Issue: Merchants want to prevent staff from exporting customer data while retaining access needed for draft orders and customer service.
Current capability: Restricting the “Export customers” permission is available only on Shopify Plus. Non‑Plus stores cannot disable export without removing the entire Customers permission, which blocks necessary workflows.
Attempts and findings: Some users could not see the export toggle; after investigation, Shopify confirmed it’s Plus‑only. On non‑Plus plans, unchecking export options reverts after saving.
Risks and concerns: Strong GDPR (EU data protection) and security worries, including reports of actual data loss by a former employee. Multiple requests to make this a basic feature across all plans; Plus cost (~$2000/month cited by users) viewed as unreasonable for fundamental data protection.
Detection/monitoring: Store owner receives an email if 51+ customers are exported. Users note limited audit visibility of who exported data.
Apps/alternatives: No app can disable native export; suggestion to submit support tickets. Workaround to revoke Customers access is not viable for customer‑facing roles.
Status: Shopify staff have forwarded feedback to developers; no timeline or resolution. Any changes will be announced via the changelog or announcements page. Screenshots were central to clarifying availability of the permission.
Totally agree with @FirstMatsUK
This is a huge security gap by shopify team by keeping this feature limited to plus plans. a business can loose all data to a disgruntled employee and export all the IP. Please make it a top priority and enable for all shopify plans