Sanity
Bring your Sanity content into Slack. Ask the Content Agent what's published, what's in draft, or what's missing. Tag it in any thread, and then it reads the conversation, creates, updates, or triggers workflows in your Sanity Studio without you switching tabs.What you can do:
- Create and update content: tag @Sanity in a thread and it picks up the context. No template, no switching to the CMS, no remembering which fields are required.
- Ask questions about your content: "What product descriptions are missing translations?" It queries your Content Lake and answers in your Slack thread.
- Trigger workflows: kick off translations, summarizations, or publishing steps directly from a Slack message.Schema-native. Connected to your source of truth. No copy-paste, no context switching. Available on all Sanity plans.
- Create and update content: tag @Sanity in a thread and it picks up the context. No template, no switching to the CMS, no remembering which fields are required.
- Ask questions about your content: "What product descriptions are missing translations?" It queries your Content Lake and answers in your Slack thread.
- Trigger workflows: kick off translations, summarizations, or publishing steps directly from a Slack message.Schema-native. Connected to your source of truth. No copy-paste, no context switching. Available on all Sanity plans.
Sanity will be able to view:
Sanity will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Sanity
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
Privacy Policy (Section 2.3): Your data will be deleted from our systems and third-party processors once it is no longer required for the aforementioned purposes. We delete or anonymize logs within 90 days of collection. If you delete your user account, your Personal Data will be removed from our systems without unreasonable delay, and at the latest within 90 days, unless applicable legislation or legal process prevents us from doing so. To the extent that Sanity is legally obliged to archive data, such data will be blocked and will not be available for productive use.
Customer-controlled data may be deleted via our API. We retain a complete history of all changes to a dataset, including deleted documents, with a maximum retention period given by the project's plan. Custom retention periods can be configured for the entire dataset or by document type for customers with our custom history retention feature.
Customers can also permanently delete a document and all history via a purge mutation through our API. Note that user-specified document IDs will be retained in our systems indefinitely (until the entire dataset is deleted), for technical reasons - we strongly recommend that document IDs never contain personal or sensitive data. Deleted assets may remain available in public CDN caches until the configured expiry time.
Data may in certain cases remain in the systems of our subprocessor Google Cloud Platform for as long as 180 days, as outlined in their terms of service, although it will generally be removed much sooner. This data is not available to us.
Data archiving and removal policy
Privacy Policy (Section 2.3): Your data will be deleted from our systems and third-party processors once it is no longer required for the aforementioned purposes. We delete or anonymize logs within 90 days of collection. If you delete your user account, your Personal Data will be removed from our systems without unreasonable delay, and at the latest within 90 days, unless applicable legislation or legal process prevents us from doing so. To the extent that Sanity is legally obliged to archive data, such data will be blocked and will not be available for productive use.
Data storage policy
Privacy Policy (Section 2.4): Please note that data may be transferred from your country of residence to other countries. Where permitted by applicable law, we may transfer the Personal Data we collect about you to the United States and other jurisdictions that may not be deemed to provide the same level of data protection as your home country, as necessary for the purposes set out in this Privacy Policy.
Section 2.6 (EU/EEA/UK transfers):Personal Data that we collect or receive may be transferred to and/or processed by third parties that are located outside of the EU, EEA, or UK, some of which EU, EEA and UK authorities may not consider to have an adequate level of protection for Personal Data. Sanity will only transfer Personal Data to third parties located outside of the EU, EEA, and UK when it has ensured appropriate safeguards for such Personal Data through use of the standard contractual clauses or other approved methods by the EU, EEA, and UK.
App/service has sub-processors
yes
Guidelines for sub-processors
App/service uses large language models (LLM)
yes
LLM model(s) used
OpenAI, Anthropic, Pinecone Systemes, and Google
LLM retention settings
If you stop using the Generative AI-enabled Services, data may persist in providers' archives, caches, or aggregated telemetry, and may be retained for a few days by providers.
LLM data tenancy policy
By using Sanity’s Generative AI-enabled Services, the Subscriber gives consent to Sanity to send your input data to third party providers so as to enable the generative AI functionalities. The list of third party providers included above.
LLM data residency policy
Go directly to the terms of service of our primary AI partners, listed here: Anthropic, PBC, Pinecone Systems Inc., Google Inc., and OpenAI, L.L.C..
Certifications & compliance
Data deletion request procedure
From the Privacy Policy Section 2.3 (Deletion of your data):Your data will be deleted from our systems and third-party processors once it is no longer required for the aforementioned purposes. We delete or anonymize logs within 90 days of collection. If you delete your user account, your Personal Data will be removed from our systems without unreasonable delay, and at the latest within 90 days, unless applicable legislation or legal process prevents us from doing so. To the extent that Sanity is legally obliged to archive data, such data will be blocked and will not be available for productive use.
Section 2.8 (How to Exercise Your Privacy Rights):To exercise your rights under applicable data protection law, please submit a request to us by contacting us at mailto:privacy@sanity.io, or by phone at +1 (415) 429-7511.We must verify your identity before fulfilling your requests. If we cannot initially verify your identity, we may request additional information to complete the verification process.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2025-07-31
Executive summary is available to potential customers upon request
yes
Supports Single Sign On (SSO) with the following providers
Google Accounts & GitHub with optional two-factor authentication for both; Enterprise SSO SAML 2.0; custom authentication solution via Sanity's 3rd party login feature
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
security@sanity.io
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
no
Requires third party authorization/connections
yes
Uses token rotation
no