Cursor - GDPR & Data Privacy Overview for European Clients

Version: March 2026 - prepared by WAIMAKERS B.V.

1 Purpose

This overview explains how Cursor tiers (Hobby, Pro, Teams) handle data in relation to GDPR, with a focus on European customers. Cursor is an AI-powered code editor by Anysphere, Inc., operating from US infrastructure. Cursor 2.0 was released in 2025, introducing multi-agent capabilities and Ghost Mode (fully local processing with no internet connection). Cursor has crossed $2B annualised revenue run rate (reported early March 2026) with 1M+ daily active users.

2 Comparison of Cursor Tiers (EU focus)

Tier	Privacy Mode	Model retention	Training on code?	EU residency	Compliance	Price
Hobby	❌ Not available	⚠️ Standard policies (30 days)	⚠️ Yes	❌ No (US infra)	Basic	Free
Pro	⚠️ Optional	⚠️ Not same as Teams; providers retain up to 30 days	✅ No (when enabled)	❌ No (US infra)	SOC 2 Type II	$20/month (includes $20 monthly credit pool)
Pro+	⚠️ Optional	⚠️ Not same as Teams; providers retain up to 30 days	✅ No (when enabled)	❌ No (US infra)	SOC 2 Type II	$60/month (includes $60 monthly credit pool)
Ultra	⚠️ Optional	⚠️ Not same as Teams; providers retain up to 30 days	✅ No (when enabled)	❌ No (US infra)	SOC 2 Type II	$200/month (includes $200 monthly credit pool)
Teams	✅ Enforced	✅ Zero retention (contractual)	✅ No	❌ No (US infra)	SOC 2 Type II	$40/user/month (includes $40/user monthly credit pool; min 5 = $200/month)
Enterprise	✅ Enforced	✅ Zero retention (contractual)	✅ No	❌ No (US infra)	SOC 2 Type II + CMEK	Custom pricing

Notes for Europe

Privacy Mode (Teams/Enterprise): Enforced by default and cannot be disabled. Zero data retention contractually guaranteed with model providers (OpenAI, Anthropic, etc.). Code is never stored by model providers and never used for training. Note: the plan was renamed from "Business" to "Teams" at the same $40/user/month price point.
Privacy Mode (Pro/Pro+/Ultra): Optional and user-controlled. When enabled, code is never stored by model providers and never used for training. However, model providers may still retain data for up to 30 days — does not provide the same zero-retention contractual guarantees as Teams/Enterprise plans.
Encryption: TLS 1.2+ in transit; AES-256 at rest.
Credit-based billing (Jun 2025): Cursor now uses credits for AI model access. Claude models cost approximately 2.4x more credits than GPT-4o. Monitor credit usage to avoid overage costs.
Cursor 2.0 features: Multi-agent orchestration and Ghost Mode (fully local, no internet - no AI features but maximum privacy for sensitive code review) are available in Cursor 2.0.
Ghost Mode: Fully local mode with no network calls. Suitable for reviewing highly sensitive or classified code without any data leaving the machine.
Infrastructure: All Cursor processing occurs in US-based infrastructure operated by Anysphere, Inc. No EU data residency option available.
Backend routing: All requests are routed through Cursor's US backend for final prompt construction, even when using your own API keys (OpenAI, Anthropic, etc.).
Codebase indexing: When indexing your codebase, plaintext code is uploaded in chunks to compute embeddings but is deleted after the request lifecycle. Only embeddings and metadata (hashes, obfuscated filenames) are stored; no code content persists.
Pricing: Listed in USD. No EUR-specific pricing available. Plans: Pro $20/mo, Pro+ $60/mo, Ultra $200/mo, Teams $40/user/mo, Enterprise custom. All paid plans include a monthly credit pool equal to the plan price in dollars. Annual billing saves 20%. Teams plan requires minimum 5 seats ($200/month minimum). CMEK (Customer Managed Encryption Keys) is available for Enterprise.

3 Is Cursor GDPR-Compliant?

Short answer: Cursor can support GDPR compliance, but requires the Teams or Enterprise plan and accepting US-only infrastructure without EU data residency.

What applies to all plans (with Privacy Mode enabled):

Zero training - Code never used to train Cursor's models or third-party LLMs.
Zero retention at model providers - Prompts/completions not stored by OpenAI, Anthropic, etc.
Codebase indexing - Only embeddings/metadata stored; no plaintext code.

What's plan-dependent:

Teams/Enterprise plans: Privacy Mode enforced (cannot be disabled), zero-retention contracts with model providers. Enterprise additionally supports CMEK.
Pro/Pro+/Ultra plans: Privacy Mode optional, does not offer same zero-retention guarantees even when enabled. Providers may retain data up to 30 days.

Infrastructure limitations (all plans):

No EU data residency - All processing/storage in US.
Backend routing - All requests (even with own API keys) routed through Cursor US backend.

What that means in practice:

Non-sensitive development: Pro plan with Privacy Mode may be acceptable with proper safeguards (DPA, SCCs, DPIA). Note 30-day provider retention even with Privacy Mode enabled.
Regulated industries (healthcare, finance, public sector): Teams plan required, but US infrastructure may still pose compliance challenges.
Strictest GDPR requirements (data localisation mandates): Cursor may not meet requirements due to US-only infrastructure. Consider Ghost Mode for reviewing sensitive code locally.

Buyer's note: Teams/Enterprise = GDPR-capable with caveats (US infra, no EU residency); Pro/Pro+/Ultra = Higher residual risk (up to 30-day provider retention even with Privacy Mode).

4 Details by Offering

Cursor Hobby (Free)

Privacy Mode: Not available.
Data collection: Telemetry, usage data, code snippets collected to improve Cursor. Code may be used for training.
When to use: Personal projects, learning, non-commercial use.
When not to use: Any commercial development or proprietary codebases.

Cursor Pro

Privacy Mode: Optional (user must manually enable). When enabled, code is never stored by model providers and never used for training.
Important limitation: Even with Privacy Mode enabled, does not provide same zero-retention guarantees as Teams/Enterprise plan. Providers may retain data up to 30 days.
Pricing: $20/month (includes $20 monthly credit pool; annual billing saves 20%).
When to use: Individual developers on non-regulated projects.
When not to use: Regulated industries, client NDAs, contractual zero-retention requirements.

Cursor Pro+

Privacy Mode: Optional (user must manually enable). When enabled, code is never stored by model providers and never used for training.
Important limitation: Same residual risk as Pro — no zero-retention contractual guarantees even with Privacy Mode enabled.
Pricing: $60/month (includes $60 monthly credit pool; annual billing saves 20%).
When to use: Power users needing higher credit limits on non-regulated projects.
When not to use: Regulated industries, client NDAs, contractual zero-retention requirements.

Cursor Ultra

Privacy Mode: Optional (user must manually enable). When enabled, code is never stored by model providers and never used for training.
Important limitation: Same residual risk as Pro/Pro+ — no zero-retention contractual guarantees even with Privacy Mode enabled.
Pricing: $200/month (includes $200 monthly credit pool; annual billing saves 20%).
When to use: Heavy individual users on non-regulated projects.
When not to use: Regulated industries, client NDAs, contractual zero-retention requirements.

Cursor Teams (formerly Business)

Privacy Mode: Enforced by default (cannot be disabled). Code is never stored by model providers and never used for training.
Model retention: Zero-retention contractually guaranteed with OpenAI, Anthropic, and other providers.
Codebase indexing: Plaintext code deleted after embedding computation; only embeddings/metadata stored.
Admin controls: Centralised billing, user management, usage analytics.
Compliance: SOC 2 Type II certified. DPA available on request.
Pricing: $40/user/month (includes $40/user monthly credit pool; minimum 5 seats = $200/month; annual billing saves 20%). Credit-based billing for AI models; Claude models cost approx. 2.4x more credits than GPT-4o.
Cursor 2.0 features: Multi-agent workflows and Ghost Mode (fully local, no internet) available.

Cursor Enterprise

Privacy Mode: Enforced by default (cannot be disabled). Code is never stored by model providers and never used for training.
Model retention: Zero-retention contractually guaranteed with all model providers.
Encryption: TLS 1.2+ in transit, AES-256 at rest. CMEK (Customer Managed Encryption Keys) available for maximum data sovereignty.
Admin controls: Advanced SSO, audit logs, centralised billing and user management.
Compliance: SOC 2 Type II certified. DPA available. CMEK for key management control.
Pricing: Custom (contact enterprise@cursor.com).
When to use: Large organisations with strict security, compliance, or key management requirements.

5 Data Processing Flow

User prompt/code in editor
  ↓
Cursor backend (US-based)
  ├─ Final prompt construction
  ├─ (Optional) Codebase indexing → embeddings stored, plaintext deleted
  ├─ LLM call (OpenAI, Anthropic, etc.)
  │   ├─ Teams/Enterprise: zero retention at provider (contractual)
  │   └─ Pro/Pro+/Ultra (Privacy Mode): code not stored/trained, but NOT same contractual guarantee
  └─ Response returned to editor

*All requests routed through Cursor backend, even with own API keys*

6 Recommendations (GDPR-first)

For business processing of proprietary code, prefer Cursor Teams for enforced Privacy Mode and contractual zero-retention. For organisations requiring key management control, Cursor Enterprise adds CMEK.
For regulated data (healthcare, finance, public sector), complete a DPIA and Transfer Impact Assessment (TIA) to assess US processing risks under GDPR Chapter V. Request DPA with SCCs from enterprise@cursor.com.
For maximum local privacy, use Ghost Mode (Cursor 2.0) for reviewing highly sensitive code with no network calls.
For strictest data localisation requirements, Cursor may not be suitable due to US-only infrastructure. Ghost Mode offers an alternative for code-review-only scenarios.
Do not use Pro, Pro+, Ultra, or Hobby plans for client projects under NDA or regulated workloads. Privacy Mode on these plans still allows up to 30-day provider retention without contractual guarantees.
Monitor credit consumption - Claude models cost 2.4x more credits; set spending limits in the Teams admin console.

7 EU Rollout Checklist (Practical)

Choose Teams plan (formerly Business) - For enforced Privacy Mode and zero-retention. For key management requirements, consider Enterprise (adds CMEK).
Conduct DPIA & TIA - Document US processing risks (GDPR Chapter V); determine if SCCs + supplementary measures are sufficient. For special category data or strict localisation mandates, Cursor may not be suitable.
Execute contractuals - Request and sign DPA with SCCs (enterprise@cursor.com); add explicit zero-retention and no-training clauses.
Configure controls - Verify Privacy Mode enforced; educate developers on safe practices (no API keys, credentials, or personal data in prompts).
Sensitive data handling - Do not include GDPR Art. 9 special categories in prompts. Use .cursorrules to exclude sensitive files from indexing.

8 Procurement Quick Answers (EU)

Is my code used to train Cursor's models?

With Privacy Mode enabled (enforced on Teams/Enterprise; optional on Pro/Pro+/Ultra), no. When Privacy Mode is on, code is never stored by model providers and never used for training.

Can we keep EU data at rest in the EU?

No. Cursor operates from US infrastructure only; no EU data residency option.

What's the difference between Pro/Pro+/Ultra and Teams Privacy Mode?

Pro/Pro+/Ultra: Optional; when enabled, code is never stored by model providers and never used for training — but providers may still retain data for up to 30 days without contractual zero-retention guarantees.
Teams (formerly Business): Enforced by default (cannot be disabled); zero-retention contractually guaranteed with all model providers.
Enterprise: Same as Teams, plus CMEK for customer-managed encryption keys.

How long do model providers keep code?

Teams/Enterprise: 0 days (zero-retention, contractual)
Pro/Pro+/Ultra (Privacy Mode): Up to 30 days - no contractual zero-retention guarantee
Hobby: Standard policies (typically 30 days)

What about codebase indexing?

Plaintext code deleted after embedding computation. Only embeddings and metadata (hashes, obfuscated filenames) stored.

What compliance standards?

SOC 2 Type II certified. SOC 2 report available at trust.cursor.com (requires request).

Are all requests routed through Cursor's backend?

Yes. Even with your own API keys, all requests go through Cursor's US backend for prompt construction.

9 Notes & Caveats

US infrastructure: All processing in US; may be problematic for strict localisation requirements.
Backend dependency: All requests routed through Cursor backend, even with own API keys.
Pro/Pro+/Ultra Privacy Mode: Optional; when enabled, code is never stored by model providers and never used for training. Does not offer same contractual zero-retention as Teams/Enterprise plans. Providers may retain data up to 30 days.
Plan rename: "Business" plan was renamed "Teams" - same $40/user/month price.
CMEK: Customer Managed Encryption Keys available on Enterprise plan for organisations requiring key management sovereignty.
Encryption: TLS 1.2+ in transit; AES-256 at rest (all plans).
Revenue milestone: Cursor crossed $2B annualised revenue run rate (reported early March 2026).
Credit-based billing: Introduced June 2025. Claude models cost ~2.4x more credits than GPT-4o. Monitor usage via admin console.
Ghost Mode: Fully local mode (Cursor 2.0) with no network calls - no AI completions but maximum privacy for sensitive code.
Limited public documentation: Request DPA and privacy details from enterprise@cursor.com.
GDPR Chapter V transfers: EU customers must conduct Transfer Impact Assessment (TIA) and implement supplementary measures beyond SCCs.

10 Disclaimer

This overview is intended solely as an informative tool. We strongly advise customers to thoroughly review all Data Processing Agreements (DPAs) and privacy documentation before deploying Cursor in production environments - especially when proprietary or sensitive code is processed. WAIMAKERS applies this same principle internally; all tools we use have been thoroughly assessed and included in our own privacy and security documentation. Customers should always carefully evaluate the official documentation, terms, and DPAs of each AI provider they use. WAIMAKERS cannot be held legally liable for any mistakes, errors, inaccuracies, or for the accuracy, currency, or completeness of the information in this document; the ultimate responsibility for GDPR compliance rests with the customer.

Prepared and issued by WAIMAKERS B.V. - March 2026.

References

Cursor Privacy Overview - https://cursor.com/privacy-overview
Cursor Privacy Policy - https://cursor.com/privacy
Cursor Security & Compliance - https://www.cursor.com/en/security
SOC 2 Report - https://trust.cursor.com (requires request)

Cursor

Need help navigating AI?

Cursor

Need help navigating AI?