I am using read_shipping scope to listen to profile delivery updates. “profile/delete” works well but adding profiles/update or profiles/create and trying to deploy the app shows an error:
This app is not approved to subscribe to webhook topics containing protected customer data. See https://shopify.dev/docs/apps/launch/protected-customer-data for more details.
Seems like a bug or am I missing anything? I don’t think there is any personal data linked to customer here. 
Shopify versions 3.85.4
1 Like
Hi @GrayBlueApps,
Thanks for reporting this behaviour, I can confirm that the profiles/create and profiles/update webhook topics are marked as having protected customer data, per the Webhook Resource Shopify.dev documentation.
However when testing this webhook on my test store, I can confirm that these payloads don’t return any protected customer data, in fact the only data they return is the Delivery Profile Id that you can use to query the updated or created profile via the Admin API. Even then the actual DeliveryProfile object itself doesn’t have any protected customer data.
At this time I am currently looking into this behaviour futher with our developers internally, and we will follow up in this thread once we have more information or updates to share!
1 Like
Hi @GrayBlueApps,
I’m following up here to let you know we discussed this with our developers further who confirmed this is unexpected behaviour, and will be working on a fix to remove the protected customer data requirement for these webhook topics.
Sounds great! Thank you so much. 