This policy is specific to the American Design Gallery (gallery.gdusa.com) — accounts, memberships, AI features, and the claimable archive. It works alongside the broader GDUSA Privacy Policy for gdusa.com; where this policy is silent, the GDUSA policy applies.
This Privacy Policy explains how GDUSA (Graphic Design USA) (“we”, “us”) collects, uses, and shares information when you use the American Design Gallery at gallery.gdusa.com (the “Gallery”). The Gallery showcases award-winning work from the GDUSA design awards and offers optional accounts, premium memberships, and editorial features. By using the Gallery you agree to this Policy.
Information we collect
Award & directory data. Names of designers, firms, schools, project titles, credits, and images from GDUSA award entries — published as a public archive. Images are displayed (hot-linked) from gdusa.com.
Account information. If you register: email, password (stored hashed by our auth provider), display name, and account type (designer or firm).
Profile & claim information. When you claim or edit a profile: your name, a contact email or LinkedIn URL, optional social links, an avatar/cover image, a tagline/bio, and the verification note you provide.
Content you submit. Editorials, project narratives, media uploads, mood boards, and inline edits.
Billing information. Premium subscriptions and Boosts are processed by Stripe. We do not store full card numbers; we keep a Stripe customer/subscription reference and plan status.
Usage & device data. With your consent, analytics about pages viewed and interactions, plus standard log data (IP address, browser/device, timestamps) used for security and to operate the service.
Anti-fraud signals. We use Google reCAPTCHA and bot-detection measures to protect forms and claims.
Communications. If you subscribe to our newsletter or contact us, we keep your email and message.
How we use information
Operate and secure the Gallery, authenticate you, and remember preferences.
Publish the public design archive and the profiles/credits within it.
Process payments, memberships, and Boost placements.
Provide optional AI features (e.g. design summaries, moderation, mood-board analysis, semantic search).
Measure and improve the site (analytics) where you’ve allowed it.
Send transactional messages and, if you opt in, newsletters. You can unsubscribe anytime.
Prevent fraud and abuse and comply with legal obligations.
Cookies
We use strictly-necessary cookies to run the site and, only with your permission, analytics cookies. You can change your choice anytime. See our Cookie Policy for the full list, or .
How we share information
We do not sell your personal information. We share it with service providers who process it on our behalf, including:
Supabase — database, authentication, and file storage.
Vercel — hosting and privacy-friendly, cookieless traffic analytics.
Stripe — payment processing.
Google — Analytics (with consent) and reCAPTCHA (security).
SendGrid — transactional email and newsletters.
OpenAI — processing text/images for the optional AI features and content moderation.
We may also disclose information to comply with law, enforce our terms, or protect rights, safety, and security, and in connection with a business transfer.
The public archive & your profile
Designer, firm, and school listings are derived from public GDUSA award records and are intended to be publicly visible (and indexed by search engines). If a listing is about you or your organization, you can claim it to manage the content, or contact us to request a correction or removal. Verified owners may earn a “dofollow” link with a premium membership.
Data retention
We keep account and content data while your account is active and as needed to provide the service, then for a reasonable period to meet legal, tax, security, and dispute-resolution needs. The public archive is retained as an ongoing record of the awards unless you request removal and we agree it is appropriate.
Security
We use access controls, row-level database security, encryption in transit, and scoped storage permissions to protect your data. No method of transmission or storage is 100% secure, but we work to protect your information.
Your rights & choices
Depending on where you live, you may have the right to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to withdraw consent.
EEA/UK (GDPR): our legal bases are consent (analytics, marketing), contract (accounts, billing), and legitimate interests (security, operating and improving the service, maintaining the public awards archive).
California (CCPA/CPRA): we do not sell or “share” personal information for cross-context behavioral advertising. You may request to know, delete, or correct your information and will not be discriminated against for exercising these rights.
To exercise any right, email privacy@gdusa.com. You can manage cookie choices via and opt out of newsletters via the unsubscribe link in any email.
International transfers
We and our providers may process information in the United States and other countries. Where required, we rely on appropriate safeguards for cross-border transfers.
Children
The Gallery is not directed to children under 13 (or under 16 in the EEA/UK), and we do not knowingly collect their personal information.
Changes
We may update this Policy from time to time. We will revise the “Last updated” date above and, for material changes, provide additional notice where appropriate.