1. IDENTIFICATION OF THE PERSON IN CHARGE

 Name: Colegio Cristiano Integral NIT: 900.486.492-4

Address: Calle 13 No. 17-56, Funza - Cundinamarca Telephone: 601 821 9594

E-mail: gestionadministrativa@colcristianointegral.edu.co

In compliance with Law 1581 of 2012, Decree 1377 of 2013, Law 1266 of 2008, Decree 1074 of 2015, the Political Constitution and other complementary rules on personal data protection, Colegio Cristiano Integral adopts this policy to ensure the proper and secure treatment of personal data collected in the development of its functions as a Christian educational institution.

2. OBJECTIVE

Establish institutional guidelines for the collection, storage, use, circulation, suppression, protection and confidentiality of personal data of students, guardians, teaching and administrative staff, suppliers, alumni and other natural persons with whom the school has a relationship, guaranteeing their fundamental rights to privacy, intimacy and habeas data.

3. SCOPE

 This policy applies to all personal data processed by the College, whether in physical, electronic, digital or mixed media, and covers all databases and information systems of the institution. It includes public, private, sensitive, biometric and underage data.

4. DEFINITIONS

 The legal definitions provided for in Article 3 of Law 1581 of 2012 are adopted. Some of them are:

• Personal data: Any information linked or that can be associated to a natural person.
• Sensitive data: Information whose improper use may affect the owner's privacy (health status, religious orientation, fingerprint, etc.).
• Biometric data: Physical or behavioral data (fingerprint, voice, face, etc.) used to authenticate the identity of the holder.

• Processing: Any operation on personal data, such as collection, storage, use, circulation or deletion.
• Data Processor: Person who carries out the processing on behalf of the
• Holder: Natural person whose data are subject to

5. GUIDING PRINCIPLES

The processing of personal data by the College shall be governed by the following principles:

• Legality
• Purpose
• Freedom
• Truthfulness
• Transparency
• Security
• Confidentiality
• Restricted access
• Demonstrated responsibility

6. PURPOSES OF TREATMENT

The College will process personal data for the following purposes:

• Manage the admission process, enrollment, academic monitoring and
• Establish and maintain effective communication with parents and
• Fulfill contractual, legal and financial obligations
• Coordinate extracurricular, religious and cultural activities.
• Conduct institutional, advertising and promotional campaigns (with prior authorization).
• Manage human resources and relationships
• Ensuring safety by means of safety systems
• Evaluate performance, manage satisfaction surveys and control of
• Record audiovisual evidence for pedagogical and promotional purposes (with prior authorization).

7. TREATMENT OF SENSITIVE DATA AND MINORS

 They will only be processed with the explicit authorization of the owner or his representative.

• Respect for the best interests of the child and his or her rights shall be guaranteed.

• Participation in religious activities of the College will be voluntary and in accordance with institutional Christian principles.

8. RIGHTS OF THE OWNERS

Holders may exercise the following rights:

• Know, update and rectify your
• Request proof of authorization
• Be informed about the use of their
• To revoke the authorization and request the deletion of data when there is no legal obligation to do so.
• File complaints before the Superintendence of Industry and Commerce.
• Free access to your

9. DUTIES OF THE DATA CONTROLLER

The College is committed to:

• Guaranteeing the rights of the
• Request and keep valid authorizations.
• Clearly state the purpose of the
• Keep data under security measures
• Rectify, update or delete data when
• To deal with queries and complaints under the terms

10. AUTHORIZATION FOR TREATMENT

 The authorization shall be prior, express and informed, and may be obtained by physical, electronic or digital means, except for those cases exempted by law (public data, compliance with legal duties, among others).

11. SECURITY MEASURES

The College will take reasonable technical, administrative, organizational and human resources measures to protect personal data against unauthorized access, loss, alteration or misuse.

12. INTERNATIONAL TRANSFER AND TRANSMISSION OF DATA

The College may transfer or transmit personal data to third parties located within or outside the country, ensuring that they have adequate levels of protection under Colombian law, through contracts that regulate such relationship.

13. VIDEO SURVEILLANCE

The College uses camera systems for security, control and monitoring purposes. The existence of these systems will be disclosed by visible notices, and recordings will be handled in accordance with this policy.

14. SECURITY INCIDENTS

Any incident that compromises the security of the data will be reported to the affected owner and to the Superintendence of Industry and Commerce, in accordance with External Circular 003 of 2022.

15. PROCEDURE FOR INQUIRIES AND COMPLAINTS

Inquiries: Will be resolved within a maximum of 10 working days.

Claims: Will be attended within 15 working days, extendable only once. Enabled means:

• E-mail: gestionadministrativa@colcristianointegral.edu.co
• Physical address: Calle 13 17-56, Funza, Cundinamarca

16. VALIDITY OF THE DATABASES

 The data will be kept for as long as the purpose justifying their processing or there is a legal or contractual obligation to keep them.

17. MODIFICATIONS TO THE POLICY

 This policy may be updated at any time. The modifications will be published in the official channels of the College (website, bulletin boards, etc.). Holders will be informed when changes affect the substantive content.

18. INSTITUTIONAL CHRISTIAN APPROACH

Colegio Cristiano Integral recognizes that the treatment of personal data must also respond to ethical and spiritual principles. In accordance with our Christian worldview, we believe that each person has been created in the image and likeness of God (Genesis 1:27), and therefore, your personal information should be treated with respect, prudence, responsibility and transparency.

We are committed to acting in accordance with the values of integrity, justice and truth (Proverbs 10:9; Ephesians 4:25), protecting the dignity and rights of each member of our educational community, and fostering an institutional culture of good stewardship in the use of information.

19. EFFECTIVE DATE

This policy is effective as of August 01, 2025.