Built a tool for the privacy-policy + compliance-webhook submission gate — also happy to just answer questions

Hi all — I build apps on this platform and kept losing afternoons to the same two submission blockers: the now-required privacy-policy field, and the mandatory compliance webhooks failing the automated check (worse since registration moved to CLI-only in shopify.app.toml).

I ended up building Term Tool to handle the documentation side — it generates a privacy policy and terms, and outputs the compliance_topics block for customers/data_request, customers/redact, and shop/redact plus the HMAC-401 handling the review check expects.

But mostly I wanted to say: if you’re stuck on the privacy / terms / webhook requirements, reply here and I’ll help work through it — I’ve hit most of the failure modes. The tool’s a shortcut, not a prerequisite; the requirements are all doable by hand and I’m glad to walk through how.

Thanks @Michael_Bryant, appreciate you offering to help other developers work through this!

I wanted to add the official docs here as well so folks have the current references in one place. The privacy policy requirement is covered here: Privacy requirements, and the mandatory compliance webhook requirements are here: Privacy law compliance.

For implementation, compliance webhooks are configured in shopify.app.toml using compliance_topics for customers/data_request, customers/redact, and shop/redact. The app configuration docs cover that here: App configuration, and the HMAC verification flow is covered here: Verify webhook deliveries.