Solved

US states included in the Customer Privacy API's saleOfDataRegions function

AlexVas
Shopify Partner
6 0 30

I have a question about the Customer Privacy API. I'm a bit confused about the expected behavior around the saleOfDataRegion function: This will be true if the visitor is from a US state requiring data sale opt-outs.

 

Could you please specify which are the US states requiring data sale opt-outs? I've tested with California  (CCPA-CPRA),  Virginia  (VCDPA),  Colorado  (CPA), and Connecticut  (CTDPA), and they are all properly detected (the function returns true), but I was wondering if there is any other state that we should be aware of?

Accepted Solution (1)

Liam
Shopify Staff
2731 302 783

This is an accepted solution.

Hi AlexVas,

 

The saleOfDataRegion function in the Customer Privacy API does check if the visitor is from a region that requires an opt-out for the sale of data, as per regional laws. However, the API documentation might not explicitly list out all the regions or US states.

 

As of now, the primary states with such laws are California (CCPA-CPRA), Virginia (VCDPA), and Colorado (CPA). Other states may have similar laws in the works or already implemented, but those would be the main ones to consider for now. The function should return true for these states.

Please keep in mind that laws and regulations often change and may vary by state. It is always a good practice to stay updated with privacy laws in the regions where your users are located.

 

Hope this helps!

Liam | Developer Advocate @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

View solution in original post

Reply 1 (1)

Liam
Shopify Staff
2731 302 783

This is an accepted solution.

Hi AlexVas,

 

The saleOfDataRegion function in the Customer Privacy API does check if the visitor is from a region that requires an opt-out for the sale of data, as per regional laws. However, the API documentation might not explicitly list out all the regions or US states.

 

As of now, the primary states with such laws are California (CCPA-CPRA), Virginia (VCDPA), and Colorado (CPA). Other states may have similar laws in the works or already implemented, but those would be the main ones to consider for now. The function should return true for these states.

Please keep in mind that laws and regulations often change and may vary by state. It is always a good practice to stay updated with privacy laws in the regions where your users are located.

 

Hope this helps!

Liam | Developer Advocate @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog