FROM CACHE - en_header

Mandatory Webhooks - What should i return if i don't store shop data on our end?

Saptarshi
Shopify Partner
13 0 2
‎08-10-2021 01:53 AM

As far as I understand we need to create these three endpoints that will make an app GDPR compliant

customers/data_request - we don't store any customer data on our systems, so what should we return here?
customers/redact - same, no customer data stored on our systems...
shop/redact - does shopify consider user's shop url and oauth token as user data, in that case should we purge that from our systems? (this is the only data we save in our database)

Labels:
443 Views
0 Likes
Report
Reply 1 (1)
mrad
Shopify Staff
Shopify Staff
63 10 15
‎08-10-2021 11:00 AM

Hi Saptarshi, to make your app GDPR complaint you must subscribe to the 3 mandatory GDPR webhooks, and ensure you are returning a 200-level response when receiving these webhooks. Even if you do not store any customer data, you should return a 2XX status code when receiving the webhook.

You can read more on mandatory GDPR webhooks here: https://shopify.dev/apps/webhooks/mandatory

 

mrad | Developer @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

358 Views
Report

Community Blog Articles

31-54-5hg9c-2x272
Community Update! Threading Improvements

We're excited to announce improvements to the threaded messaging experience in our communi...

By TyW May 31, 2023
crowd-participating-at-event.jpg
We Answered Your Questions to Help You Get the Most Out of Your Shopify <> ...

Thank you to everyone who participated in our AMA with Klaviyo. It was great to see so man...

By Jacqui May 30, 2023
24-09-19241-65844.png
Introduction to Shopify Sales Channels

Photo by Marco Verch Sales channels on Shopify are various platforms where you can sell...

By Ollie May 25, 2023
Terms of Service Privacy Policy