This analysis describes what Cursor's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Even without storing raw code, Cursor may retain derived representations and identifying metadata about a user's codebase.
The updated policy clarifies that Cursor maintains zero data retention agreements with all AI model providers and customer data will not be used for training by Cursor. However, the policy now explicitly discloses that model providers may run risk classifiers to detect policy violations, and if your prompts or conversations trigger abuse detectors, your data may be stored for investigation and deleted according to the provider's retention policies. The policy removed the previous blanket statement that code would never be trained on by Cursor or third parties, replacing it with more specific disclosure of abuse detection practices. You can review OpenAI and Anthropic's documentation directly for details on their specific retention policies.
View change record →Cursor may retain embeddings, file hashes, and file names from the reader's codebase in its database.
How other platforms handle this
Your posts and certain profile information may remain even after you terminate your account. We urge you to consider the sensitivity of any information you may disclose in this way.
Except as otherwise required by law, if your Account is closed, you will no longer have access to information or material you kept on the Site and any content stored in your Account may be deleted...
Images created through makeup virtual try-on are not stored.
Monitoring
Cursor has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"The embeddings and metadata about your codebase (hashes, file names) may be stored in our database.— Excerpt from Cursor's Cursor Data Use & Privacy Overview
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Even without storing raw code, Cursor may retain derived representations and identifying metadata about a user's codebase.
Cursor may retain embeddings, file hashes, and file names from the reader's codebase in its database.
ConductAtlas has identified this type of provision across 275 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Cursor.