Documentation Index
Fetch the complete documentation index at: https://code.claude.com/docs/llms.txt
Use this file to discover all available pages before exploring further.
Data policies
Data training policy
Consumer users (Free, Pro, and Max plans): We give you the choice to allow your data to be used to improve future Claude models. We will train new models using data from Free, Pro, and Max accounts when this setting is on (including when you use Claude Code from these accounts). Commercial users: (Team and Enterprise plans, API, 3rd-party platforms, and Claude Gov) maintain existing policies: Anthropic does not train generative models using code or prompts sent to Claude Code under commercial terms, unless the customer has chosen to provide their data to us for model improvement (for example, the Developer Partner Program).Development Partner Program
If you explicitly opt in to methods to provide us with materials to train on, such as via the Development Partner Program, we may use those materials provided to train our models. An organization admin can expressly opt-in to the Development Partner Program for their organization. Note that this program is available only for Anthropic first-party API, and not for Bedrock or Vertex users.Feedback using the /feedback command
If you choose to send us feedback about Claude Code using the /feedback command, we may use your feedback to improve our products and services. Transcripts shared via /feedback are retained for 5 years.
Session quality surveys
When you see the “How is Claude doing this session?” prompt in Claude Code, responding to this survey, including selecting “Dismiss”, records only your rating. We do not collect or store any conversation transcripts, inputs, outputs, or other session data as part of the rating prompt itself. Unlike thumbs up/down feedback or/feedback reports, this session quality survey is a simple product satisfaction metric.
After the rating prompt, you may see a separate follow-up asking “Can Anthropic look at your session transcript to help us improve Claude Code?”. This is an optional second step distinct from the rating:
- Yes: uploads your conversation transcript, any subagent transcripts, and the raw session log file from disk to Anthropic. Known API key and token patterns are redacted before upload. Source code, file contents, and other conversation content are uploaded as-is. Shared transcripts are retained for up to 6 months.
- No: declines without sending anything
- Don’t ask again: declines and stops this follow-up from appearing in future sessions
CLAUDE_CODE_DISABLE_FEEDBACK_SURVEY=1. The survey is also disabled when DISABLE_TELEMETRY or CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC is set. To control frequency instead of disabling, set feedbackSurveyRate in your settings file to a probability between 0 and 1.
Data retention
Anthropic retains Claude Code data based on your account type and preferences. Consumer users (Free, Pro, and Max plans):- Users who allow data use for model improvement: 5-year retention period to support model development and safety improvements
- Users who don’t allow data use for model improvement: 30-day retention period
- Privacy settings can be changed at any time at claude.ai/settings/data-privacy-controls.
- Standard: 30-day retention period
- Zero data retention: available for Claude Code on Claude for Enterprise. ZDR is enabled on a per-organization basis; each new organization must have ZDR enabled separately by your account team
- Local caching: Claude Code clients store session transcripts locally in plaintext under
~/.claude/projects/for 30 days by default to enable session resumption. Adjust the period withcleanupPeriodDays. See application data for what’s stored and how to clear it.
Data access
For all first party users, you can learn more about what data is logged for local Claude Code and remote Claude Code. Remote Control sessions follow the local data flow since all execution happens on your machine. Note for remote Claude Code, Claude accesses the repository where you initiate your Claude Code session. Claude does not access repositories that you have connected but have not started a session in.Local Claude Code: Data flow and dependencies
The diagram below shows how Claude Code connects to external services during installation and normal operation. Solid lines indicate required connections, while dashed lines represent optional or user-initiated data flows.
| Provider | Encryption at rest |
|---|---|
| Anthropic API | Infrastructure-level disk encryption (AES-256). Enable Zero Data Retention for no server-side persistence. |
| Amazon Bedrock | AES-256 with AWS-managed keys. Customer-managed keys available via AWS KMS. |
| Google Cloud Vertex AI | Google-managed encryption keys. CMEK available. |
| Microsoft Foundry | Requests route to Anthropic infrastructure with AES-256 disk encryption. |
Cloud execution: Data flow and dependencies
When using Claude Code on the web, sessions run in Anthropic-managed virtual machines instead of locally. In cloud environments:- Code and data storage: Your repository is cloned to an isolated VM. Code and session data are subject to the retention and usage policies for your account type (see Data retention section above)
- Credentials: GitHub authentication is handled through a secure proxy; your GitHub credentials never enter the sandbox
- Network traffic: All outbound traffic goes through a security proxy for audit logging and abuse prevention
- Session data: Prompts, code changes, and outputs follow the same data policies as local Claude Code usage
Telemetry services
Claude Code connects from users’ machines to the Statsig service to log operational metrics such as latency, reliability, and usage patterns. This logging does not include any code or file paths. Data is encrypted in transit using TLS and at rest using 256-bit AES encryption. Read more in the Statsig security documentation. To opt out of Statsig telemetry, set theDISABLE_TELEMETRY environment variable.
Claude Code connects from users’ machines to Sentry for operational error logging. The data is encrypted in transit using TLS and at rest using 256-bit AES encryption. Read more in the Sentry security documentation. To opt out of error logging, set the DISABLE_ERROR_REPORTING environment variable.
When users run the /feedback command, a copy of their full conversation history including code is sent to Anthropic. The data is encrypted in transit via TLS. Optionally, a GitHub issue is created in the public repository. To opt out, set the DISABLE_FEEDBACK_COMMAND environment variable to 1.
Default behaviors by API provider
By default, error reporting, telemetry, and bug reporting are disabled when using Bedrock, Vertex, or Foundry. Session quality surveys and the WebFetch domain safety check are exceptions and run regardless of provider. You can opt out of all non-essential traffic, including surveys, at once by settingCLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC. This variable does not affect the WebFetch check, which has its own opt-out. Here are the full default behaviors:
| Service | Claude API | Vertex API | Bedrock API | Foundry API |
|---|---|---|---|---|
| Statsig (Metrics) | Default on.DISABLE_TELEMETRY=1 to disable. | Default off.CLAUDE_CODE_USE_VERTEX must be 1. | Default off.CLAUDE_CODE_USE_BEDROCK must be 1. | Default off.CLAUDE_CODE_USE_FOUNDRY must be 1. |
| Sentry (Errors) | Default on.DISABLE_ERROR_REPORTING=1 to disable. | Default off.CLAUDE_CODE_USE_VERTEX must be 1. | Default off.CLAUDE_CODE_USE_BEDROCK must be 1. | Default off.CLAUDE_CODE_USE_FOUNDRY must be 1. |
Claude API (/feedback reports) | Default on.DISABLE_FEEDBACK_COMMAND=1 to disable. | Default off.CLAUDE_CODE_USE_VERTEX must be 1. | Default off.CLAUDE_CODE_USE_BEDROCK must be 1. | Default off.CLAUDE_CODE_USE_FOUNDRY must be 1. |
| Session quality surveys | Default on.CLAUDE_CODE_DISABLE_FEEDBACK_SURVEY=1 to disable. | Default on.CLAUDE_CODE_DISABLE_FEEDBACK_SURVEY=1 to disable. | Default on.CLAUDE_CODE_DISABLE_FEEDBACK_SURVEY=1 to disable. | Default on.CLAUDE_CODE_DISABLE_FEEDBACK_SURVEY=1 to disable. |
| WebFetch domain safety check | Default on.skipWebFetchPreflight: true in settings to disable. | Default on.skipWebFetchPreflight: true in settings to disable. | Default on.skipWebFetchPreflight: true in settings to disable. | Default on.skipWebFetchPreflight: true in settings to disable. |
settings.json (see settings reference).
As of v2.1.126, when a host platform sets CLAUDE_CODE_PROVIDER_MANAGED_BY_HOST, Statsig metrics default to on for Vertex, Bedrock, and Foundry, and follow the standard DISABLE_TELEMETRY opt-out. Sentry error reporting and /feedback reports remain off by default on those providers.
WebFetch domain safety check
Before fetching a URL, the WebFetch tool sends the requested hostname toapi.anthropic.com to check it against a safety blocklist maintained by Anthropic. Only the hostname is sent, not the full URL, path, or page contents. Results are cached per hostname for five minutes.
This check runs regardless of which model provider you use and is not affected by CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC. If your network blocks api.anthropic.com, WebFetch requests fail until you either allowlist the domain or set skipWebFetchPreflight: true in settings. Disabling the check means WebFetch attempts to retrieve any URL without consulting the blocklist, so combine it with WebFetch permission rules if you need to restrict which domains Claude can reach.