Cursor
Use
@Cursor to start Background Agents that edit code, open pull requests, and notify you when complete. Run @Cursor help to see available commands.Learn more at docs.cursor.com/slackPermissions
Cursor will be able to view:
Cursor will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Anysphere, Inc.
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
Anysphere retains Customer Data only for as long as an account is active or otherwise necessary to perform our contractual obligations, comply with legal duties, resolve disputes, preserve legal rights, or enforce agreements. Retention periods are determined by the type of data and the purpose for which it was collected, and outdated or unused data is destroyed at the earliest reasonable opportunity.
Data archiving and removal policy
When a customer terminates its account or requests deletion, Anysphere removes or anonymizes Customer Data in accordance with the retention schedule above, except where we have a legal obligation or compelling legitimate interest to retain it (e.g., for fraud prevention or to meet regulatory requirements).
Data storage policy
All production data is encrypted in transit and at rest and stored exclusively in Amazon Web Services (AWS) data centers, managed under our least-privilege access controls and industry-standard security measures.
Data center location(s)
United States
Data hosting details
Cloud-hosted (multi-tenant SaaS running entirely on AWS infrastructure; no on-prem components).
Data hosting company
AWS
App/service has sub-processors
yes
Guidelines for sub-processors
App/service uses large language models (LLM)
yes
LLM model(s) used
OpenAI, Anthropic, XAI, Gemini, Cursor
LLM retention settings
ZDR
LLM data tenancy policy
If Privacy Mode is on, no data is retained or used for training by Cursor or third parties.
If Privacy Mode is off, Cursor may store limited usage and code data to improve product features but never for third-party training.
LLM data residency policy
As listed at https://trust.cursor.com/subprocessors; our providers are based in the USA, with limited use of latency-critical servers in the UK and Japan.
Certifications & compliance
SOC attestation
GDPR commitment
Data deletion request procedure
We honor all valid requests for data deletion in accordance with our privacy policy and applicable laws. When a deletion request is received, we promptly delete all associated user data from our systems, including databases and backups (within the retention limits of those systems). Users can request data deletion by contacting our support team at hi@cursor.com, and we process such requests within 30 days.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2025-04-02
Executive summary is available to potential customers upon request
yes
Supports Single Sign On (SSO) with the following providers
SAML 2.0 SSO (and OIDC with just-in-time provisioning on Enterprise)
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
security@anysphere.co
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
yes
Bug bounty program URL
Requires third party authorization/connections
no
Third party services used by this app
AWS (hosting), various optional MCP integrations including Notion, GitHub, Linear, Stripe, and others. The app also integrates with external LLM providers
Uses token rotation
no