Sangria Privacy Policy
This Privacy Policy explains how Sangria ("Sangria," "we," "us," or "our") collects, uses, discloses, and protects information when you use Sangria's websites, dashboards, APIs, command-line tools, skills, payment services, agent-commerce services, and related support channels (the "Services").
Contact: [email protected] or 1324 Sevier Ave, Menlo Park, California.
1. Scope
This Policy applies to Sangria's Services, including:
getsangria.com,api.getsangria.com, dashboards, docs, and hosted skill files.- The Sangria CLI and agent skills used to submit supported product URLs, lock quotes, top up balances, and buy supported products through supported order automation flows.
- Admin, support, security, billing, and operational systems related to those Services.
This Policy does not apply to third-party websites, merchants, suppliers, app stores, blockchain networks, wallet software, identity providers, payment processors, or other services that we do not control. Their privacy policies govern their own practices.
2. Personal Information We Collect
The information we collect depends on how you use Sangria.
| Category | Examples | Sources |
|---|---|---|
| Account and identity information | Name, email address, WorkOS user ID, organization name, organization memberships, admin/member role, invitation recipient email, invitation message, account status | You, your organization admins, WorkOS |
| Authentication and security information | Session data, API key ID and hashed API key, agent API key label, generated agent display name, key status, expiration, revocation, last-used timestamp, CSRF tokens, authentication failure signals | You, your browser, CLI/API use, WorkOS |
| Agent settings and controls | Spend caps, required-confirmation thresholds, agent preferences you configure, saved ZIP code, shipping address, phone number, organization context | You, your organization |
| Payment and credit information | Stripe customer ID, Stripe checkout session and payment intent IDs, top-up amount, estimated and actual processing fees, refunds, credits balance, ledger entries, idempotency keys, saved-card presence, top-up authorization status, hashed top-up confirmation code, transaction history | You, Stripe, our systems |
| Discovery and purchase information | Product URL, supported merchant host, SKU or product identifier, product name, product category, quoted price, quote expiration, selected item, quantity, merchant order result, order automation status, order status, failure code/message, shipping ZIP/postal code, shipping address, phone, email used for fulfillment | You, your agent, supported merchants/suppliers, order automation providers, merchant proxies |
| Communications | Support emails, onboarding messages, invitation emails, top-up authorization emails, feedback, operational notices | You, your organization admins, Resend, our support systems |
| Device, usage, logs, and diagnostics | IP address, browser type, device identifiers, operating system, referring URL, request path/URL, timestamps, headers after sensitive-header filtering, error events, performance traces, session replay or interaction diagnostics where enabled, CLI version/update signals | Your browser/device, CLI/API use, Sentry, hosting/infrastructure providers |
| Inferences and operational analytics | Supported-product matching information, fraud/security signals, account usage summaries, service reliability metrics | Our systems based on the information above |
We do not intentionally collect Social Security numbers, government ID images, biometric identifiers, precise GPS location, health information, or children's information through the Services. Do not submit sensitive personal information in product URLs, metadata, support messages, or free-form context unless it is necessary for the transaction and lawful for you to provide.
3. How We Use Personal Information
We use personal information to:
- Provide, operate, authenticate, secure, and improve the Services.
- Create and manage accounts, organizations, memberships, invitations, roles, dashboards, API keys, and agent settings.
- Process top-ups, credits, fees, refunds, ledger entries, payment records, and saved-card flows.
- Process supported product URLs, lock short-lived quotes, validate service area and profile requirements, commit purchases, place or coordinate supported orders, and communicate purchase/order results.
- Send purchase details needed for fulfillment to supported merchants, order automation providers, or merchant proxies, such as product/SKU, quantity, email, phone, shipping address, and ZIP/postal code.
- Send account, invitation, top-up authorization, security, support, and administrative communications.
- Enforce spend controls, prevent overdrafts, detect fraud/abuse, maintain security, debug errors, monitor performance, and protect Sangria, users, merchants, and third parties.
- Comply with legal, tax, accounting, sanctions, fraud-prevention, dispute, audit, and regulatory obligations.
- Develop, test, and improve supported-product matching, diagnostics, reliability, and product functionality, using safeguards appropriate to the information involved.
We do not use personal information for cross-context behavioral advertising in the current product.
We do not use support messages, purchase history, or other personal information to train general-purpose foundation models unless we tell you and obtain consent where required. We may use aggregated, de-identified, or operationally necessary service data to evaluate, secure, debug, and improve Sangria.
4. How We Disclose Personal Information
We disclose personal information as follows:
- Service providers and processors. We use vendors for hosting, databases, security, analytics, observability, support, email, identity, payments, and infrastructure.
- Identity provider. WorkOS processes authentication and identity information.
- Payment processors. Stripe processes card and payment method information. We do not store full card numbers or card security codes.
- Email provider. Resend sends invitations, top-up authorization codes, and operational emails.
- Observability and error monitoring. Sentry may process diagnostics, traces, logs, error events, and session replay data where enabled.
- Order automation providers and merchant proxies. We disclose information needed to search, quote, buy, fulfill, ship, support, refund, or reconcile a purchase through supported order automation flows.
- Blockchain, wallet, and facilitator infrastructure. If a Sangria flow uses x402 or crypto settlement infrastructure, payment information such as wallet addresses, transaction hashes, network identifiers, and signed payment payloads may be sent to Coinbase CDP, x402 facilitators, blockchain networks, or related infrastructure. Public blockchains may make transaction data public and difficult or impossible to delete.
- Organizations. Organization admins and members may see organization-level account information, balances, API key labels/status, transactions, top-ups, members, invitations, and related activity based on their role.
- Supported merchants and suppliers. Merchants and suppliers may receive order and fulfillment information for their own products or services.
- Legal and safety recipients. We disclose information when required by law or when we believe disclosure is necessary to protect rights, security, safety, property, prevent fraud/abuse, enforce our terms, or respond to lawful requests.
- Business transfers. We may disclose or transfer information in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets.
- With your direction or consent. We disclose information when you direct us to do so, including when you authorize an agent or integration to use Sangria.
We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We disclose information only as needed to provide, secure, support, and operate Sangria, process payments and purchases, comply with law, or as directed by you.
5. Cookies, Sessions, and Diagnostics
Sangria uses cookies and similar technologies for necessary product functions such as sign-in, session management, CSRF protection, security, routing, and preferences. If you block necessary cookies, parts of the Services may not work.
We also use operational diagnostics to understand errors, performance, abuse, and reliability. Browser-side Sentry Replay is enabled in the codebase and can capture interaction/session context for debugging, such as page views, clicks, navigation, visual state, console or network metadata, and error context. We configure these tools to support security and reliability, not advertising, and we use practical masking, filtering, and access controls for sensitive fields and diagnostic data. Diagnostic tools can still collect technical metadata and interaction data, so do not enter unnecessary sensitive information into the Services.
6. Automated Processing and Agentic Commerce
Sangria uses automated systems to authenticate API calls, enforce spend controls, detect abuse, check supported product URLs, return supported options, verify payment status, and process service operations. Supported-product matching helps present supported options to you or your agent; it does not determine your legal rights.
You or your authorized agent decide whether to proceed with purchases, subject to the controls configured in your account and the Services. We do not use automated decision-making to make employment, credit, housing, insurance, education, criminal justice, or similarly significant decisions about you.
7. Sensitive Personal Information
Some information may be considered sensitive under certain laws, including account credentials/API keys, payment information handled by Stripe, financial account/transaction records, shipping address, and purchase history. We use and disclose sensitive personal information only to provide the Services, process payments and purchases, secure accounts, prevent fraud/abuse, comply with law, and perform other legally permitted purposes.
We do not use sensitive personal information to infer characteristics about you, and we do not sell or share sensitive personal information for cross-context behavioral advertising.
8. Retention
We retain personal information for as long as reasonably necessary for the purposes described in this Policy, including to provide the Services, keep accurate financial and transaction records, comply with legal/tax/accounting obligations, resolve disputes, enforce agreements, maintain security, and improve reliability.
Specific examples:
- Top-up authorization codes expire after about 10 minutes, and raw codes are not stored.
- Organization invitation tokens expire after about 7 days.
- API key secrets are not stored in plaintext; hashed keys and key metadata are retained while needed for authentication, audit, security, and account history.
- Order, payment, ledger, transaction, refund, and tax/accounting records may be retained after account closure where required or reasonably necessary.
- Product URL requests and order/audit records may be retained for debugging, reconciliation, abuse prevention, service evaluation, and accounting needs.
When information is no longer needed, we delete, de-identify, aggregate, or otherwise dispose of it according to our retention practices, unless legal or operational obligations require continued retention.
9. Security
We use technical and organizational safeguards designed to protect personal information. Examples reflected in the product include hashed API keys, hashed top-up authorization codes, CSRF protection, role-based organization access, rate limits, sensitive-header filtering for diagnostics, and third-party payment collection through Stripe instead of storing full card details ourselves.
No system is perfectly secure. You are responsible for protecting your account credentials, API keys, devices, agents, and integrations. Tell us promptly if you believe your account, API key, or agent integration has been compromised.
10. Your Choices
You can:
- Access and update certain account, organization, API key, spend-control, phone, and shipping settings in the dashboard or CLI.
- Revoke API keys you no longer use.
- Remove or replace saved payment methods through the dashboard where available.
- Stop using the CLI or skill and remove local configuration from your device.
- Contact us to request access, correction, deletion, export, restriction, objection, or other privacy rights where applicable.
- Unsubscribe from marketing communications if we send them. We will still send transactional, security, billing, and service messages.
Some requests may be limited by legal, security, fraud-prevention, financial-record, tax, accounting, merchant-fulfillment, dispute, or technical requirements.
11. U.S. State Privacy Notice
Depending on where you live and whether Sangria meets applicable legal thresholds, you may have rights under state privacy laws, including rights to know/access, delete, correct, obtain a portable copy, opt out of certain targeted advertising or sale/sharing, limit certain sensitive information uses, and appeal a decision.
To exercise rights, contact [email protected] or 1324 Sevier Ave, Menlo Park, California. We will verify your request by matching information you provide with information associated with your account or by requiring you to sign in. Authorized agents may submit requests where permitted by law; we may require proof of authorization and may ask you to verify directly. If we deny a privacy request and applicable law gives you an appeal right, you may appeal by replying to our decision or emailing [email protected] with "Privacy Appeal" in the subject line.
California Notice at Collection and Privacy Notice
The table below describes categories collected and disclosed in the preceding 12 months or expected to be collected and disclosed through the Services.
| CCPA category | Examples in Sangria | Purposes | Disclosed to |
|---|---|---|---|
| Identifiers | Name, email, WorkOS ID, organization ID, user ID, API key ID, IP address, phone, shipping address | Account, authentication, support, fulfillment, security | Service providers, WorkOS, Stripe, Resend, merchants/proxies, order automation providers, organization admins/members, legal/safety recipients |
| Customer records | Contact details, billing/customer records, payment processor IDs, account records | Billing, top-ups, purchases, support, compliance | Service providers, Stripe, merchants/proxies, order automation providers, organization admins/members, legal/safety recipients |
| Commercial information | Purchases, product URLs, SKUs, quotes, orders, credits, top-ups, refunds, transaction history | Provide Services, accounting, reconciliation, support, fraud prevention | Service providers, Stripe, merchants/proxies, order automation providers, organization admins/members, legal/safety recipients |
| Internet or network activity | Log data, request URLs, API activity, device/browser data, CLI usage, diagnostics, session replay where enabled | Security, debugging, reliability, abuse prevention | Hosting/infrastructure providers, Sentry, security providers |
| Geolocation | Approximate location inferred from IP; ZIP/postal code for service-area and fulfillment | Security, routing, merchant search, service area, fulfillment | Service providers, merchants/proxies and order automation providers where needed |
| Professional or employment-related information | Organization affiliation and admin/member role | Account administration and access control | Organization admins/members, service providers |
| Sensitive personal information | Account login/API credential information, payment information handled by Stripe, financial/transaction records, shipping/contact details where treated as sensitive by law | Provide Services, security, payments, fraud prevention, compliance | Service providers, Stripe, merchants/proxies and order automation providers where needed, legal/safety recipients |
| Inferences | Supported-product matching signals and preferences inferred from product requests or prior use | Product matching, service improvement, reliability | Service providers; generally not disclosed externally except as part of service operation |
We do not sell personal information and do not share personal information for cross-context behavioral advertising. We do not knowingly sell or share personal information of consumers under 16. We do not offer financial incentives for the collection, sale, or sharing of personal information.
California residents may request to know/access, delete, correct, opt out of sale/share, limit use/disclosure of sensitive personal information, and not be discriminated against for exercising CCPA rights. Because we do not currently sell/share personal information or use sensitive personal information beyond permitted service/security/compliance purposes, opt-out and limit requests generally will confirm our current practices rather than change advertising behavior.
12. EEA, UK, and International Users
The Services are operated primarily from the United States and are intended for users who are at least 18 years old. Physical-goods purchases currently require supported U.S. shipping and contact details. If you access the Services from outside the United States, your information may be processed in the United States and other countries that may not provide the same level of data protection as your home jurisdiction.
If the GDPR, UK GDPR, or similar law applies, Sangria is the controller for account, website, dashboard, billing, security, and service data we process for our own purposes. We process personal data under the following legal bases:
| Purpose | Legal basis |
|---|---|
| Account creation, authentication, organization access, API keys, purchases, payments, credits, support, and transactional communications | Contract performance |
| Security, fraud prevention, abuse prevention, diagnostics, service reliability, product improvement, service evaluation, and business operations | Legitimate interests |
| Tax, accounting, sanctions, regulatory, lawful request, and dispute obligations | Legal obligation |
| Marketing communications and certain optional features, where required | Consent |
Where applicable, you may have rights to access, rectify, erase, restrict, object, port data, withdraw consent, and lodge a complaint with a supervisory authority. Contact [email protected] to exercise these rights.
13. Children
The Services are not directed to children and are intended for users who are at least 18 years old and able to enter into binding agreements. We do not knowingly collect personal information from children under 13, and we do not knowingly allow minors to create accounts, payment profiles, or agent-commerce accounts. If we learn that we collected account, payment, purchase, or agent-commerce information from a minor without appropriate authorization, we may delete the information, disable the account, or take other appropriate action. If you believe a child or minor provided personal information to Sangria, contact us so we can take appropriate action.
14. Changes to This Policy
We may update this Policy from time to time. The "Last updated" date shows when it was last revised. If changes are material, we will provide notice as required by law, such as by posting a notice, sending an email, or presenting notice in the Services.
15. Contact
For privacy questions or requests, contact:
Sangria
1324 Sevier Ave, Menlo Park, California