Privacy Policy and Data Deletion
Agreement between You and Holy Grace
This Privacy Policy describes how Holy Grace USA, Inc. (“Holy Grace,” “we,” “us,” or “our”) collects, uses, and shares information about you when you use the Holy Grace platform, including the website at www.holygrace.us (the “Site”), the Holy Grace mobile applications for iOS and Android (the “Apps”), the charity portal, and all related features and services (together, the “Service”). It also describes the choices you have about your information.
This Privacy Policy is incorporated by reference into the Holy Grace Terms of Service, available at www.holygrace.us/terms (the “Terms”). Capitalized terms not defined here have the meanings given in the Terms. By using the Service, you agree to the practices described in this Privacy Policy.
Holy Grace USA, Inc. is a tax-exempt charitable organization recognized under Section 501(c)(3) of the Internal Revenue Code, Employer Identification Number 41-3117315.
We process your personal information for the following lawful reasons: to provide the Service to you under our Terms of Service; for our legitimate interests in operating, securing, and improving the Service; with your consent where required by applicable law; and to comply with our legal obligations
Information We Collect About You
We collect information from and about you when you use the Service. The information we collect falls into three groups: information you give us, information we collect automatically, and information we receive from third parties.
This Privacy Policy serves as our notice, at or before the point of collection, of the categories of personal information we collect, the purposes for which we use that information, the categories of third parties with whom we share it, and the rights you have.
Information You Give Us.
When you create an account, we collect your name, email address, mobile phone number, and either a password (which we store in hashed form) or the corresponding identifier from your third-party sign-in provider (Apple, Google, X, or Facebook). You may add a profile photo and a short biography. To verify your phone number, we send a one-time passcode and record that the verification was completed.
When you make a Donation, we collect the Donation amount, the recipient Charity, the date and time of the Donation, the schedule (if recurring), and any optional message you choose to include. Payment card and bank information is collected and processed directly by our payment processor, Stripe, Inc. (“Stripe”); we do not store full payment card numbers or banking details on our systems.
When you use the social and parish features of the Service, we collect the friends you connect with, the parishes or groups you join, the Charities you favorite, the items in your library favorites and recently viewed lists, your messages to other users, and your participation in group conversations.
If you register a Charity on the Service, we collect organization information, including legal name, Employer Identification Number, mailing address, authorized representative contact details, banking information for disbursements (collected and processed by Stripe), and any media or content you upload for your Charity profile or Campaigns.
When you contact us for support, we collect the information you choose to share with us, including the contents of your message and any attachments.
Information We Collect Automatically.
When you use the Service, we automatically collect certain information about your device and your activity. This includes device type, operating system and version, app version, browser type, language, time zone, unique device or app identifiers, and push notification tokens.
We collect activity information about how you use the Service, such as the screens you view, the Charities you browse, the searches you run, the features you use, and the date and time of your activity.
If you grant the Apps location permission and open the charity map, we collect approximate location information from your device for the duration of your map session in order to display nearby Charities. We do not collect background location information. You can revoke location permission at any time in your device’s operating system settings.
We may collect IP address and similar network information for security, fraud prevention, and analytics purposes.
We may use error and crash reporting tools, product analytics tools, and website analytics tools to help us understand how the Service is used and to identify and fix problems. These tools collect aggregate event data, technical diagnostic information, and limited identifiers. We configure these tools to exclude payment information and to minimize the collection of directly identifying information. Where we use such tools, we will identify the categories of tools in our subprocessor disclosures and apply privacy-respecting configurations.
Information We Receive from Third Parties.
If you choose to sign in using Apple, Google, X (formerly Twitter), or Facebook (Meta), the identity provider shares with us only the information you have explicitly authorized, typically limited to your email address, name, and profile photo (where permitted by your privacy settings with that provider). We request and receive only the minimum data necessary for account creation and authentication. We do not request or receive any additional permissions unless strictly required for a core Service feature, and we do not use this data for any purpose other than providing and securing your account on the Service.
Stripe shares with us transaction status, payment confirmation, and limited card metadata (such as the last four digits of the card and brand) for our records and for receipt purposes. For Charities, Stripe also shares verification status, account standing, and disbursement information.
Charities and parishes may provide us with information that helps us list them on the Service or fulfill the Service’s features.
Sensitive Personal Information
Some of the information we collect is treated as “sensitive personal information” under the California Privacy Rights Act and other state privacy laws. We collect the following categories of sensitive personal information:
Account credentials, including your password (in hashed form) and any one-time passcodes used for authentication.
Precise geolocation information from your device, only while you are actively using the charity map feature in the Apps and only when you have granted location permission. We do not collect precise geolocation in the background.
Information that may reveal your religious or philosophical beliefs, including the parish you join, the Catholic Charities you support, your engagement with religious and devotional content in the Library, and your participation in parish or community features. The Service is, by design, a Catholic-faith platform; you provide this information by choosing to use the Service.
The contents of messages you send to other users through the Service’s communication features.
We use sensitive personal information only for the purposes described in this Privacy Policy, primarily to provide the Service you have requested, to comply with our legal obligations, to ensure security and prevent fraud, and for other purposes permitted by law. We do not use sensitive personal information for purposes of inferring characteristics for advertising or for purposes that would require opt-in consent under California Civil Code Section 1798.121. California residents have the right to direct us to limit our use of sensitive personal information, as described under Your Privacy Rights below.
How We Use Your Information
We use the information we collect for the following purposes:
To operate, maintain, and provide the Service, including processing Donations, issuing tax acknowledgments on behalf of recipient Charities, displaying Charities and Campaigns, enabling parish and community features, and delivering the Library and other content.
To communicate with you, including sending transactional messages such as donation receipts, account verification messages, password resets, security notices, and updates about these and other policies. If you opt in to additional notification categories in the Settings menu of the Apps, we will send you the categories of communication you have selected.
To personalize your experience, including suggesting Charities, surfacing relevant Library content, and enabling parish-based features.
To process payments, prevent fraud, screen for sanctions, and detect and respond to abuse, security incidents, and violations of the Terms.
To comply with legal obligations, including tax reporting and recordkeeping, responding to lawful requests from government and law enforcement, and complying with court orders and subpoenas.
To improve the Service, including by analyzing usage patterns, debugging errors, and testing new features.
To create aggregated, de-identified, or anonymized data, which is no longer reasonably linkable to you. We may use and share aggregated and de-identified data for any purpose.
We do not engage in automated decision-making that produces legal or similarly significant effects concerning you, and we do not engage in profiling for such purposes.
How We Share Your Information
Service Providers and Subprocessors.
We share information with third-party service providers who perform services on our behalf, including the categories of providers listed below. These service providers are bound by contractual obligations to use the information only to provide services to us and to protect it appropriately.
Stripe, Inc. — payment processing, charity onboarding, identity verification, and disbursement of funds.
Supabase, Inc. — database hosting, authentication services, file storage, and routing of social sign-in flows.
Vercel, Inc. — website and application programming interface hosting.
Railway Corp. — additional backend services.
Expo, Inc. — mobile application build infrastructure and the Expo Push Notification service.
Apple, Inc. — Apple Push Notification Service (for iOS push delivery), Sign in with Apple (for authentication), and Apple Maps / MapKit (for map display on iOS).
Google LLC — Firebase Cloud Messaging (for Android push delivery), Sign in with Google (for authentication), and the Google Maps SDK (for map display on Android).
Meta Platforms, Inc. — Facebook Login (authentication only). We use Facebook Login solely to authenticate users and create/maintain accounts. Any data received is handled in accordance with Meta’s Platform Terms and Policies and this Privacy Policy. You may revoke Holy Grace’s access to your Facebook account at any time through your Facebook Settings → Apps and Websites.
X Corp. — Sign in with X (authentication only). We use Sign in with X solely to authenticate users and create/maintain accounts. Any data received is handled in accordance with X’s Developer Agreement, Developer Policy, and this Privacy Policy. You may revoke Holy Grace’s access to your X account at any time through your X Settings → Security and account access → Apps and sessions. We comply with X’s Developer Policy and only access data necessary for authentication.
Twilio Inc. — short message service (SMS) delivery, including one-time passcodes for verification and security.
Resend, Inc. — transactional email delivery.
Providers of error and crash reporting, product analytics, and website analytics, where we use them, identified by category.
This list reflects our subprocessors as of the effective date of this Privacy Policy and may change as we add or remove vendors. We will update this Privacy Policy when we make material changes to the list.
Charitable Organizations You Support.
When you make a Donation, we share information with the recipient Charity, including your name, email address, mailing address (if you provide one), the Donation amount, the date of the Donation, and any message you choose to include. We share this information so the Charity can issue tax acknowledgments where required, recognize your generosity, and communicate with you in accordance with applicable law and the Charity’s own privacy practices. The Charity’s use of information we share with it is governed by the Charity’s own privacy policy, not this Privacy Policy.
If you choose to make a Donation anonymously, we will not display your name on any public-facing donor recognition surface (such as a public donor list on a Campaign page). The recipient Charity will still receive your information so it can issue a tax acknowledgment as required by the Internal Revenue Code, but the Charity will be informed that you have requested anonymity for public display purposes.
Other Users of the Service.
Information you choose to share through your profile, public donor display, friend connections, parish memberships, group chats, and direct messages may be visible to other users of the Service in accordance with the visibility you have selected. By default, your name and profile photo will appear on public donor recognition surfaces (such as a public donor list on a Campaign page) unless you opt out at checkout or in your account settings. You can adjust visibility for many features in the Settings menu of the Apps.
Legal and Safety Disclosures.
We may disclose information when we believe in good faith that disclosure is necessary to comply with applicable law, regulation, legal process (including subpoenas and court orders), or governmental requests; to enforce our Terms or other agreements; to protect the security, integrity, or availability of the Service; to detect, prevent, or address fraud, security, or technical issues; or to protect the rights, property, or safety of Holy Grace, our users, or others.
Business Transfers.
If Holy Grace is involved in a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or other change of control, your information may be transferred as part of that transaction. We will require any successor to honor the commitments in this Privacy Policy or to provide you with notice and a meaningful choice about future use of your information.
Aggregated and De-identified Information.
We may use and share aggregated, de-identified, or anonymized information for any lawful purpose, including for research, reporting, and to improve the Service. We may also share aggregated, de-identified information with academic institutions, research organizations, and other entities studying trends in charitable giving, religious practice, parish engagement, or related topics, subject to contractual restrictions against re-identification. Aggregated and de-identified information cannot reasonably be used to identify you.
We Do Not Sell Your Personal Information
Holy Grace does not sell your personal information for monetary or other valuable consideration, and we do not engage in cross-context behavioral advertising or share personal information with advertising networks for purposes of profiling. We do not have a business model that depends on advertising. The information we share with service providers and Charities, as described above, is shared to provide the Service you have requested, not for advertising or marketing on third parties’ behalf.
We do not offer financial incentives or different pricing in exchange for the collection, sale, or retention of personal information.
Cookies and Similar Technologies
On the Site, we use a small number of cookies and similar technologies that are strictly necessary to operate the Site, such as session cookies for keeping you signed in. We may also use privacy-respecting analytics tools that operate without setting tracking cookies, where available, to understand aggregate Site usage. We do not use third-party advertising cookies.
In the Apps, cookies are not used. Similar information may be collected through software development kits and operating system identifiers, as described in the section on information we collect automatically.
Email, SMS, and Push Notifications
Email. We will send you transactional email related to your account and use of the Service, such as donation receipts, account verification messages, password resets, security alerts, and notices about these and other policies. Transactional email is necessary to operate your account and is not subject to opt-out, but you may close your account at any time. Within the Settings menu of the Apps, you may opt in to receive additional categories of email, such as updates about new Charities, parish activity, devotional tips, or promotions. You may turn these on or off at any time.
SMS. If you provide your mobile phone number, we may send transactional SMS messages, including one-time passcodes for login or security verification, sent through Twilio. Message and data rates may apply. You may stop receiving non-essential SMS messages at any time by replying STOP to any such message. Stopping non-essential SMS does not prevent you from receiving security and authentication messages necessary to operate your account.
Push notifications. If you enable push notifications, your device will receive notifications from us through the Apple Push Notification Service (on iOS) or Google’s Firebase Cloud Messaging (on Android), routed through the Expo Push Notification service. You can disable push notifications at any time through your device’s operating system settings.
How Long We Keep Your Information
We retain your information only for as long as necessary to provide the Service, to comply with our legal obligations, to resolve disputes, and to enforce our agreements. Different categories of information are retained for different periods:
Account information, including profile data, friends list, parish memberships, library favorites, and notification preferences, is retained for the life of your account and deleted in accordance with our Data Deletion Instructions when your account is closed.
Donation and transaction records are retained for at least seven (7) years after the date of the Donation, as required by federal tax law and IRS recordkeeping requirements applicable to charitable organizations and platforms acting on their behalf.
Tax acknowledgment letters that have been issued cannot be un-issued; we maintain copies as required by tax law.
Messages you send through the Service are retained until you delete them or close your account. When you close your account, messages you sent to other users may remain visible to those users in the conversations where they were sent.
Logs, security records, and analytics data are retained for limited periods consistent with security and operational needs.
Information held by Stripe and other service providers is retained in accordance with each provider’s own retention policies.
Where we are required by law to retain information for longer periods, or where retention is necessary to defend legal claims, we will retain it for those purposes.
Your Privacy Rights
Depending on where you live, applicable privacy laws may give you the following rights with respect to your personal information:
The right to know what personal information we have collected about you, including the categories and specific pieces of information, the categories of sources, the purposes for which it is used, and the categories of third parties with whom it is shared.
The right to delete personal information we have collected about you, subject to certain exceptions, including information we are required to retain by law.
The right to correct inaccurate personal information we hold about you.
The right to obtain a portable copy of personal information you have provided to us in a commonly used format.
The right to opt out of any “sale” or “sharing” of personal information for cross-context behavioral advertising. As noted above, we do not engage in either.
The right to limit the use and disclosure of sensitive personal information.
The right not to receive discriminatory treatment for exercising any of these rights.
The right to designate an authorized agent to make a request on your behalf.
To exercise any of these rights, email privacy@holygrace.us with the subject line indicating the right you wish to exercise (for example, “Right to Know” or “Delete My Account”) and the email address associated with your account. You may also initiate an account deletion from within the Apps at Settings → Account → Delete Account, or by following the process at www.holygrace.us/delete-account.
Before fulfilling your request, we may need to verify your identity. We will typically verify your identity by sending a confirmation message to the email address associated with your account and asking you to confirm the request. We may ask for additional information if necessary. We will respond to verifiable requests within the time required by applicable law, generally within 30 to 45 days, and we may extend that period where permitted. If we cannot verify your identity, we may deny your request and will tell you why.
You may designate an authorized agent to make a privacy request on your behalf. The agent must provide us with written authorization signed by you, and we may verify your identity directly or require you to confirm to us that you have authorized the agent to act on your behalf.
If you exercise any of your privacy rights, we will not deny you the Service, charge you different prices or rates, provide you a different level or quality of service, or otherwise discriminate against you for exercising those rights.
Revocation of Third-Party Logins.
Deleting your Holy Grace account does not automatically revoke Holy Grace’s connection in your Facebook (or other identity provider) account. To fully revoke access, please manage your connected apps directly with the provider (instructions provided in our Data Deletion Instructions).\
X (formerly Twitter): Go to X Settings → Security and account access → Apps and sessions → find Holy Grace → Revoke access.
State Privacy Rights
Categories of personal information we collect (California disclosure). For purposes of the California Consumer Privacy Act and California Privacy Rights Act, the following describes the categories of personal information we have collected about California residents in the past twelve (12) months.
Identifiers: name, email address, mailing address, telephone number, account identifiers, IP address, device identifiers, and push notification tokens.
Customer records information: name, telephone number, mailing address, donation amounts and dates, and limited card metadata such as the last four digits of the card and brand. Full payment card information is collected and processed directly by Stripe and is not stored on our systems.
Internet or other electronic network activity information: screens viewed, features used, search queries within the Service, and other interactions with the Service.
Geolocation data: approximate location while you are actively using the charity map feature in the Apps. We do not collect background location.
Audio, electronic, visual, or similar information: profile photo, content you upload to the Service, and the contents of messages you send through the Service.
Professional or employment-related information: name, title, and contact information of authorized representatives of Charities during the onboarding process.
Sensitive personal information: account credentials, precise geolocation while you use the charity map, the contents of your messages, and information that may reveal your religious or philosophical beliefs as inferred from your use of the Service.
Inferences drawn from other personal information: preferences derived from your activity, such as Charities you may be interested in or content you may want to see.
We do not collect protected classification characteristics under California or federal law (such as race, age above 40, national origin, citizenship, marital status, sex, veteran or military status), biometric information, non-public education information, or genetic data.
California. California residents have the rights described above under the California Consumer Privacy Act and the California Privacy Rights Act, including the specific right to limit use of sensitive personal information. California residents also have the right under California’s Shine the Light law (Civil Code Section 1798.83) to request information once per year about how we have shared personal information with third parties for those parties’ direct marketing purposes; we have not shared such information for that purpose.
Other states with comprehensive privacy laws. Residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Delaware, New Jersey, Tennessee, Iowa, Indiana, Montana, New Hampshire, Kentucky, Minnesota, Maryland, Rhode Island, and other states with comprehensive consumer privacy laws have substantially similar rights. Where the law of your state grants rights or imposes processes that differ from those described in this Privacy Policy, we will follow the requirements of your state’s law.
Universal opt-out mechanisms and Do Not Track. Where applicable state law requires us to honor browser-based or platform-based universal opt-out signals such as Global Privacy Control, we treat such signals as a request to opt out of the “sale” or “sharing” of personal information for the browser or device from which the signal is received, even though we do not engage in either. We do not currently respond to legacy Do Not Track signals separately.
Account Deletion and Data Deletion Requests
You may close your account and request deletion of your personal information at any time. The fastest way to do this is from within the Apps at Settings → Account → Delete Account. You can also email privacy@holygrace.us with the subject “Delete My Account” or follow the instructions at www.holygrace.us/delete-account.
When we receive a deletion request, we will send you a confirmation message at the email address associated with your account. After confirmation, your account will be marked for deletion and you will lose access to it. We process deletions within thirty (30) days. There is a fourteen-day grace period during which you may reverse the request by contacting us.
Some information is retained after account deletion, as described in How Long We Keep Your Information. In particular, donation and transaction records are retained for at least seven (7) years to satisfy federal tax law requirements.
For more detail, see our Data Deletion Instructions at www.holygrace.us/delete-account.
Children’s Privacy
The Service is intended for users who are at least eighteen (18) years of age. We do not knowingly collect personal information from anyone under the age of 18. If you believe we may have collected information from a person under 18, please contact us at privacy@holygrace.us, and we will take steps to delete that information promptly.
Data Security
We use a combination of administrative, physical, and technical safeguards designed to protect your information. Information transmitted between your device and our servers is protected with Transport Layer Security (TLS). Information stored in our databases is encrypted at rest by our infrastructure providers. Access to user information by Holy Grace personnel is limited to those with a need to access it for operational purposes. Payment card information is processed and stored by Stripe, which is certified to the Payment Card Industry Data Security Standard (PCI DSS).
No method of transmission over the internet and no method of electronic storage is completely secure. Although we work hard to protect your information, we cannot guarantee absolute security. If we become aware of a security incident affecting your personal information, we will notify you and applicable regulators in accordance with applicable law, take reasonable steps to secure the affected data and minimize potential harm, and provide reasonable assistance to affected users.
International Users
The Service is intended for use by individuals located in the United States. Holy Grace operates the Service from the United States, and your information will be stored and processed in the United States. Some of our service providers, such as Stripe, may operate globally and may process information outside the United States in connection with services they provide to us. If you access the Service from outside the United States, you do so on your own initiative and you are responsible for compliance with applicable local laws.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The most current version will always be available at www.holygrace.us/privacy. If we make material changes, we will notify you by email, by an in-app notice, or by another reasonable means generally at least thirty (30) days before the changes take effect, unless a shorter period is required by law or by an emergency need to address a security issue or legal risk. The “Effective” date below reflects the date of the most recent revision. Your continued use of the Service after the effective date of an updated Privacy Policy means you accept the updated policy.
Contact Us
If you have questions about this Privacy Policy or about our privacy practices, please contact us:
Holy Grace USA, Inc.
Privacy and data deletion requests: privacy@holygrace.us
General questions and support: support@holygrace.us
For our mailing address and telephone number, please visit our Contact page at www.holygrace.us/contact.
Data Deletion Instructions
Agreement between You and Holy Grace
These Data Deletion Instructions explain how to request deletion of your account and the information associated with it on the Holy Grace platform, including the website at www.holygrace.us (the “Site”), the Holy Grace mobile applications for iOS and Android (the “Apps”), the charity portal, and all related features and services (together, the “Service”), operated by Holy Grace USA, Inc. (“Holy Grace,” “we,” “us,” or “our”).
These instructions are part of, and should be read together with, our Terms of Service at www.holygrace.us/terms and our Privacy Policy at www.holygrace.us/privacy. Capitalized terms not defined here have the meanings given in those documents.
Your Right to Delete Your Account
You may close your account and request deletion of your personal information at any time, free of charge. We will honor your request, with the limited exceptions described below for information we are legally required to keep, such as donation records that we must retain under federal tax law.
How to Request Account Deletion
You may request deletion using any of the following methods:
From within the Apps.
Open the Holy Grace app on your iOS or Android device. Go to Settings, then Account, then Delete Account, and follow the prompts to confirm your request. This is the fastest method and does not require contacting customer service.
By email.
Send an email to privacy@holygrace.us from the email address associated with your account, with the subject line “Delete My Account.” Please include any information that will help us locate your account, such as the email address you signed up with.
Through the website.
Visit www.holygrace.us/delete-account to find the most current instructions and any web form we may make available for submitting deletion requests.
You do not need to provide a reason for your request, and we will not ask you for one.
Identity Verification
Before we delete your account, we will verify that the request actually comes from you. We will not use information collected for verification for any purpose other than verifying that the request is yours.
Verification within the Apps.
If you initiate deletion through the Apps, you will be asked to confirm the request using one of the following verification methods. We may add or adjust these methods over time:
Password. If your account uses a password, you will be prompted to re-enter it before deletion is initiated.
Email link. We send a confirmation link to the email address associated with your account, valid for a short period. Following the link confirms the request.
Text message code. If you have a verified mobile phone number on file, we send a one-time passcode by SMS through Twilio. Entering the passcode confirms the request. Standard message and data rates may apply.
Verification for email and web requests.
If you initiate deletion by emailing privacy@holygrace.us or through the website, we will typically verify your identity by sending a confirmation message to the email address associated with your account, asking you to confirm the request, and (where helpful) sending a one-time passcode by email or SMS. We may ask for additional information if necessary to confirm your identity.
If we cannot verify your identity, we may deny the request and will tell you why. You can then provide additional information and submit a new request.
Our Timeline for Processing Your Request
We will acknowledge your request within five (5) business days of receiving it.
We will complete the deletion of your account and the personal information associated with it within thirty (30) days of confirming your request. In some cases, we may need additional time, in which case we will notify you and explain the reason.
Backups and disaster recovery copies of your information may persist for up to ninety (90) days after deletion until they are overwritten in the ordinary course of our backup rotation. Information in those backups will not be used for any purpose during that period and will be permanently overwritten on the rotation cycle.
Information We Delete
When we process your deletion request, we delete the following categories of information associated with your account:
Profile information, including your name, email address, mobile phone number, profile photo, biography, and any other information you have added to your profile.
Authentication credentials, including any password hash and one-time passcode records.
Friend connections and your friends list.
Parish, group, and community memberships, and your participation history in those groups.
Library favorites, reading history, and recently viewed Charities.
Notification settings and preferences.
Push notification tokens.
Donor wall display preferences.
Recurring donation schedules, which will be canceled before deletion.
Direct messages you have sent, subject to the limitation described below for messages already delivered to other users.
Group chat participation records associated with your account.
Information We Retain
Some information must be retained even after you close your account. This is required by law, by financial recordkeeping rules, or by legitimate operational and legal needs. The categories of information we retain after deletion include:
Donation and transaction records. Federal tax law and IRS recordkeeping requirements applicable to charitable organizations require us, and the recipient Charities, to retain records of contributions for at least seven (7) years. These records include the date and amount of each Donation, the recipient Charity, and information necessary to support the tax acknowledgment letters that have been issued.
Tax acknowledgment letters that have been issued. These cannot be un-issued. We retain copies of acknowledgments we have already sent to you and to the recipient Charities, as required by tax law.
Year-end giving statements. If you have made Donations during the calendar year in which you close your account, you may still receive a year-end giving statement summarizing those Donations, sent to the email address on file at the time of the Donations. This is intended to support your tax filings and is required by federal tax law applicable to charitable contributions.
Information held by Stripe and other service providers. Information you have provided to Stripe in connection with payments, and information held by other service providers in connection with services they perform for us, is retained in accordance with each provider’s own retention policies.
Records under legal hold. Where we are required by law, court order, subpoena, or pending legal claim to preserve records, we will retain those records until the legal hold is released.
Anonymized and aggregated information. Information that has been de-identified or aggregated and that cannot reasonably be used to identify you may be retained for analytics, research, and Service improvement purposes.
Audit, security, and fraud prevention records. We may retain limited information for the purpose of detecting and preventing fraud, abuse, and security incidents, in each case for limited periods consistent with security and operational needs.
Where the law of your state or country grants different rights or imposes different retention rules, we will follow those rules.
The Fourteen-Day Grace Period and Account Recovery
After we acknowledge your deletion request, you have a fourteen (14) day grace period during which you can reverse your decision and restore your account. To reverse a deletion request, email privacy@holygrace.us before the end of the grace period, from the email address associated with your account. After the grace period ends and we have completed deletion, your account cannot be restored. If you wish to use the Service again later, you will need to create a new account.
Getting a Copy of Your Information Before Deletion
If you would like a copy of your personal information before your account is deleted, you may request one by emailing privacy@holygrace.us with the subject line “Data Export Request” before submitting your deletion request. We will provide a portable copy of your information in a commonly used format. We may also provide an annual giving statement summarizing your contributions for the calendar year, which is helpful for tax purposes.
Effect of Deletion on Messages and Other User Content
Messages you have already sent to other users of the Service may remain visible to those users in the conversations where they were sent. Deleting your account closes your account and removes your ability to send new messages, but it does not retroactively remove messages that have already been delivered to recipients. The sender name on those messages may continue to appear with your account name as it existed at the time of sending. If you would like a specific message removed from a recipient’s view, you may attempt to delete the message individually before closing your account, where the Service offers this functionality, or contact us at privacy@holygrace.us and we will consider your request in good faith.
User Content that you have made publicly visible on the Service, such as comments or contributions to public Campaign pages, may remain associated with your account name unless you remove the content before closing your account.
Third-Party Identity Provider Connections
If you signed in using Apple, Google, or Facebook (Meta), deleting your Holy Grace account removes our records as described above. However, this action does not automatically revoke the connection at the identity provider level. If you want to additionally revoke that connection, you can do so through your account settings with the relevant identity provider:
Sign in with Apple: Settings on your Apple device → [Your Name] → Sign-In & Security → Sign in with Apple → Holy Grace → Stop Using Apple ID.
Sign in with Google: myaccount.google.com → Security → Your connections to third-party apps and services → Holy Grace → Remove access.
Sign in with Facebook (Meta): Go to Facebook Settings → Apps and Websites → find Holy Grace → Remove.
Sign in with X (formerly Twitter): Go to your X account Settings → Security and account access → Apps and sessions → Holy Grace → Revoke access.
We strongly recommend revoking access at the provider’s level after deleting your Holy Grace account to ensure no further data sharing occurs. You may also manage or revoke permissions directly in the Meta for Developers App Dashboard if you are the app administrator.
Charity Accounts and Authorized Representatives
If you represent a Charity that has registered on the Service, the deletion process for the Charity’s account is different from the process for individual Donor accounts. Charity accounts are connected to financial systems, including Stripe Connected Accounts, that involve regulatory and recordkeeping obligations. To request closure of a Charity’s account on the Service, please email privacy@holygrace.us with the subject line “Charity Account Closure” and include the Charity’s legal name, Employer Identification Number, and the name of an authorized representative.
Closing a Charity’s account on the Service generally requires winding down the associated Stripe Connected Account through Stripe’s own process, satisfying any outstanding obligations to issue tax acknowledgments to Donors, retaining donation records as required by law, and complying with any state charitable solicitation registration requirements that apply to the Charity. We will work with the Charity’s authorized representatives to coordinate this process.
If you are an individual authorized representative of a Charity and you want only your personal account associated with the Charity to be removed (without closing the Charity’s account), you may request that through privacy@holygrace.us as well. We will work with the Charity to transition your responsibilities to another authorized representative.
Information Held by Recipient Charities
When you make a Donation through the Service, we share limited information with the recipient Charity, including your name, email address, mailing address (if you provided one), the Donation amount, the date of the Donation, and any message you included. This is necessary so the Charity can issue tax acknowledgments and recognize your generosity.
Closing your Holy Grace account and deleting your information from our systems does not, by itself, remove information that has already been shared with a recipient Charity. The Charity’s use, retention, and deletion of that information is governed by the Charity’s own privacy practices and applicable law, not by these Data Deletion Instructions or our Privacy Policy. If you want a recipient Charity to also delete information about you from its records, you must contact that Charity directly. We are happy to help you identify which Charities have received Donations from you; please email privacy@holygrace.us with the subject line “Charity Records Inquiry” and we will provide a list.
Changes to These Instructions
We may update these Data Deletion Instructions from time to time. The most current version will always be available at www.holygrace.us/delete-account. The “Effective” date below reflects the date of the most recent revision.
Contact Us
If you have questions about these Data Deletion Instructions, or if you need help submitting a deletion request, please contact us:
Holy Grace USA, Inc.
Privacy and data deletion requests: privacy@holygrace.us
General questions and support: support@holygrace.us
For our mailing address and telephone number, please visit our Contact page at www.holygrace.us/contact.
Effective as of May 20, 2026
Prepared by Insan Inc. for Holy Grace USA under the Software Development Agreement dated November 10, 2025. Insan Inc. retains ownership. Use is licensed pending payment. Removal or alteration of this notice may violate 17 U.S.C. § 1202.