Turning on Privacy Mode prevents your code from being used to train Cursor's or any third party's AI models, though Cursor may still store some code data to deliver features.
This analysis describes what Cursor's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes Privacy Mode as the operative mechanism for preventing code and prompt data from being used as AI training data, but notes that even with Privacy Mode on, Cursor may retain some code data for feature delivery purposes.
Interpretive note: The scope of code data that Cursor may retain for 'extra features' even when Privacy Mode is enabled is not defined in this document, creating ambiguity about the completeness of the training opt-out.
Users who enable Privacy Mode receive a stated guarantee that no code will be trained on by Cursor or third parties, though the document does not specify which feature-related code data may still be stored or for how long.
How other platforms handle this
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
Monitoring
Cursor has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"If you enable "Privacy Mode" in Cursor's settings: zero data retention will be enabled for our model providers. Cursor may store some code data to provide extra features. None of your code will ever be trained on by us or any third-party.— Excerpt from Cursor's Cursor Data Use & Privacy Overview
(1) REGULATORY LANDSCAPE: This provision implicates GDPR Articles 6 and 9 regarding lawful basis for processing and the principle of data minimization, particularly the assertion that some code data may still be stored even when Privacy Mode is enabled. The FTC Act is relevant to the accuracy and completeness of the opt-out representation. Enforcement authorities include the FTC and relevant EU data protection authorities. The document does not specify a legal basis for the residual code data storage under Privacy Mode, which may require evaluation under GDPR. (2) GOVERNANCE EXPOSURE: Medium. The provision makes a categorical commitment that no code will be trained on when Privacy Mode is enabled, but qualifies it with a carve-out for storing some code data for features. The scope of that carve-out is not defined in this document, creating potential ambiguity about the completeness of the opt-out. (3) JURISDICTION FLAGS: EU/EEA users and California residents face heightened exposure because the scope of residual data storage under Privacy Mode is undefined, and the document does not specify a legal basis or retention period for that storage. Enterprise deployments in regulated industries such as financial services or healthcare should assess whether this carve-out is compatible with their data handling obligations. (4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise procurement teams should confirm in contract schedules whether Privacy Mode is the default for their deployment and what specific data categories fall under the feature-delivery carve-out. The document does not address whether enterprise agreements provide additional contractual protections beyond this overview. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should document the default state of Privacy Mode for their organization's accounts, obtain clarification from Cursor on which data is retained under the feature-delivery carve-out, and assess whether that retention requires a data processing agreement or privacy notice update.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes Privacy Mode as the operative mechanism for preventing code and prompt data from being used as AI training data, but notes that even with Privacy Mode on, Cursor may retain some code data for feature delivery purposes.
Users who enable Privacy Mode receive a stated guarantee that no code will be trained on by Cursor or third parties, though the document does not specify which feature-related code data may still be stored or for how long.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Cursor.