FROM CACHE - en_header
Promotion image
Our Partner & Developer boards on the community are moving to a brand new home: the .dev community forums! While you can still access past discussions here, for all your future app and storefront building questions, head over to the new forums.

Re: CCPA GDPR Delete Customer with Orders

CCPA GDPR Delete Customer with Orders

transcend-dev
Shopify Partner
4 0 5
‎02-04-2020 06:45 PM

Hi Shopify Support, 

 

My company works in the GDPR / CCPA automation space.  We have clients that are concerned that in order to comply with CCPA / GDPR they have to DELETE customer data from within their Shopify accounts when that customer submits a request for data erasure.  We are unable to honor this feature for our Shopify customers because your API, as documented in the link below, does NOT allow customers that have order information to have their profiles deleted.

 

Documentation at this link: https://help.shopify.com/en/api/reference/customers/customer#destroy-2020-01

 

Can you please help!  Our clients are desperate not to have legal risks associated with CCPA non-compliance.  

 

Best,

Russell @ transcend.io

2,123 Views
0 Likes
Report
Replies 3 (3)

hassain
Shopify Staff (Retired)
624 104 189
‎02-12-2020 12:53 PM

Hey @transcend-dev ,

 

Shopify has a lot of documentation available discussing how our platform operates with GDPR and CCPA requirements: https://help.shopify.com/en/manual/your-account/privacy/GDPR and https://help.shopify.com/en/manual/your-account/privacy/CCPA . I would definitely recommend taking the time to read through these documents thoroughly, as it should answer most of all the questions you might have about how Shopify operates with these privacy regulations.

 

In terms of complying with Customer deletion requests, the process is the same for both regulations (https://help.shopify.com/en/manual/your-account/privacy/CCPA/ccpa-requests#complete-deletion-request...). Upon receiving the deletion request, the merchant should go through their Shopify Admin, find the customer who wants their data deleted, and press the "Erase personal data" option. After 10 days, Shopify will process this erasure request. Shopify will also send a Webhook message to all the third party app partners this merchant uses so they know to erase any information they have about this customer. There is one nuance about erasing the information of a customer that has placed an order within the last 6 months  in case a charge back occurs, but you can read the documentation linked above for more information there.

 

To learn more visit the Shopify Help Center or the Community Blog.

2,090 Views
0 Likes
Report
In response to hassain

AndyGaze
Visitor
1 0 0
‎12-08-2020 11:12 AM

Hi,

I have a similar problem but I cannot find the "Erase personal data" option.

1,887 Views
0 Likes
Report
In response to hassain

Pahadsingh
Shopify Partner
4 0 0
‎04-26-2023 03:28 PM

Will Erasing a customer through "Erase personal data" also delete all the other data related to customer like orders, blog comments, fulfillment etc?

Or it will only redact the PII data from say orders and Shopify will still have the order information. and such orders will still be available and searchable through the Orders section in Admin UI.

We basically want to know if we can delete the customer's PII data but want to keep their order/subscription data in Shopify. 

1,091 Views
0 Likes
Report
Terms of Service Privacy Policy