When you use Claude, Anthropic automatically receives technical details about your device, your approximate location (derived from your IP address), advertising identifiers, and how you use the service.
This analysis describes what Anthropic's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy states that advertising identifiers, probabilistic identifiers, and IP-derived location data are collected automatically, which are categories of data with direct relevance to targeted advertising and behavioral profiling capabilities, though the policy states Anthropic does not sell personal data.
Device and connection data collected automatically includes advertising identifiers, probabilistic identifiers, and location data derived from IP address; users who wish to limit this collection may adjust browser or device permissions, though the policy does not specify the effect of doing so on service functionality.
How other platforms handle this
We, or vendors we engage, may automatically collect information about your use of our website or services through cookies and similar technologies. This may include navigational and network-related activity such as your device's IP address, browser type and operating system; the length of time you v...
Uber collects precise or approximate location data from riders' and order recipients' mobile devices when the Uber app is running in the foreground (app open and on-screen) or background (app open but not on-screen) of their device. Uber collects this data from the time a ride or order is requested ...
Geolocation data, such as device location. Internet or other electronic network activity information, such as browsing history, search history, and information regarding a consumer's interaction with an internet website, application, or advertisement. Device identifiers, such as IP address, unique d...
Monitoring
Anthropic has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Device and Connection Information. Consistent with your device or browser permissions, your device or browser automatically sends us information about when and how you install, access, or use our Services. This includes information such as your device type, operating system information, browser information and web page referers, mobile network, connection information, mobile operator or internet service provider (ISP), time zone setting, IP address (including information about the location of the device derived from your IP address), identifiers (including device or advertising identifiers, probabilistic identifiers, and other unique personal or online identifiers), and device location.— Excerpt from Anthropic's Anthropic Privacy Policy
(1) REGULATORY LANDSCAPE: This provision engages GDPR Articles 4 and 6 (personal data definition and lawful basis for processing), the ePrivacy Directive regarding cookie and device identifier collection, enforced by EU supervisory authorities; CCPA provisions on personal information including unique identifiers and probabilistic identifiers; and Illinois BIPA to the extent biometric identifiers are involved (though not explicitly stated here). The collection of advertising identifiers and probabilistic identifiers may require evaluation under GDPR lawful basis requirements. (2) GOVERNANCE EXPOSURE: Medium. The enumeration of advertising identifiers and probabilistic identifiers as collected data categories is noteworthy given that the policy simultaneously states Anthropic does not sell personal data and does not engage in targeted advertising of third-party products. The practical use of these identifiers should be documented and reconciled with stated purposes. (3) JURISDICTION FLAGS: EU/EEA users are subject to GDPR and ePrivacy Directive requirements for identifier collection. California residents may evaluate this collection under CPRA sensitive personal information provisions to the extent precise geolocation data is collected. Washington State users integrating health applications are subject to a separate Consumer Health Data Privacy Policy. (4) CONTRACT AND VENDOR IMPLICATIONS: Organizations deploying Claude in enterprise contexts should assess whether automatic collection of device identifiers from employee devices is consistent with their own acceptable use and privacy policies. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should review the Cookie Policy referenced in this document (anthropic.com/legal/cookies) to assess opt-out mechanisms for identifier-based data collection, and verify that consent mechanisms for cookie and identifier collection are implemented consistently with GDPR and ePrivacy requirements for EU-facing services.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy states that advertising identifiers, probabilistic identifiers, and IP-derived location data are collected automatically, which are categories of data with direct relevance to targeted advertising and behavioral profiling capabilities, though the policy states Anthropic does not sell personal data.
Device and connection data collected automatically includes advertising identifiers, probabilistic identifiers, and location data derived from IP address; users who wish to limit this collection may adjust browser or device permissions, though the policy does not specify the effect of doing so on service functionality.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Anthropic.