Data privacy and app uninstallation¶
Guide type: Reference
Difficulty: Intermediate
Applies to: SmartSize app data handling
Reference for SmartSize data handling practices, including registered Shopify webhooks, GDPR compliance, data retention policies, and what happens to merchant and shopper data when the app is uninstalled.
Data storage overview¶
Merchant data¶
SmartSize stores the following merchant data:
| Data type | Storage | Retention |
|---|---|---|
| Shopify session tokens | Database | Deleted on uninstall |
| Shop configuration | Database | Deleted on shop redact (48 hours after uninstall) |
| Size charts | Database | Deleted on shop redact |
| Fit quizzes | Database | Deleted on shop redact |
| Product display rules | Database | Deleted on shop redact |
| Style presets | Database | Deleted on shop redact |
| Translation data | Database | Deleted on shop redact |
| Usage metrics | Database | Deleted on shop redact |
Shopper data¶
SmartSize does not store shopper personal data. When a customer completes a fit quiz:
- Measurements are processed in real time to compute a size recommendation.
- The recommendation result is returned to the shopper's browser.
- No customer profile, measurement history, or personal data is persisted.
If a customer redaction request is received, SmartSize responds with: "No customer data stored."
Registered Shopify webhooks¶
SmartSize registers the following mandatory Shopify webhooks for GDPR compliance:
| Webhook | Trigger | Action |
|---|---|---|
customers/data_request |
Customer requests their data | Acknowledged. SmartSize does not store customer data, so no export is produced. |
customers/redact |
Customer requests data deletion | Returns HTTP 200 with message "No customer data stored." |
shop/redact |
48 hours after app uninstall | Queued for full shop data deletion. |
App uninstallation behavior¶
When you uninstall SmartSize from your Shopify store, the following happens:
Immediate (uninstall webhook)¶
- Shopify sessions deleted — All OAuth sessions for your shop are removed from the database.
- Store marked inactive — Your store record is updated with
isActive: false. - Shop connection disabled — The shop connection status is set to inactive.
- Redis caches cleared:
- Public API cache (quiz data, size chart data)
- Linked products cache
48 hours later (shop redact webhook)¶
Shopify invokes the shop/redact webhook 48 hours after uninstallation. At this point:
- All remaining shop data is queued for deletion.
- Size charts, fit quizzes, product display rules, translations, and style presets are removed.
- Usage metrics and configuration are purged.
Merchant obligations¶
As a merchant using SmartSize, you are responsible for:
- Privacy policy — Include SmartSize in your store's privacy policy. Disclose that SmartSize processes shopper measurements for size recommendations and does not store personal data.
- Customer requests — If a customer contacts you directly requesting data deletion, you can uninstall SmartSize or contact SmartSize support.
- Data retention awareness — Understand that your size chart and quiz data remains in SmartSize's database until the shop redact webhook fires (48 hours after uninstall).
Data location¶
SmartSize uses Shopify's infrastructure and cloud services. Data is stored in the same region as your Shopify store to minimize latency and comply with data residency requirements.
Contact¶
For data privacy questions or to request early data deletion, contact SmartSize support at team@smartsize.io.