No. A keylogger records every keystroke, sends data to a third party for the benefit of that party, and does so without the user’s knowledge. Grammarly’s product doesn’t fit any of these descriptions. At Grammarly, we value user trust and operate with high standards for privacy and transparency. You can feel confident using Grammarly’s product offerings knowing that: Grammarly is blocked from running in read-only and sensitive fields, such as payment forms, passwords, addresses, and URLs. We don’t record every keystroke. We make it clear when Grammarly is active by turning the G button green. You can easily turn it off any time, then turn it back on within a document or site using the easy-to-find floating G icon, when you use Grammarly for Windows or Mac; or an on/off toggle when you use Grammarly Extension, which you can find by pressing on the Grammarly icon located on the top bar of your web browser. (To learn more about how to turn Grammarly off or on, visit the Tips & Tutorials section of our Support portal.) We never sell user data to third parties for advertising or any other purposes. We make money from selling subscriptions to Grammarly product offerings. Grammarly services only store user data for the purposes of delivering and improving our product offerings. We value the trust our customers put in us to keep their information safe and secure.

No. You always retain all rights to your text, including copyrights and duplication privileges. By using Grammarly, you’re giving us formal permission to provide writing suggestions to you and to use your writing to improve our algorithms. You remain the owner of your content.

No, only those who have an approved need to access certain data are given access to that data. Access is granted via specific, audited permissions, and access to data requires review and approval by the responsible managers. For example, if you encounter a problem with your account that can only be fixed by reviewing your text, a select group working directly on that task may access your document with your permission. Also, if you send a document to our expert writing service, our writing experts will read the content you submit to make edits that are offered by this service.

Yes, Grammarly is compliant with HIPAA Security, Privacy, and Breach Notification rules. Grammarly has been audited by an independent third-party audit firm that has issued an attestation report demonstrating our compliance.If you need to sign a BAA in order to comply with HIPAA, please submit your request here.

Yes, Grammarly is GDPR-compliant. Please see our Privacy Policy for details.

We continue to keep to the commitments below that we made when we certified to the Privacy Shield, but we do not rely on the Privacy Shield.

• Grammarly complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Grammarly has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. Learn more about the Privacy Shield program and view our certification here.

•In compliance with the Privacy Shield Principles, Grammarly commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Grammarly at the contact address below. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, dispute resolution is available through a third-party arbitrator by contacting our designated Privacy Shield independent recourse mechanism, JAMS. In certain circumstances, the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework provide the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.

•The Privacy Shield Principles describe Grammarly’s accountability for personal data that it subsequently transfers to a third-party agent. Under the Principles, Grammarly shall remain liable if third-party agents process the personal information in a manner inconsistent with the Principles, unless Grammarly proves it is not responsible for the event giving rise to the damage.

•The Federal Trade Commission has jurisdiction over Grammarly’s compliance with the Privacy Shield.

Grammarly stores data on servers hosted by Amazon Web Services, an industry-leading infrastructure provider, in their US-based data centers. Learn more about Grammarly's secure infrastructure.

Across all our product offerings, Grammarly’s enterprise-grade attestations and certifications and user-first approach to security and privacy reflect our practices and policies to ensure users’ data is safe and secure. Grammarly takes extreme care to isolate each customer's data. Any writing that an individual or organization reviews or produces with Grammarly will never appear in another customer's writing suggestions.

Any information used to power Grammarly's generative AI features, such as prompt type, prompt text, and the context in which it's used, will be shared with our small number of thoroughly vetted partners for the sole purpose of providing you with the Grammarly experience. We do not allow any partners or third parties to use your data for training their models or improving their products.

You can also find information here about the small number of trusted third-party processors that help us provide our services. Grammarly maintains a thorough vendor-review process to conduct due diligence before engaging with any subprocessors. The review process includes multi-step security and privacy assessments, a detailed review of the vendor’s compliance posture, and an in-depth legal review of subprocessor data practices.