Anthropic updated its Privacy Policy effective July 8, 2026 with revisions to the scope of coverage and data categories. The prior policy covered personal data collection across website, Claude.ai, and commercial products. The updated policy narrows the primary scope to 'website, Claude.ai, or other Anthropic products and services' and clarifies that data processed on behalf of business customers (such as Enterprise accounts) falls outside this policy and is governed instead by customer agreements. The policy also expands the definition of Inputs to explicitly include content uploaded, integrated, or interacted with via third-party applications and services.
The updated privacy policy clarifies that it applies to personal data collection when you use Claude.ai and other Anthropic consumer products, but does not apply if your organization has provisioned you a business account (such as Claude for Work or Enterprise accounts). Under the revised terms, if you are using a business account, the policy that governs your personal data is your organization's agreement with Anthropic, not this consumer privacy policy. The policy also expands the definition of Inputs you submit to include content you upload, integrate, or interact with via third-party applications and services connected to Claude.
The updated policy clarifies which Anthropic customers are covered under this consumer privacy framework versus business agreements. This distinction affects how organizations manage downstream vendor data processing obligations and shapes where applicable privacy law requirements (GDPR, CCPA) are operationalized. The expanded Inputs definition explicitly discloses that third-party integrations and uploaded content are collected and may be reproduced in Outputs.
Data processed on behalf of Enterprise customers is no longer covered by this consumer privacy policy and instead governed by customer agreements.
Inputs now explicitly include content uploaded, integrated, or interacted with via third-party applications and services.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
This change operationalizes a scope distinction between consumer and business use cases. The prior policy language was ambiguous about whether it covered all personal data Anthropic processes or only data processed when acting as a controller. The updated policy explicitly states it does not apply to content processed on behalf of business customers, and that such processing is governed by customer agreements. This creates clarity for downstream organizations using Anthropic's Enterprise offerings: their own privacy policies and data processing obligations will be shaped by their vendor agreement with Anthropic, not by this public-facing consumer policy. Organizations with Anthropic in their vendor stack should confirm that their Data Processing Agreement (DPA) or equivalent provision covers the scope of personal data processing Anthropic conducts on their behalf.
GDPR (Article 4 controller/processor distinction, Article 28 DPA requirements), CCPA (consumer vs. business personal information distinction)
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-002758.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorAnthropic updated its Privacy Policy on June 9, 2026, with an effective date of July 8, 2026. The revised policy …
The Department of Defense designated Anthropic a supply chain risk after the company refused to remove two governance restrictions from …
Anthropic is more transparent than most AI companies about data retention. Here's exactly what happens when you delete your data, and how t…
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.