Chord Commerce Event Tracking
Consent Management

Shopify Customer Privacy API

10min
shopify's customer privacy api is available as a javascript api on shopify themes if you have enabled shopify's default cookie banner or data sales opt out page, or you have installed a cookie banner or consent management shopify app, you're likely capturing customer data preferences with the customer privacy api chord offers a consent management wrapper that retrieves customer data preferences from the customer privacy api and adds them to segment events as the consent object https //segment com/docs/privacy/consent management/consent in segment connections/#consent object within segment, you can map how data preferences should be applied to segment destinations read more about segment's approach to consent management follow these steps to configure consent management with shopify's customer privacy api and segment configure customer privacy in shopify configure consent categories in segment and map to destinations implement chord's consent management wrapper to include consent in client side events configuring shopify to implement consent management on a shopify site using the customer privacy api, navigate to settings > customer privacy in your shopify store admin you’ll see three available privacy settings the cookie banner privacy setting must be enabled if you’re using chord's consent management wrapper if it isn’t, the customer privacy api is unavailable, and chord will never send events to segment for any visitor learn more about shopify’s customer privacy settings https //help shopify com/en/manual/privacy and security/privacy/customer privacy settings the following two privacy settings are recommended by shopify and should be configured cookie banner add a banner to ask visitors for permission to manage their data you can either enable shopify’s default cookie banner, or add a custom cookie banner from the shopify app store to enable shopify’s cookie banner, select cookie banner > activate cookie banner , choose regions, and select activate to use a custom cookie banner, select cookie banner > more actions > use custom cookie banner , choose regions, and select activate data sales opt out page allow visitors to define how their data can be shared to enable shopify’s data sales opt out page, select data sales opt out page , choose regions, and select activate configuring segment shopify’s customer privacy api supports four categories of consent from users analytics customer analytics about how the storefront was used and interactions made on the storefront by default, this preference is collected by shopify’s cookie banner as “performance cookies ” marketing marketing, attribution and targeted advertising from the merchant by default, this preference is collected by shopify’s cookie banner as “marketing cookies ” preferences customer preferences such as language, currency, size, and more by default, this preference is collected by shopify’s cookie banner as “preference cookies ” sale of data sharing data with third parties, usually for behavioral advertising by default, this preference is collected by shopify’s data sales opt out page you can decide how these four categories map to your segment destinations add the four categories below as category mappings in your segment workspace by navigating to privacy > consent management > create category you can customize the “category name” for these category mappings, but the “category id” must be exactly the values listed below to connect preferences from shopify to segment category name (can be customized) category id performance cookies analytics marketing cookies marketing preference cookies preferences sale of data sale of data for each category, choose the mapped destinations mapping a destination to a category means that the destination will only receive the segment event if shopify’s customer privacy api reports that processing if allowed for that category once you’ve created and enabled the four categories, you should see this in segment segment category mappings installing on your site chord publishes a consent management wrapper for segment's analytics js that is based on segment's consent tools before segment’s analytics library is loaded, chord's consent wrapper checks to see if user tracking is allowed at all the wrapper will load segment’s analytics js library and send events to segment only if window\ shopify customerprivacy marketingallowed() and window\ shopify customerprivacy analyticsprocessingallowed() both return true this typically means the customer is browsing from a region that does not require a cookie banner, or; in a region that does require a cookie banner, but has consented to both analytics and marketing cookies if the customer privacy api doesn't allow user tracking, both chord and segment will silently fail and events will not be sent next, if segment is loaded, the wrapper adds a consent object describing the customer’s consent preferences to each segment event segment will use the consent category mapping we configured earlier in the segment workspace admin to determine which destinations will receive events based on this consent object the wrapper uses the allowed methods of shopify’s customer privacy api to construct the consent object and obtain the values for each category https //shopify dev/docs/api/customer privacy#check data processing permissions { 	analytics window\ shopify customerprivacy analyticsprocessingallowed(), 	marketing window\ shopify customerprivacy marketingallowed(), 	preferences window\ shopify customerprivacy preferencesprocessingallowed(), 	sale of data window\ shopify customerprivacy saleofdataallowed() } installing the customer privacy api segment wrapper first, verify your site is loading the customer privacy api it should be available at window\ shopify customerprivacy if not, you can load it as documented here then, add the customer privacy api segment wrapper to your site with a script tag, above your segment snippet then, replace analytics load() in your segment snippet with the following withshopifycustomerprivacy(analytics) load(segment write key); this delegates calling analytics load to the customer privacy api segment wrapper you must replace all instances of analytics load with this code complete example faqs is global privacy control (gpc) supported? segment’s customer privacy api recognizes the global privacy control signal https //globalprivacycontrol org/ as an opt out of data sales in regions where opting out is supported the sale of data category in the consent object will be false if the customer has activated the global privacy control signal in their browser and is browsing from a region where opting out of data sales is an option
Updated 01 May 2025
Did this page help you?
PREVIOUS
OneTrust
NEXT
@chordcommerce/analytics
Docs powered by Archbee