Chord Commerce Event Tracking
Consent Management
Shopify Customer Privacy API
7 min
shopify's customer privacy api is available as a javascript api on shopify themes if you have enabled shopify's default cookie banner or data sales opt out page, or you have installed a cookie banner or consent management shopify app, you're likely capturing customer data preferences with the customer privacy api chord offers a consent management wrapper that retrieves customer data preferences from the customer privacy api and adds them to chord cdp events as the consent object https //docs chord co/installation within chord cdp, you can map how data preferences should be applied to chord cdp destinations follow these steps to configure consent management with shopify's customer privacy api and chord cdp configure customer privacy in shopify configure consent categories in chord cdp and map to destinations implement chord's web pixel which integrates native consent management features from shopify and the cdp configuring shopify to implement consent management on a shopify site using the customer privacy api, navigate to settings > customer privacy in your shopify store admin you’ll see three available privacy settings the cookie banner privacy setting must be enabled if you’re using chord's web pixel if it isn’t, the customer privacy api is unavailable, and chord will never send events to chord cdp for any visitor learn more about shopify’s customer privacy settings https //help shopify com/en/manual/privacy and security/privacy/customer privacy settings the following two privacy settings are recommended by shopify and should be configured cookie banner add a banner to ask visitors for permission to manage their data you can either enable shopify’s default cookie banner, or add a custom cookie banner from the shopify app store to enable shopify’s cookie banner, select cookie banner > activate cookie banner , choose regions, and select activate to use a custom cookie banner, select cookie banner > more actions > use custom cookie banner , choose regions, and select activate data sales opt out page allow visitors to define how their data can be shared to enable shopify’s data sales opt out page, select data sales opt out page , choose regions, and select activate configuring chord cdp shopify’s customer privacy api supports four categories of consent from users analytics customer analytics about how the storefront was used and interactions made on the storefront by default, this preference is collected by shopify’s cookie banner as “performance cookies ” marketing marketing, attribution and targeted advertising from the merchant by default, this preference is collected by shopify’s cookie banner as “marketing cookies ” preferences customer preferences such as language, currency, size, and more by default, this preference is collected by shopify’s cookie banner as “preference cookies ” sale of data sharing data with third parties, usually for behavioral advertising by default, this preference is collected by shopify’s data sales opt out page you can decide how these four categories map to your chord cdp destinations add the four categories below as category mappings in the chord cdp by navigating to cdp > consent categories > create your first consent category you can customize the “category name” for these category mappings, but the “category id” must be exactly the values listed below to connect preferences from shopify to chord cdp category name (can be customized) category id performance cookies analytics marketing cookies marketing preference cookies preferences sale of data sale of data for each category, choose the mapped destinations mapping a destination to a category means that the destination will only receive the chord cdp event if shopify’s customer privacy api reports that processing is allowed for that category once you’ve created and enabled the four categories, you should see this in chord cdp installing on your site the chord web pixel integrates native consent management features from shopify and the cdp so you can accurately comply with your customer's privacy preferences before the chord web pixel is loaded is loaded, chord's checks to see if user tracking is allowed at all the chord web pixel will load and send events to the chord cdp only if window\ shopify customerprivacy marketingallowed() and window\ shopify customerprivacy analyticsprocessingallowed() both return true this typically means the customer is browsing from a region that does not require a cookie banner, or; in a region that does require a cookie banner, but has consented to both analytics and marketing cookies if the customer privacy api doesn't allow user tracking, chord will silently fail and events will not be sent next, if the chord web pixel is loaded, a consent object is added describing the customer’s consent preferences to each chord cdp event chord cdp will use the consent category mapping we configured earlier in the chord cdp consent categories configuration along with the destination level configuration to determine which destinations will receive events based on this consent object the pixel uses the allowed methods of shopify’s customer privacy api to construct the consent object and obtain the values for each category https //shopify dev/docs/api/customer privacy#check data processing permissions { 	analytics window\ shopify customerprivacy analyticsprocessingallowed(), 	marketing window\ shopify customerprivacy marketingallowed(), 	preferences window\ shopify customerprivacy preferencesprocessingallowed(), 	sale of data window\ shopify customerprivacy saleofdataallowed() } faqs is global privacy control (gpc) supported? chord cdp recognizes the global privacy control signal https //globalprivacycontrol org/ as an opt out of data sales in regions where opting out is supported the sale of data category in the consent object will be false if the customer has activated the global privacy control signal in their browser and is browsing from a region where opting out of data sales is an option