Firepush is committed to protecting your customers' data and complying with privacy regulations including GDPR (General Data Protection Regulation).
What data does Firepush collect?
Firepush only collects the minimum data needed to deliver notifications:
- Push subscribers: A browser subscription token (no personal data unless the subscriber is also a Shopify customer)
- SMS subscribers: Phone number and customer details synced from Shopify
- Order data: Used for automations (abandoned cart, delivery updates) and revenue tracking
Customer data deletion
When a customer requests their data to be deleted:
- Delete the customer from your Firepush dashboard or from Shopify
- Firepush marks the record as deleted immediately (soft delete)
- After a short grace period, all data is permanently removed from our systems
- A safeguard ensures the customer is not accidentally re-imported through webhooks
Shopify GDPR webhooks
Firepush automatically responds to Shopify's GDPR webhooks:
- Customer data request — provides all stored customer data
- Customer data erasure — permanently deletes all customer data
- Shop data erasure — removes all store data when you uninstall the app
Your responsibilities
As a store owner, you should:
- Include push notifications and SMS marketing in your privacy policy
- Obtain proper consent before sending marketing messages (see our consent guide)
- Respond to customer data deletion requests promptly
- Keep your legal documentation up to date
Data storage
All Firepush data is stored securely. Customer data is only used for delivering the services you have configured (notifications, campaigns, automations) and is never sold or shared with third parties.
Was this article helpful?
