Home / Blog / Backup Blogs

Running six Shopify Plus stores without losing your weekends

Rewind | Last updated on April 30, 2026 | 5 minute read

Picture an agency lead on a Friday afternoon. Six regional Shopify Plus stores live under one Plus contract. The US store just had a product-data overwrite that wiped thousands of SKUs. The UK, Canadian, and Australian stores are fine. The question is simple. Can you restore the US store without touching the other five?

That question sits at the heart of every multi-store Plus program. A single storefront is an operational problem. A portfolio is a governance problem. The difference shows up the first time something goes wrong in one store and has to stay contained to that store.

Why portfolio scale changes the conversation

Plus merchants running several storefronts, and Plus agencies managing 10 to 100 client stores, face the same reality. Multi-store means multi-configuration, multi-surface, and multi-jurisdiction.

Shopify Plus expansion stores are separate .myshopify.com storefronts under one Plus contract. Each one operates completely independently with its own data and settings. Plus organizations get up to 10 stores on contract, one main store plus nine expansion stores. Markets is different. Markets is a single storefront with multiple regional variants for currency, locale, domain, and tax, launched by Shopify in 2021.

Those two models fragment data in different ways. Expansion stores hold per-store themes, product catalogs, metaobject schemas, metafield values, inventory, Flow automations, customer records, and orders. Markets share one storefront but carry per-market regional state. A portfolio with three expansion stores, five Markets, and a B2B surface is operationally nine distinct configurations stitched together.

Metaobjects make this sharper. Metafields attach to many Shopify resource types including (but not limited to) products, variants, customers, orders, collections, companies, company locations, and draft orders. Each store can carry its own metaobject schema. Without governance, a portfolio ends up with one product schema per store. The day a portfolio-wide change ships, nobody can answer which schema it is shipping against.

Configuration drift is the silent risk

A Flow automation that exists on four of five expansion stores creates a silent difference the day it fires. A metaobject schema two versions ahead on the main store and one version behind on expansion stores misaligns customer-facing content without raising an alarm. Drift accumulates without signal, and by the time it surfaces, it is already in production.

This is where resilience stops being an operational checkbox and becomes part of the portfolio architecture.

What a portfolio resilience layer actually looks like

Rewind is a SaaS resilience platform built on independent architecture, a platform rather than a plugin, so data stays accessible even if the SaaS vendor is compromised. Rewind is a Shopify Certified Technology Partner. More than 25,000 organizations trust Rewind.

A portfolio resilience architecture has five layers.

  1. Per-store coverage for each storefront’s unique surfaces.
  2. Portfolio-level visibility that surfaces drift across stores.
  3. Cross-instance restore paths, the ability to recover data to a completely different account or instance. This matters for failover, staging, sandbox seeding, and emergency fallback.
  4. Governance applied consistently across retention, access, and audit.
  5. Residency posture applied per store or per region.

Item-level restore sits under all of it. Granular restore means recovering an individual product, metaobject, or configuration without affecting the rest of the system. For an agency holding six stores, that is the difference between isolating a Friday-afternoon incident to one store and telling five other clients why their catalog moved.

Who owns what

The Plus merchant owns the data. The agency owns the operational surface. Shopify owns the platform. Rewind is the resilience layer the merchant and agency adopt together. Software customers are ALWAYS responsible for ensuring data is protected. That line from Rewind’s Shared Responsibility framing is the foundation of every Plus MSA conversation.

Three clauses belong in a Plus agency MSA.

  1. A named coverage posture covering which stores, which surfaces, and which retention window.
  2. A named incident response path naming who the agency calls, who the merchant calls, and who the Rewind team calls.
  3. A named recovery SLA covering time-to-restore for the most common restore shapes.

Writing these down turns resilience from a late-night scramble into a workflow everyone already agreed to.

Resilience as an agency service line

The framing that works for agency principals is simple. Include resilience in every engagement the same way you include hosting and CDN. It is infrastructure.

Coverage scales with the portfolio. At five stores, fifteen, or fifty, the operational motion stays predictable because the governance model is linear rather than tiered. Agency principals should confirm current terms with their Rewind account team before modeling into client contracts.

Three governance dimensions for multi-region portfolios

Retention first. Enterprise audit windows often run longer than the retention of the underlying Shopify platform. A portfolio retention policy sets one standard across every store, so nobody has to remember which store keeps data for how long.

Residency next. Rewind supports data residency with customer choice of storage region across five regions: EU, US, Canada, Australia, and UK. Supported regions vary by product integration. For a Plus portfolio with stores serving EU, UK, Canadian, or Australian customers, the residency posture has to line up with the portfolio’s legal commitments.

Audit last. The audit trail for a portfolio has to span stores, covering who made the change, on which store, against which surface, and when. Portfolio-level audit views become a requirement at five stores and up.

A 60-day portfolio rollout

Days 1 to 14, map the portfolio’s data footprint across main, expansion, Markets, and B2B stores. Days 15 to 30, align on governance covering retention, access, audit, and residency. Days 31 to 45, enable Rewind per store on a schedule that matches the merchant’s operational cadence. Days 46 to 60, run a portfolio-level restore drill so the recovery SLA is tested rather than theoretical.

Jonas Forth, Head of Digital at Moomin, put it plainly: “Rewind is like insurance. You probably won’t think about Rewind much until you need it. It gives you an additional sense of security, and when you do need it, the ROI is high.” At portfolio scale, the insurance becomes infrastructure, because the likelihood of an event compounds with the store count.

What to do this month

Count your portfolio’s surfaces. Main store, expansion stores, Markets, B2B, dev stores. Confirm coverage for each one.

Draft your portfolio MSA language. Coverage posture. Incident response. Recovery SLA. Share it with legal before the next renewal.

Walk the 60-day rollout against your operational calendar. If the start date is more than 30 days out, bring it forward.

Learn more about Rewind for Shopify at rewind.com/products/backups/shopify.

Profile picture of <a class=Rewind">
Rewind
Rewind is a leading and trusted provider of cloud backup and data recovery solutions, helping businesses safeguard their critical SaaS data from loss, corruption, and cyber threats.