Legal
Privacy Policy
Last updated: 2026-04-06
1. Introduction
This Privacy Policy explains how CAD Guardian LLC ("we," "us," "our") collects, uses, discloses, and otherwise processes personal information on the gvosmith.com website (the "Platform").
We are committed to transparent, privacy-by-design practices. This policy maps to our actual data flows.
2. Data We Collect
Information you provide directly:
- Newsletter signup: email address.
- Business inquiry form: full name, email, company, website, opportunity type, budget tier, location preference, venue city, description, project goals, target date.
- Admin access: email and password (stored securely by Supabase Auth, not by us).
Information collected automatically:
- Analytics: page views, device type, browser information, referrer (via Vercel Analytics, anonymized).
- Authentication: Supabase session cookies for admin access.
- Inquiry drafts: temporary data stored in your browser's localStorage (not sent to our servers until submission).
3. Legal Basis and Purpose
We collect and process personal information for legitimate business purposes:
- Newsletter: deliver updates and promotional content (with user consent).
- Inquiry form: evaluate business opportunities, respond to inquiries, maintain records.
- Analytics: understand Platform usage, improve user experience.
- Admin access: secure operator authentication.
4. Data Processors and Third-Party Sharing
We share personal information with the following processors to operate the Platform:
- Supabase (Auth + Database): authentication, session management, lead storage. Review their privacy policy.
- MailerLite: newsletter signup, subscriber management, email campaigns. Review their privacy policy.
- Sanity CMS: content store, editorial management. Review their privacy policy.
- Stripe: payment links, commerce routing. Review their privacy policy.
- Google APIs (YouTube): channel metadata, video data sync. Review their privacy policy.
- Vercel Analytics: usage analytics, performance monitoring. Review their privacy policy.
We do not sell or rent personal information to third parties. We do not share data with advertisers or data brokers.
5. Data Retention
We retain personal information only as long as necessary to fulfill the purpose for which it was collected:
- Newsletter subscribers: retained until unsubscribed or after 730 days of inactivity.
- Business inquiries: retained for 730 days for evaluation and follow-up, then deleted.
- Admin logs: retained for 90 days.
- Error/system logs: retained for 30 days.
You may request deletion of your information at any time using the contact information below.
6. Cookies and Tracking
The Platform uses cookies and similar technologies:
- Authentication cookies (Supabase): necessary to maintain secure admin sessions.
- Analytics cookies (Vercel): optional tracking for usage analytics (non-identifying).
You can control cookies through your browser settings. Disabling cookies may affect Platform functionality.
7. Your Privacy Rights
Depending on your location, you may have the right to:
- Access: request a copy of personal information held about you.
- Correction: request correction of inaccurate data.
- Deletion: request deletion of personal data (subject to legal retention obligations).
- Portability: request data in a structured, machine-readable format.
- Opt-out: opt out of marketing communications or analytics.
8. How to Exercise Your Rights
To request access, correction, deletion, portability, or to unsubscribe from newsletters:
Access Request: Email gvosmith.ent@gmail.com with "Data Access Request" and your full name/email.
Deletion Request: Email gvosmith.ent@gmail.com with "Data Deletion Request" and your full name/email. We will delete your data within 30 days.
Unsubscribe: Click 'Unsubscribe' in any email or contact the Privacy Contact above.
We will respond to privacy requests within 30 days.
9. Security
We implement technical and organizational measures to protect personal information, including:
- encryption of data in transit (TLS/SSL),
- secure authentication (Supabase Auth),
- access controls and role-based permissions,
- regular security audits.
However, no security measure is 100% foolproof. We encourage strong passwords and do not store unnecessary sensitive data.
10. Children's Privacy
The Platform is not intended for individuals under 13 years old. We do not knowingly collect information from children. If we become aware of such collection, we will promptly delete the data.
11. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or applicable law. Updated versions are effective upon posting. Material changes will be communicated via email to newsletter subscribers.
12. Contact Us
For privacy questions, requests, or concerns, contact:
Email: gvosmith.ent@gmail.com
Mailing Address: CAD Guardian LLC, United States
© 2026 CAD Guardian LLC. All rights reserved.