Step-by-step instructions for configuring retention policies and opting out of model training across Claude, ChatGPT, Gemini, and AWS Bedrock — for every plan type, interface, and surface.
Training defaults and retention across all four providers
| Claude | ChatGPT | Gemini | Bedrock | |
|---|---|---|---|---|
| Consumer training default | ON | ON | ON | N/A |
| Can opt out? | Yes | Yes | Yes | N/A |
| Keep history after opt-out? | Yes | Yes | No | N/A |
| Business/Team trained on? | Never | Never | Never | Never |
| Custom retention policies | Enterprise only | Enterprise only | Workspace admin | Customer-managed |
| Zero Data Retention | API / Enterprise | API / Enterprise | No | Default |
| Feedback data retained? | Up to 5 years | Yes (training eligible) | Up to 72 hrs min | No |
| Admin can export user chats? | Primary Owner | Enterprise (Compliance API) | Vault + Data Export | Customer owns all data |
Open claude.ai (or the Claude Desktop/Mobile app) and sign in.
Click your profile icon (bottom-left on web/desktop, top-right on mobile).
Select Settings → Privacy (may appear as "Data Privacy Controls").
Find "Help improve Claude" (or "Model Improvement") and toggle it OFF.
Confirm the change. It takes effect immediately for new and resumed chats only.
Start a new chat and click the ghost icon (top-right of the chat area).
The chat is now Incognito — it will not be saved to history, memory, or used for training, even if you have Model Improvement enabled.
Close the incognito chat when done. Normal chats resume saving afterwards.
In the sidebar, hover over a conversation and click the trash icon, or open the conversation and select Delete from the menu.
Deleted conversations are purged from back-end logs within 30 days.
Deleted chats are not used for future model training, regardless of your privacy setting.
No action required. Team and Enterprise conversations, projects, and Claude Code sessions are never used for training under Commercial Terms unless the org admin explicitly opts in via the Development Partner Program.
Pre-requisite: You must be a Primary Owner or Owner on the Enterprise plan.
Navigate to Organization Settings → Data and Privacy.
Set your desired retention period. The minimum is 30 days (each month = 30 days).
Click Save. All data that already falls outside the new window will be deleted immediately.
The Team plan does not have custom retention controls. Data is retained indefinitely unless individual users manually delete their conversations. Retention policy configuration requires upgrading to Enterprise.
However, the Primary Owner of a Team plan can export all user conversation data via Organization Settings → Data and Privacy → Export Data.
Pre-requisite: A signed ZDR contract/addendum with Anthropic.
Contact the Anthropic sales team to enable ZDR on your organization.
Once enabled, prompts and responses are not stored at rest after the API response is returned.
ZDR must be enabled per-organization — each new org needs separate setup.
~/.claude/projects/ for 30 days by default (configurable via cleanupPeriodDays).Open chatgpt.com (or the ChatGPT app) and sign in.
Click your profile icon (bottom-left on web).
Select Settings → Data Controls.
Find "Improve the model for everyone" and toggle it OFF.
For voice mode, there's a separate toggle: "Voice mode audio" — turn that off too if applicable.
Start a new chat and enable Temporary Chat (toggle in the top-right of the chat window).
Temporary chats are not saved to history and not used for training.
Content is still retained for 30 days for abuse monitoring — it's not zero-retention.
No action required. Workspace conversations are never used for training under the Business/Enterprise Terms. OpenAI does not train on your workspace data.
Business plan: Admins and owners cannot casually browse member chats. There is no org-wide data export available on the Business tier.
Enterprise plan: Admins can access user data via the Compliance API, which provides audit logging of conversations.
Enterprise admins can configure data retention policies and may access, export, audit, retain, and delete data tied to managed accounts.
If you're on a managed Business or Enterprise account, your administrator may be able to: access prompts & outputs, export conversation data, configure retention, restrict features, suspend access, or delete accounts. OpenAI's standard consumer Privacy Policy does not apply while signed into a managed account.
API data is not used for training by default — no opt-out needed.
Standard retention: 30 days for abuse monitoring.
For Zero Data Retention, contact OpenAI sales for an Enterprise API agreement. ZDR eliminates the 30-day safety retention window.
Open gemini.google.com and sign in.
Click the hamburger menu (≡) in the top-left corner.
Select "Activity" from the menu.
Next to "Gemini Apps Activity", click "Turn Off".
Choose "Turn Off and Delete Activity" to also remove existing stored data. Click Next → Delete.
Go to myaccount.google.com → Data & Privacy.
Under "Web & App Activity", toggle it OFF.
This prevents Google from storing your activity across all Google services, including Gemini. Note: this affects Google Search, Maps, Assistant, etc.
myactivity.google.com/product/gemini but cannot download it in bulk.When you use Gemini through a paid Google Workspace account, your data is treated like any Workspace data (Gmail, Drive, etc.) — private and never used for training. No opt-out needed.
Pre-requisite: You must be a Super Administrator with the Gemini Settings admin privilege.
Open the Google Admin Console → Menu → Generative AI → Gemini for Workspace.
Go to Conversation history & deletion.
Conversation history: Toggle ON or OFF for users/groups/OUs. When OFF, users cannot access past conversations.
Auto-deletion: Choose retention: 90 days (~3 months), 540 days (~18 months), 1080 days (~3 years), or indefinite. Default is 18 months.
Manual deletion: Choose whether to allow users to delete their own conversations.
Apply settings per organizational unit or configuration group for granular control.
Open Google Vault (vault.google.com).
Create a Matter, then use Search to find Gemini conversations by user, date range, or keyword.
Export relevant prompts and responses for compliance or legal review.
Data Export Tool: Admins can export Gemini app and NotebookLM data for archive/backup from the Admin Console.
Usage Reports: Admin Console → Generative AI → Gemini Reports shows per-user usage levels, active users, and feature adoption.
Gemini as Additional Service: If Gemini is enabled as an "additional service" (not a core Workspace service), the Gemini Apps Privacy Notice applies — conversations may be reviewed by human reviewers. Admins should verify whether Gemini is running as a core or additional service.
Anthropic does not use any data sent through Bedrock for model training — ever. Your prompts and outputs stay within your AWS account. AWS also does not use your content to train its own AI models (unless you explicitly opt in to specific AWS programs).
Default: Bedrock does not store your prompts or model outputs. Zero data retention is the default behavior.
Optional logging: You can opt in to model invocation logging via the Bedrock Console → Settings → Model invocation logging.
If enabled, logs are sent to your own S3 bucket and/or CloudWatch — you own and control this data entirely.
Use AWS CloudTrail for API-level audit logging (who called what, when) separate from content logging.
Configure S3 lifecycle policies or CloudWatch retention settings to manage how long logged data is stored.
VPC Endpoints: Use AWS PrivateLink to keep all Bedrock traffic within your VPC — no data crosses the public internet.
IAM Policies: Control which users/roles can invoke specific models using fine-grained IAM permissions.
Guardrails for Bedrock: Configure content filters, denied topics, PII redaction, and sensitive information filters at the API level.
KMS Encryption: All data is encrypted at rest with AWS KMS. You can provide your own customer-managed keys (CMK) for additional control.
If you access Claude through Google Cloud Vertex AI, similar principles apply:
Know your plan type. "Pro" and "Plus" are consumer plans — they don't protect your data. Verify whether you're on a consumer or commercial plan in your account settings.
Know your role. Retention policies require admin/owner privileges. Regular users cannot change organizational settings.
Check before you save. On Claude Enterprise and Gemini Workspace, changing retention settings can trigger immediate, irreversible deletion of older data.
Export before changing. Always run a data export before modifying retention policies. Once data is deleted, it's gone permanently.
Audit your feedback. On both Claude and ChatGPT, using the 👍/👎 buttons may commit conversations to long-term storage or training — regardless of your other settings.
| Risk | Affected | Mitigation |
|---|---|---|
| Opting out doesn't remove data from already-trained models | All consumer | Opt out early; delete sensitive chats |
| Feedback buttons override privacy settings | Claude, ChatGPT | Avoid 👍/👎 on sensitive conversations |
| Incognito chats visible to Enterprise admins | Claude Team/Ent. | Treat incognito as memory-only protection |
| History lost when opting out of training | Gemini (consumer) | Export important chats before toggling |
| Retention changes delete data immediately | Claude Ent., Gemini WS | Export data before setting new policies |
| Safety-flagged content retained for years | All platforms | Unavoidable — by design for safety |
| Local caches on device (Claude Code, Desktop apps) | Claude Code, all desktops | Configure cleanupPeriodDays; clear app data |
| Connector data pasted into chat = training-eligible | Claude consumer | Don't paste raw connector data into chats |
| Google Vault enables keyword-level admin search | Gemini Workspace | Users should assume full visibility |
| No bulk export for consumer Gemini | Gemini Free/Advanced | Use extensions or manual copy |