Topics covering webhook creation & management, event handling, Pub/Sub, and Eventbridge, in Shopify apps.
Hi
I'm already adding a public non-published app in a Shopify partners account and for that I provided all needed informations and details of the app... besides that I have to implement GDPR Webhooks in my app in order to get aligned with privacy rules requirements.
As you already know these Webhooks contains basically 3 endpoints that give us the ability to:
- View stored customer data for a specific order.
- Delete stored customer data for a specific order.
- Delete stored shop owner data.
In this context comes to me a question when the shop owner request for example the delete of customer data for a specific order while this order is not shipped or not fulfilled yet.
In such cases is the target webhook executed, anyway?
How should we get informed and how will that reflect to the order itself if we delete the data related?
Regards
Solved! Go to the solution
This is an accepted solution.
Hey @ClausWeibrecht
To confirm, the customers/redact webhook payload would include all order ID's with any fulfillment status if your app has access to the store's customers or orders. You'd then need to redact or delete those customers on the side of your app only.
I can confirm additionally that once the customer is redacted on Shopify, the anonymized customer's order data is held intact(some further GDPR documentation is here).
Hope that helps!
- API Support
This is an accepted solution.
Hey @ClausWeibrecht
To confirm, the customers/redact webhook payload would include all order ID's with any fulfillment status if your app has access to the store's customers or orders. You'd then need to redact or delete those customers on the side of your app only.
I can confirm additionally that once the customer is redacted on Shopify, the anonymized customer's order data is held intact(some further GDPR documentation is here).
Hope that helps!
- API Support