Research summary — verify current ZDR / no-retention terms with Anthropic Enterprise before signing

Anthropic Zero Data Retention Criteria (2026)

By DDH Research Team at Digital Dashboard Hub·Updated June 21, 2026

Stop writing AI prompts from scratch.

Tell us your business + your task + your model. We write the prompt — perfectly tuned for ChatGPT, Claude, Grok, Gemini, Midjourney, or any model. Plus 500+ pre-built prompts in your library.

Anthropic's Claude API has a notably strong baseline data-handling posture: inputs and outputs are not persisted past the synchronous inference call beyond what's needed for the response to return to the client. This is documented in Anthropic's Commercial Terms of Service and the Anthropic Trust Center (trust.anthropic.com). Anthropic does not have a 30-day abuse-monitoring window equivalent to OpenAI's default — the architecture is closer to ZDR-by-default.

For regulated buyers, the practical Anthropic ZDR posture has three layers: (1) the API default — no-long-term-retention applies to all customers on the Messages API; (2) Enterprise contractual reinforcement — the Enterprise commercial agreement and BAA addendum provide stronger contractual commitments; (3) cloud-partner paths — Bedrock and Vertex inherit cloud-DPA no-persistence behavior plus the cloud's BAA (if HIPAA).

This page covers the criteria, the prompt caching lifecycle (which interacts with retention), the sub-processor flow-down, and the practical verification workflow. Research summary, not legal advice. Verify current terms via the Anthropic Trust Center. Related: /vs/zero-data-retention-vendors-2026 · /tutorial/configure-openai-zero-data-retention · /vs/openai-business-associate-agreement-vs-anthropic-baa.

Digital Dashboard Hub

Rate limits hurt because prompts are loose — ITPM blows up before RPM does. DDH's AI Prompt Builder writes cache-anchored prompts so 80%+ of your input tokens are billed at 10% of the rate, and you hit limits later (or never).

Start free 14-day trial — AICHAT30 = 30% off Pro for 3 months. →

Anthropic ZDR-equivalent posture — layered structure (June 2026)

Feature	Layer	Default state	Reinforcement
API inference path (Messages API)	Inputs/outputs not retained past synchronous call	Enterprise commercial agreement codifies	Trust Center documentation; Enterprise contract
Prompt caching	Cached prefixes stored encrypted for configured TTL (5min default, 1h optional)	Cache eviction is automatic; TTL is the upper bound	Trust Center caching documentation
Operational metadata	Retained per operational logs (universal exception)	Standard across industry	Documented in DPA
Stored Files (if used in Files API)	Persistent until deleted by customer	Customer-managed retention	Customer deletion API
Computer use / persistent session state	Verify per-feature scope on Trust Center	Research / preview surfaces may have separate caveats	Per-feature documentation
Sub-processor data handling	GCP / AWS as primary compute sub-processors with flow-down obligations	Sub-processor list on Trust Center; sub-processor DPAs flow down	Trust Center sub-processor list
Cloud-partner path (Bedrock)	AWS DPA no-persistence default + AWS BAA	AWS Service Terms govern	AWS Artifact + CloudTrail logs
Cloud-partner path (Vertex AI)	Google Cloud DPA no-persistence + Google Cloud BAA	Vertex AI partner documentation	Cloud Audit Logs

Sources fetched June 2026: anthropic.com/legal (Anthropic commercial terms, DPA), trust.anthropic.com (Trust Center — attestations, sub-processors, security overview), docs.anthropic.com/en/docs/build-with-claude/prompt-caching (prompt caching documentation), aws.amazon.com/bedrock/anthropic (AWS Bedrock Anthropic integration), cloud.google.com/vertex-ai/generative-ai/docs/partner-models/use-claude (Vertex AI Anthropic integration). Verify all current terms before procurement.

The Anthropic API default — what 'no long-term retention' means

Anthropic's API processes the request, generates the response, and returns it. The input prompt and output response are not persisted to a long-term store for abuse monitoring, training improvement, analytics, or any other purpose. This is documented in Anthropic's published commercial terms and reinforced in the Anthropic Trust Center.

What this means operationally: when you send a Messages API request, Anthropic's inference infrastructure receives the request, the model processes it, the response is generated, and the response is returned to your client. No copy of the input or output is written to a persistent store for later access. The only persistent records are operational metadata (request count, token counts, latency) needed for billing and reliability.

What this does NOT mean: zero in-flight presence. During the inference call itself, the prompt is processed by the model in Anthropic's compute environment. This is unavoidable for any LLM inference service. The distinction is between in-flight presence (universal) and persistent storage past the call (avoided under no-long-term-retention).

What about caching: Anthropic's prompt caching feature stores cached prefixes encrypted for the configured TTL. This is the one exception to 'no persistence past the call' — cached content can outlive the call by up to the TTL. The cache is automatically evicted at TTL expiration. For most regulated buyers, the TTL-bounded cache is acceptable; some sovereign workloads disable caching for total no-persistence.

Enterprise contractual reinforcement

The Anthropic Enterprise commercial agreement and the Enterprise BAA addendum provide stronger contractual commitments on no-retention than the default API ToS. Enterprise reinforces:

Explicit contractual no-retention warranty — the default API has no-retention as the operational architecture; the Enterprise contract turns this into a contract warranty with breach consequences.

Sub-processor flow-down — Enterprise contracts ensure that Anthropic's sub-processors (AWS, GCP as primary compute) are bound by equivalent terms.

Audit / evidence rights — Enterprise typically includes contractual rights to receive attestation evidence of the no-retention posture, including the Anthropic SOC 2 Type 2 scope confirmation.

Breach notification SLA — Enterprise contracts specify the breach notification timing aligned with GDPR Article 33 and HIPAA Breach Notification Rule.

Indemnification — Enterprise contracts include indemnification for breaches of the no-retention commitment, capped per the commercial agreement.

For regulated buyers under HIPAA, GDPR special-category data, or trade-secret-sensitive workloads, the Enterprise contractual reinforcement is the difference between an operational architecture commitment and a contract you can enforce. The Enterprise tier is the recommended procurement path for these buyers.

Prompt caching lifecycle — the one persistent surface

Anthropic's prompt caching feature is the primary persistent surface in the Messages API path. The lifecycle:

Cache write: when you include cache_control: {type: 'ephemeral'} in your request, Anthropic hashes the content up to and including the cache_control marker and stores the encrypted content for the configured TTL (5 minutes default, 1 hour optional via TTL='1h').

Cache read: on subsequent requests with matching prefix hash, Anthropic reads the cached content at the cache-read rate (10% of input rate — 90% discount). The cached content is not re-sent over the wire; the request transmits only the changed suffix.

Cache eviction: at TTL expiration, the cached content is evicted from the cache. There is no longer-lived persistence past the TTL.

Cache scope: per-organization. Your cache is isolated from other Anthropic customers.

Cache and ZDR: for regulated buyers, confirm with Anthropic Enterprise that your no-retention commitment treats cache eviction consistent with your retention posture. The 5-minute default TTL means cached content has at most a 5-minute lifetime past the inference call; the 1-hour TTL extends this to 1 hour.

For sovereign workloads or use cases where ANY persistence past the call is unacceptable, you can simply not use prompt caching — the feature is opt-in via the cache_control marker. The cost trade-off is significant (no 90% cache-read discount), but for the most regulated workloads, no-cache is sometimes the right choice.

Practical pattern: most healthcare and GDPR-regulated buyers use prompt caching with the default 5-minute TTL because the TTL-bounded persistence is consistent with their retention posture and the cost savings (often 60-80% reduction in input token cost) are significant.

Sub-processor flow-down

Anthropic's primary compute sub-processors are Google Cloud Platform and Amazon Web Services. These are documented on the Anthropic Trust Center sub-processor list. Additional sub-processors include observability, payments, and support vendors — the full list is on the Trust Center.

Flow-down mechanics: when Anthropic processes your data on GCP or AWS, the cloud provider acts as a sub-processor under Anthropic's DPA. Anthropic's contractual obligations on no-retention flow down to the cloud provider via the Anthropic–cloud commercial agreement. The cloud provider does not have separate retention or access rights to Anthropic customer data.

Verification: the Anthropic Trust Center publishes the sub-processor list with the role of each. For regulated buyers, review the list annually and ensure your DPA's sub-processor flow-down requirements are met.

Sub-processor change notifications: Anthropic notifies customers of sub-processor changes per the DPA. Enterprise contracts typically specify notification timing (e.g., 30 days in advance). Standard ToS customers receive notifications via the Trust Center subscription.

Practical guidance for regulated buyers: the cleanest path to managing sub-processor concerns is to procure Claude via Bedrock or Vertex (the cloud is the primary processor, not Anthropic) or via Anthropic Enterprise with explicit sub-processor flow-down audit rights.

Cloud-partner paths — Bedrock and Vertex

For regulated buyers already on AWS or Google Cloud, the cleanest no-retention posture for Claude is via the cloud partner — Bedrock or Vertex. The mechanics:

AWS Bedrock + Claude: Bedrock is on the AWS HIPAA-eligible services list. Bedrock does not persist inputs/outputs by default (no-retention behavior). The AWS BAA covers Bedrock if you have one in force. The AWS GDPR DPA covers EU-resident processing. Anthropic is a sub-processor under the AWS–Anthropic commercial agreement — Anthropic does not access Bedrock customer data.

Google Vertex AI + Claude: Vertex AI is HIPAA-eligible under the Google Cloud BAA. Vertex AI does not persist inputs/outputs by default. Anthropic on Vertex is governed by the Google Cloud DPA. Anthropic is a sub-processor under the Google–Anthropic agreement.

Comparison: the Bedrock path is the most-deployed in 2026 because (a) AWS has the broadest enterprise market share, (b) Bedrock has the deepest multi-model catalogue beyond Anthropic, (c) AWS's GDPR DPA + HIPAA BAA are mature contracting surfaces. The Vertex path is competitive on EU residency and on adjacent Vertex AI generative tools.

For most healthcare buyers wanting Claude under no-retention + HIPAA BAA, the recommendation is: AWS Bedrock if already on AWS; Vertex AI if already on GCP; Anthropic Enterprise direct only if cloud-partner paths don't fit your strategy.

Operational metadata exceptions

Anthropic retains operational metadata under all configurations (default, Enterprise, Bedrock, Vertex):

Request counts per organization, per API key, per model, per endpoint.

Token counts (input, output, cached-read, cached-write).

Latency, error codes, model identifier.

Organization ID, workspace ID, project ID.

Not retained under no-retention posture: the prompt content, the response content, function-call arguments and results, tool use details.

This is the universal industry exception. All major LLM vendors retain operational metadata for billing, reliability, and aggregate analytics. No vendor offers true zero retention of operational metadata.

Practical implication: your application is the source of truth for prompt content audit trails. Anthropic does not provide a vendor-side log of prompt content even under no-retention. If your compliance posture requires knowing what was sent, log it in your application's audit trail (see /tutorial/audit-trail-for-llm-prompts-soc2).

Verifying Anthropic no-retention for your deployment

Verification artifacts for SOC 2, HIPAA, GDPR audit evidence:

1. Pull the current Anthropic DPA from anthropic.com/legal or trust.anthropic.com. Store in audit evidence library.

2. Pull the current Anthropic SOC 2 Type 2 from trust.anthropic.com under NDA. Read the scope section to confirm Messages API is in scope. Store in audit evidence library.

3. Pull the current Anthropic sub-processor list from trust.anthropic.com. Store in audit evidence library.

4. If using Enterprise, pull the signed Enterprise commercial agreement and BAA addendum (if applicable). Store in audit evidence library.

5. If using Bedrock: pull the AWS BAA + GDPR DPA + Bedrock service-specific terms. CloudTrail logs show your invocation history in the EU region (if EU-resident).

6. If using Vertex: pull the Google Cloud BAA + GDPR DPA + Vertex AI partner documentation. Cloud Audit Logs show invocation history.

7. Document the verification cadence (annual minimum, on material change) in your compliance program documentation.

Digital Dashboard Hub

Knowing the limits is step one. Writing prompts that don't crash into them is step two — cache anchors, batch-ready structure, capped outputs. DDH does step two automatically.

Try DDH's AI Prompt Builder — free 14 days, no card. AICHAT30 = 30% off Pro. →

Related calculators

OpenAI Pricing Calculator →GPT-5.5, 5.4, mini, nano — full per-call cost in one input.Claude Pricing Calculator →Opus 4.8, Sonnet 4.6, Haiku 4.5, Fable 5 — input + output combined.Context Window Comparison →Max input length and price per 1M for every current model.

Continue your research on adjacent topics — calculators, rate limits, head-to-head comparisons, and guides.

Related prompt tools

Zero data retention vendors 2026→OpenAI BAA vs Anthropic BAA→Run Claude with EU data residency→OpenAI vs Anthropic vs Azure OpenAI compliance→

Use the data programmatically

Every page on this site is also exposed as a free, CORS-open JSON endpoint. No auth, no rate limit (fair-use, please cache). License is CC-BY-4.0 — link back to attribution.canonicalUrl in the response.

Endpoint: https://aipromptshub.co/api/limits/anthropic-zero-data-retention-criteria

curl

curl -s 'https://aipromptshub.co/api/limits/anthropic-zero-data-retention-criteria' | jq .

Python

import requests

r = requests.get("https://aipromptshub.co/api/limits/anthropic-zero-data-retention-criteria", timeout=10)
r.raise_for_status()
data = r.json()
print(data["title"])
for source in data.get("sources", []):
    print("source:", source)

JavaScript / Node

// Node 20+ / modern browser
const res = await fetch("https://aipromptshub.co/api/limits/anthropic-zero-data-retention-criteria");
if (!res.ok) throw new Error("HTTP " + res.status);
const anthropic_zero_data_retention_criteria = await res.json();
console.log(anthropic_zero_data_retention_criteria.title);
for (const source of anthropic_zero_data_retention_criteria.sources ?? []) {
  console.log("source:", source);
}

Spec: /api/openapi.yaml · Docs: /api/docs

Frequently Asked Questions

Does Anthropic offer Zero Data Retention by default?

Anthropic's API default is no-long-term-retention — inputs and outputs are not persisted past the synchronous inference call beyond what's needed for the response. This is closer to ZDR by default than most peers. Enterprise contractual reinforcement is available for regulated buyers needing the warranty in contract form.

Is the Anthropic API ZDR-equivalent for HIPAA?

Functionally yes, under the Enterprise BAA addendum. The default no-retention plus the contractual BAA reinforcement together constitute a HIPAA-compatible posture. For most healthcare buyers, the cleaner path is AWS Bedrock + Claude under the AWS BAA, which folds the contracting into the existing cloud relationship.

Does prompt caching break the no-retention commitment?

No — cached content has a TTL-bounded lifetime (5 minutes default, 1 hour optional) and is automatically evicted. For most regulated workloads, the TTL-bounded persistence is consistent with retention posture. For absolute no-persistence requirements, simply don't use cache_control.

What sub-processors does Anthropic use?

Primary compute sub-processors are Google Cloud Platform and Amazon Web Services. Additional sub-processors for observability, payments, and support. Full list at trust.anthropic.com/sub-processors. Sub-processor flow-down obligations apply via Anthropic's DPA.

Bedrock vs Anthropic direct — which is cleaner for regulated buyers?

For buyers already on AWS, Bedrock is cleaner — single cloud relationship, AWS BAA covers, AWS GDPR DPA covers, Anthropic is a sub-processor under AWS. For buyers not on AWS, Anthropic Enterprise direct is the standard path. Most healthcare buyers default to Bedrock if AWS is already in their stack.

Does Vertex AI provide equivalent posture?

Yes — Vertex AI + Claude is governed by the Google Cloud DPA and (if HIPAA) Google Cloud BAA. Vertex AI does not persist inputs/outputs by default. Functionally equivalent to Bedrock + Claude for the no-retention + BAA posture.

What operational metadata does Anthropic retain?

Request counts, token counts (input, output, cached), latency, model ID, organization / workspace / project IDs, error codes. Operational metadata only — not prompt content, not response content. Universal industry exception.

Do I need to log prompts myself if Anthropic doesn't retain them?

Yes if your compliance posture requires it. Anthropic's no-retention means there is no vendor-side log of prompt content to subpoena or query. Your application's audit trail is the source of truth for what was processed. See /tutorial/audit-trail-for-llm-prompts-soc2.

Anthropic posture verified. Now ship Claude-tuned prompts.

Anthropic's no-retention is the strongest default in the industry. Your prompt determines whether each Claude call earns the per-token rate. AI Prompts Hub writes cache-anchored, Claude-tuned prompts (Opus, Sonnet, Haiku) — so the no-retention call does work that justifies it.

Browse all prompt tools →