Is Cursor safe with your data?
Cursor
Anysphere
Good disclosure · high confidence
Cursor earns a B (69/100) because it discloses most of its data practices.
#13
of 211 apps ranked
69
score · Productivity avg 54
+15
vs category average
Cursor commits to not training on user inputs without explicit opt-in, assigns output ownership to users, and offers standard rights, but lacks detailed retention timelines, named security controls, and breach notification specifics.
What Cursor's privacy policy and terms of service say about your data
D1.1 , No-train default with opt-in
ANYSPHERE WILL NOT USE CONTENT TO TRAIN, OR ALLOW ANY THIRD PARTY TO TRAIN, ANY AI MODELS, UNLESS YOU'VE EXPLICITLY AGREED
Unnamed opt-out mechanism
Training preferences can be managed somewhere 'in the Service,' but the policy points to no specific setting or process
Boilerplate security
Commits only to 'commercially reasonable technical and organizational measures' with no named standard or control
Purpose without legal basis
States data is used 'to provide, maintain and facilitate any products and services' without pairing each purpose to a legal basis
What the policy is silent or vague on
- Not stated: whether training use differs by plan
- Not stated: a deletion timeline after closure or request
- Not stated: a data-minimisation commitment
- Not stated: a safeguard for international data transfers
Cursor privacy rating
Details
- Category
- Productivity
- Modalities
- text
- Processes biometrics
- No
- Policy last updated
- 2025-10-06
- Region scored
- Global / US-default
- Last assessed
- 2026-07-08
Documents examined
Other productivity apps
Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.