Sanity.io - Headless CMS & Privacy Overview

Overview

Sanity.io is a headless content management platform that provides structured content through APIs. Its client-side scripts appear on websites only during authenticated content editing sessions — the Visual Editing overlay and live preview functionality connect the editor's browser to the Sanity Content API. Standard visitors browsing the published website do not encounter any Sanity scripts.

What This Script Does

Sanity's browser-side scripts are limited to authenticated editor sessions:

Visual Editing overlay: When an authenticated content editor accesses a preview URL, Sanity's scripts render a visual editing interface overlaying the page content. This allows editors to click on content elements and edit them in place.
Live preview: Connects to the Sanity Content API via WebSocket or polling to display real-time draft content changes as editors make them in Sanity Studio.
Authentication: The preview/editing scripts require authenticated access — typically via a Sanity auth token or cookie. Only users with editor permissions can access these scripts.
No visitor-facing scripts: On the published, production version of the website, content is delivered as static or server-rendered HTML. Sanity's scripts are not loaded in the visitor's browser.
No cookies for visitors: Sanity does not set cookies on the production domain for regular site visitors. Authentication cookies are limited to the editing context.

Consent & Compliance

Sanity falls under the functional consent category. Its scripts serve a content editing function used exclusively by authenticated editors.

Under GDPR and ePrivacy, Sanity's scripts are not loaded for regular website visitors, so there is no ePrivacy consent trigger for the general public. The editing cookies are used only by authenticated CMS users in the course of their work, which falls under the site operator's internal tooling.

Under CCPA/CPRA, Sanity does not collect personal information from website visitors. Content editors interact with Sanity as part of their professional duties, governed by the organization's employment or contractor agreements.

Should You Block This Without Consent?

No. Sanity's scripts are loaded only for authenticated content editors during preview sessions, not for regular website visitors. There is nothing to block in the visitor-facing context. The editing tools serve an essential content management function for the site operator's team.

Visit website

Consent Categories

Functional

Also Known As

sanitysanity iosanity cmssanity studioheadless cms sanitysanity content platformsanity live preview

Industries

Programming and Developer SoftwareComputers Electronics and Technology

Tracked Domains (1)

sanity.ioFunctional

Frequently Asked Questions

Does Sanity.io require consent on published websites?

Generally no. Sanity.io is a headless CMS whose scripts only load during authenticated editor sessions. Regular visitors browsing the published site do not encounter any Sanity scripts. The Visual Editing overlay and live preview are restricted to editors accessing preview URLs, so no consent is typically required for Sanity.

What scripts does Sanity.io run in the browser?

Sanity's browser scripts are limited to authenticated editor sessions. They render a Visual Editing overlay for clicking and editing content elements in place. The scripts also connect to the Sanity Content API for live preview of real-time content changes. None of these scripts appear on published pages viewed by regular visitors.

How does ConsentStack categorize Sanity.io scripts?

ConsentStack identifies Sanity.io's Visual Editing overlay and live preview scripts as functional. Because these only activate during authenticated editor sessions and never load for regular visitors, ConsentStack treats them as non-tracking editorial tools within the functional consent category.