Privacy Policy

Sandbox0 is operated by Lougao, LLC, a Delaware limited liability company doing business as Sandbox0. You can contact us at [email protected]. Our registered office is 651 N Broad St, Suite 201, Middletown, DE 19709, United States.

We collect account and profile information such as name, email address, avatar, authentication status, team membership, role, and selected team. If you join the waitlist, we collect your email address and any optional message you provide.

When you use the service, we process team names, API key metadata, sandbox, template, volume, credential, snapshot, session, run, observability, file, skill, vault, and dashboard data needed to operate the product. Customer Content may include code, files, prompts, tool outputs, logs, environment configuration, and other material you or your agents submit to the service.

We also collect operational information such as IP address, request metadata, device and browser details, error reports, security events, audit events, and usage records.

We use information to provide, secure, maintain, debug, and improve Sandbox0; authenticate users; manage teams and API keys; operate sandboxes, managed agent sessions, volumes, credentials, and network controls; respond to requests; prevent abuse; and comply with legal obligations.

We may use aggregate or de-identified data to understand product reliability, performance, capacity, and usage trends.

You retain ownership of Customer Content. We process Customer Content to provide the service, including running sandbox workloads, persisting workspace data, creating snapshots, routing managed agent events, enforcing policy, and providing support when authorized.

Do not submit regulated, sensitive, or export-controlled data unless you have confirmed in writing that Sandbox0 is appropriate for that use case.

We use necessary cookies and browser storage for authentication, login state, product preferences, and the website copilot. We do not currently use advertising cookies on the website. See our Cookie Notice for details.

We share information with service providers that help us operate cloud hosting, storage, databases, networking, security, authentication, infrastructure, support, and communications. These providers may process information only as needed to provide their services to us.

We may also disclose information if required by law, to protect the rights and safety of Sandbox0, users, or others, in connection with a corporate transaction, or with your direction or consent.

Sandbox0 currently stores and processes hosted service data in the United States. Account, team, authentication, waitlist, dashboard, and operational data are hosted in U.S.-based infrastructure. Sandbox runtime data and Customer Content are processed in the hosted Sandbox0 region configured for the customer; the currently available hosted region is a U.S. East region.

The hosted service is currently intended for U.S.-based customers and organizations. If you are located outside the United States or need to process regulated international personal data, contact us before using the hosted service.

We retain information for as long as needed to provide the service, maintain security and auditability, resolve disputes, comply with legal obligations, and enforce our agreements. Retention periods vary by data type and customer configuration. You may delete many resources through the dashboard or API; backups, audit records, and operational logs may remain for a limited period.

We use technical and organizational measures designed to protect information, including access controls, encryption, isolation, logging, and operational safeguards. No service can guarantee absolute security. You are responsible for securing your accounts, API keys, credentials, workloads, and team access.

You may request access, correction, deletion, or export of personal information by contacting [email protected]. We may need to verify your identity and may retain information where required for security, legal, or legitimate business purposes.

Sandbox0 is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

We may update this Privacy Policy from time to time. If changes are material, we will take reasonable steps to notify users, such as updating the effective date or posting a notice in the service.