AI and Data Privacy in JProfiler

JProfiler's MCP server is a local process that speaks the Model Context Protocol standard. When an AI agent such as Claude Code, Cursor or Codex is configured to use it, the agent calls the MCP server locally to retrieve profiling data: hotspots, call trees, heap analysis results, and so on.

However, the data the AI agent retrieves from JProfiler is then sent to its cloud backend as part of the context window. There are two cases, depending on your AI agent:

• With a cloud-based AI agent, profiling data (class names, method names, SQL queries, stack traces) will leave your infrastructure and be processed by that provider's cloud.
• With a self-hosted AI agent, the profiling data never leaves your infrastructure.

The AI probe is a passive observability probe, similar to JProfiler's JDBC or HTTP probes. It instruments LLM frameworks like LangChain4j and Spring AI to capture prompts, model names, token counts, and request durations as your application makes calls to external AI services. All of this data is collected and displayed locally in JProfiler and stays in your JProfiler session or snapshot file.

What your LLM provider does with those prompts is governed by its terms of service, not by JProfiler.

In both flows, the data containment guarantee comes from the AI provider, not from JProfiler.

Review the data usage and training policies of the provider you route data through: the AI agent's backend for the MCP integration, or the LLM your application calls for the AI probe. Most major providers offer enterprise agreements or zero-data-retention tiers that explicitly exclude customer data from training.