General Data Protection Regulation (GDPR)
GDPR, or the General Data Protection Regulation, is a new framework of rules and compliance obligations governing how businesses can collect, use, and share data from consumers within the EU. Even if a business is not based within the EU, they must follow the new rules if any of their customers are EU citizens.
The GDPR is designed to empower consumers and their privacy by requiring companies to explain how and what data is being used by the organization. Additionally, the framework assures a level of security and privacy by requiring companies to appropriately safeguard protected data.
If a GDPR request comes into Shopify, we simply take that webhook and remove those user's details from our system. It's that easy.