Shopify compliance webhooks wired — Dashprep

All three mandatory GDPR webhook topics (customer data request, customer redact, shop redact) are now registered in the app config and verified by automated checks.

Before this release, our compliance webhook handlers existed in code but weren't discoverable by Shopify's automated review tooling because they weren't declared in shopify.app.toml. Fixed.

What changed

shopify.app.toml gained a [webhooks.privacy_compliance] block pointing all three required topics at /webhooks.
The existing handlers (live since Feb) now pass Shopify's pre-submission automated checks.
Deployed as app version dashprep-3 on the Shopify Partner dashboard.

Why this matters

Shopify's automated pre-submission check reads the compliance webhook URLs from the app config, not runtime registrations. If they're not in the TOML, the check fails — even if the handlers behave correctly. Easy trap, worth noting.