KuidApp
KuidApp
Privacy
Policy
Current version: June 2026

Current version: June 2026


1. IDENTITY OF THE DATA CONTROLLER

CDR TECH S.A.S.
Tax ID (NIT): 900.707.225-1
Address: Bogotá, Colombia
Email: kuidapp25@gmail.com


2. LEGAL FRAMEWORK

This Privacy Policy has been prepared in compliance with:

In the event of a conflict between this Policy and the Terms and Conditions of Use, the provision offering greater protection to the data subject shall prevail.


3. SCOPE OF APPLICATION

This Policy applies to all personal data collected, stored, used, or transmitted through the KuidApp platform, including the mobile application and any official communication channels of the Company.

It applies to all platform users: kindergartens, teachers, parents, guardians, and any person whose data is processed in connection with the use of the service.


4. PERSONAL DATA WE COLLECT

4.1. Parent and Guardian Data

4.2. Children's Data

⚠️ Sensitive data: A child's health information (allergies) constitutes sensitive data under Article 5 of Law 1581 of 2012. Its processing requires express consent and will be carried out solely to ensure the child's well-being while at the kindergarten.

4.3. Kindergarten and Teacher Data

4.4. Technical Data


5. PURPOSES OF DATA PROCESSING

Collected personal data will be used exclusively for the following purposes:

Purpose Data Involved
Providing the communication service between kindergarten, teachers, and parents All user data
Managing daily activity reports and attendance Child data
Monitoring the child's educational and behavioral development Child data
Managing basic health information to ensure the child's safety Health data (allergies)
Direct communication between parents and teachers within the platform Contact data
Authentication and role-based access control User credentials
Improving app usage experience and performance Technical data (Firebase Analytics)
Compliance with legal obligations As required by law

The use of data for commercial or advertising purposes, or to train artificial intelligence models, is expressly prohibited.


6. LEGAL BASIS FOR PROCESSING

The processing of personal data is based on the following legal grounds:

For a child's health data (allergies), the legal basis is the express consent of the parent or guardian, in accordance with Article 6 of Law 1581 of 2012.


7. PROCESSING OF CHILDREN'S DATA

7.1. Best Interests of the Child

KuidApp recognizes that children's data deserves special and heightened protection. All processing of children's data will be carried out in the child's best interests and with strict respect for their fundamental rights.

7.2. Mandatory Parental Authorization

No personal data of a minor will be processed without the prior, express, and informed authorization of their parents or legal representatives. This responsibility lies primarily with the kindergarten, which must obtain and retain such authorizations before registering a child on the platform.

Parents' or guardians' acceptance of this Policy upon registering on the platform constitutes their informed consent.

7.3. Health Data (Allergies)

7.4. Photographs and Multimedia Content

7.5. Prohibition of Unauthorized Use of Children's Content

The use of photographs, videos, or other content of minors for any purpose other than communication between the kindergarten and families within the platform is absolutely prohibited. KuidApp will not publish, sell, or transfer such content to third parties.


8. INFRASTRUCTURE AND STORAGE

8.1. Infrastructure Provider

Personal data is stored on servers managed by Microsoft Azure, in the East US region (United States). Although these servers are physically located outside Colombia, Microsoft Azure contractually guarantees security standards equivalent to or exceeding those required by Colombian law.

8.2. Technology Service Providers

Provider Service Accessible Data
Microsoft Azure Storage, database, backend User and child data
Google Firebase Analytics (Firebase Analytics), authentication, push notifications Technical data and session identifiers

These providers act as data processors under the instructions of CDR TECH S.A.S. They are not authorized to use the data for their own purposes.

8.3. Firebase Analytics

The application uses Firebase Analytics to collect usage data in an anonymous and aggregated manner. This includes:

This information does not allow any individual user to be identified. Firebase privacy policy: https://firebase.google.com/support/privacy.


9. DATA RETENTION AND DELETION

Data Type Retention Period
Active user data For the duration of the account
Data after account cancellation Up to 12 additional months
Photographs and multimedia content Up to 30 calendar days after cancellation
Health data (allergies) Up to 30 calendar days after cancellation or deletion request
Technical and access logs Up to 6 months from generation

After these periods, KuidApp will proceed to the secure deletion or anonymization of the data. If a legal obligation requires retention for a longer period, such obligation will be respected.


10. DATA SUBJECT RIGHTS (ARCO RIGHTS)

Under Law 1581 of 2012, data subjects have the following rights:

10.1. How to Exercise Your Rights

Submit a written request to kuidapp25@gmail.com including:

  1. Full name and identification.
  2. The right you wish to exercise.
  3. Description of the data the request concerns.
  4. Documents proving your identity or legal representation of the minor.

Response time: Maximum 10 business days from receipt of the request. If the request cannot be resolved within that period, you will be notified of the reasons and the estimated response date.

10.2. Right to Delete Account

Users may request account deletion directly within the application at Settings > Account > Delete Account, or by sending a request to kuidapp25@gmail.com.


11. INFORMATION SECURITY

CDR TECH S.A.S. implements the following measures to protect personal data:

Technical measures:
- Data transmission under HTTPS/TLS protocol.
- Encryption of access credentials.
- Role-based access control (RBAC).
- Restriction of information visibility according to user profile.

Organizational measures:
- Restricted internal access: only CDR TECH personnel with a demonstrated operational need may access data.
- Confidentiality policy for employees and contractors with access to data.

Security breach protocol:
In the event of a security breach affecting personal data, CDR TECH S.A.S. will:

  1. Notify affected users as soon as possible.
  2. Report the incident to the Superintendencia de Industria y Comercio (SIC) in accordance with applicable regulations.
  3. Take the corrective measures necessary to contain and remediate the incident.

If you detect a vulnerability or misuse, please report it to: kuidapp25@gmail.com


12. INTERNATIONAL DATA TRANSFERS

Data is stored on Microsoft Azure servers in the East US region. This transfer of data to infrastructure located outside Colombia is carried out under the following guarantees:

Google Firebase (Google LLC) may also involve the transfer of technical data to servers in the United States, under Google's privacy policies, which comply with international data protection standards.


13. COOKIES AND TECHNICAL IDENTIFIERS

The KuidApp mobile application does not use cookies in the traditional sense (browser-based cookies). However, it uses equivalent technologies in the mobile environment:

Users may revoke push notification permissions from their device settings at any time.


14. MODIFICATIONS TO THIS POLICY

CDR TECH S.A.S. reserves the right to update this Privacy Policy when necessary. Changes will be communicated through:

When changes affect the processing of children's data or involve the use of sensitive data, new express consent will be requested from parents or legal representatives.

Continued use of the platform after notification of changes will constitute acceptance of the updated Policy.


15. CONTACT AND EXERCISE OF RIGHTS

For any inquiry, request, or report related to the processing of personal data:

Company: CDR TECH S.A.S.
Tax ID (NIT): 900.707.225-1
Email: kuidapp25@gmail.com
City: Bogotá, Colombia

Supervisory authority: If you believe your rights have been violated, you may file a complaint with the Superintendencia de Industria y Comercio (SIC):
Website: https://www.sic.gov.co


Last updated: June 2026