I recently started using web pixels to track analytics data in merchants storefront. However in the event payload i am also seeing the customer’s PII data along with the event data.
Even in the app information page it is showing my app has access to customer data. Even this is not required for my use case, merchants are concerned about this.
In the latest change log, there is more granular scopes introduced. Even after this release i am still seeing the customer PII in the web pixel event data.
Hey @Manoj_Putchala 
- out of curiosity, which access scopes does your app currently request in your shopify.app.toml? If you had requested access to protected data beforehand, this could be why you’re still seeing that info per your screenshot there:
We are currently using these access scopes:
read_products
write_products
read_themes
read_script_tags
write_script_tags
read_locales
read_translations
read_markets
unauthenticated_read_product_listings
unauthenticated_read_product_inventory
read_inventory
write_inventory
read_locations
read_publications
write_publications
read_metaobjects
read_metaobject_definitions
write_pixels
read_customer_events
And we did not request for any protected data before.
Hey @Alan_G - Just bringing this to your attention again.
Thanks for the ping @Manoj_Putchala and for sharing your scopes. Looking into this on our end here.
Hey again @Manoj_Putchala - just following up on this. I was able to confirm with some folks internally that this hasn’t rolled out quite yet so this is still expected behaviour. I’ll keep an eye on things for you and let you know once things change. Let me know if I can clarify anything more on our end here.
@Alan_G Thank you for getting back. Could you please tell me an estimate of when this will be rolled out.
Hey @Manoj_Putchala - I can’t confirm an exact date, but it should be within the near future for sure.