Hi - I’m looking for more guidance and information on handling the customers/redact webhook. Particularly, I notice sometimes the orders_to_redact field is empty list or null, when there are orders associated with that person. Should we take steps to redact all orders in this case, or should this request be treated as a no-op with no order information to remove
A follow-up, can a user trigger this by themself or must they go through a merchant?
Hey @ConnerDelahanty, an empty orders_to_redact field is expected behavior so you only need to redact the orders explicitly listed in that field.
For your second question, customers cannot trigger this themselves. They need to request data deletion from the merchant, and then the merchant processes the request through the Shopify admin (typically from the customer profile under More actions > Erase personal data). The merchant’s action is what triggers the customers/redact webhook to your app.
Thanks @KyleG-Shopify for your answer. Super helpful
And to confirm, when orders_to_redact is empty, is the expectation that just the customer information is removed, their orders remain untouched.
Regarding two – confirming, is this link: Privacy controls is separate Shopify-specific deletion request. This is not forwarded to merchants or apps via customers/redact
That is correct
Regarding two, this would be more Shopify specific.
we will erase personal data associated with this email address that is shared by merchants with Shopify and used solely to provide Shopify’s recommendation and personalization services.