The Credentials That Reflect Our Commitment to Security and Privacy
Over 30 million people, including 50,000 teams, rely on Grammarly’s communication assistance, and that’s a responsibility we take very seriously.
To ensure our users’ data is safe and secure, we seek out third-party evaluations to validate our company-wide security controls with globally recognized standards. Through this process, we're able to maintain our existing certifications and attestations every year.
To ensure our users’ data is safe and secure, we seek out third-party evaluations to validate our company-wide security controls with globally recognized standards. Through this process, we're able to maintain our existing certifications and attestations every year.

Compliance Certifications and Attestations
Together, these certifications and attestations speak to our safeguards for user data, cloud service management, and the protection of sensitive information.











SOC 2 (Type 2)
Grammarly’s SOC 2 (Type 2) report validates our controls based on the security, privacy, availability, and confidentiality trust services criteria.
Learn more
Learn more
ISO/IEC 27001:2013
Grammarly’s information security management system meets the requirements of ISO 27001 and 27002 international standards.
Learn more
Learn more
ISO/IEC 27018:2019
Grammarly meets the requirements of ISO 27018 regarding our protection of personally identifiable information (PII) in the cloud.
Learn more
Learn more
PCI DSS
GDPR
FERPA
Grammarly is compliant with the Family Educational Rights & Privacy Act.
Contact us about our special EDU addenda
Contact us about our special EDU addenda
SOC 3
Grammarly’s SOC 3 report validates our controls based on the security, privacy, availability, and confidentiality trust services criteria.
Learn more
Learn more
ISO/IEC 27017:2015
Grammarly’s information security practices meet the requirements of ISO 27017 regarding our provision and use of cloud services.
Learn more
Learn more
HIPAA
Grammarly is compliant with the Health Insurance Portability and Accountability Act.
Contact us about our Business Associate Agreement
Contact us about our Business Associate Agreement
Cloud Security Alliance
Grammarly is a CSA-Trusted Cloud Provider and has completed the Consensus Assessment Initiative Questionnaire to represent our security controls.
Learn more
Learn more
CCPA
NYS Education Law 2-d
Grammarly is compliant with the New York State Education Law 2-d.
Contact us about our special EDU addenda
Contact us about our special EDU addenda
Security Industry Associations and Partnerships
Strong digital defense requires industry cooperation—not competition. That’s why we work with industry-leading organizations around the world to not only foster a security-first culture at Grammarly, but to also participate in the global security community and share knowledge with the field’s foremost experts.




OWASP
OWASP is the world’s largest software security nonprofit, and as a corporate member, we utilize its resources to ensure that Grammarly’s development aligns with industry best practices.
Learn more
Learn more
HackerOne
To validate the strength of our information security, we run a bug bounty program with HackerOne, a leading security platform that brings together ethical hackers to assess cybersecurity issues of all kinds.
Learn more
Learn more
Cloud Security Alliance
Grammarly is a proud member of CSA, an organization dedicated to promoting secure cloud practices.
Learn more
Learn more
IAPP
Grammarly is honored to be a member of IAPP, the largest and most comprehensive global information privacy community.
Learn more
Learn more
Our safeguards ensure your data is protected
Whether you use Grammarly within a small organization, a large enterprise, or as an individual, have peace of mind knowing that your information is safe and secure.
Industry-leading standards
We maintain the highest standards against globally recognized certifications and attestations related to security, privacy, confidentiality, and availability.
Third-party verification
Our certifications and attestations are based on comprehensive examinations conducted by independent third-party audit firms each year.
Trusted certifications
Rest assured knowing that you can rely on our certifications and attestations if you need them for any vendor risk-management purposes.
Continuous improvement
Our compliance portfolio is always evolving to reflect industry best practices and the needs of our customers.
Frequently Asked Questions
Is Grammarly secure?
We are vigilant about information security. If you'd like to know more about our approach, we’ve outlined our security operations, policies, practices, and attestations, and you can also see our SOC 2 (Type 2) and SOC 3 for further transparency.
Is Grammarly GDPR compliant?
Where does Grammarly store data?
Grammarly stores data on servers hosted by Amazon Web Services, an industry-leading infrastructure provider, in their US-based data centers. Learn more about Grammarly's secure infrastructure.
Who has access to my data, both physically and virtually?
As a rule, Grammarly employees do not monitor or view user data. We adhere to the principle of least privilege and regularly review employees’ data-access rights to ensure only minimum required privileges are granted. To learn more about access to data and the information we collect, visit our Privacy Policy.
Where can I find audit reports?
If you need an audit report, contact our sales team to request the documentation you’re looking for.
Is Grammarly HIPAA compliant?
Yes, Grammarly is compliant with HIPAA Security, Privacy, and Breach Notification rules.
Improve Communication With a Service You Can Trust
Grammarly’s best-in-class writing assistance helps you communicate with confidence knowing your data is protected by industry-leading security standards.