Configure Cursor privacy and data handling settings. Triggers on "cursor privacy", "cursor data", "cursor security", "privacy mode", "cursor telemetry"...
Configure Cursor's privacy controls to protect your code and data. Covers Privacy Mode, data handling policies, file exclusion, telemetry, and enterprise security settings.
| With Privacy Mode ON | With Privacy Mode OFF |
|---|---|
| Zero data retention at model providers | Providers may retain data per their policies |
| Code not used for training (Cursor or providers) | Code may be used to improve AI models |
| Embeddings computed without storing source | Same embedding behavior |
| Telemetry: anonymous usage only | Telemetry may include code snippets |
Individual:
Cursor Settings > General > Privacy Mode > ON
Team enforcement (Business/Enterprise): Admin Dashboard > Privacy > "Enforce Privacy Mode for all members"
When team-enforced:
Cursor Settings > General -- check Privacy Mode toggleYour Code in Editor
│
├─► Tab Completion ──► Cursor's proprietary model server
│ (zero retention with Privacy Mode)
│
├─► Chat/Composer ──► Model provider (OpenAI/Anthropic/Google)
│ (zero retention agreements in place)
│
├─► Codebase Index ─► Cursor embedding API ─► Turbopuffer (vector DB)
│ (embeddings only, no plaintext code)
│
└─► BYOK ───────────► Your API provider directly
(your provider's data policy applies)
| Data | Stored Where | Retention |
|---|---|---|
| Embeddings (vectors) | Turbopuffer (cloud) | Until project re-indexed |
| Obfuscated file metadata | Cursor servers | Active session only |
| Anonymous telemetry | Cursor analytics | Aggregated, no PII |
| Account info | Cursor auth servers | While account active |
# .cursorignore -- prevent files from AI features + indexing
# Credentials and secrets
.env
.env.*
.env.local
.env.production
**/secrets/
**/credentials/
**/*.pem
**/*.key
**/*.p12
# Regulated data
**/pii/
**/hipaa/
**/financial-data/
# Internal configuration
.cursor-config-private
infrastructure/terraform.tfvars
Important: .cursorignore is best-effort. Due to LLM unpredictability, it is not a hard security boundary. Do not rely solely on .cursorignore to protect truly sensitive data.
Layer 1: .gitignore → Secrets never in repo
Layer 2: .env files → Config via environment variables
Layer 3: .cursorignore → Best-effort AI exclusion
Layer 4: Privacy Mode → Zero data retention at providers
Layer 5: BYOK + Azure → Route through your own infrastructure
With Privacy Mode ON, telemetry is limited to:
// settings.json
{
"telemetry.telemetryLevel": "off"
}
Or: Cursor Settings > search "telemetry" > set to "off"
Note: Disabling telemetry may reduce Cursor's ability to diagnose issues affecting your account.
Allowlist these domains in corporate firewalls/proxies:
api.cursor.com → AI API requests
api2.cursor.com → AI API requests (fallback)
auth.cursor.com → Authentication
*.turbopuffer.com → Codebase indexing (embeddings)
download.cursor.com → Updates
// settings.json
{
"http.proxy": "http://proxy.corp.com:8080",
"http.proxyStrictSSL": true,
"http.proxyAuthorization": "Basic base64-encoded-credentials"
}
All Cursor API communication uses TLS 1.2+. Certificate pinning is not supported, so corporate SSL inspection proxies work (add proxy CA to system trust store).
| Control | Cursor Coverage |
|---|---|
| CC6.1 Logical access | SSO, RBAC, MFA via IdP |
| CC6.6 System boundaries | Privacy Mode, .cursorignore |
| CC6.7 Data transmission | TLS 1.2+ for all API calls |
| CC7.2 Monitoring | Admin dashboard usage analytics |
| Requirement | Cursor Coverage |
|---|---|
| Data minimization | Privacy Mode: zero retention |
| Right to erasure | Account deletion removes all server-side data |
| Data processing agreement | Available on request (Enterprise) |
| Sub-processor list | Published at cursor.com/privacy |
Cursor does not have a BAA (Business Associate Agreement) as of early 2026. For HIPAA-regulated code:
.cursorignore for PHI-containing files