How And AI handles your data, what AI can and cannot do, and why you can trust us.
And AI does not store client data. We configure and implement AI tools in your environment. You retain full control over your own data.
All solutions we implement comply with European privacy legislation. For Team and Enterprise accounts this is contractually guaranteed.
All data transfer occurs via encrypted connections (TLS). Data at rest is stored encrypted at the provider.
With the right settings, your conversations and files are not used to train AI models. More on this below.
Claude operates within clear boundaries. This is what it can and cannot do in your work environment.
Whether your data is used to train AI models depends on your account type and settings.
| Account | Training on your data? |
|---|---|
| Team / Enterprise | No, never. Contractually guaranteed. |
| Pro / Max (personal) | On by default. Disable via Settings > Privacy. |
| Free | Yes. |
For Pro and Max accounts you will find the "Help improve Claude" setting under Settings > Privacy. Disable this to prevent your conversations from being used for model training. For Team and Enterprise accounts this is off by default and contractually guaranteed.
Anthropic (maker of Claude) holds the following certifications and standards.
Independent audit of security controls and processes.
International standard for information security management.
Standard for AI Management Systems.
Cloud Security Alliance certification for cloud security.
With the right settings, conversations are not used for training and are deleted after 30 days. All data travels via encrypted connections.
Be aware that data routes through US servers. For organisations with strict EU requirements we recommend a Team account or a solution via AWS Bedrock in an EU region.
No. Claude only works in the folders you designate. It cannot access system files, passwords or other sensitive locations.
Every sensitive action (such as deleting files) requires explicit permission. The sandbox prevents AI from accessing anything outside your working directory.
Conversations can be deleted via claude.ai. When the training toggle is off, your data is not used for model training and is wiped from servers within 30 days.
For Team and Enterprise accounts, data is never used for training regardless of individual settings.
Anthropic offers a Data Processing Agreement (DPA) and Standard Contractual Clauses (SCC) for European customers. Data is processed on servers in the United States.
Need full EU data residency? That is possible via AWS Bedrock or Google Vertex AI, keeping your data within a European region.
We are happy to help you set up a secure AI environment for your organisation.
Get in touch