Claude Cowork data residency and retention

TL;DR. Anthropic processes Cowork inference in US and EU regions; Enterprise customers can negotiate region pinning. Default retention is around 5 years on Pro and Max with a 30-day opt-out; Team and Enterprise are organisation-controlled with no training as the default and zero-retention available contractually. Customers whose compliance program excludes Anthropic-hosted inference entirely can deploy Cowork on Bedrock or Vertex AI — conversation data stays in their AWS or GCP tenant. Microsoft Foundry is not a residency solution; that route still terminates inference at Anthropic infrastructure.

The three questions buyers ask#

Where is the data processed? US and EU on first-party. On Bedrock or Vertex AI, in the customer's chosen cloud region. On Foundry, still on Anthropic's infrastructure.
How long is it kept? Plan-dependent on first-party. On Bedrock / Vertex AI, the cloud provider's posture applies — Anthropic does not store conversation data.
Is it used to train the model? Default yes on Pro/Max with a per-user opt-out; default no on Team and Enterprise. On Bedrock / Vertex AI, structurally not applicable.

The rest of this page backs those three answers up.

Region and processing#

Anthropic's primary first-party inference regions are US and EU. Verify against the current Trust Center page before you put it in a procurement document.
Enterprise customers can negotiate region pinning at contract. This is the right move for any client with strict EU residency requirements.
The desktop app processes some content locally before sending excerpts to inference — but assume the relevant content reaches Anthropic's region.
For UK / EU residency-sensitive customers, the Enterprise plan is the standard answer. Pro and Max are not the right floor for tight residency requirements.
For customers whose compliance program excludes Anthropic-hosted inference entirely, Cowork can run on a third-party inference provider — Amazon Bedrock or Google Cloud Vertex AI — keeping conversation data inside the customer's own cloud tenant. See Cowork on third-party platforms. Microsoft Foundry is not a residency solution; that route still terminates inference at Anthropic infrastructure — see the Foundry page for the gotcha.

Retention by plan#

Plan / route	Default retention	Opt-out	Notes
Pro	~5 years	30 days, per-user toggle	Per-user; turn it on before any real data lands
Max	~5 years	30 days, per-user toggle	Same as Pro
Team	Org-controlled	Yes; default no training	Admin console
Enterprise	Org-controlled; zero-retention available	Contractual	Default do not train; zero-retention is contracted
3P (Bedrock / Vertex AI)	Determined by the cloud provider — Anthropic does not store conversation data	n/a — opt-out structurally not applicable	Conversation data is in the customer's AWS / GCP tenant; retention follows the cloud provider's posture and the device's local-disk policy
3P (Microsoft Foundry preview)	Anthropic's standard terms apply — same as a first-party deployment	Per Anthropic terms	Foundry routes inference to Anthropic infrastructure; not a residency solution

Numbers verified against Anthropic's data privacy controls page in late April 2026. Re-verify on each monthly review of this page.

Training opt-out and how it actually works#

The opt-out toggle prevents your prompts and outputs from being used to improve future Claude models.
Opt-out applies forward. Data already used for training is not retroactively removed.
For Team and Enterprise, the default is "do not train." No per-user toggle needed.
Tinkso recommends enabling opt-out at the start of any Pro / Max pilot before any real data goes in. This is a one-click action that survives every subsequent procurement question.

Memory data#

Memory entries are stored under the user's account.
Same retention and training posture as the rest of the conversation data.
Deletion is per-entry via the Memory UI. There is no bulk-export-and-delete tooling at GA, which is the one Memory limitation worth flagging in a security review.

MCP connector data#

Each connector handles its own data flow according to its vendor's terms.
Cowork does not store the connector's responses outside the conversation context unless told to.
If a connector returns regulated data — PII, PHI, financial — the data is in the prompt; treat the inference call as in scope for that data class.

This is where most regulated-deployment design happens: which connectors return what data, and which inference calls accordingly inherit which compliance posture.

Cross-border considerations#

US / UK mid-market customers should review the EU vs US processing question even if all employees are stateside. Supplier and customer data may pull GDPR scope into play.
Enterprise customers with strict residency can negotiate region pinning at contract.
Tinkso engagements include a 30-minute residency check during pre-flight for any client in regulated industries — see Pre-flight checklist.
For customers who genuinely cannot send data to Anthropic at all, the 3P routes (Bedrock or Vertex AI) are the correct answer rather than a contractual workaround.

Tinkso's take#

Retention defaults trip up more procurement reviews than any other Cowork question. We brief every client to enable opt-out on day one of a Pro / Max pilot, and to upgrade to Team or Enterprise before scale. The cost delta is small; the security-review delta is enormous.

The other recurring trip-up: clients assume "do not train" and "zero retention" are the same thing. They are not. Zero retention is a contractual posture only available on Enterprise; do-not-train is widely available. Read your contract. And if the conversation drifts to "what if we go on Microsoft Foundry?", redirect immediately — Foundry is the right answer for Azure-led billing, not for residency.

Try this#

In account settings, find the Data Privacy Controls page. Turn on the "do not train" opt-out for every pilot user before they touch a real document. Take a screenshot. That screenshot is the artifact your security partner will ask for in week one.