We are looking to improve things around this area in the future but for now, the .cursorignore file should stop any files you put in it from being indexed into your codebase, or being autonomosly read by the AI as context.
The only exception here, and where it would differ from a feature like .cursorban would be that you can still @ the file, and if you have the file open as your active editor, it may select itself as context, which you would have to manually untick before sending off your prompt.
With privacy mode enabled however, neither Cursor or any of the LLM providers store any of your code beyond the time needed to complete your query - these queries are not subject to the usual analysis OpenAI and Anthropic do on your queries if you use their own apps!
We hope to bring some improvements to this in the near future, as this is an important topic, especially for sensitive work!