How does Wonderment handle privacy requests for customer data?

Updated by Brian Whalley

Wonderment complies with requirements from GDPR, CPRA/CCPA, and similar privacy legislation worldwide in a few ways.

  • Wonderment gathers and honors privacy and deletion requests made through Shopify for an individual customer's information, operating as a data processor under GDPR/CCPA. This is the most common way for deletion requests to be handled. Shopify has a robust product offering to help Shopify-integrated apps comply with data requests or deletion requests. Wonderment meets all of the requirements set out by Shopify for compliance with these features.
  • As a data processor, Wonderment is generally not subject to any requirements to respond directly to individual customers requests for data or deletion requests. These requests must be submitted to the merchant or brand directly, who will route any appropriate requests or information to Wonderment.
  • Wonderment works with a handful of data sub-processors to perform the integration activities used by your Wonderment account - such as powering event data to Klaviyo, Attentive, or other platforms.
  • Wonderment does not sell, share, rent, or otherwise make any customer data available to any other parties, as defined under the CCPA/CPRA.
  • If you have questions or concerns about this information, please contact legal@wonderment.com and include the details of the request and the merchant/brand you are associated with.


How did we do?