IndexableHigh priorityLast reviewed 2026-05-216/6 fresh sources

Anthropic vendor policy review packet for SaaS teams

This page tracks Anthropic sources that matter when a SaaS team uses Claude in a product or internal workflow. The main review question is whether the team is relying on commercial product terms, enterprise controls, or a separate zero data retention agreement, because those paths carry different evidence needs.

Scan Anthropic against your commitments Back to vendor database

Vendor category

AI model provider

Typical use

Claude API, Claude for Work, Claude Enterprise, Claude Code, and internal analysis workflows.

Common data involved

Prompts, outputs, uploaded files, conversation history, workspace metadata, and API organization data.

Documents monitored

Commercial terms, DPA, privacy policy, model training article, and retention controls.

Last reviewed

2026-05-21

Review priority

High

Source freshness

6/6 sources have recent review dates

What to monitor

AI and model training policy

Verified source

Use Anthropic's model training article before promising customers how prompts, outputs, and feedback are used.

Commercial terms and DPA

Verified source

Confirm whether the contract path is Anthropic commercial terms, a negotiated agreement, or an enterprise order form.

Retention controls

Verified source

Check enterprise retention controls and any zero data retention agreement before describing storage periods.

Subprocessor list

Needs manual review

Anthropic has an official subprocessor location, but this milestone keeps it out of public claims until the page is fully readable and reviewed.

Privacy policy

Verified source

Use the privacy policy for personal data and account-level statements, not as a substitute for product-specific retention evidence.

Review checklist

Confirm whether the deployment is Claude API, Claude Enterprise, Claude Code, or unmanaged Claude use.
Capture the Anthropic source that supports model training and retention statements.
Record whether a zero data retention agreement exists and which products it covers.
Check the DPA and commercial terms before updating customer-facing vendor records.
Flag subprocessor claims for manual review until the official subprocessor source is fully checked.

Customer commitments that may be affected

Claude inputs and outputs are not used for training except where Anthropic's stated commercial product exceptions or customer choices apply.
Workspace or API data retention matches the product, enterprise setting, or zero data retention agreement actually in place.
A customer DPA exhibit names Anthropic in the right processor or subprocessor role.
Internal AI-use guidance separates Claude API evidence from consumer or employee-owned account behavior.
Vendor review records include the relevant Anthropic product source, not only a general privacy page.

Recent changes

No material public change is asserted beyond this source review. Treat 2026-05-21 as the baseline date for future Anthropic page comparisons.

AI Vendor Packet organizes review packet evidence and review prompts. It does not provide legal advice.

Applicability notes by plan or product

Scope: Claude API and Workbench
Applies to: Product features or operator workflows that send customer data through an Anthropic organization.
Watch for: Check model training defaults, retention controls, and whether a zero data retention agreement has been approved.

Scope: Claude Enterprise
Applies to: Managed business workspaces with administrative controls.
Watch for: Record workspace retention settings and whether custom retention controls are enabled.

Scope: Claude Free, Pro, or unmanaged use
Applies to: Employee experimentation outside a managed business account.
Watch for: Avoid extending enterprise or API commitments to unmanaged accounts without a separate source review.

Scope	Applies to	Watch for
Claude API and Workbench	Product features or operator workflows that send customer data through an Anthropic organization.	Check model training defaults, retention controls, and whether a zero data retention agreement has been approved.
Claude Enterprise	Managed business workspaces with administrative controls.	Record workspace retention settings and whether custom retention controls are enabled.
Claude Free, Pro, or unmanaged use	Employee experimentation outside a managed business account.	Avoid extending enterprise or API commitments to unmanaged accounts without a separate source review.

Use issue pages for narrower customer review questions.

Anthropic model training review for SaaS customer commitmentsFor commercial Claude use, the model training answer should cite Anthropic's own model training article and the commercial contract path. The safe customer answer is product-specific: confirm whether data comes from Claude API, Claude Enterprise, Claude Code, feedback, or unmanaged Claude use before making a broad statement.Anthropic data retention review for SaaS customer commitmentsAnthropic retention answers should separate standard commercial use, Claude Enterprise retention controls, and approved zero data retention agreements. The official sources are not interchangeable. A SaaS team should cite the source that matches the product and agreement actually used.

Source freshness

For packet evidence, critical AI and SaaS vendor sources should show a recent reviewed date. Material vendor notices, Trust Center updates, DPA changes, subprocessor notices, and customer-reported changes should be checked before the packet is reused externally.

All listed source dates are recent for the current packet freshness model.

Recent review date: Sources used in a paid packet should have a visible reviewed date and should be rechecked before they are reused for a new customer answer.
Urgent-change handling: Material vendor notices, broken source links, DPA updates, subprocessor notices, and customer-reported source changes should be routed to the relevant owner before reuse.
Stale-source warning: A source older than 60 days, missing a reviewed date, or failing the latest source check should be marked for review before the packet is reused externally.

Source documents

Each factual vendor claim on this page is tied to official source documents reviewed on 2026-05-21.

Is my data used for model training?https://privacy.anthropic.com/en/articles/7996868-i-want-to-opt-out-of-my-prompts-and-results-being-used-for-training-modelsLast verified: May 21, 2026 · Registry verifiedFresh Custom Data Retention Controls for Claude Enterprisehttps://privacy.anthropic.com/en/articles/10440198-custom-data-retention-controls-for-claude-enterpriseLast verified: May 21, 2026 · Registry verifiedFresh Zero data retention agreement applicabilityhttps://privacy.anthropic.com/en/articles/8956058-i-have-a-zero-data-retention-agreement-with-anthropic-what-products-does-it-apply-toLast verified: May 21, 2026 · Registry verifiedFresh Anthropic Commercial Terms of Servicehttps://www.anthropic.com/legal/commercial-termsLast verified: May 21, 2026 · Registry verifiedFresh Anthropic Data Processing Addendumhttps://www.anthropic.com/legal/data-processing-addendumLast verified: May 21, 2026 · Registry verifiedFresh Anthropic Privacy Policyhttps://www.anthropic.com/legal/privacyLast verified: May 21, 2026 · Registry verifiedFresh

Scan Anthropic against your own commitments.

Compare official vendor sources with the customer-facing promises your team has already made. Use the scanner first, then order the $199 review packet when you want the evidence organized for legal, privacy, security, or founder approval.

Scan Anthropic against your commitments See the $199 packet

Anthropic vendor policy review packet for SaaS teams

What to monitor

AI and model training policy

Commercial terms and DPA

Retention controls

Subprocessor list

Privacy policy

Review checklist

Customer commitments that may be affected

Recent changes

Applicability notes by plan or product

Related pages

Source freshness

Source documents

Scan Anthropic against your own commitments.