Opt Out of Customer Data Access
Opt Out of Customer Data Access is a Salesforce Setup page where an administrator turns off Salesforce's permission to collect and use the org's data for service improvement.
Definition
Opt Out of Customer Data Access is a Salesforce Setup page where an administrator turns off Salesforce's permission to collect and use the org's data for service improvement. It controls whether Salesforce can study how the org uses its products to make features, search relevance, and recommendations better. It does not change who inside your own org can see records, and it is separate from the access that Salesforce Support uses to troubleshoot cases.
You reach it from Setup by typing Opt Out of Customer Data Access in the Quick Find box and selecting the page. If your contract allows the choice, you can turn the consent on or off there. When you switch it off after it was on, no new data is shared. Salesforce keeps any data already collected for up to 30 days for service improvement, then deletes it permanently. The setting is a privacy and data-governance control, not a record-sharing or field-security control.
How the opt-out actually behaves
What the setting really controls
The page governs one thing: whether Salesforce may use data from your org to improve its services. That covers product and feature improvement, more relevant search results tuned to your org and industry, and eligibility for pilots and early access to Agentforce and Einstein capabilities. The phrase "customer data access" in the title is easy to misread. It is not about object, field, or record permissions inside your org, and it is not a switch that blocks Salesforce Support from logging in to fix a case. Those are different mechanisms with their own pages. Think of this setting as a consent flag for service-improvement analytics. Turning it off tells Salesforce to stop using your org's data to train, tune, and personalize the products you run. Turning it on lets that work continue. Because the scope is analytics and personalization rather than live record access, most day-to-day users never notice the setting. Its effects show up over time in things like how well in-product search surfaces results specific to your industry, and whether your org qualifies for early features.
What happens the moment you opt out
When an administrator turns the consent off after it was on, the first effect is immediate: no new data flows to Salesforce for service improvement. Data that was already collected does not vanish on the spot. Salesforce retains it for up to 30 days, and after that window it is deleted and cannot be recovered. That retention window matters for compliance teams who need to state, in writing, how long a vendor holds collected data after consent is withdrawn. The 30-day figure gives you a concrete number to cite. The opt-out is also reversible. If you turn the consent back on later, collection resumes from that point forward, though the previously deleted data is gone for good. There is no partial mode in the Setup page itself; the control is a yes-or-no consent. Plan the change like any governance decision: confirm who owns the consent choice, record why you made it, and note the date so the 30-day deletion clock is auditable. Treat a later reversal the same way, with its own approval and timestamp.
The trade-offs you accept
Opting out is not free. Salesforce lists three practical consequences. First, your org loses the ability to join pilot programs or get early access to new Agentforce and Einstein features, because those programs lean on the data the opt-out blocks. Second, search results can become less relevant for terms that are specific to your org or your industry, since the personalization that sharpens them depends on usage data. Third, your org stops contributing to the broader work of improving the Salesforce products and services it runs. None of these break existing functionality. Records, automations, and reports keep working exactly as before. The cost is forward-looking: slower access to new capabilities and slightly less tailored intelligence. Weigh that against your reason for opting out. If a written privacy policy or a regulator requires you to minimize vendor data use, the trade is worth it. If you are opting out only out of general caution, you may be giving up useful features for little concrete gain. Decide on the basis of an actual obligation, not a vague preference.
How it differs from Grant Login Access
The most common confusion is between this setting and Salesforce Support's login access. They are unrelated controls. Grant Login Access is how an individual user lets a Salesforce Support engineer log in to replicate and resolve a case. That access is per user, time-boxed (you pick a window such as 1 day, 3 days, 1 week, 1 month, or 1 year), and revocable at any time. No Support person can log in without that explicit grant. A system administrator cannot grant login access on behalf of an end user, and Support cannot hop to other users after logging in as an admin. Support engineers also cannot export your data through the UI, and any production change is requested back to you rather than made directly. The Opt Out of Customer Data Access page changes none of this. Opting out does not stop you from granting login access for a case, and granting login access does not feed the service-improvement analytics the opt-out governs. If your goal is to limit human troubleshooting access, manage Grant Login Access and Login Access Policies. If your goal is to limit analytics use of your data, use this opt-out page.
Government Cloud defaults
Government Cloud customers get special handling. Starting in February 2026, all Government Cloud orgs are opted out of customer data access by default. That aligns with the stricter data-handling expectations of public-sector and regulated workloads, where minimizing vendor use of agency data is often a baseline requirement rather than a choice. If you run on Government Cloud, do not assume the consent is on; check the Setup page to confirm the current state before you document your posture. The default-out behavior also means new Government Cloud orgs start in the more conservative position, so any decision to turn the consent on becomes a deliberate, recorded action. For commercial editions the default can differ, and the ability to change the setting at all depends on your contract. The Setup page itself notes that you can change the consent only if your agreement allows it. So the practical state of this control is a combination of three things: your edition, your contract terms, and any default that applies to your cloud. Verify all three rather than guessing.
Where it sits in a privacy program
This opt-out is one item in a wider set of Salesforce data-protection and privacy controls, and it answers a narrow question: may the vendor use our usage data to improve its services. Other controls answer different questions. Consent Management tracks the consent of your own customers and honors their opt-out requests. Privacy Center helps you retain, delete, and anonymize personal data to meet laws like GDPR and CCPA. Data portability gives data subjects their information on request. Object, field, and record security decide what your own users can see. Keeping these straight prevents two mistakes: thinking this single toggle satisfies a privacy obligation it does not cover, and thinking it restricts internal access it does not touch. In a mature program, document each control and the specific requirement it maps to. The Opt Out of Customer Data Access page maps cleanly to a "vendor service-improvement data use" line item, with a stated 30-day post-opt-out retention. Pair it with Login Access governance for human access, Salesforce Shield for encryption and monitoring, and Privacy Center for data-subject rights. Together they form a defensible story, while each on its own covers only its slice.
Turning the consent off in Setup
Turning the consent off is a self-service Setup action when your contract allows it. Decide the choice at a governance level first, then make the change and record it. The steps below assume you have the System Administrator profile or an equivalent permission and that your edition exposes the page.
- Open the Setup page
From Setup, type Opt Out of Customer Data Access in the Quick Find box, then select the result. If the page does not appear, your contract or edition may not expose the control, and you should raise it with your Salesforce account team.
- Read the current state
Confirm whether the consent is currently on or off. Government Cloud orgs are opted out by default from February 2026, so do not assume a state. Note the current value before changing anything.
- Turn the consent off
If allowed, switch the consent off. From that point no new data is shared for service improvement. Already-collected data is retained for up to 30 days, then permanently deleted.
- Record the decision
Log who made the change, the date, and the business or compliance reason. The date starts the 30-day deletion clock, which auditors may ask you to evidence.
Salesforce may use the org's data for service improvement, search relevance, and pilot or early-access eligibility for Agentforce and Einstein features.
No new data is shared. The org cannot join pilots, search relevance for org and industry terms may drop, and collected data is deleted after up to 30 days.
The page lets you change the setting only if your agreement allows it. If the toggle is unavailable, the change must go through your account team.
- This page does not control who in your own org sees records. Object, field, and record security are separate.
- Opting out does not block Salesforce Support logins. Manage that through Grant Login Access and Login Access Policies instead.
- Data already collected is kept for up to 30 days after you opt out, not deleted instantly, then it cannot be recovered.
- Government Cloud orgs are opted out by default starting February 2026, so verify the state rather than assuming consent is on.
Trust & references
Cross-checked against the following references.
Straight from the source - Salesforce's reference material on Opt Out of Customer Data Access.
Hands-on resources to go deeper on Opt Out of Customer Data Access.
About the Author
Dipojjal Chakrabarti is a B2C Solution Architect with 29 Salesforce certifications and over 13 years in the Salesforce ecosystem. He runs salesforcedictionary.com to help admins, developers, architects, and cert/interview candidates sharpen their fundamentals. More about Dipojjal.
Test your knowledge
Q1. In which area of Salesforce would you typically find Opt Out of Customer Data Access?
Q2. Can a Salesforce admin configure Opt Out of Customer Data Access without writing code?
Q3. Why is understanding Opt Out of Customer Data Access important for Salesforce admins?
Discussion
Loading discussion…