Anthropic · Anthropic Privacy Policy

Third-Party Service Integrations and Data Transfer

Medium severity
Share 𝕏 Share in Share 🔒 PDF

What it is

When you use Claude with integrated third-party apps or follow links in Anthropic's services, your data goes directly to those third parties under their own privacy policies — Anthropic is not responsible for what those companies do with your information.

Consumer impact (what this means for users)

When you connect Claude to third-party applications or services, your personal data — including information about your Claude usage — is shared with those third parties under their own privacy policies, which Anthropic does not control and takes no responsibility for, creating potential privacy risks that are invisible to users at the point of integration.

Cross-platform context

See how other platforms handle Third-Party Service Integrations and Data Transfer and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Claude's expanding agentic capabilities mean it can interact with many third-party services on your behalf, and each of those interactions transfers your data to third parties with potentially very different privacy standards, with no Anthropic accountability for downstream use.

View original clause language
Third-Party Websites and Services: Our Services may involve integrations with, or may direct you to, websites, apps, and services managed by third parties. By interacting with these third parties, you are providing information directly to the third party and not Anthropic and subject to the third party's privacy policy. If you access third-party services, such as social media sites or other sites linked through the Services (e.g., if you follow a link to our Twitter account), these third-party services will be able to collect personal data about you, including information about your activity on the Services.

Institutional analysis (Compliance & legal intelligence)

1. REGULATORY FRAMEWORK: GDPR Art. 26 (joint controllers) and Art. 28 (processor obligations) are relevant where third-party integrations involve shared data processing. GDPR Art. 13/14 transparency requirements apply to data flows to third-party controllers. CCPA §1798.140(ad) defines 'third parties' in contrast to service providers, and disclosure to third parties without contractual restrictions constitutes a 'sale' or 'sharing' triggering opt-out rights. FTC Act Section 5 deceptive practices apply to inadequate disclosure of third-party data flows in agentic AI contexts. 2.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    The FTC has enforcement authority over deceptive or unfair practices in AI-facilitated third-party data sharing, including inadequate disclosure of data flows in agentic AI integrations.
    File a complaint →

Provision details

Document information
Document
Anthropic Privacy Policy
Entity
Anthropic
Document last updated
April 29, 2026
Tracking information
First tracked
March 6, 2026
Last verified
April 28, 2026
Record ID
CA-P-003867
Document ID
CA-D-00012
Evidence Provenance
Source URL
https://www.anthropic.com/legal/privacy
Wayback Machine
View archived versions →
SHA-256
55f589f5c2a5a187a9d045dc6c7e4954a2dbf9ac00fb6e3ea782dbcf9ad69387
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Anthropic | Document: Anthropic Privacy Policy | Record: CA-P-003867
Captured: 2026-03-06 20:00:36 UTC | SHA-256: 55f589f5c2a5a187…
URL: https://conductatlas.com/platform/anthropic/anthropic-privacy-policy/third-party-service-integrations-and-data-transfer/
Accessed: April 29, 2026
Classification
Severity
Medium
Categories
Unknown

Other provisions in this document