Does Cursor send my code to third parties?

Updated 2026-07-15Asked across Reddit, Quora & Google· Cursor AI
Short answer

Yes. To generate answers, Cursor sends relevant code to third-party model providers like Anthropic, OpenAI, and Google. With Privacy Mode enabled, Cursor doesn't store your code or train on it, and enforces this contractually with providers, but transmission for processing still happens. Cursor is SOC 2 Type II certified and keeps no infrastructure in China.

Why — the first-principles explanation

This is unavoidable for any cloud AI coding tool: the model that writes your code lives at a third party. Cursor doesn't run Claude or GPT itself, those belong to Anthropic and OpenAI. So when you ask Cursor to edit code, the relevant snippet has to be sent to that provider's servers to be processed. There is no way for a remote model to help with code it never sees.

What Cursor controls is what happens around that transmission. With Privacy Mode on, Cursor promises not to store your code or use it for training, and backs this with both technical controls and contractual requirements on its model providers. In practice, that means your code is used to produce a response in the moment, then discarded, not retained or fed into future training.

Cursor also limits who the third parties are. It states it uses no infrastructure or subprocessors based in China, honors model blocklists, and holds a SOC 2 Type II certification verifying its data-handling controls.

The honest bottom line: yes, your code goes to third-party model providers, that's how the product works, but reputable providers under contract, with Privacy Mode limiting retention. If even transmission is unacceptable for your code, a cloud AI tool isn't the right fit.

An example that makes it click

It's like using a translation service that hires expert freelance translators. To translate your letter, the service has to hand it to a freelancer, that's the third-party model. But the service makes each freelancer sign a contract: translate it, hand it back, keep no copy, and never use it to practice. That's Privacy Mode. Your letter did leave the building and pass through someone else's hands, but under strict rules about what they can do with it. If your letter were so secret it could never leave your desk, you wouldn't use any translation service at all.

How to do it

  1. Enable Privacy Mode in Settings so Cursor doesn't store or train on your code.
  2. Understand that code is still transmitted to model providers to generate responses.
  3. Avoid including live secrets or credentials in prompts; use placeholders instead.
  4. Add a .cursorignore file to keep sensitive files out of the AI's context.
  5. Request the SOC 2 Type II report at trust.cursor.com for a formal security review.
  6. On Enterprise, use model and repository access controls to restrict which providers receive code.

Key facts

Infographic: Does Cursor send my code to third parties — short answer and key facts
Visual summary — Does Cursor send my code to third parties?
CA
Try Cursor AI by Anysphere

An AI-first code editor built on VS Code.

Affiliate link — we may earn a commission at no cost to you.
Visit Cursor AI ↗
▶ The 60-second explainer (script)

Does Cursor send your code to third parties? Yes, and here's why it has to. Cursor doesn't run the AI models itself. Claude belongs to Anthropic, GPT to OpenAI, Gemini to Google. So when you ask Cursor to edit code, the relevant snippet gets sent to that provider's servers to be processed. A remote model can't help with code it never sees. What Cursor controls is what happens around that. Turn on Privacy Mode, and Cursor promises not to store your code or train on it, and it enforces that with contracts with those providers. Your code is used to generate a response in the moment, then discarded. Cursor also keeps no infrastructure in China and is SOC 2 Type Two certified. So the honest answer: yes, your code goes to reputable third-party providers under contract, with retention limited. But if even sending your code out is a dealbreaker, a cloud AI tool isn't the right fit. Turn on Privacy Mode, and keep secrets out of your prompts.

What authoritative sources say

Cursor Security (official)official — Cursor's app makes requests to model providers; with Privacy Mode it won't train on your data, enforced technically and contractually. SOC 2 Type II, no China infrastructure. source ↗
Cursor Models Docs (official)official — Cursor supports third-party models from Anthropic, OpenAI, Google, and xAI. source ↗
alexi.sh - Is Cursor AI Safemedia — Independent analysis of how Cursor handles and shares user code. source ↗

People also ask

Which third parties get my code?

The model providers behind the model you use, such as Anthropic, OpenAI, or Google, receive the relevant code to generate a response.

Can I stop my code from being used for training?

Yes. Enable Privacy Mode, which prevents storage and training and is enforced contractually with providers.

Does Privacy Mode stop code from being sent at all?

No. Code is still transmitted for processing. Privacy Mode limits retention and training, not transmission.

Is Cursor safe from Chinese data access?

Cursor states it uses no infrastructure or subprocessors based in China.

Related questions