What Bloom stores
About your shop
- Pre-order and Notify Me configuration per variant.
- Design, content and settings saved in the Bloom admin.
- Audit log of admin saves and the Shopify staff account that made each change.
- Billing plan, status and current period.
About shoppers
Aggregate event counts per shop, day, product and variant - views, add-to-carts, checkout starts, orders, sign-ups, revenue. No row identifies an individual. Bloom does not store:- Shopper email addresses, phone numbers, names or any customer profile data.
- IP addresses or user agents. Shopper country is derived at the edge to a 2-letter code and device to a
mobile/tablet/desktopbucket - neither the raw IP nor the user-agent string is stored. - Order line items, shipping addresses, or any other Shopify order content beyond the variant-level pre-order metadata Bloom writes back to Shopify.
- Notify Me submissions - email and phone pass straight to Klaviyo and your Shopify customer records.
Merchant data
This is data about you and your team - the people who install and use Bloom - not your shoppers. Your shoppers’ personal data is never stored in our CRM or support tools; it stays in your Shopify admin and, for Notify Me sign-ups, your Klaviyo account. What we store about you- Name and email of signed-in Bloom users, from your Shopify login.
- Your shop domain, plan and usage details.
- HubSpot - our CRM. To manage our relationship with you and exclude existing customers from Good Native’s advertising.
- Gorgias - our support tool. To handle your support requests.
Storefront events
Bloom tracks the following anonymously on every event - shop domain, event type (e.g.preOrder_view, notifyMe_submit, soldOut_view, backInStock_visit), product and variant ID, currency, market, locale, page type, price, quantity, device type, and shopper country. None of these identify a shopper.
If consent is allowed via Shopify’s customer privacy API, Bloom also generates a random browser UUID (clientId) to deduplicate views in the funnel - so 10 page views from the same browser count as 1 viewer, not 10. It persists in that browser’s localStorage and is scoped to your store domain. It is used for nothing else. No profile is built. No PII. Nothing identifiable about the shopper.
Full payload:
| Field | Value | Personal? |
|---|---|---|
| Shop domain | your-store.myshopify.com | No |
| Event type | e.g. preOrder_view, notifyMe_submit | No |
| Product ID, variant ID | Shopify global IDs | No |
| Currency, market, locale | Shopify context | No |
| Page type | product, cart, checkout, collection, home | No |
| Cart token | Shopify cart cookie value | Session, not person |
| Client ID | Random browser UUID for dedup, only if consented | Anonymous browser |
| Price, quantity | For revenue rollups | No |
| Country | 2-letter code from Cloudflare edge geo | Coarse, not person |
| Device type | mobile, tablet or desktop | Coarse, not person |
| UTM source/medium/campaign | First-touch campaign labels, only if consented | No |
Consent
Bloom checks Shopify’s customer privacy API before generating the browser UUID:clientId, cart token, and first-touch UTM are omitted - the event still fires with the coarse, non-identifying fields (country, device, market), just without dedup. Bloom inherits your existing Shopify customer privacy banner - no separate consent mechanism needed.
When set, the UUID lives in browser localStorage under _bloom_cid and contains no information about the shopper.
Cookies and browser storage
Bloom does not set cookies. It reads Shopify’s owncart cookie to attribute events to a session.
Bloom writes to the browser:
localStorage._bloom_cid- anonymous browser UUID. Only written when consent allows.localStorage.bloom_messagePlacement- internal preview value. No personal data.sessionStorage.bloom_preorder_config- per-tab cache of public pre-order config. No personal data.
_bloom_bis attribute on the Shopify cart - the landed product and variant ID only, no personal data. It lives and dies with the cart (about two weeks) and is used to attribute the eventual order to the back-in-stock flow.
Notify Me sign-ups
Email or phone goes through Bloom’s worker as a pass-through to your Klaviyo account and your Shopify store. Bloom doesn’t write it to a database, log it, or retain it. Klaviyo and Shopify are the storage points. In Shopify, Bloom finds or creates the customer record and - only when the shopper opts in - sets their email or SMS marketing consent, with the consent timestamp recorded. Consent for marketing is captured on the form and recorded on the Klaviyo profile - see Connect Klaviyo.Where data lives
- Cloudflare Workers, D1 and Analytics Engine - Bloom’s app and storage.
- Shopify - your store, your orders, your customer records. Bloom writes back to Shopify (variant metafields, order metafields, order notes, and Notify Me sign-ups as customer records with marketing consent) but doesn’t store customer records itself.
- Klaviyo - Notify Me sign-ups only.
- HubSpot - CRM (merchant contact details).
- Gorgias - customer support (merchant contact details).
Retention
- Raw analytics events: 90 days in Cloudflare Analytics Engine.
- Aggregated daily counts: kept while the app is installed.
- Configuration, settings, audit log: kept while the app is installed.
- On uninstall, Shopify fires
shop/redactafter 48 hours. Bloom hard-deletes every row for the shop.
In your privacy policy
Add or check:- Cloudflare as a processor for the Bloom app data layer.
- Klaviyo as the destination for Notify Me sign-ups (most stores already disclose this).
- A note that the storefront emits anonymous interaction events, gated on your Shopify customer privacy consent.
- A separate consent category for Bloom.
- A new cookie disclosure - Bloom doesn’t set cookies.
- A new data subject access route - the standard Shopify
customers/data_requestandcustomers/redactflows cover it. Bloom acknowledges both with no data to return.
Consent classification
- Strictly necessary / transactional - pre-order display, ATC swap, Notify Me form rendering, order tagging, cart messages.
- Statistics / analytics - storefront events with
clientId, cart token, and first-touch UTM. Gated on Shopify customer privacy. - Marketing - Notify Me sign-up itself is a shopper-initiated opt-in. Consent is captured on the form and stored in Klaviyo, not Bloom.
