I am new to shopify and i have created an app for a project i want to deploy that app on the store for that GDPR mandatory webhooks need to be configured into our app and should response as they asked .
for app implementation i am using nodejs platform and i am confuse about the implementatio part of the below three mandatory GDPR webhooks :
customers/data-request
customers/redact
shop/redact
as i am new to this shopify concepts i am facing difficulty in implementing this webhooks..
any kind of help will be appreciated..
Thank You.
i’ve tried community platofrm solutions but they were not helpful to me
i’ve also tried with pipedream configuration but also not working
2
Answers
First off. When get your App responding to any webhook from Shopify. There should be nothing confusing about that. You set an endpoint in your App to receive one, check security, and if it passes, you process it. Once you incorporate that, you’re past all the hard stuff.
So instead of you asking for these topics as per what you already did, like App Uninstalled (pretty much a MUST DO) or any other topic, these one, Shopify just sends whether you like it or not. You have to prepare for this in any public App (listed in App store or not). So just make the end points. You already established you can do that, so that is it. You’re now compliant and done.
You’re supposed to tell Shopify during app Setup which routes you’re going to use for each of the three mandatory requests.
For each request Shopify expects you to send a reply with 200 status code, after that it’s your responsibility to decide if you should delete the data or send it to who requested it.
Each route is pretty self explanatory, but making it GDPR compliant might be more complicated for you, however after you replied Shopify with a 200 code it’s not their responsibility anymore to tell you how you should comply with regulations.