Two different things get sent when you use Claude Code: prompt content (required for inference) and telemetry (usage counts, crash reports, optional). They have different controls.
What always goes to Anthropic
Prompt content and tool inputs/outputs always go to Anthropic’s infrastructure (or your cloud provider’s infrastructure if using Bedrock/Vertex/Foundry). This cannot be disabled because it is the product.
When Claude calls WebFetch, the hostname of the URL is sent to api.anthropic.com to check against a blocklist of known malicious domains. Only the hostname, not the full URL or page content. This runs before the actual fetch.
Training opt-in
Commercial plans (Pro, Team, Enterprise) are not used for model training by default. Your conversations and code are never used to train Claude unless you explicitly opt in.
The free claude.ai web product is opted in to training by default, unless you opt out in account settings. Claude Code with a commercial subscription is not the same thing as the free claude.ai chat interface.
Retention periods
| Plan | Retention |
|---|---|
| Pro | 30 days |
| Team | 30 days |
| Enterprise (standard) | 30 days |
| Enterprise (ZDR) | Zero (see below) |
After the retention period, conversation data is deleted from Anthropic’s systems.
Zero Data Retention (ZDR) is available to Enterprise customers. With ZDR enabled, Anthropic stores no conversation data after inference completes. The data is processed in memory and discarded. This is the option for regulated industries or organizations with strict data sovereignty requirements. ZDR requires admin configuration and is not self-serve.
Disable telemetry
Telemetry includes usage counts (tokens used, session count), feature flags, and aggregate performance metrics. It does not include conversation content.
export DISABLE_TELEMETRY=1To disable crash and error reporting separately:
export DISABLE_ERROR_REPORTING=1To disable all non-essential network traffic (telemetry, crash reports, update checks, and the WebFetch safety check):
export CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1 is the right option for air-gapped environments or networks where all outbound connections must be to explicitly approved hosts.
Third-party provider deployments
When you run Claude Code through Bedrock, Vertex AI, or Azure AI Foundry, the traffic goes to that provider, not to Anthropic’s telemetry endpoints. All telemetry is off by default in these modes. Anthropic receives only the API calls necessary for model licensing and usage accounting, per the provider agreements.
| Provider | Telemetry to Anthropic | Training |
|---|---|---|
| claude.ai | Yes (unless disabled) | No (commercial) |
| Amazon Bedrock | No | No |
| Google Vertex AI | No | No |
| Azure AI Foundry | No | No |
Footguns
The WebFetch safety check goes to api.anthropic.com even on Bedrock. This is a thin lookup, not an inference call, but it does represent a connection to Anthropic’s infrastructure from a Bedrock deployment. If your security policy requires zero Anthropic network contact, set CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1. This disables the safety check but also removes the protection.
DISABLE_TELEMETRY=1 does not disable crash reports. The two controls are separate. Set both if you want neither.
Telemetry env vars are per-session unless you persist them. Variables set in a shell session do not survive after the shell closes. Add them to your shell rc file or managed settings to make them permanent:
{
"env": {
"DISABLE_TELEMETRY": "1",
"DISABLE_ERROR_REPORTING": "1"
}
}ZDR is about retention, not transmission. ZDR means no post-inference storage, not no network contact. Your prompts still go to Anthropic infrastructure for processing.
When to review data settings before using Claude Code
- Your codebase contains regulated data: PII, PHI, financial records. Confirm your plan’s retention period and whether ZDR is available before sending that data in prompts.
- You are on a government or defense contract with data handling restrictions. Check whether Bedrock or Vertex deployments satisfy your requirements.
- Your security team requires all third-party network traffic to be explicitly approved. Use
CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1and documentapi.anthropic.comas a required endpoint. - You are building an internal tool using the Claude Code Agent SDK. SDK-based agents use the same data policy as the CLI. There is no special “SDK mode” with different privacy guarantees.