Coastermate Privacy Policy

Last updated: July 24, 2025

Welcome to Coastermate, owned and operated by Chiseled Pixel, LLC (“we,” “us,” “our,” or “Chiseled Pixel”). We are committed to protecting the privacy of Coastermate (the “Service”) users. This Privacy Policy explains what information we collect, how we use it, with whom we share it, and your rights regarding your personal information.

Data We Collect

We collect information via Coastermate, including:

• Account Information: email address (verified), username, hashed password, avatar, and other settings.
• Device & Usage Data: IP address, web browser name and version, installed app version, operating system name and version, device type, app usage logs, push-notification tokens, and other data.
• User Content: photos, reviews, visits, laps, ratings, lists, replies, likes, and any edits or revision history thereof.
• Location: We use device location to power features (e.g., finding nearby parks) and advertising, but do not store precise location data long-term.
• Cookies & Tracking: Our website and emails may use cookies, pixels, and similar for functionality and analytics. The iOS app may use tracking for ad personalization.

How We Use Your Data

We aim to collect data only if it is useful to operation of the Service. This includes:

• Provide and improve core functionality (content posting, search, personalization).
• Moderate content and protect against abuse.
• Analyze app usage and performance.
• Send essential emails (e.g., account verification, password resets, moderation notices, etc.).
• Send optional notifications or marketing (e.g., new replies, new followers, daily followed activity summaries, newsletters, etc.) with opt-out options in the Coastermate app and via “unsubscribe” links in emails.
• Serve ads via our service providers.

These uses comprise Coastermate’s legal bases for processing:

• Contractual Necessity: to provide the Service you request (e.g., account management).
• Legitimate Interests: to improve and secure the Service, prevent abuse, and analyze usage.
• Consent: where required (e.g., marketing emails).

User Content & Visibility Settings

You may set each piece of content to “public,” “protected,” or “private”:

• Public: visible to everyone except users you’ve blocked.
• Protected: visible only to you and users you’ve marked as trusted.
• Private: visible only to you.

Likes and replies are public. Your profile is also public, including your user name and avatar.

To allow Coastermate to enforce its terms of use, the Coastermate moderation team can access all content regardless of visibility settings.

Data Sharing & Disclosure

Some data may be shared with other parties as necessary. This includes:

• Service Providers: advertising networks (Google AdMob), web hosting (Digital Ocean, Cloudinary), notification platforms (Apple Push Notification Service), and email providers (Amazon Simple Email Service).
• External Websites: links to park tickets, flights, and hotels on external websites (Expedia).
• Legal Authorities: if required by law or to protect rights or safety.
• Other sharing only with your consent or as required by law.

Coastermate does not sell personal information, though integrated third-party ad networks may collect data for their purposes.

For more information on how our providers handle data, please review their privacy policies.

International Data Transfers

All Coastermate-related data is stored on servers in the United States.

Users outside the U.S. whose data are processed or stored in the U.S. may have data transferred across borders.

Third-party providers and external websites may process or store data in other jurisdictions according to their own policies.

Data Retention & Deletion

We retain your personal data and User Content indefinitely.

If you delete your account, your data is marked as “removed” (unused and inaccessible to others, but still retained internally, including in backups).

Security Measures

We use the following measures to protect Coastermate and your data on it:

• Industry-standard encryption in transit and at rest.
• Access controls to limit who can view data internally.
• Passwords stored as salted hashes.
• Regular security assessments.

Your Privacy Rights

Coastermate supports the following upon request via email to contact@coastermate.com:

• Access: request a copy of categories and specific pieces of personal data we hold.
• Correction: request updates or corrections to your data.
• Deletion: request deletion of personal data (subject to legal exceptions; removed data may persist in backups but will not be used).
• Portability: request export of your data in a common format.
• Opt-Out: opt out of marketing communications and of any data sales.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to Know: categories and specific personal data we collect and share.
• Right to Delete: see “Your Privacy Notes” section above, with the note about internal data retention.
• Right to Opt-Out: of the sale of personal information.
• Right to Non-Discrimination: we will not penalize you for exercising these rights.

Automated Decision-Making

Coastermate itself does not use automated profiling or decision-making, except as performed by our providers under their own policies.

Changes to This Policy

We may update this Privacy Policy at any time by updating this page and the “Last updated” date. Users should review this page periodically.

We reserve the right to notify registered users by email of changes to this Privacy Policy if determined to be necessary at the discretion of Chiseled Pixel.

Contact Us

For privacy inquiries or to exercise your rights, email contact@coastermate.com.

Thank you for trusting Coastermate. We’re committed to protecting your rights and providing a safe, enjoyable community for roller coaster enthusiasts.