App permissions and personal information
Permissions control what types of information from your store an app can access or modify for the functions it performs.
Personally identifiable information (PII) is information that alone or combined can uniquely identify an individual. Apps that you install from the Shopify App Store can access different types of PII when they use information about your store, customers, orders, or other business data.
Every app that you install has access to PII about your Shopify account, including your contact information and location.
Depending on the function it performs, an app can require additional types of information. For example, an app that manages or fulfills orders requires access to order information that includes customer PII, such as customer addresses and other contact information.
You can revoke access to data by uninstalling the app. This sends the developer a request (after 48 hours) to erase all of your customers’ personal information the app collected while it was installed. If you request to erase an individual customer’s personal data from your store, then the same request is sent to every app you have installed that might have that customer’s information. To confirm that the requested data was deleted, you need to check with the app's developer directly. Learn more about erasing individual customer's data.
During the installation of an app, you can review the permissions that app has and the type of PII that it needs to access before you confirm the installation. After installation, you can review the permission details in Apps > About page.
There are four types of PII that an app can access:
- Customer personal information, which includes contact information such as name, email address, phone number, and address. Apps that deal with orders, fulfillment, or shipping also require access to location information (such as IP address and geolocation), and user agent information (such as browser and operating system).
- Shopify store owner personal information, which includes all contact information for the store owner, including name, email address, phone number, and addresses of all locations.
- Staff personal information, which includes all contact information for staff, including name, email address, and phone number.
- Content provider personal information, which includes information about blog authors or commenters (including email address and IP address), and user agent information (such as browser and operating system).
When you install an app that uses data from orders, the app might request permission to access recent orders or all orders. An app with permission to access recent orders can access data from only the last 60 days of orders. An app with permission to access all orders can access data from any past and future orders. Shopify reviews the apps that request access to all orders to make sure that the data is required for the app to work.