Apps can now request access to necessary protected data
API
Effective October 01, 2022
Action required
As of the 2022-10 release, APIs will redact customer personal data by default and you will be able to request access to protected customer data and protected customer fields through your Partner Dashboard. You will need approval to access protected customer data on any store that isn't a development store.
Apps that require protected customer data (data that relates directly to a customer or prospective customer) must implement our data protection requirements, including informing merchants of your app’s data use and purpose, applying customer consent decisions, opt-out requests, and more.
Apps that require protected customer fields (individual configuration and approval) in addition to approval for protected customer data will need to abide by additional requirements, including encrypting your data back ups, keeping test and production data separate, and more.
For more information, please visit our developer documentation.