CommerceGov processes Shopify product metadata only. No customer data is accessed.
Overview
CommerceGov is an agency-managed Shopify app. Merchants do not log into this app directly; your agency operates the control plane on your behalf.
Data we store
- Shop domain for tenancy and access control.
- OAuth access token for Shopify Admin API access.
- Product mirror (product metadata needed for analysis and governance).
- Webhook processing records for reliability and idempotency.
- Governance/audit trail for reviewed/approved/applied changes.
Customer data
We do not store customer PII. Customer GDPR webhooks are acknowledged for compliance but do not trigger customer-data deletion because we do not persist customer records.
Data deletion
When the app is uninstalled (`app/uninstalled`) or Shopify requests shop redaction (`shop/redact`), we purge shop-scoped data including tokens, product mirror, webhook records, and agency-shop membership.
Support
For questions, contact contact your agency.