Telemetry

Sanity collects telemetry data on general usage and errors to help us improve the product. Participation is optional and your privacy remains our priority.

Introduction

At Sanity, we continuously want to build a better product and help you be successful. An important part of this process is the collection of telemetry data, which provides valuable insights into the usage of our product. This document details our telemetry practices, focusing on transparency, user consent, and the rationale behind data collection.

Why do we collect telemetry data?

As a product company, we have to prioritize what to work on. Ideally, those decisions are based on a healthy amount of vision (how we think things could be better) and insight (how people use the product). For the latter, user interviews and feedback from the community provide us with qualitative data, but for a widely-used product like Sanity, we also need aggregated usage data to help us make the right product decisions and fix problems that affect our users.

This telemetry data is collected when you use our product and allows us to answer key questions like:

Which features are most commonly used?
Which errors are most commonly encountered?
Which plugins are the most popular?
How long does it take to build a Sanity Studio?
What's the distribution of Node.js versions among people?

What data is collected?

When deciding what data to collect, we strike a balance between collecting as little data as possible and having enough data to make informed product decisions. This includes data on general usage, performance metrics, and errors encountered when running the Sanity CLI and Sanity Studio:

Commands invoked/events performed: Triggered when running a CLI command (e.g. sanity dev) or interacting with the Studio (e.g. publishing a document).
Duration of command/event execution: The time it takes for a command or event to finish.
Errors triggered: Information about any errors encountered, excluding sensitive data.
Sanity version: The version of Sanity CLI/Studio being used.
Plugins present: A list of Sanity plugins present in your project.
User ID: Your unique Sanity account identifier.
Project ID: Identifies the project being worked on.
Dataset ID: The dataset being used, if applicable.
Organization ID: Identifies the organization that the project belongs to, if applicable.

To be able to segment the data above, we also collect general machine information, including:

Operating System: The OS of your machine (macOS/Windows/Linux).
Runtime: The JavaScript runtime being used (e.g. Node.js).
Runtime Version: The version of the JavaScript runtime being used.
CPU Architecture: The CPU architecture of your machine.
Device ID: A unique, hashed (sha-256) machine identifier generated by the node-machine-id library.

You can preview the data being collected by setting the SANITY_TELEMETRY_INSPECT=1 environment variable. This will append all logged telemetry events to telemetry-events.ndjson in the current work directory. Note that this output file doesn’t clear between CLI runs.

You can also log telemetry-related debug information as the CLI runs by setting the DEBUG=sanity:cli:telemetry environment variable.

Here’s an example of how a telemetry event payload looks when the sanity dev CLI command is run:

[
  {
    "sessionId": "session_01hj0r6hstfvwa4pyejxbb97mx",
    "type": "userProperties",
    "properties": {
      "deviceId": "dd545537ef915575d1aab09f45fd163deeb146ccdd0cb2e5f0ed603b8fab4a53",
      "runtimeVersion": "v21.2.0",
      "runtime": "node",
      "cliVersion": "3.21.4",
      "platform": "darwin",
      "cpuArchitecture": "arm64",
      "projectId": "17tnga91",
      "dataset": "production"
    },
    "createdAt": "2023-12-19T09:58:33.547Z"
  },
  {
    "sessionId": "session_01hj0r6hstfvwa4pyejxbb97mx",
    "type": "trace.log",
    "traceId": "trace_01hj0r6hzbfe5v14v911a9r91j",
    "name": "CLI Command Executed",
    "version": 1,
    "data": {
      "groupOrCommand": "dev",
      "extraArguments": [],
      "commandArguments": [],
      "coreOptions": { "help": false, "version": false, "debug": false }
    },
    "createdAt": "2023-12-19T09:58:33.707Z"
  },
  {
    "sessionId": "session_01hj0r6hstfvwa4pyejxbb97mx",
    "type": "trace.complete",
    "traceId": "trace_01hj0r6hzbfe5v14v911a9r91j",
    "name": "CLI Command Executed",
    "version": 1,
    "createdAt": "2023-12-19T09:58:34.162Z"
  }
]

[
  {
    "sessionId": "session_01hj0r6hstfvwa4pyejxbb97mx",
    "type": "userProperties",
    "properties": {
      "deviceId": "dd545537ef915575d1aab09f45fd163deeb146ccdd0cb2e5f0ed603b8fab4a53",
      "runtimeVersion": "v21.2.0",
      "runtime": "node",
      "cliVersion": "3.21.4",
      "platform": "darwin",
      "cpuArchitecture": "arm64",
      "projectId": "17tnga91",
      "dataset": "production"
    },
    "createdAt": "2023-12-19T09:58:33.547Z"
  },
  {
    "sessionId": "session_01hj0r6hstfvwa4pyejxbb97mx",
    "type": "trace.log",
    "traceId": "trace_01hj0r6hzbfe5v14v911a9r91j",
    "name": "CLI Command Executed",
    "version": 1,
    "data": {
      "groupOrCommand": "dev",
      "extraArguments": [],
      "commandArguments": [],
      "coreOptions": { "help": false, "version": false, "debug": false }
    },
    "createdAt": "2023-12-19T09:58:33.707Z"
  },
  {
    "sessionId": "session_01hj0r6hstfvwa4pyejxbb97mx",
    "type": "trace.complete",
    "traceId": "trace_01hj0r6hzbfe5v14v911a9r91j",
    "name": "CLI Command Executed",
    "version": 1,
    "createdAt": "2023-12-19T09:58:34.162Z"
  }
]

What about sensitive data, like secrets?

We make sure to not collect sensitive data, and telemetry data will never contain environment variables, file paths, file content, logs, or serialized JavaScript stack traces. Since this code is open-source, you can also see how we do it in the Sanity monorepo on GitHub.

Will this data be shared?

No, the telemetry data collected is for internal use only and will not be shared outside of the Sanity organization.

How is consent handled?

Participation in telemetry collection is optional, you may opt-out at any time, and we ensure that telemetry data is only collected when consent is present. Telemetry data for not logged-in users is temporarily stored locally and transmitted only after they log in and the software can verify that consent is present.

How is consent gathered?

When you sign up for Sanity, we determine your location using IP geolocation. If you’re located within a GDPR jurisdiction or a jurisdiction with similar privacy laws, we present an optional consent opt-in checkbox before your account is created.

These jurisdictions include: Austria, Belgium, Brazil, Bulgaria, Canada, China, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Mexico, Netherlands, Norway, Poland, Portugal, Republic of Cyprus, Romania, Slovakia, Slovenia, Spain, Sweden, and United Kingdom.

If you're outside of these jurisdictions, you're opted into telemetry collection by default when you sign up or in, but have the option to opt-out at any time.

For the time being, we do not collect telemetry from existing users within a GDPR jurisdiction or similar.

How do I opt out?

You can update your telemetry consent at any time by:

Visiting your Account Settings page in Manage.
Running npx sanity telemetry disable in the Terminal.
Setting the DO_NOT_TRACK environment variable by adding export DO_NOT_TRACK=1 to your profile file (~/.bash_profile, ~/.zshrc, ~/.profile, or ~/.bashrc).

You can also see your current consent status by:

Visiting your Account Settings page in Manage.
Running npx sanity telemetry status in the Terminal.

Transparency and access

We are committed to transparency in our telemetry practices:

Our telemetry information page https://www.sanity.io/telemetry provides detailed up-to-date information about the data collection and how you can opt-out.
We inform you about telemetry collection through the Sanity CLI, with clear instructions on how to opt-out.