Data Protection & Security
Last updated: 4 July 2026
Data minimisation
We read only the fields required to recreate your records in the destination store. We do not export data to third parties and we do not retain customer PII beyond the migration itself.
Encryption
- In transit: HTTPS/TLS for every request to and from Shopify.
- At rest: store access tokens are encrypted with AES-256-GCM; the key is a server-side secret held separately from the database, so a database dump alone cannot reveal a token.
Request authentication
Every OAuth callback is verified with Shopify's HMAC signature and an anti-CSRF signed state value.
Every compliance webhook is verified with its X-Shopify-Hmac-Sha256 signature before it
is processed.
GDPR / CCPA compliance webhooks
We implement Shopify's three mandatory compliance webhooks:
customers/data_request— we hold no customer PII on file, so there is no stored personal data to return.customers/redact— no stored customer PII to erase.shop/redact— deletes the store's stored connection and encrypted access token.
Retention & deletion
Store data is processed transiently. Uninstalling the app, or a shop/redact webhook,
removes the stored connection. You can request deletion at any time via
support@shop-2-shop.com.
Infrastructure
The app runs entirely on Cloudflare (edge compute, encrypted D1 storage, DNS). No other sub-processors receive store data.