Mandatory webhooks

To comply with the General Data Protection Regulation (GDPR), public apps must set up mandatory webhooks. These webhooks help you manage the user data that an app collects.

This guide isn't intended to provide you with legal advice. It describes the changes that Shopify has made to its platform to account for GDPR, and helps you think about your data practices in the way that GDPR requires.

GDPR and Shopify

GDPR, which went into effect on May 25, 2018, imposes obligations on any party that collects, stores, or processes personal data of individuals located in Europe.

Shopify, however, mandates these regulations for all user data, both for individuals located in Europe and those located elsewhere. Each app developer is responsible for making sure that the apps they build for the Shopify platform are GDPR compliant.

Mandatory webhooks

The following webhooks must be added to every public app:

Receive and respond to mandatory webhooks

When you receive one of the mandatory webhooks, you must confirm your receipt of the redaction request by responding with a 200 series status code. You must also complete the action within 30 days of receipt, unless you're legally required to retain the data.

To learn more about how to receive and respond to webhooks, refer to Configuring webhooks.

Manage endpoints for mandatory webhooks

Your endpoint must be an HTTPS webhook address with a valid SSL certificate that can correctly process event notifications. For more information, refer to Register an endpoint.

  1. From your Partner Dashboard, go to Apps.
  2. Click the app that you want to update.
  3. Click App setup.
  4. In the GDPR mandatory webhooks section, update your endpoints.
  5. Click Save.

customers/data_request

When a customer requests their data from a store owner, Shopify sends a payload on the customers/data_request topic to the apps installed on that store.

If your app has been granted access to customer or order data, then you receive a data request webhook with the resource IDs of the data that you need to provide to the store owner. It's your responsibility to provide this data to the store owner directly. In some cases, a customer record contains only the customer's email address.

Webhook payload

customers/redact

When a store owner requests deletion of data on behalf of a customer, Shopify sends a payload on the customers/redact topic to the apps installed on that store.

If the customer hasn't placed an order in the past six months, then Shopify sends the payload 10 days after their request. Otherwise, the request is withheld until six months have passed. If your app has been granted access to the store's customers or orders, then you receive a redaction request webhook with the resource IDs that you need to redact or delete. In some cases, a customer record contains only the customer's email address.

Webhook payload

shop/redact

48 hours after a store owner uninstalls your app, Shopify sends you a shop/redact webhook. This webhook provides the store's shop_id and shop_domain so that you can erase the customer information for that store from your database.

Webhook payload

Next steps