Customer Data and GDPR

Does Shoplift collect identifiable information about website visitors?

When collecting data about website visitors, Shoplift does not log or store any personal identifiable information (PII). This includes information like name, email, phone number, IP address, or location.

Why does Shopify say Shoplift needs access to sensitive customer data when I install the app?

In order to access web pixel events from Shopify's servers, our app requires access to Shopify's Customer Event data.

In order to access this Customer Event data, Shoplift needs to request the necessary access scopes. The scopes required to access to this anonymized event data are bundled in with access to PII data like name, address, and phone number. This is why Shopify will display a message informing you of access to sensitive customer data during install.

Shoplift does not collect, log, or store any personal identifiable information from customers.

How does geo-targeting work if you don't store IP address?

When tests leverage geo-based audience targeting (at the country level) we derive an approximation of country from the metadata from IP addresses and match that against a database to return a country code, before immediately discarding the IP-address data.