Loading local deals...
Loading local deals...
Last updated July 5, 2026.
CoastPerks is operated by Daniel Cabral, ABN 59 851 340 219, trading under the registered business name CoastPerks. We are an Australian sole trader business. Even where the Privacy Act 1988 (Cth) may not require every small business to comply with the Australian Privacy Principles (APPs), we handle personal information using APP-aligned privacy practices as a matter of good practice and user trust. This policy explains what we collect, how we use and protect it, when we disclose it, and how you can access, correct, export, or request deletion of your information.
We collect information directly from you when you create an account, manage a merchant listing, upload deal media, save or claim a deal, subscribe to updates, submit a privacy request, or contact us. We also collect limited technical data through Supabase Auth, server logs, browser cookies, and local storage needed to keep you signed in, remember consent choices, protect the service, and operate the site. Vercel Web Analytics helps us understand aggregate website traffic without adding Google Analytics or sending account identifiers, emails, claim codes, or private dashboard content to an analytics provider.
We use personal information to authenticate users, keep trusted shopper, merchant, and admin roles separate, show relevant nearby deals, let merchants manage listings, process saved deals and claim flows, respond to privacy and support requests, maintain security, prevent abuse, comply with legal obligations, and send marketing only where we have consent or another lawful basis to do so.
We do not sell personal information. We disclose it only where needed to operate CoastPerks, including to service providers for authentication, database hosting, storage, email delivery, security, analytics, and support; to merchants and shoppers where a feature naturally requires it; to professional advisers; or to regulators, courts, law enforcement, or other parties where required or authorised by Australian law. Deal content that merchants publish may be visible to the public.
All backend communication uses HTTPS. Access is restricted with Supabase authentication, role checks, and row-level security. Sensitive writes are validated and rate-limited through server API routes. Server-only credentials are kept out of browser code, and audit logs are used to help investigate security, account, and merchant-management events.
Our service providers, including Supabase and hosting infrastructure providers, may process personal information in Australia, the United States, the European Union, and other regions where their cloud, support, security, or backup services operate. Before we use providers that may receive personal information overseas, we review their security controls and contractual privacy commitments and take reasonable steps to require APP-aligned handling.
We retain account, merchant, deal, consent, and claim records while your account is active or while needed to provide the service. Inactive account data is reviewed at 24 months and may be deleted or de-identified unless legal, security, dispute, accounting, or audit obligations require longer retention. Security, privacy request, consent, and audit logs are generally retained for up to 12 months unless they are needed for an investigation or legal obligation. Backup copies may remain for a limited period before automatic expiry. You can request access, correction, export, or deletion by emailing support@coastperks.com.au, or by using the Privacy Center in your account dashboard.
We may need to verify your identity before acting on a request. We do not charge you to make an access or correction request, and we do not charge you to correct personal information. If we refuse a request, we will explain why where reasonable and tell you how to complain. Account deletion can remove your account and owned content, but some records may be retained or de-identified where required for security, legal, audit, or fraud prevention reasons.
We acknowledge privacy requests and complaints within 3 business days and aim to complete access, correction, export, deletion, and complaint responses within 30 calendar days. If you are not satisfied after giving us a reasonable opportunity to respond, you can contact the Office of the Australian Information Commissioner at oaic.gov.au/privacy/privacy-complaints.
We send marketing emails only where consent or another lawful basis applies. Marketing messages identify CoastPerks, include contact details, and provide a clear unsubscribe option. We action unsubscribe requests as soon as practical and within 5 working days.
If we suspect a data breach, we will contain and assess it promptly. Where the Notifiable Data Breaches scheme requires notification because serious harm is likely, we will notify affected individuals and the Office of the Australian Information Commissioner as soon as practicable.
CoastPerks uses search, filters, location-based sorting, and merchant approval workflows to operate the service. We do not currently use personal information to make solely automated decisions that are expected to significantly affect your rights or interests. If that changes, we will update this policy before using those features.