Skip to main content

Data retention practices for Covered Models

To ensure we’re responsibly deploying covered models, we are requiring limited data retention and review as part of our safety work. Prompts submitted to, and outputs generated by, covered models are retained for 30 days to support our safety work, on every platform where these models are offered.

This applies to Mythos-class models and future models with similar capabilities that we designate as covered models. For all other models, everything you use is unaffected and stays under the current terms.

This policy, described below, goes into effect on June 9, 2026. For more information on the threat model for retained data and associated privacy controls, please see the corresponding technical white paper on our Trust Center.

Who this applies to

Consumer plans (Claude Free, Pro, and Max) across our web, desktop, and mobile apps—including Claude.ai and Claude Code—are unaffected by this update, since we already retain inputs and outputs on these surfaces. Learn more about how we retain data for consumer plans.

This change only applies to organizations that have set up workspaces with zero data retention (ZDR) in Claude Console, use Claude Code with ZDR in Claude Enterprise, or access Claude through AWS Bedrock, Google Cloud Agent Platform, or Microsoft Foundry with ZDR. The rest of this article applies only to these organizations.

Why we’re doing this

Claude Mythos 5 represents a substantial increase in model capabilities, some of which can be used for both benign and malicious purposes. Claude Fable 5 shares the same underlying model as Claude Mythos 5, but with additional safeguards, particularly in the cyber and bio domains. While these safeguards allow us to share this intelligence more broadly, we are taking a conservative approach that allows us to look for patterns of misuse with this class of model and future models we release that are similarly or more capable. Some attacks only become visible across multiple requests. Best-of-N jailbreaking, for example, sends hundreds of slight variations of a prompt in the hope that one will work. Larger patterns of misuse, such as state-sponsored espionage or data extortion campaigns, only surface when our safeguards classifiers can zoom out across many requests. Detecting these threats requires temporarily retaining prompts and outputs so they can be analyzed together, rather than one at a time.

How we protect your data

By default, no Anthropic personnel can read your retained conversations. Human review can occur only through a controlled access path—for example, when content is flagged by our automated trust and safety systems for potential harm. These reviews can only be performed by a small set of approved reviewers. Every instance of access is recorded in a tamper-proof log that reviewers cannot suppress or modify. After 30 days, the data is deleted automatically, except in the rare cases where it's been flagged by our automated trust and safety systems or we're legally required to keep it. Eligible organizations also have the option to add customer-managed encryption keys and access transparency audit logs.

Anthropic maintains a documented information security program with technical and organizational measures that are designed to protect the security, confidentiality, and integrity of customer data. Our risk-based program is built for and evolves to defend against known and anticipated threat models and is tested regularly. For more information, see the technical white paper in our Trust Center.

What, if anything, do I need to configure?

This change only applies to organizations that have set up workspaces with zero data retention (ZDR) in Claude Console, use Claude Code with ZDR in Claude Enterprise, or access Claude through AWS Bedrock, Google Cloud Agent Platform, or Microsoft Foundry with ZDR. For all other organizations, there is no change and there's nothing to configure. The rest of this section is for organizations that access Claude without data retention today and need to set up data retention in order to use designated models when they become available.

If your developers use the Claude API

  • Directly from Anthropic through Claude Platform: Turn on retention for the workspaces where you want to use covered models in the developer console (Workspace > Manage > Privacy Controls). Your other ZDR-enabled workspaces keep ZDR. Refer to the Anthropic Trust Center for documentation.

  • Through Claude Platform on AWS: Retention works the same way as the direct Claude API. It's configured at the workspace level, and retained data is handled by Anthropic under the same controls.

  • Through Amazon Bedrock: Retention will need to be enabled to access covered models, and retained data stays in AWS. Refer to AWS Bedrock’s documentation.

  • Through Google Cloud's Agent Platform: Retention will need to be enabled to access covered models, and retained data stays in GCP. Refer to Google Cloud's Agent Platform documentation.

  • Through Claude in Azure Foundry: Retention is configured for each Azure Subscription. If you have Zero Data Retention configured, then you will need to create and use a separate Azure Subscription to access these models.

If your team uses Claude Code

  • Through the Anthropic API: Claude Code’s data handling practices are governed by the workspace it operates in. If that workspace has retention enabled, Claude Code can use designated models. For developers who sign in directly, enable retention at your organization’s Claude Code workspace.

  • Through Amazon Bedrock or Google Cloud Agent Platform: Claude Code uses your cloud credentials, so it follows your cloud environment's retention setting. Retention must be enabled in your cloud environment, and retained data stays in your provider's environment. The same applies to Cowork accessed through Amazon Bedrock or Google Cloud’s Agent Platform.

  • Through Claude Enterprise with ZDR: We're releasing controls in the admin console so your Primary Owner can change the retention setting directly. If you'd rather not touch your production org yet, we can help you set up a separate sandbox org.

If your team uses Claude chat or Cowork through Claude for Enterprise

  • These surfaces already operate with standard retention, so you'll have access to the new models as they become available.

Did this answer your question?