Configure Cursor's privacy controls to protect your code and data. Covers Privacy Mode, data handling policies, file exclusion, telemetry, and enterprise security settings.
| With Privacy Mode ON | With Privacy Mode OFF |
|---|---|
| Zero data retention at model providers | Providers may retain data per their policies |
| Code not used for training (Cursor or providers) | Code may be used to improve AI models |
| Embeddings computed without storing source | Same embedding behavior |
| Telemetry: anonymous usage only | Telemetry may include code snippets |
Individual:
Cursor Settings > General > Privacy Mode > ON
Team enforcement (Business/Enterprise): Admin Dashboard > Privacy > "Enforce Privacy Mode for all members"
When team-enforced:
Cursor Settings > General -- check Privacy Mode toggleYour Code in Editor
│
├─► Tab Completion ──► Cursor's proprietary model server
│ (zero retention with Privacy Mode)
│
├─► Chat/Composer ──► Model provider (OpenAI/Anthropic/Google)
│ (zero retention agreements in place)
│
├─► Codebase Index ─► Cursor embedding API ─► Turbopuffer (vector DB)
│ (embeddings only, no plaintext code)
│
└─► BYOK ───────────► Your API provider directly
(your provider's data policy applies)
| Data | Stored Where | Retention |
|---|---|---|
| Embeddings (vectors) | Turbopuffer (cloud) | Until project re-indexed |
| Obfuscated file metadata | Cursor servers | Active session only |
| Anonymous telemetry | Cursor analytics | Aggregated, no PII |
| Account info | Cursor auth servers | While account active |
# .cursorignore -- prevent files from AI features + indexing
# Credentials and secrets
.env
.env.*
.env.local
.env.production
**/secrets/
**/credentials/
**/*.pem
**/*.key
**/*.p12
# Regulated data
**/pii/
**/hipaa/
**/financial-data/
# Internal configuration
.cursor-config-private
infrastructure/terraform.tfvars
Important: .cursorignore is best-effort. Due to LLM unpredictability, it is not a hard security boundary. Do not rely solely on .cursorignore to protect truly sensitive data.
Layer 1: .gitignore → Secrets never in repo
Layer 2: .env files → Config via environment variables
Layer 3: .cursorignore → Best-effort AI exclusion
Layer 4: Privacy Mode → Zero data retention at providers
Layer 5: BYOK + Azure → Route through your own infrastructure
With Privacy Mode ON, telemetry is limited to:
// settings.json
{
"telemetry.telemetryLevel": "off"
}
Or: Cursor Settings > search "telemetry" > set to "off"
Note: Disabling telemetry may reduce Cursor's ability to diagnose issues affecting your account.
Allowlist these domains in corporate firewalls/proxies:
api.cursor.com → AI API requests
api2.cursor.com → AI API requests (fallback)
auth.cursor.com → Authentication
*.turbopuffer.com → Codebase indexing (embeddings)
download.cursor.com → Updates
// settings.json
{
"http.proxy": "http://proxy.corp.com:8080",
"http.proxyStrictSSL": true,
"http.proxyAuthorization": "Basic base64-encoded-credentials"
}
All Cursor API communication uses TLS 1.2+. Certificate pinning is not supported, so corporate SSL inspection proxies work (add proxy CA to system trust store).
| Control | Cursor Coverage |
|---|---|
| CC6.1 Logical access | SSO, RBAC, MFA via IdP |
| CC6.6 System boundaries | Privacy Mode, .cursorignore |
| CC6.7 Data transmission | TLS 1.2+ for all API calls |
| CC7.2 Monitoring | Admin dashboard usage analytics |
| Requirement | Cursor Coverage |
|---|---|
| Data minimization | Privacy Mode: zero retention |
| Right to erasure | Account deletion removes all server-side data |
| Data processing agreement | Available on request (Enterprise) |
| Sub-processor list | Published at cursor.com/privacy |
Cursor does not have a BAA (Business Associate Agreement) as of early 2026. For HIPAA-regulated code:
.cursorignore for PHI-containing files