Data and user privacy under GDPR

With the General Data Protection Regulations (GDPR) in effect as of May 25, 2018, it is crucial for any developer who works with European merchants, or works with merchants who have European customers, to disclose all data collection and usage through a privacy policy. GDPR clarifies and imposes new obligations on any party that collects, stores, or processes personal data of individuals located in Europe.

We have discussed elsewhere about GDPR generally, and how it affects Shopify and our merchants. But GDPR also probably affects most of the developers who are developing apps for the Shopify app store.

We want to make sure that you are preparing for GDPR, and in particular, that you start to think carefully about what personal information that your app collects and why, since merchants will need that information from you before GDPR takes effect.

Please note that GDPR is extremely complicated (the law is almost 90 pages long), and will apply differently to different apps in our app store. If you have any concerns, then we strongly recommend talking with a lawyer about how GDPR specifically applies to you.

This document is not intended to provide you with legal advice. It is intended to provide you with information about changes that Shopify is making in the Shopify App Store to help merchants prepare for GDPR, and to help you start to think about your data practices in the way that GDPR requires.

In this section