GDPR endpoints
Mandatory GDPR data request and redaction webhooks for Shopify installs.
If you installed elNudge through the Shopify App Store, Shopify requires every app to handle three mandatory GDPR webhook topics. These endpoints must exist on your server and respond correctly — Shopify checks compliance during app review and can flag or remove apps that fail to handle them.
elNudge forwards these GDPR webhooks to the endpoint you register in Dashboard → Settings → Webhooks.
How it works
When Shopify sends a GDPR request to elNudge, elNudge:
- Validates the request.
- Forwards the payload to your registered webhook endpoint.
- Performs its own data handling obligations as a data processor (see the GDPR & CCPA guide).
Your endpoint is responsible for acting on the request within the timeframes required by GDPR.
customers/data_request
Shopify sends this when a customer asks the merchant to provide a copy of their personal data.
Your obligation: Collect all personal data you hold for this customer and provide it to them within 30 days.
Payload
{
"event": "customers/data_request",
"shop_id": 12345678,
"shop_domain": "your-shop.myshopify.com",
"customer": {
"id": 987654321,
"email": "[email protected]",
"phone": null
},
"orders_requested": [1001, 1002, 1003]
}| Field | Type | Notes |
|---|---|---|
shop_id | integer | Shopify shop ID |
shop_domain | string | Shopify myshopify domain |
customer.id | integer | Shopify customer ID |
customer.email | string | Customer email address |
orders_requested | array | Order IDs associated with this customer |
What elNudge includes in the forwarded payload: any elNudge session events, conversation transcripts, and nudge interaction history linked to this customer's email or Shopify customer ID.
customers/redact
Shopify sends this when a customer requests deletion of their personal data, or when Shopify determines data must be erased.
Your obligation: Delete (or anonymise) all personal data for this customer from your systems. You have 30 days to complete this.
Payload
{
"event": "customers/redact",
"shop_id": 12345678,
"shop_domain": "your-shop.myshopify.com",
"customer": {
"id": 987654321,
"email": "[email protected]",
"phone": null
},
"orders_to_redact": [1001, 1002, 1003]
}elNudge will automatically redact its own records for this customer upon receiving this event. Your handler should do the same for any data you store downstream.
shop/redact
Shopify sends this 48 hours after a merchant uninstalls the app. It instructs all service providers to delete all data associated with the shop.
Your obligation: Delete all shop and customer data your systems hold for this shop. Complete within 30 days.
Payload
{
"event": "shop/redact",
"shop_id": 12345678,
"shop_domain": "your-shop.myshopify.com"
}elNudge will begin purging all session data, conversation transcripts, and analytics for this shop upon receiving this event.
Endpoint requirements
| Requirement | Detail |
|---|---|
| Response status | 200 OK — any other status is treated as a failure |
| Response time | Within 5 seconds — queue the work and respond immediately |
| Retry behaviour | Shopify retries failed deliveries; your handler must be idempotent |
| Signature | Verify the X-ElNudge-Signature header before processing (see Signing Verification) |
Important: A non-200 response to GDPR webhooks will flag your app during Shopify's compliance review. Always return
200immediately, even if the actual data processing happens asynchronously in a background job.
Testing GDPR webhooks
You can simulate GDPR webhook deliveries from Dashboard → Settings → Webhooks → Send test event. Select the GDPR event type and enter a test customer email. The test payload will be sent to your registered endpoint with a valid signature.