Holy ResourceHoly Resource
Legal

Subprocessor List

Current subprocessor and connected-service transparency for Holy Resource.

Important Context

Holy Resource is local-first. For customers using the app only on local devices without connected features, Found CTRL may not process core Church Data at all. This page focuses on processing paths that can apply when hosted or networked features are enabled.

This page describes the subprocessor and connected-service model for Holy Resource.

Because Holy Resource supports both fully local operation and optional connected features, not every customer will use every processing path described here.

1. Confirmed Current Found CTRL-Appointed Subprocessors

The following vendors are evidenced in the current Found CTRL licensing stack and may process personal data when Holy Resource uses Found CTRL-operated licensing, payment, or transactional messaging services.

Neon

  • Purpose: hosted PostgreSQL database for the Universal License Server backend that supports licensing, activation, ownership, purchase, messaging, and related operational records.
  • Data that may be processed: owner and purchaser contact details, organization or church information, license metadata, purchase and subscription records, payment references, messaging audit records, support-related metadata, and operational logs stored by the licensing backend.
  • Location: the current backend environment points to a Neon-hosted database project in AWS eu-west-2.
  • Safeguards: Neon documents mandatory SSL/TLS database connections, AES-256 encryption at rest, GDPR-aligned controls, SOC 2 / ISO 27001 / ISO 27701 security measures, and cloud hosting within AWS or Azure data centers with additional options such as IP allowlisting and private networking.

Stripe

  • Purpose: subscription billing, payment intents, invoice and receipt generation, and webhook-based purchase fulfillment for the licensing stack.
  • Data that may be processed: customer email address, billing and payment data, order and subscription metadata, transaction identifiers, invoice records, device and IP-related anti-fraud signals, and other payment-operational data necessary to process transactions.
  • Location: Stripe processes data globally; for customers outside North and South America, the Stripe DPA states the contracting entity is Stripe Payments Europe, Limited, while processing may still involve Stripe, LLC in the United States and other affiliates or subprocessors.
  • Safeguards: Stripe publishes a DPA, Data Transfers Addendum, subprocessor list, PCI DSS Level 1 controls, encryption in transit and at rest, and contractual controls for subprocessors with cross-border transfer mechanisms.

Paystack

  • Purpose: alternative payment processing, transaction initialization and verification, refunds, and webhook handling for supported purchase flows.
  • Data that may be processed: payer contact details, transaction and payment data, order metadata, fraud and verification metadata, and any additional merchant-supplied metadata attached to a transaction.
  • Location: Paystack states that it transfers data outside Nigeria and gives AWS in Ireland as an example of its cloud storage location, while also maintaining a published subprocessor list across multiple regions.
  • Safeguards: Paystack publishes a DPA, a subprocessor list, Binding Corporate Rules for intra-group transfers, written contracts for service providers, NDPA-compliant transfer language, and security commitments including encryption, PCI DSS-aligned controls, and documented breach-notification procedures.

Hostinger SMTP

  • Purpose: transactional email delivery for licensing and account communications through a configured SMTP mailbox profile.
  • Data that may be processed: recipient email addresses, sender details, email content, message metadata, and delivery diagnostics handled through SMTP relaying.
  • Location: not fixed by product contract in the codebase; use depends on the configured Hostinger mail account and applicable Hostinger infrastructure for that mailbox.
  • Safeguards: email is sent over authenticated SMTP with TLS-capable transport in the server implementation. Hostinger legal and privacy terms should be reviewed alongside this page for the final mailbox-region and transfer posture.

2. Found CTRL-Operated Connected Services

The following Holy Resource service categories may process limited personal data when enabled. These are operated by Found CTRL rather than by an external subprocessor at the product-contract level:

Licensing and entitlement services

  • Purpose: license activation, validation, offline lease management, owner verification, invite redemption, and recovery workflows.
  • Data that may be processed: owner or purchaser email address, organization name, license identifiers, device-linked state, verification metadata, invite metadata, and anti-abuse or audit signals.

Update and release delivery services

  • Purpose: release checks, updater metadata access, authenticated update delivery, and related security validation.
  • Data that may be processed: app version, update channel, device or environment compatibility details, request metadata, locally stored update tokens, and security logs.

Optional sync relay or server-backed sync services

  • Purpose: synchronization, queue handling, conflict coordination, peer or server state management, and delivery of branch-scoped updates.
  • Data that may be processed: records transmitted through sync, record metadata, conflict state, device identifiers, timestamps, and operational logs.

Support and troubleshooting workflows

  • Purpose: respond to support inquiries, investigate incidents, and resolve technical issues.
  • Data that may be processed: support contact data, logs, screenshots, diagnostics, and any records you voluntarily provide for troubleshooting.

3. Supported but Not Universally Enabled Providers

The license server codebase also contains support for additional providers that may be enabled by configuration, but are not treated on this page as universally active subprocessors unless and until Found CTRL enables them in production for the relevant service path.

Email and messaging providers supported by the current licensing stack

  • ZeptoMail
  • Resend SMTP
  • Custom SMTP
  • Telnyx
  • Plivo
  • Africa's Talking

These providers may process recipient identifiers, message content, sender configuration, routing information, delivery status, and related communication metadata when enabled.

4. Customer-Configured Providers

The following providers or provider categories may process personal data when you enable them. In many cases, these are configured directly by you and are not appointed by Found CTRL as subprocessors unless Found CTRL is explicitly routing the request through its own managed service.

Payment gateways supported by the app

  • Stripe
  • PayPal
  • Flutterwave
  • Custom or self-selected gateways

Purpose: donor-facing payment links, checkout, gateway event handling, reconciliation, and donation workflow integration.

Data that may be processed: donor identifiers, donation or transaction metadata, billing details, gateway configuration data, and payment-status information.

Messaging and email providers configured by the customer

  • Custom SMTP servers
  • Supported API-based email providers
  • Supported API-based SMS providers

Purpose: transactional messages, announcements, notifications, automations, reminders, and other communications you initiate.

Data that may be processed: recipient identifiers, sender configuration, message content, attachments, routing data, delivery status, and failure metadata.

AI providers configured by the customer or feature administrator

  • Customer-selected model or AI gateway provider

Purpose: drafting, summarization, automation, and other AI-assisted features.

Data that may be processed: prompts, contextual text, and generated outputs necessary to provide the enabled AI feature.

5. International Transfers

Some connected services and customer-configured providers may process data outside your home jurisdiction. Where Found CTRL appoints a subprocessor for processing covered by our DPA, we will use a lawful transfer mechanism where required. For customer-configured providers, you are responsible for reviewing and approving the provider terms and transfer safeguards that apply to your own configuration.

6. Updates to This Page

We may update this page as Holy Resource's hosted architecture, processing flows, or provider relationships change. Material updates will be reflected here before or when the relevant provider begins processing applicable data.

7. Contact

For questions or objections relating to this page, contact:

Found CTRL Limited
Registered in England & Wales (No. 17079973)
Email: holyresource@foundctrl.com
Website: foundctrl.com

Last updated on

Was this helpful?

Data Processing Addendum

Terms that apply when Found CTRL processes Church Data on your behalf.

On this page

1. Confirmed Current Found CTRL-Appointed SubprocessorsNeonStripePaystackHostinger SMTP2. Found CTRL-Operated Connected ServicesLicensing and entitlement servicesUpdate and release delivery servicesOptional sync relay or server-backed sync servicesSupport and troubleshooting workflows3. Supported but Not Universally Enabled ProvidersEmail and messaging providers supported by the current licensing stack4. Customer-Configured ProvidersPayment gateways supported by the appMessaging and email providers configured by the customerAI providers configured by the customer or feature administrator5. International Transfers6. Updates to This Page7. Contact