Claude Desktop in the enterprise: data protection and GDPR in practice

The most common question in consulting conversations is not which features Claude Desktop has – it is where the data ends up. A fair question. I always answer it with a counter-question: which data is going in at all?

The data flows behind every request

Inputs leave the device over a TLS connection to api.anthropic.com. The default region is the USA. With AWS Bedrock the path can be redirected to an EU region – for many companies that is the decisive step.

The model reads the input, produces the answer, and then forgets the session context. What remains depends on the plan and on enabled features such as knowledge bases.

Anthropic stores log files for a limited time, primarily for abuse prevention. In the enterprise plan this retention can be restricted further.

The levers I recommend

Choose the plan. Pro, Team, and Enterprise accounts do not train on inputs by default. Anyone who wants to rule this out chooses a paid plan and checks the workspace settings.

Clarify data residency. Anyone processing content with personal data should seriously evaluate AWS Bedrock. The EU regions cover most compliance requirements.

Sign a data processing agreement. As soon as personal data is processed, a DPA is mandatory. Anthropic offers one for Team and Enterprise plans. With Bedrock, the AWS DPA is added.

Introduce a usage policy. A short written rule on which data may go into the app and which may not. It replaces ten discussions per quarter.

What local storage means

Skills, knowledge bases, and caches live in the app’s configuration path. There they belong in the backup plan – and in the deletion plan as soon as people leave. This is regularly overlooked.