Your code is never stored. GDPR-compliant processing with immediate data deletion.
View our security standardsYour privacy,
our priority.
Lurus Code combines enterprise-grade security with GDPR compliance: encrypted transport, best-practice data handling, and a deliberate permission model for your AI coding agent.
Compliance & data ethics
GDPR-compliant
Aligned with the EU General Data Protection Regulation: transparent processing, documented subprocessors, and privacy-conscious product choices.
No model training
Your prompts, repositories, and conversations are not used to train general-purpose AI models.
No code storage
We never store your source code. It is processed only for the duration of your request and discarded immediately. No training, no retention.
Model- and region-dependent processing
Processing depends on model and region. Customer data is not used for training; vendor selection and processing are documented transparently.
Encryption
TLS 1.3 for data in transit, AES-256 at rest, consistent with modern cloud security standards.
Agent permissions
Built for Lurus Code: sandbox, modes, and project rules so the agent stays powerful yet controllable.
Sandbox
Workspace boundaries, blocked system paths, and sensitive file detection limit what the agent can do without approval.
Permission modes
Control behavior with modes such as default, acceptEdits, plan, and bypassAll, from cautious to explicitly expanded.
Persistent permissions
"Always allow" decisions are remembered so you do not re-confirm recurring approvals every session.
Allow/deny patterns
Configurable rules in .lurus/settings.json define which tools, paths, or commands are automatically allowed or denied.
Frequently asked questions
Yes. Lurus Code is operated by a German company and follows EU GDPR requirements. See our legal documents for details.
We never store source code on our servers. Your code is processed in real-time only and discarded immediately afterwards. Core infrastructure and web services run with EU-based providers. Data in transit and at rest is protected using industry-standard practices.
No. Your content and conversations are not used to train models. Lurus Code is designed to process your work context without using it as training data for general-purpose models.
The agent runs in a sandbox with configurable modes (e.g. default, acceptEdits, plan, bypassAll). Sensitive paths can be blocked; persistent "always allow" choices are stored in .lurus/permissions.json and govern behavior per project.
As a German company, we prioritize GDPR compliance. We mitigate risk through clear contracts and transparent vendor choices.
Data in transit is protected with TLS 1.3. Stored data is protected with AES-256 at rest, consistent with common cloud security practice.
Ready for secure AI?
Get started with Lurus Code, GDPR-compliant and full control over agent permissions.
Get started