Compliance Atlas/
Home/Privacy
LEGAL · PRIVACY

Privacy Policy

Last updated: May 2026

1. Controller

Compliance Atlas is a publication operated by Nukipa GmbH, Schillerstraße 23a, 80336 Munich, Germany. For all data protection matters, contact: privacy@nukipa.com.

2. What data we collect

When you visit Compliance Atlas, we process the following data to deliver the service and understand usage:

  • Server access logs (IP address, browser type, pages requested, timestamps)
  • Session identifiers stored in a first-party cookie (nk_sid)
  • Optional: email address if you subscribe to the newsletter or unlock gated content
  • Optional: contact information if you submit a contact form

3. Legal bases (GDPR Art. 6)

  • Legitimate interest (Art. 6(1)(f)): Server logs and session analytics to detect abuse, ensure security, and understand aggregate usage patterns.
  • Consent (Art. 6(1)(a)): Newsletter subscriptions and marketing communications. You may withdraw consent at any time.
  • Contractual necessity (Art. 6(1)(b)): Processing your email to deliver content you have requested (e.g. newsletter issues).

4. Cookies

We use a single session cookie (nk_sid) for visit analytics. This cookie contains only a pseudonymous session identifier and does not track you across third-party sites. No advertising or tracking cookies are set. You may disable cookies in your browser settings; the site remains fully functional without them.

5. Data sharing

We do not sell your personal data. We share data only with processors acting on our instructions under Article 28 GDPR data processing agreements:

  • Fly.io (hosting infrastructure, EU region)
  • Cloudflare (CDN, DDoS protection)

6. Retention

Server logs are retained for 30 days. Session identifiers expire after 90 days of inactivity. Email addresses for newsletter subscribers are retained until you unsubscribe. You may request deletion at any time.

7. Your rights

Under GDPR you have the right to access, rectify, erase, and port your personal data, to object to processing, and to lodge a complaint with your national supervisory authority. To exercise your rights, email privacy@nukipa.com.

The competent supervisory authority for Nukipa GmbH is the Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 18, 91522 Ansbach, Germany.

8. Changes

We may update this policy to reflect changes in our practices or applicable law. Material changes will be announced on this page with an updated date.

← HOME