Our Partner & Developer boards on the community are moving to a brand new home: the .dev community forums! While you can still access past discussions here, for all your future app and storefront building questions, head over to the new forums.

Question about mandatory GDPR webhooks for app review

Question about mandatory GDPR webhooks for app review

triplesingle
Shopify Partner
22 0 1

With respect to the mandatory GDPR webhooks in this link (https://shopify.dev/docs/apps/build/privacy-law-compliance)

Is my understanding correct that my endpoint just needs to return a status code 200 and that I don't need any actual logic besides giving a 401 if the HMAC is wrong?

Replies 2 (2)

Brett_Helium
Shopify Partner
296 56 134

Hey @triplesingle,

 

Besides responding to the webhook with a 200 or 401, you will also need to make sure to need to actually complete the request by providing or redacting the indicated data within 30 days (https://shopify.dev/docs/apps/build/privacy-law-compliance#respond-to-compliance-webhooks)

Brett | Helium
- Customer Fields ✪✪✪✪✪ (360+ reviews)
- Meteor Mega Menu ✪✪✪✪✪ (290+ reviews)
- Strike Automatic Discounts NEW!
triplesingle
Shopify Partner
22 0 1

Hi Brett, thanks for the advice!

My app does not collect any store or user data so I think I should be good with just providing the status code?