Cursor Privacy Mode: Keep Your Code Off Training Data

Enable Cursor Privacy Mode to stop your code from being used in AI training. Covers what it blocks, what it doesn't, and team policy setup.
·
4 min read
·
Mark
·
Cursor

What Cursor Privacy Mode Does (and What It Doesn't)

By default, Cursor may send your code to AI providers and, depending on your plan, that data can be used to improve models. If you're working on proprietary code, client projects, or anything under an NDA, that's a problem.

Privacy Mode changes this. When enabled, Cursor tells its backend not to retain or train on your prompts, code context, or completions.

You'll learn:

  • What data Privacy Mode actually blocks
  • How to enable it for personal and team accounts
  • What's still logged even with Privacy Mode on
  • How to verify it's working

Time: 8 min | Difficulty: Beginner

What Gets Sent Without Privacy Mode

When you use Cursor's AI features — Tab completions, Cmd+K edits, the Composer, or Chat — it sends context to a model provider (OpenAI, Anthropic, or Cursor's own models). Without Privacy Mode, this data may be:

  • Retained by Cursor's infrastructure
  • Used to train or fine-tune future models
  • Stored in logs associated with your account

This is standard behavior for most AI coding tools. Cursor's Privacy Mode is an explicit opt-out.

How Privacy Mode Works

When Privacy Mode is on, Cursor adds a flag to every outbound request that instructs the backend not to persist your data for training purposes. The model still processes your code to generate a response — it has to — but no copy is stored afterward.

Your editor ──code context──▶ Cursor backend ──▶ Model API
                                    │
                         [Privacy Mode: no retain]
                                    │
                              Response only
                              (nothing logged)

This applies to:

  • Tab completion context
  • Chat and Composer messages
  • Cmd+K inline edit requests
  • Any code you paste into the chat window

Enabling Privacy Mode

Personal Account

  1. Open Cursor
  2. Go to Settings → General (or press Cmd+Shift+J / Ctrl+Shift+J)
  3. Find Privacy Mode under the "AI" section
  4. Toggle it On

That's it. The setting persists across sessions.

Team / Business Account (Admin)

If you manage a Cursor Business subscription, you can enforce Privacy Mode across your entire organization so individual developers can't accidentally leave it off.

  1. Go to cursor.com/settings and log in as an admin
  2. Open Team Settings → Security & Privacy
  3. Enable Enforce Privacy Mode for all members

Once set at the org level, the toggle in individual editors becomes locked — it can't be disabled by a team member.

This is the setting you want before onboarding engineers to a client project or a codebase under strict data handling requirements.

What Privacy Mode Does NOT Cover

Privacy Mode is not end-to-end encryption. A few things to understand:

The model still sees your code. Privacy Mode prevents retention and training, not transmission. Your code travels to a model to generate a response. If you're using Cursor's default models (OpenAI or Anthropic under the hood), their standard data handling policies still apply to that request — though both have zero-retention options for API traffic at the enterprise level.

Cursor's own telemetry is separate. Usage metrics, crash reports, and feature analytics are governed by a different setting. Go to Settings → Telemetry to control those independently.

Local models bypass this entirely. If you configure Cursor to use a local model via Ollama or LM Studio, Privacy Mode is irrelevant — nothing leaves your machine. That's the highest-privacy setup if your threat model requires it.

Verifying Privacy Mode Is Active

There's no in-editor badge, but you can confirm it two ways:

Check the settings directly:

Settings → General → Privacy Mode: On

Check your account dashboard:

Log into cursor.com, go to your account settings, and confirm Privacy Mode shows as enabled under your profile.

For teams, admins can audit the org-level setting any time in the Team Settings panel.

When to Use Local Models Instead

Privacy Mode is good enough for most professional use cases. But if your security requirements are stricter — think regulated industries, government contracts, or internal IP you legally cannot transmit to a third party — Privacy Mode won't satisfy the requirement.

In those cases, configure Cursor to use a local model:

// .cursor/settings.json
{
  "cursor.general.aiProvider": "ollama",
  "cursor.ollama.model": "codellama:13b"
}

With a local model, all inference runs on your machine. No data leaves your network. Privacy Mode becomes irrelevant because there's no external call to restrict.

Production Considerations

  • Onboarding checklist: Add "Enable Cursor Privacy Mode" to your dev environment setup doc if you work on sensitive codebases
  • Team enforcement is all-or-nothing: The org-level setting applies to everyone. There's no per-repo or per-project Privacy Mode
  • Audit periodically: If a team member upgrades Cursor or resets settings, Privacy Mode may revert — check the admin panel quarterly

Summary

  • Privacy Mode prevents Cursor from retaining your code for training — it doesn't prevent transmission to a model
  • Enable it in Settings → General for personal accounts; enforce it org-wide in Team Settings for business accounts
  • It does not cover telemetry (separate setting) or requests made to the underlying model provider
  • For zero-transmission privacy, route Cursor through a local model like Ollama instead

Tested on Cursor 0.45.x, macOS 15 and Windows 11