App permissions and personal information
Personally identifiable information (PII) is information that alone or combined can uniquely identify an individual. Apps that you install from the Shopify App Store can access different types of PII when they use information about your store, customers, orders, or other business data.
Every app that you install has access to PII about your Shopify account, including your contact information and location.
Depending on the function it performs, an app can require additional types of information. For example, an app that manages or fulfills orders requires access to order information that includes customer PII, such as customer addresses and other contact information.
You can revoke access to data by uninstalling the app. This will send the developer a request (after 48 hours) to erase all of your customers’ personal information the app collected while it was installed. If you request to erase an individual customer’s personal data from your store, then the same request will be sent to every app you have installed that may have that customer’s information.
During the installation of an app, you can review the permissions that app has and the type of PII that it needs to access before you confirm the installation. After installation, you can see these permission details on the App details page.
There are four types of PII that an app can access:
- Customer personal information, which includes contact information such as name, email, phone number, and address. Apps that deal with orders, fulfillment, or shipping also require access to location information (such as IP address and geolocation), and user agent information (such as browser and operating system).
- Shopify account owner personal information, which includes all contact information for the account owner, including name, email, phone number, and addresses of all locations.
- Staff account personal information, which includes all contact information for staff accounts, including name, email, and phone number.
- Content provider personal information, which includes information about blog authors or commenters (including email and IP address), and user agent information (such as browser and operating system).