I see this all the time where the app definitely does not need access. I just added an app that only has a countdown timer that tells visitors “Order within 30 minutes in order to ship today” and the app required permissions to “Orders”. Realizing that there is no need for this access and that I don’t want anyone that doesn’t need this access (especially for a spy looking for his next business), I asked the developer why he needs this access and his response was “Currently, the features of the app do not use order data. However, we request order data anyway to allow for future features to be implemented that might use that data.”. This is obviously not true. There is no way a countdown app would ever need Orders Access. A SPY looking for his next business. It is unethical.
Where is Privacy and quality assurance? Sometimes apps upon installation say something like “Shopify has checked and verified that this app needs Orders access”. Why doesn’t this app have that? We should be able to complain to Shopify when it is clear that they do not need certain access. Especially in my case where he admitted that it doesn’t need it.
I was just trying to install an Instagram feed since the client wants one, to just see if it would work. Can anyone tell my why an Instagram Feed APP would need any of the below information as it just stumps me. This should be disallowed as the shop owner has direct responsibility through PCI compliance as well as GDPR.
Instafeed will be able to: View Shopify account data
Instafeed will be able to access data such as your Shopify account email addresses, phone numbers, and locations.
View products This includes products and collections.
Manage your Online Store This includes script tags in your Online Store.
|an hour ago|
|2 hours ago|
|2 hours ago|