Articles on: Cookie Consent

πŸ“‹ How Does Data Requests Work

The Data Request feature allows visitors to exercise their privacy rights directly from your storefront without needing to contact support or send manual emails.


Built to support privacy regulations such as GDPR, CCPA, LGPD, PIPEDA, and APPI, the feature helps merchants collect, verify, and log privacy-related requests while providing visitors with a secure self-service experience.


The entire processβ€”from identity verification to request loggingβ€”is handled automatically by the app.


⚠️ Before You Begin


To use Data Requests:


β†’ Install and configure GDPR EU Cookie Banner


β†’ Ensure a Privacy Policy page is available


β†’ Publish your Cookie Banner


πŸ’‘ Data Request forms are automatically embedded into supported privacy policy pages created by the app.



πŸ“€ Access Account Information


This request type allows visitors to view the personal information currently stored about them.


When selected:


  • The visitor submits their email address
  • Their Shopify customer profile is retrieved
  • A read-only view of their information is displayed
  • The request is logged after confirmation


This helps visitors understand what information is associated with their account.



✏️ Edit Account Information


This request type allows visitors to request corrections to their personal information.


When selected:


  • Existing profile information is displayed
  • The visitor can update available fields
  • The requested changes are recorded


This provides a structured way for visitors to submit data correction requests.



πŸ—‘οΈ Delete Account Information


This request type allows visitors to request deletion of their personal information.


When selected:


  • Existing profile information is displayed
  • The visitor reviews the information
  • The deletion request is submitted and logged


⚠️ The request is recorded for merchant review. Actual account deletion must be completed separately.



πŸ“Š Show All Requests


This request type allows visitors to view their previous request history.


When selected:


  • A downloadable CSV file is generated
  • Previous requests are included
  • The visitor receives a record of past privacy requests


This helps improve transparency and record visibility.



πŸ‘€ Visitor Request Journey


Every request follows a secure verification workflow before it is recorded.



πŸ“„ Privacy Policy Page


Visitors begin the process from one of the available privacy policy pages.


Examples include:


  • GDPR Privacy Policy
  • CCPA Privacy Policy
  • LGPD Privacy Policy
  • PIPEDA Privacy Policy
  • APPI Privacy Policy


These pages contain the built-in Data Request options.



πŸ“§ Email Submission


After selecting a request type:


  • The visitor enters their email address
  • The email format is validated
  • Customer information is retrieved from Shopify
  • A secure verification token is generated


This helps verify that the request belongs to the correct individual.



βœ‰οΈ Verification Email


A verification email is automatically sent.


The email contains:


  • Request information
  • Verification details
  • A secure verification link


The visitor must complete verification before the request can continue.




After clicking the verification link:


  • The token is validated
  • Expiration is checked
  • Request-specific screens are displayed


Depending on the request type, the visitor may:


  • Review information
  • Edit information
  • Confirm deletion
  • Download request history



βœ… Request Confirmation


Once the visitor confirms the request:


  • The token is validated again
  • The request is permanently logged
  • The token is invalidated
  • A success message is displayed


This ensures requests remain secure and cannot be reused.



πŸͺ Data Request Logs


All submitted requests are recorded inside the app for merchant review.


Navigate to:


Consent Logs β†’ Data Requests


to view request activity.



πŸ“‹ Request Records


Each record contains information such as:


  • Email Address
  • Request Type
  • IP Address (masked)
  • Date & Time


This provides a clear audit trail of visitor privacy activity.



πŸ” Search & Filtering


Data Requests can be filtered using:


  • Email Address
  • IP Address
  • Request Type


This makes it easier to locate specific requests when needed.



πŸ“„ Pagination


Requests are organized into pages to make large request histories easier to browse and manage.



βš™οΈ Custom Sender Email


Verification emails can be sent from a custom sender address instead of the app's default email address.



How It Works


Enter your preferred sender email and complete verification.


Once verified:


  • Verification emails use your branded email address
  • Visitors receive more recognizable communications
  • Brand consistency improves



Verification Statuses


Possible statuses include:


Not Started


No email has been configured yet.



Pending


Verification has been initiated and is awaiting confirmation.



Verified


The sender email has been verified and is active.



Failed


Verification was unsuccessful and must be retried.




The Privacy Policy Link setting controls which privacy policy page visitors see when selecting:


  • Privacy Policy
  • Learn More


from the Cookie Banner.



Available Options


Auto Generate


Automatically directs visitors to the most appropriate privacy policy based on location.



Specific Privacy Policy


Choose a dedicated policy page such as:


  • Shopify Policy
  • GDPR Policy
  • CCPA Policy
  • PIPEDA Policy
  • LGPD Policy
  • APPI Policy


All supported policy pages include Data Request functionality.



🌎 Data Sales Opt-Out


For supported privacy regulations, additional data sales options can be displayed.


Examples include:


  • Do Not Sell My Personal Information
  • Do Not Share My Personal Information


These options can be displayed:


  • On the Cookie Banner
  • Inside the Preferences Popup


when required by applicable regulations.



πŸ”’ Security Features


Several security measures help protect visitor information throughout the process.



πŸ”‘ Verification Tokens


Each request generates a secure verification token.


Tokens are:


  • Randomly generated
  • Single-use
  • Automatically expired


This prevents unauthorized access to visitor information.



πŸ™ˆ IP Address Masking


IP addresses stored inside logs are masked for privacy.


This allows merchants to maintain records while reducing exposure of personal information.



πŸ›‘οΈ Email Verification


Requests must be verified through email before completion.


This helps prevent fraudulent or unauthorized submissions.



⚠️ Important Notes


Requests Are Logged, Not Automatically Processed


Data Requests create a documented record of visitor intent.


Merchants remain responsible for reviewing and completing requests where required.



Delete Requests Do Not Automatically Remove Data


Deletion requests are logged for review.


The actual deletion process must be handled separately.



Edit Requests Do Not Automatically Update Shopify Records


Requested changes are recorded but do not automatically modify Shopify customer information.



Verification Is Required


Visitors must verify ownership of the submitted email address before a request can be completed.


Unverified requests are not processed.



πŸš€ Final Result


Once configured successfully:


βœ… Visitors can submit privacy requests directly from your storefront


βœ… Identity verification helps protect visitor information


βœ… Requests are securely logged and organized


βœ… Merchants gain visibility into privacy-related activity


βœ… Verification emails can be branded using a custom sender address


βœ… Privacy workflows become easier to manage and document


The Data Request feature helps merchants provide a more transparent and privacy-friendly experience while maintaining organized records of visitor privacy activity.

Updated on: 14/07/2026

Was this article helpful?

Share your feedback

Cancel

Thank you!