Beauty

Anonymized security posture data for the beauty sector across the EU. Based on 73 monitored sites.

42.8

Avg. Score /100

Avg. Grade

Sites Tracked

-5.0

vs. EU Average

Critical findings in this industry

8 of 73 without HTTPS redirect

11.0%

2 of 73 with unencrypted email (no STARTTLS)

3.0%

21 of 73 without DMARC protection (spoofable)

29.0%

51 of 73 missing 3+ critical security headers

70.0%

28 of 73 without DNSSEC (vulnerable to DNS spoofing)

38.0%

28 of 73 without CAA records (unrestricted certificate issuance)

38.0%

28 of 73 without MTA-STS (email downgrade attacks possible)

38.0%

Grade Distribution

1 (1.0%)

5 (7.0%)

37 (51.0%)

29 (40.0%)

Hosting & Data Residency

70%

EU-headquartered provider

30%

Non-EU provider (CLOUD Act / Schrems II)

IONOS (1&1) (DE) 21 37.5%

Strato (DE) 9 16.1%

Hetzner (DE) 6 10.7%

Wix (IL) 6 10.7%

GoDaddy (US) 5 8.9%

Server location via IP geolocation (MaxMind GeoLite2). Company HQ from ASN registry. A site may be physically hosted in the EU but use a US-headquartered provider subject to the CLOUD Act — per Schrems II (CJEU C-311/18), this requires SCCs with supplementary measures. · GDPR Art. 44–49

How does your site compare?

Run a free security scan and see your grade instantly.

Scan your site

All data is anonymized. No individual sites are identified. Statistics updated weekly.

Beauty

Critical findings in this industry

Grade Distribution

Hosting & Data Residency

How does your site compare?

Are you sure?