When viewing an order in Ordoro, you may occasionally see a timeline note that reads:
“Personally Identifiable Information removed due to your sales channel’s requirements.”
This message indicates that your sales channel (such as Shopify) has sent Ordoro a GDPR customer redact request, requiring us to remove specific customer information from the order. This article explains what GDPR requests are, why they occur, and how to ensure Ordoro can properly restore updated Ship To information when applicable.
Topics
- What is a GDPR customer redact request?
- What actions can trigger a GDPR request?
- Workflow in Ordoro when a GDPR request occurs after Customer Merge
What is a GDPR customer redact request?
GDPR (General Data Protection Regulation) is a privacy law that requires businesses and third-party systems to remove or anonymize customer data when instructed.
When a GDPR customer redact request is issued by your sales channel, Ordoro is required to remove personally identifiable information (PII) from the order record. This typically includes:
- Customer name
- Shipping address
- Email and phone
- Billing details
Ordoro cannot override or ignore these requests, as they are mandated by the sales channel.
What actions can trigger a GDPR request?
Your sales channel can issue a GDPR redact request for several reasons. Common triggers include:
- A customer requests deletion of their personal data.
- A store user merges two customer accounts.
- A customer profile is deleted or anonymized.
- The sales channel is deleted.
Customer merges in Shopify
One of the most common causes is a customer merge in Shopify.
When two customer profiles are merged, Shopify removes the old customer. Because Ordoro stores order data from the original profile, Shopify sends a GDPR request instructing us to remove that information as well.
When Ordoro receives a GDPR request from your sales channel:
- The existing customer Ship To information on the order is removed.
- A timeline note appears stating:
“Personally Identifiable Information removed due to your sales channel’s requirements.”
This removal reflects what your sales channel requires and is not an Ordoro-generated action.
However, in most cases, Ordoro can capture the new customer Ship To information as long as address Order Revisions are enabled. See our support article for how to enable address order revisions.
Workflow in Ordoro when a GDPR request occurs after a Customer Merge
Once the address order revisions feature is enabled, the workflow looks like this:
- Sales channel sends a GDPR redact request →
Ordoro removes the customer’s Ship To information on the order. - Sales channel sends an Order Revision →
The revised shipping information appears in Ordoro. - The order is highlighted in yellow →
This indicates a revision is waiting for your review. - You review and accept the revision →
The updated Ship To information is applied to the order.
This process ensures that required GDPR data deletions occur while still allowing the correct shipping information to be restored for fulfillment.