible non-profit entity.

S

Smokers Association

smokersassociation.org

0

Smokers Association is a small non-profit organization advocating for the rights and freedoms of smokers worldwide. The website serves as a community hub offering articles, media, and event information related to smokers' rights and lifestyle choices. It positions itself as a defender of personal liberty against segregation and restrictive policies. The site has been active since at least 2008, with content reflecting ongoing advocacy and community engagement. Technically, the website is built on Drupal CMS with common web technologies such as jQuery and integrates Google Analytics and Adsense for tracking and monetization. The site is mobile-friendly and moderately optimized but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks important security headers and formal security policies. The absence of WHOIS data and registrant information reduces domain trustworthiness, although the website content and historical presence suggest legitimacy. Privacy compliance is minimal, with no privacy or terms of service pages found, but a cookie consent mechanism is implemented. Contact is only available via a web form, with no direct emails or phone numbers provided. Overall, the site is functional and serves its advocacy purpose but would benefit from improved transparency, security practices, and privacy compliance to enhance trust and professionalism.

Bénévalibre is a French non-profit initiative providing free open-source software to assist very small associations in managing and valorizing volunteer work. The project is supported by CRAJEP Bourgogne-Franche-Comté and several financial and expert partners. The website serves as an informational portal and access point to the web application. Technically, the site is built on WordPress with standard plugins and modern web technologies, offering a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is limited due to absence of cookie consent and detailed GDPR policies. Overall, the domain registration and website content align well, indicating a legitimate and focused non-profit project.

S

Specialdelivery

specialdeliverysandiego.org

0

Special Delivery San Diego is a small non-profit organization dedicated to providing nutritional support to the San Diego community through home-delivered meals, a nutrition pantry, and diabetic education programs. The organization relies on donations and volunteer efforts to serve over 800 families monthly. The website is built on the Wix platform, featuring a professional design with clear navigation and calls to action for volunteering and donations. Technically, the site uses modern web technologies and enforces HTTPS, but lacks advanced security headers and privacy compliance features. No WHOIS data was available due to query failure or privacy protection, but the domain and website content appear consistent with a legitimate non-profit entity. Overall, the site demonstrates good business credibility and content quality but should improve privacy policies and security practices to enhance trust and compliance.

Southern California Bulldog Rescue is a small non-profit organization dedicated to rescuing and rehoming bulldogs in the Southern California region. The website serves as an informational platform to support their mission, targeting animal lovers, potential adopters, and donors. The organization has a long-standing presence since 2006, reflected in the domain registration data. Technically, the website is built on the Snap Cloud CMS platform, hosted on AWS infrastructure, and uses common web technologies such as JavaScript and Google Fonts. The site is accessible and uses HTTPS, but lacks advanced security headers and privacy compliance features. There is minimal content and no visible contact or policy pages, which limits user engagement and trust signals. Security posture is moderate with room for improvement in headers and policy disclosures. Overall, the website is functional but basic, with recommendations to enhance security, privacy compliance, and user trust.

W

Womanity

womanity.org

0

The Womanity Foundation is a Swiss-based non-profit organization dedicated to accelerating gender equality through innovative programs focused on education, land rights, media, and violence prevention. The organization has a strong market position, recognized globally for its impact and sustainability, with over 31 million people supported since 2005. The website reflects a mature digital presence with multilingual support, secure donation processing, and active social media engagement. Technically, the site is built on WordPress with modern plugins and integrations, offering good performance and accessibility. Security posture is solid with HTTPS, secure payment gateways, and anti-bot measures, though improvements like DNSSEC and enhanced security headers are recommended. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site projects high professionalism and trustworthiness, supporting the organization's mission effectively.

I

IVN Nederland

ivn.nl

0

IVN Nederland is a well-established Dutch non-profit organization dedicated to nature education and engagement for children and adults. The organization offers a wide range of services including nature activities, courses, volunteer programs, and a nature routes app. IVN holds recognized certifications such as ANBI and CBF, reinforcing its credibility and trustworthiness in the non-profit sector. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency, targeting a broad audience interested in nature and environmental education. Technically, the website is built on WordPress with modern technologies including jQuery, Google Maps API, and various marketing and analytics tools like Google Tag Manager, Hotjar, and Microsoft Clarity. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong with comprehensive privacy and cookie policies and active consent mechanisms. Overall, IVN Nederland's digital presence reflects a mature and trustworthy organization with a clear mission and effective online engagement. The absence of critical security issues and the presence of multiple trust indicators support a high level of business credibility and user trust.

C

Civic Science Fellows

civicsciencefellows.org

0

Civic Science Fellows is a US-based non-profit organization focused on fostering leadership and collaboration between science and society through its fellowship program. The website presents a professional and well-structured platform built on WordPress, hosted on DigitalOcean, with a clear focus on community engagement and educational content. The technical infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies, and no GDPR indicators are present. Contact information is limited to a contact form and newsletter signup, with no direct emails or phone numbers provided. Overall, the site is trustworthy and safe for general audiences but would benefit from improved privacy and security practices.

T

The Signals Network

thesignalsnetwork.org

0

The Signals Network is a small non-profit organization dedicated to supporting whistleblowers and coordinating international media investigations focused on corporate misconduct and human rights abuses. The organization positions itself as a trusted intermediary for whistleblowers and media, emphasizing accountability and public good. The website reflects this mission with professional design and relevant content targeting whistleblowers, journalists, and the public. Technically, the website is built on WordPress using the Avada theme, hosted on DigitalOcean, and employs modern performance optimizations such as WP Rocket and lazy loading. It integrates several marketing and analytics tools including Google Analytics, Google Tag Manager, and LinkedIn Insight Tag. Mobile optimization and SEO practices are good, though accessibility is basic. From a security perspective, the site uses HTTPS with a good SSL configuration and enforces client transfer protection on the domain. However, DNSSEC is not enabled and security headers are minimal or absent. There is no visible security policy or vulnerability disclosure mechanism, and no explicit incident response contacts. Cookie consent is implemented via Termly with auto-blocking, indicating some privacy compliance effort. Overall, the website is trustworthy and professional with a solid business credibility score. Security posture is moderate with room for improvement in headers and disclosure policies. Privacy compliance is basic due to missing explicit privacy and terms pages. Recommendations include enabling DNSSEC, adding security headers, publishing security and privacy policies, and providing direct contact channels for security incidents.

F

Fundacja Panoptykon

panoptykon.org

0

Fundacja Panoptykon is a Polish non-profit organization dedicated to human rights and digital privacy advocacy. Established in 2009, it operates primarily in Poland and provides a range of services including publications, campaigns, legal complaints, and public awareness initiatives. The website serves as a platform for disseminating information and engaging the public on issues related to surveillance, privacy, and freedom in the digital age. The organization maintains a strong presence through various content types such as articles, reports, podcasts, and videos, targeting a general audience interested in digital rights and privacy.

C

Civil Liberties Union for Europe

liberties.eu

0

The Civil Liberties Union for Europe operates as a non-profit human rights watchdog focused on protecting and promoting civil liberties across the European Union. The organization provides advocacy, campaigns, training, and research services to inform and mobilize citizens and civil society organizations. Their market position is strong within the EU human rights sector, supported by a network of NGOs and media presence. Technically, the website is built on a modern Ruby on Rails stack with CDN and security integrations such as reCAPTCHA and Stripe for donations. The site is well-optimized for performance, mobile, and accessibility. Security posture is robust with HTTPS, security headers, and CSRF protections, though explicit security policies and incident response details are not published. Overall, the website is professional, trustworthy, and compliant with GDPR and cookie regulations, with no signs of malicious activity or content blocking.

I

Irish Council for Civil Liberties

iccl.ie

0

The Irish Council for Civil Liberties (ICCL) is Ireland's oldest human rights organization, established in 1976. It operates as a non-profit advocacy group focused on promoting and protecting human rights across various sectors including justice, equality, digital rights, and democratic freedoms. The organization is independent and non-partisan, funded primarily through members and donors. The website serves as a platform for news, campaigns, petitions, and educational resources aimed at the general public interested in human rights issues in Ireland. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO and Matomo Analytics. It uses HTTPS and includes responsive design elements for mobile optimization. The site demonstrates good performance and accessibility basics, though there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site employs HTTPS and disables cookies in analytics to enhance privacy. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits domain trust verification, but the website content and contact information align with a legitimate non-profit entity. Overall, the website presents a professional and trustworthy front for ICCL, with strong content quality and business credibility. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing security and incident response policies, and establishing a vulnerability disclosure process to further strengthen trust and compliance.

G

Gong

gong.hr

0

Gong is a well-established Croatian non-profit organization founded in 1997, dedicated to promoting active citizen participation in political processes. The organization offers educational programs, research, and digital tools aimed at enhancing democracy, transparency, and civic engagement. Their market position is strong within the Croatian civil society sector, supported by partnerships with governmental and EU bodies. The website reflects a professional and consistent brand image with clear communication channels and comprehensive content relevant to their mission. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements in security headers and incident response disclosures are recommended. Overall, the site is safe, trustworthy, and compliant with GDPR requirements.

N

Nederlandse Vereniging Beheer keurmerk Aangepaste Vakanties

nbav.nl

0

The website www.nbav.nl represents the Nederlandse Vereniging Beheer keurmerk Aangepaste Vakanties, a Dutch organization providing certification for entities focused on people with disabilities. The site is built on the Wix platform, utilizing Wix's Thunderbolt framework and standard JavaScript polyfills. The content is primarily in Dutch and targets organizations and stakeholders in the disability support sector. The business model revolves around certification and association management within a niche market in the Netherlands. Technical infrastructure is standard for Wix-hosted sites, with moderate performance and good mobile optimization but limited SEO due to meta robots noindex directive. Security posture is basic, lacking advanced security headers and policies, and no privacy or cookie policies are present, indicating compliance gaps. Overall, the site is functional but would benefit from enhanced security and privacy measures to improve trust and compliance.

L

Libre Association (groupe de travail de l’April)

libreassociation.info

0

Libre Association is a small non-profit working group under the April organization, dedicated to bridging the associative sector and free software. The website provides educational content, community resources, and practical guides to promote free software usage among associations, primarily targeting French-speaking users. The site is professionally designed with consistent branding and clear navigation, leveraging SPIP CMS and Bootstrap frameworks. It uses Matomo analytics configured with privacy considerations, reflecting a moderate digital maturity. Security posture is adequate with HTTPS usage implied, but lacks explicit security headers and published privacy or cookie policies, which are areas for improvement. No contact information or incident response channels are provided, limiting transparency. Overall, the website is trustworthy and safe, with no adult or questionable content detected.

T

Take Back The Tech!

takebackthetech.net

0

Take Back The Tech! is a well-established non-profit campaign founded in 2006, dedicated to empowering women and girls to take control of technology to end gender-based violence. The website serves as an educational and advocacy platform offering resources, campaigns, and community engagement tools. It targets activists, women, and communities concerned with technology-facilitated violence. Technically, the site is built on Drupal 9 with modern web technologies, providing a responsive and accessible user experience. However, some technical aspects such as DNSSEC and security headers could be improved to enhance security. The security posture is moderate with domain management practices that prevent unauthorized changes but lacks published security policies or incident response information. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is credible and trustworthy, with a clear mission and consistent branding, but could benefit from enhanced security and privacy practices.

L

Les métiers en Église

metiers-eglise.ch

0

Les métiers en Église is a small-scale informational website focused on presenting various vocations and professions within the Catholic Church, primarily targeting a general audience interested in religious careers. The website is built on the Wix platform, leveraging Wix's hosting and content management capabilities, with a moderate level of technical maturity. It uses HTTPS and standard Wix scripts but lacks advanced security headers and privacy compliance mechanisms. The site includes Google Tag Manager for analytics but does not provide visible privacy or cookie policies, nor contact information for users or security incidents. Overall, the website is professionally designed with good content relevance but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

R

Radically Open Security

radicallyopensecurity.com

0

Radically Open Security is a non-profit computer security consultancy focused on improving global security through research, networking, and forensics expertise. The organization targets clients seeking expert security consultancy and is staffed by security researchers and Capture The Flag winners, positioning itself as a niche player in the non-profit security sector. The website presents a professional and consistent brand image with good content quality and clear messaging about its mission and services. Technically, the site uses modern web standards with HTTPS and a Content Security Policy, but lacks advanced security headers and privacy compliance documentation. The absence of WHOIS registration data raises some concerns about domain legitimacy, though the website content suggests a genuine organization. Overall, the site demonstrates a solid security posture but would benefit from enhanced privacy policies and contact transparency.

C

Center for the Cultivation of Technology gGmbH

techcultivation.org

0

The Center for the Cultivation of Technology is a small non-profit organization based in Germany that provides fiscal sponsorship and backend organizational support for international Free Software and open source projects. Their services include donation processing, budget management, asset stewardship, and expert knowledge sharing, enabling developers to focus on software development while the Center handles administrative and financial tasks. The website clearly communicates their mission and services, targeting open source projects and developers seeking a legal and financial host. Technically, the website is built using the Hugo static site generator with Bootstrap 3, jQuery, and Font Awesome for styling and interactivity. The site is mobile-optimized and presents a professional design with clear navigation. However, some technical aspects such as DNSSEC are not enabled, and no advanced security headers were detected. The site does not appear to use analytics or tracking scripts, indicating a privacy-conscious approach. From a security perspective, the website uses HTTPS and has domain transfer protections in place, but lacks published privacy and cookie policies, security policies, and incident response information. No direct contact emails or phone numbers are provided, only contact forms. These gaps reduce privacy compliance and security transparency. No suspicious or malicious content was detected, and the domain registration data is consistent with the organization's claims. Overall, the website is trustworthy and professional but would benefit from improved privacy compliance, enhanced security headers, and more transparent contact and security policy information to strengthen user trust and regulatory adherence.

C

Cazadores de Fake News

cazadoresdefakenews.info

0

Cazadores de Fake News is a Venezuelan non-governmental organization dedicated to monitoring and combating misinformation spread through social networks and instant messaging in Venezuela and Latin America. The website serves as a platform for publishing fact-check articles, educational resources, and offers a chatbot verification service via WhatsApp. The organization targets the general public concerned with misinformation and disinformation in the region. Technically, the website is built on WordPress using modern themes and plugins, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled, but lacks some security headers and cookie consent mechanisms. The WHOIS data is malformed and unavailable, which limits domain trust verification, but the website content and social media presence support its legitimacy. Overall, the site is professional, content-rich, and trustworthy, with room for improvement in security headers and privacy compliance.

A

AFAS Foundation

afas.foundation

0

The AFAS Foundation is a Dutch non-profit organization dedicated to inspiring and supporting social projects that create significant positive impact. The foundation focuses on funding and facilitating initiatives that help many people and inspire change. Their website is professionally designed, mobile-optimized, and provides detailed information about ongoing projects, events, and news updates. Technically, the site uses modern web technologies including Bootstrap, Font Awesome, and Google Tag Manager for analytics. Security posture is moderate with HTTPS implied but lacks explicit security headers and privacy policies. The absence of WHOIS data limits full verification of domain legitimacy, but the website content and branding are consistent with a reputable non-profit entity. Overall, the foundation demonstrates a solid digital presence with room for improvement in privacy compliance and security best practices.

V

Villars-Animation

vsg-animation.ch

0

Villars-Animation is a local socio-cultural animation service operating under the commune of Villars-sur-Glâne, Switzerland. It focuses on providing activities and community support primarily for youth aged 6 to 25, as well as families, elderly, and migrants. The organization offers a variety of creative, cultural, and sports activities across multiple centers and locations. The website serves as an informational portal for these services and upcoming events. Technically, the website is built on Drupal 7 with a moderate technology stack including jQuery 1.12 and Matomo analytics. While the site is functional and provides good content quality and navigation, it lacks modern security headers and uses outdated JavaScript libraries, which could pose security risks. The site is accessible via HTTPS, but no explicit security policies or privacy notices are present. From a security perspective, the site shows moderate maturity with no visible critical vulnerabilities but lacks important compliance elements such as privacy and cookie policies, GDPR indicators, and incident response contacts. The use of Matomo analytics without a visible cookie consent mechanism suggests potential privacy compliance gaps. No WAF or blocking mechanisms were detected, and the content is safe for general audiences. Overall, the website is a trustworthy local community service platform but would benefit from enhanced security practices, privacy compliance improvements, and clearer contact information to improve user trust and regulatory adherence.

A

Acorn Active Media Foundation

thexlab.org

0

The XLab is a US-based non-profit research institution focused on advancing digital equity through broadband mapping, affordability research, community networking, and digital privacy advocacy. The organization serves a diverse audience including policymakers, community leaders, researchers, and local ISPs. Their market position is that of a pioneer and leader in broadband and digital equity initiatives, with a strong emphasis on open source and open data principles. Technically, the website is built on WordPress with Elementor and Astra theme, leveraging modern web technologies and providing a good user experience with mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy, but could improve in compliance and security transparency.

A

Anthropocene Magazine

anthropocenemagazine.org

0

Anthropocene Magazine is a nonprofit journalism platform dedicated to exploring sustainability, environmental science, and climate change solutions. It targets researchers, policymakers, designers, educators, and the general public interested in creating a sustainable Human Age. The website offers rich content including articles, newsletters, print editions, and live storytelling events. The business model relies on donations and memberships, positioning itself as a niche leader in environmental media. Technically, the site is built on WordPress with the Divi theme, uses Google Fonts, and integrates Google Analytics with opt-out capabilities. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is good with HTTPS enforced, but lacks some security headers and explicit security policies. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich, but could improve in privacy transparency and security best practices.

The Courage Foundation is an established international non-profit organization founded in 2013, dedicated to supporting whistleblowers and journalists who face persecution. The website serves as a platform for advocacy, fundraising, and public awareness campaigns, particularly focusing on high-profile cases such as Julian Assange. The organization targets activists, supporters of press freedom, and the general public interested in human rights. Technically, the site is built on WordPress with common plugins for contact forms and donations, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, and no formal privacy or cookie policies are published. Contact information is limited but includes verified email addresses and social media links. Overall, the site is professional, trustworthy, and content is safe for general audiences.

O

OrpheusPDX

orpheuspdx.org

0

OrpheusPDX is a small non-profit opera company based in Portland, Oregon, focused on delivering intimate opera performances and engaging the local community. The organization offers seasonal opera productions, subscription services, and opportunities for donations and volunteering. Their market position is that of a niche performing arts entity serving opera enthusiasts and the Portland arts community. Technically, the website is built on WordPress with a modern tech stack including jQuery, Select2, and Google Analytics integrations. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enforced and domain transfer protections in place, but lacks DNSSEC and security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR indicators. Overall, the website is trustworthy and professionally maintained, though improvements in security and privacy compliance are recommended.

F

freieFarbe e.V.

freiefarbe.de

0

freieFarbe e.V. is a small non-profit organization based in Germany dedicated to promoting color communication and freeing color from constraints. The website serves as an educational platform targeting professionals and enthusiasts interested in color standards and communication. It offers resources and advocacy services related to color communication. Technically, the website is built on WordPress with a modern plugin ecosystem including Real Cookie Banner for GDPR-compliant consent management, and uses reputable third-party services such as Google Fonts, YouTube, and Vimeo. The site is hosted on kasserver.com and employs HTTPS with good security headers, indicating a solid security posture. However, no explicit security policy or incident response information is published, which could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and safe for general audiences.

B

Ben Stocker Johnson

bensjohnson.com

0

Ben Stocker Johnson is a seasoned art director, designer, and illustrator specializing in visual storytelling for social good. The website serves as a professional portfolio showcasing a broad range of creative services including art direction, user experience, brand identity, illustration, and print design. The target audience primarily consists of mission-driven organizations such as nonprofits, government agencies, and social innovators. The business model is consultancy and creative services with a strong emphasis on cause-based projects. The website reflects over 20 years of experience, consistent with the domain age dating back to 2000. Technically, the website employs standard web technologies including HTML5, CSS3, JavaScript, jQuery, and Font Awesome icons. It integrates Google Analytics and Google Tag Manager for tracking and analytics. Hosting appears to be managed via Google Cloud DNS with domain registration through Squarespace Domains II LLC. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. From a security perspective, the site uses domain status flags to prevent unauthorized domain transfer or deletion but lacks DNSSEC and visible security headers. There is no privacy or cookie policy present, which impacts compliance with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is published. The site does not appear to be behind a WAF or security challenge, and no malicious or suspicious content is detected. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. However, it would benefit from enhanced privacy compliance, improved security headers, and explicit policies to strengthen its security posture and regulatory adherence.

F

Floatleft

floatleft.org

0

Floatleft is a specialized nonprofit website development company focusing on Drupal and WordPress platforms. Established in 2004, it serves nonprofit organizations primarily in the United States, offering tailored web development services to meet the unique needs of the nonprofit sector. The company positions itself as a niche provider with expertise in nonprofit digital presence and SEO optimization, leveraging tools like Yoast SEO and Google Analytics to enhance client websites. Technically, the website is built on WordPress, hosted on Pantheon, and uses Cloudflare DNS services. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. Security-wise, the site uses HTTPS with domain status protections but lacks DNSSEC and security headers, indicating room for improvement in domain and web security practices. Privacy compliance is weak, with no visible privacy or cookie policies and no GDPR compliance indicators. Contact information is not explicitly provided, which may affect user trust and compliance. Overall, the website is professional and safe, but enhancements in privacy, security policies, and contact transparency are recommended.

C

CommitChange LLC

commitchange.com

0

CommitChange LLC operates an all-in-one fundraising platform tailored for nonprofit organizations and social impact movements. The platform offers donation processing, fundraising campaigns, supporter management, event ticketing, and reporting tools, positioning itself as an accessible and intuitive solution for nonprofits to efficiently manage their fundraising efforts. The business model is SaaS-based with no monthly fees or contracts, appealing to organizations seeking flexible and cost-effective fundraising software. The company has been established since 2012, indicating a mature presence in the nonprofit technology sector. Technically, the website is built on WordPress 6.6.2 with jQuery and uses the Fluent Forms plugin for data collection. Hosting and DNS services leverage Cloudflare, providing a reliable infrastructure. The site demonstrates good mobile optimization and SEO practices but lacks advanced security headers and DNSSEC, which are areas for improvement. The website content is professionally designed with clear navigation and relevant information for its target audience. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but it lacks DNSSEC and security headers such as Content-Security-Policy and Strict-Transport-Security. No explicit security policies or incident response contacts are published, which could be a gap in transparency and readiness. The absence of cookie consent mechanisms may also impact privacy compliance, especially under GDPR. Overall, the security posture is moderate but could be enhanced with additional controls and disclosures. The overall risk assessment is low to moderate. The website is trustworthy and professional, serving a clear nonprofit market niche. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing security and incident response policies, and adding cookie consent mechanisms to improve compliance and user trust. These steps will strengthen the platform's security posture and regulatory adherence, supporting its growth and reputation in the nonprofit sector.

Z

Za bezpečný a svobodný internet, z. s.

sdilejbezpecne.cz

0

The website www.sdilejbezpecne.cz is a Czech non-profit initiative focused on educating the general public about safe and secure sharing practices on the internet, particularly on social media platforms. It provides guides, videos, and partner collaborations to promote privacy awareness. The site is positioned as a niche educational resource with a small organizational size and a clear mission to improve internet safety. Technically, the site is built on WordPress and uses common JavaScript libraries such as jQuery and media players, with Google Analytics for visitor tracking. The site is served over HTTPS with no visible security vulnerabilities, but lacks important compliance elements such as privacy and cookie policies. WHOIS data is unavailable, which limits domain legitimacy verification but the presence of reputable partners and professional design supports trust. Overall, the site demonstrates a good security posture but needs improvements in privacy compliance and transparency.

Big Brother Awards CZ is a privacy advocacy non-profit organization based in the Czech Republic, operating since 2004. The website serves as a platform to highlight and award entities that intrude on privacy, raising public awareness and fostering discussion on digital rights. The organization is well-established with a clear mission and a network of partners and supporters. Technically, the website is built on modern frameworks such as Astro and Tailwind CSS, delivering fast performance and excellent mobile optimization. However, it lacks explicit privacy and cookie policies, and security headers are not detected, indicating room for improvement in security posture. Overall, the site is professional, trustworthy, and content-rich, targeting a general audience interested in privacy and digital freedoms.

D

Digitální svobody

digitalnisvobody.cz

0

Digitální svobody is a Czech non-profit organization dedicated to advocating for digital rights, privacy, and freedoms. The website serves as a platform for news, campaigns, educational seminars, and community engagement focused on digital privacy and data protection. The organization targets Czech-speaking individuals interested in digital rights and operates primarily through donations and support. The website is well-branded and consistent with its mission, featuring recent content and active social media channels. Technically, the website is built on WordPress with common plugins such as Yoast SEO and Ultimate Blocks. It uses modern frontend technologies including jQuery, Bootstrap grid, and FontAwesome icons. The site is mobile-optimized and performs moderately well, with good SEO practices and basic accessibility features. Hosting and domain registration are consistent with the organization's founding date and location. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not implement a cookie consent mechanism, which is a compliance gap given EU regulations. Analytics usage is minimal and privacy-conscious, using Koko Analytics without extensive user tracking. No vulnerabilities or suspicious patterns were detected. Overall, the website is trustworthy and professional, with a strong focus on digital rights advocacy. Strategic improvements include adding cookie consent, enhancing security headers, and providing more explicit contact information to improve compliance and user trust.

Vrijschrift.org is a small non-profit foundation based in the Netherlands focused on advocating for free information and privacy protection. The website serves as a blog publishing detailed analyses and commentary on EU digital policy, data protection, trade agreements, and open source software. The content is primarily in Dutch with some English posts, targeting privacy advocates, policy makers, and the open source community. Technically, the site runs on Serendipity CMS, an older but stable blogging platform, with basic mobile and accessibility features. Security posture is moderate with HTTPS enforced but lacking advanced security headers and DNSSEC. No privacy or cookie policies are published, and no direct contact information is provided publicly, which limits privacy compliance and user trust. WHOIS data is consistent and supports the legitimacy of the organization with a long domain history since 2001. Overall, the site is content-rich and trustworthy but could improve in privacy compliance and security best practices.

H

hemmer.ch SA

theodia.org

0

Theodia.org is a specialized online platform providing free tools for managing and displaying Roman Catholic mass schedules worldwide. The website is operated by hemmer.ch SA, a Swiss organization with a domain registration dating back to 2008, indicating a stable and established presence. The platform targets the Roman Catholic community and users interested in service schedules, offering a niche but valuable service. Technically, the website is built using modern Angular framework and integrates Google Maps API for location-based features, reflecting a moderate level of digital maturity. The design is professional and mobile-optimized, providing a good user experience. However, the site lacks critical privacy and cookie policies, contact information, and security policies, which are essential for compliance and user trust. Security posture is adequate with HTTPS enabled but could be improved by enabling DNSSEC and implementing security headers. Overall, the website is legitimate and functional but would benefit from enhanced privacy compliance and security best practices.

R

Runder Tisch Reparatur e.V.

runder-tisch-reparatur.de

0

Runder Tisch Reparatur e.V. is a German non-profit organization dedicated to promoting the right to repair and fostering a culture of repair in Germany. The website serves as a hub for advocacy, networking, event information, and educational resources related to repair initiatives. It targets consumers, repair professionals, and policy makers interested in sustainability and repair rights. The organization positions itself as a key player in the repair advocacy space within Germany, leveraging partnerships and community engagement to advance its mission. Technically, the website is built on WordPress with common plugins for forms, events, and forums, indicating a moderate level of digital maturity. The site is well-structured, mobile-optimized, and includes cookie consent mechanisms, reflecting good privacy compliance. Security posture is adequate with HTTPS enforced, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and aligned with its non-profit mission, with no signs of malicious activity or content blocking.

R

Right to Repair Europe

repair.eu

0

Right to Repair Europe is a non-profit coalition advocating for the right to repair products across Europe, emphasizing sustainability and longer product lifespans. The organization targets consumers, repairers, and policymakers to promote legislative and systemic changes. Their website serves as an information hub and campaign platform, featuring news updates, resources, and a newsletter signup to engage supporters. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted by domainfactory GmbH. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and Google Tag Manager but lacks explicit security headers and public security policies. Privacy compliance is strong with GDPR-aligned privacy and cookie policies and a consent mechanism. Overall, the website is trustworthy, professional, and aligned with its advocacy mission.

I

Iuridicum Remedium, z. s.

iure.org

0

Iuridicum Remedium (IuRe) is a Czech non-governmental non-profit organization dedicated to protecting human rights, particularly focusing on digital freedoms and legal aid related to debt and executions. With over 20 years of experience, it holds a strong position in the Czech human rights advocacy sector, organizing notable events such as the Big Brother Awards. The organization provides free legal advice and promotes privacy rights, targeting Czech-speaking citizens concerned with civil liberties and digital privacy. Technically, the website employs a moderate technology stack including jQuery and Slick Carousel, likely built on Drupal CMS. The site is mobile responsive with good design and navigation, though some SEO and accessibility features are basic. Hosting details are not explicit but DNS servers indicate Czech hosting providers. No advanced analytics or tracking scripts are detected, reflecting a privacy-conscious approach. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. No privacy or cookie policies are published, representing compliance gaps. Incident response and vulnerability disclosure mechanisms are not evident. WHOIS data aligns well with the organization's claims, showing a long-established domain registered in the Czech Republic. Overall, the website is professional and trustworthy but would benefit from enhanced security headers, published privacy and cookie policies, and incident response information to improve compliance and security maturity.

D

Digitale Gesellschaft e.V.

digitalegesellschaft.de

0

Digitale Gesellschaft e.V. is a German non-profit organization founded in 2010 dedicated to advocating for digital fundamental rights and consumer protection in the digital space. The organization engages its target audience of netpolitically interested individuals and activists through monthly events, campaigns, and educational content. Their business model relies on donations, memberships, and grants, positioning them as a recognized entity within the digital rights advocacy sector in Germany. Technically, the website is built on WordPress with a modern theme and plugins, hosted by OVH, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements are recommended in security headers and formal security policies. Privacy compliance is good with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and safe for general audiences.

C

Computertruhe e. V.

computertruhe.de

0

Computertruhe e. V. is a German non-profit association dedicated to refurbishing donated computers and hardware to provide free devices to financially disadvantaged individuals and other non-profit organizations. Founded as a project in 2015 and established as a registered non-profit in 2016, it operates across multiple German regions with a volunteer membership base. The website reflects a clear mission focused on social inclusion, environmental sustainability, and community support. Technically, the site is built on WordPress with modern plugins and uses privacy-conscious analytics (Matomo). It is hosted by a green energy provider, indicating environmental awareness. Security posture is good with HTTPS enforced and no visible vulnerabilities, though improvements can be made by adding security headers and cookie consent mechanisms. Contact is primarily via web forms, with no direct emails or phone numbers published. Overall, the site is professional, trustworthy, and well-aligned with its non-profit mission.

B

Bits & Bäume

bits-und-baeume.org

0

Bits & Bäume is a German non-profit coalition advocating for sustainable and socially just digitalization. Founded in 2018, it unites 13 organizations from environmental, climate, digital, development policy, and scientific sectors, alongside a growing community. The website serves as a hub for community engagement, events, publications, and political advocacy focused on digital sustainability and social justice. The organization targets activists, academics, and policy stakeholders interested in shaping digital transformation for the common good. Technically, the website is built using the Eleventy static site generator with modern CSS frameworks (likely Tailwind CSS), delivering fast performance and good mobile optimization. The site is well-structured with clear navigation and professional design, though accessibility features are basic. No analytics or tracking scripts were detected, reflecting a privacy-conscious approach. Security posture is solid with HTTPS enforced and domain transfer protections in place; however, DNSSEC is not enabled and no explicit security headers or policies are published. Privacy compliance is partially met with a privacy policy present but lacking a cookie consent mechanism. Contact information is limited to email addresses without phone numbers or physical addresses. Overall, the website is trustworthy, professional, and aligned with its non-profit advocacy mission. Recommendations include enabling DNSSEC, adding security headers, publishing security and incident response policies, and implementing a cookie consent mechanism to enhance GDPR compliance.

A

Aspiration

aspirationtech.org

0

Aspiration is a well-established nonprofit technology organization founded in 2001, focused on empowering nonprofits, open source projects, and social justice initiatives through technology capacity building, strategic advising, and community events. The website reflects a mature digital presence with a professional design, clear navigation, and rich content tailored to its target audience. Technically, the site runs on Backdrop CMS with modern libraries and includes Matomo analytics for privacy-conscious tracking. Security posture is good with HTTPS and domain transfer protections, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the domain registration data aligns well with the organization's claims, supporting high legitimacy and trustworthiness.