[GDPR] - Receiving a Customer Redaction Request
Hey All, just wanted to share a quick update from the team.
In May, we shared communications regarding the European Union’s new General Data Protection Regulation (“GDPR”) and what it means for merchants and developers on our platform.
One key aspect of the GDPR is that individuals now have the right to request access to their personal data and/or have their personal data deleted. To execute these requests, all developers on our platform who handle personal information are required to subscribe to our mandatory webhooks.
How developers receive requests around personal data
When Shopify receives notice from a merchant that a customer would like their personal data deleted, Shopify will redact all the personal data it stores on that customer and push that redaction request to you to fulfill as well. Likewise, if a customer requests to view their personal data from a merchant, Shopify will also send the merchant the requested data and push the same request to you. In general, the GDPR requires that the personal data be redacted upon request, unless you have another legal reason not to do so.
Implementation and Timing
We will begin sending out payloads for Customer Redaction and View Data on August 25th, 2018.
These payloads are being delivered through three webhooks; the two we introduced in May (Customer Redaction and Shop Redaction), and a third (View Data) which will be available by August 25th.
With all of these webhooks, unless you are legally required to retain the data, requests should be addressed within 30 days of receipt. For details, visit the GDPR Webhook Docs
Receiving a Customer Redaction Request
We’ve broken down the Customer Redaction process into a few steps:
Customer contacts merchant to request erasure of their personal data.
Merchant clicks “Remove personal data” of the customer in their admin.
Shopify redacts the personal data it holds on the customer, and sends a payload on the customers/redact topic to installed apps with the resource IDs matching the customer that has requested redaction.
Apps receive the redaction request and are required by GDPR to redact the personal data. However, there are some cases where you do not need to redact data if there is another legal reason for keeping it. Please see Processing GDPR data requests for more information.
If you are redacting, you have 30 days to do so.
Receiving a Shop Redaction Request
Similar to the Customer Redaction request we talked about above, we’re also introducing a Shop Redaction webhook. This webhook is intended to erase personal data for an entire store. 48 hours after a shop uninstalls your app, we will attempt to send you a shop/redact webhook. This webhook will provide the shop_id and shop_domain so that you can erase their customers’ personal information from your database. Similar to the customer redaction request, you should do so within 30 days.
Receiving a View Data Request
Implementation details will be coming very shortly.
For a quick recap:
Who is affected by this change? For the sake of simplicity and fairness, Shopify is honoring GDPR requests from everyone, even though the GDPR technically only applies to individuals who reside in the European Economic Area (“EEA”). Any app that offers goods or services to residents of the EEA is subject to the law (almost everyone!).
What do I do? Implement the two mandatory webhooks.
Why? To ensure compliance with the new European General Data Protection Regulation.
When? Shopify will begin sending payloads on August 25th, 2018.
For more information, please see our blog ‘What App Developers Need to Know About GDPR’, our helpdocs on GDPR, and our docs on user privacy and apps.