GDPR Compliance

Last updated: October 14, 2025

Our Commitment to Data Protection

At Valpo Shelter Directory, we deeply respect the privacy of our clients and their customers. We believe data protection is not just a legal requirement but a core part of our ethical responsibility. We collect and process only the information that is necessary to deliver our services effectively, and we maintain strict controls to safeguard it. The General Data Protection Regulation (GDPR) gives individuals more control over their personal information, and we have adopted its principles across all our global operations, regardless of where our clients are located.

What is GDPR?

The General Data Protection Regulation (GDPR) is an EU-wide privacy and data protection law that regulates how companies handle personal data belonging to individuals in the European Union. It took effect on May 25, 2018, and applies not only to EU-based organizations but also to any business that processes data of EU residents. GDPR strengthens individuals' rights over their personal data and holds companies accountable for protecting that data.

What is Personal Data?

Personal data refers to any information that can identify an individual, either on its own or in combination with other data. Examples include:

• Full name or business name
• Email address or phone number
• IP address or device identifiers
• Financial and billing information
• Physical address or location data
• Login credentials or user IDs
• Marketing preferences or behavioral data

How Valpo Shelter Directory Ensures GDPR Compliance

We have implemented a wide range of operational, technical, and organizational measures to comply with GDPR and protect our clients' data.

• Employee Awareness and Training: All employees receive regular training on data handling, privacy protection, and information security best practices.
• Product and Service Review: Every Valpo Shelter Directory service has been reviewed for GDPR compliance, ensuring clients maintain control over their data.
• Data Inventory and Classification: We maintain an internal Information Asset Register (IAR) that identifies what personal data is collected, where it is stored, who has access to it, and for what purpose.
• Third-Party Assessments: We evaluate and contractually require all third-party vendors and service providers to meet GDPR-level data protection standards.
• Privacy by Design: Our systems and solutions are built with privacy as a foundational principle, ensuring user data is handled securely by default.
• Data Protection Officer (DPO): We have appointed a DPO to oversee compliance efforts and address any data protection inquiries or concerns.
• Data Processing Addendum (DPA): Clients may request a DPA to formalize data protection terms by contacting us at info@valposhelter.org.
• Data Protection Impact Assessments (DPIA): We conduct DPIAs where necessary to evaluate risks and strengthen protective measures.
• Regular Internal Audits: Our operations are reviewed periodically to identify and correct any gaps in data security or privacy practices.
• Encryption and Security: Sensitive data is encrypted both in transit and at rest, and stored in secure, access-controlled environments.
• Data Retention and Cleanup: We periodically review and purge inactive or outdated data in compliance with GDPR's data minimization principles.
• Breach Notification Policy: In the unlikely event of a data breach, affected users or clients will be notified within 72 hours in accordance with GDPR Article 33.
• Transparent Privacy Policy: Our Privacy Policy is regularly updated to reflect changes in regulation, internal data handling practices, and client feedback.

We may update this GDPR Compliance Statement periodically to reflect changes in our processes, technology, or applicable law. We encourage you to revisit this page regularly to stay informed.

Contact Us

Valpo Shelter Directory
1013 Fuller Street SW
Cullman, AL 35055
Email: info@valposhelter.org
Phone: 219-229-1633