Your Privacy Is Our Priority
At Grammarly, protecting our users’ information is of the utmost importance. Whether you use our desktop applications, browser extensions, mobile applications, or other product offerings, feel confident knowing that we go
to great lengths to ensure your data is encrypted, private, and secure.
Our Privacy Safeguards at a Glance
From the way we run our business to the text our product analyzes and generates,
the following is a brief overview of how Grammarly operates and
approaches privacy.
We don't sell your data
Rather, we make money when customers pay for Grammarly Premium, Grammarly Business, Grammarly for Education, or Grammarly for Developers.
Learn more
Learn more
Grammarly does not record every keystroke
Grammarly cannot access sensitive fields
Grammarly is blocked from accessing text in fields marked "sensitive"—like names, birthdays, addresses, passwords, and payment fields.
Learn more
Learn more
We tightly control access to data
Grammarly restricts access to customer data across our network, infrastructure, and services. Only those authorized to access data critical to their work may do so.
Learn more
Learn more
You own your data
Grammarly checks and helps you compose your text, but doesn’t own it. Your work is always yours—period.
Learn more
Learn more
We’re committed to privacy compliance
We comply with governmental privacy regulations and frameworks regarding data privacy and protection.
Learn more
Learn more
Your privacy is paramount
You can feel secure that Grammarly has the privacy of your data top of mind. This section details the stringent protections we maintain.
We have not, do not, and will not sell user data
We don’t provide information to third parties to help them advertise their products to you. Grammarly’s financial interests are directly aligned with our users’ interests.
We make money when customers purchase one of our paid product offerings, which include Grammarly Premium, Grammarly Business, Grammarly for Education, and Grammarly for Developers.
You’ll always know when and where Grammarly is actively running
When Grammarly is activated in a text field, you’ll see a visible Grammarly logo or an icon displaying suggestions. If you’re using Grammarly for Windows or Mac, you can easily turn off Grammarly using the floating G icon—and then turn it back on when you want to receive writing suggestions. If you’re using the Grammarly Browser Extension, you can use the on/off toggle, which you’ll find by pressing the Grammarly icon at the top bar of your browser. If you’re using the Grammarly Keyboard on your mobile device, you’ll be able to toggle it on/off in the keyboard settings.
Our product does not run in sensitive fields
Grammarly's desktop applications, browser extensions, and mobile applications are blocked from running in sensitive fields, such as credit card forms, passwords, and URLs. By default, we also block the product from running where you can’t edit text (known as “read-only” fields), such as the instructions to a web form.
We tightly control access to user data
Grammarly restricts access to customer data across our network, infrastructure, and services. Only those authorized to access data critical to their work may do so. This is often referred to as the “principle of least privilege.”
Grammarly relies on trusted third-party vendors for specific services and functions, such as hosting our servers, email communication, and customer support services. We regularly evaluate vendor security, and we validate that all user information is removed from third-party systems after there is no longer a need for its storage. Read more about the third-party subprocessors we use.
You own what you write
You always retain all rights to your text, including copyrights and duplication privileges. In short, your work remains yours.
Grammarly complies with regulations regarding data privacy and protection
We comply with applicable regulations including the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA), among other frameworks that govern Grammarly’s privacy obligations.
You can view personal data associated with your account
To view the personal data associated with your account, submit a request through your account hub. Requiring you to be logged in helps us ensure that only you can request information about yourself. If you delete your account, we will remove your personal information from our systems.
If you use the Grammarly Editor, you can view all documents you have saved—we store them so you have access until you choose to delete them. If you delete your account, we will delete these documents from our servers.
Frequently Asked Questions
Is Grammarly a keylogger?
No. A keylogger records every keystroke, sends data to a third party for the benefit of that party, and does so without the user’s knowledge. Grammarly’s product doesn’t fit any of these descriptions.
At Grammarly, we value user trust and operate with high standards for privacy and transparency. You can feel confident using Grammarly’s product offerings knowing that:
Grammarly is blocked from running in read-only and sensitive fields, such as payment forms, passwords, addresses, and URLs. We don’t record every keystroke.
We make it clear when Grammarly is active by turning the G button green. You can easily turn it off any time, then turn it back on within a document or site using the easy-to-find floating G icon, when you use Grammarly for Windows or Mac; or an on/off toggle when you use Grammarly Extension, which you can find by pressing on the Grammarly icon located on the top bar of your web browser. (To learn more about how to turn Grammarly off or on, visit the Tips & Tutorials section of our Support portal.)
We never sell user data to third parties for advertising or any other purposes. We make money from selling subscriptions to Grammarly product offerings.
Grammarly services only store user data for the purposes of delivering and improving our product offerings.
We value the trust our customers put in us to keep their information safe and secure.
Does Grammarly own everything I write?
No. You always retain all rights to your text, including copyrights and duplication privileges.
By using Grammarly, you’re giving us formal permission to provide writing suggestions to you and to use your writing to improve our algorithms. You remain the owner of your content.
Can anyone at Grammarly read my text?
No, only those who have an approved need to access certain data are given access to that data. Access is granted via specific, audited permissions, and access to data requires review and approval by the responsible managers.
For example, if you encounter a problem with your account that can only be fixed by reviewing your text, a select group working directly on that task may access your document with your permission. Also, if you send a document to our expert writing service, our writing experts will read the content you submit to make edits that are offered by this service.
Is Grammarly HIPAA compliant?
Yes, Grammarly is compliant with HIPAA Security, Privacy, and Breach Notification rules. Grammarly has been audited by an independent third-party audit firm that has issued an attestation report demonstrating our compliance.If you need to sign a BAA in order to comply with HIPAA, please submit your request here.
Is Grammarly GDPR compliant?
Yes, Grammarly is GDPR-compliant. Please see our Privacy Policy for details.
Does Grammarly participate in Privacy Shield?
We continue to keep to the commitments below that we made when we certified to the Privacy Shield, but we do not rely on the Privacy Shield.
• Grammarly complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Grammarly has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. Learn more about the Privacy Shield program and view our certification here.
•In compliance with the Privacy Shield Principles, Grammarly commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Grammarly at the contact address below. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, dispute resolution is available through a third-party arbitrator by contacting our designated Privacy Shield independent recourse mechanism, JAMS. In certain circumstances, the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework provide the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.
•The Privacy Shield Principles describe Grammarly’s accountability for personal data that it subsequently transfers to a third-party agent. Under the Principles, Grammarly shall remain liable if third-party agents process the personal information in a manner inconsistent with the Principles, unless Grammarly proves it is not responsible for the event giving rise to the damage.
•The Federal Trade Commission has jurisdiction over Grammarly’s compliance with the Privacy Shield.
• Grammarly complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Grammarly has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. Learn more about the Privacy Shield program and view our certification here.
•In compliance with the Privacy Shield Principles, Grammarly commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Grammarly at the contact address below. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, dispute resolution is available through a third-party arbitrator by contacting our designated Privacy Shield independent recourse mechanism, JAMS. In certain circumstances, the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework provide the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.
•The Privacy Shield Principles describe Grammarly’s accountability for personal data that it subsequently transfers to a third-party agent. Under the Principles, Grammarly shall remain liable if third-party agents process the personal information in a manner inconsistent with the Principles, unless Grammarly proves it is not responsible for the event giving rise to the damage.
•The Federal Trade Commission has jurisdiction over Grammarly’s compliance with the Privacy Shield.
Where does Grammarly store my data? Is it on their servers?
Grammarly stores data on servers hosted by Amazon Web Services, an industry-leading infrastructure provider, in their US-based data centers. Learn more about Grammarly's secure infrastructure.
How does Grammarly use my data?
Across all our product offerings, Grammarly’s enterprise-grade attestations and certifications and user-first approach to security and privacy reflect our practices and policies to ensure users’ data is safe and secure. Grammarly takes extreme care to isolate each customer's data. Any writing that an individual or organization reviews or produces with Grammarly will never appear in another customer's writing suggestions.
Any information used to power Grammarly's generative AI features, such as prompt type, prompt text, and the context in which it's used, will be shared with our small number of thoroughly vetted partners for the sole purpose of providing you with the Grammarly experience. We do not allow any partners or third parties to use your data for training their models or improving their products.
You can also find information here about the small number of trusted third-party processors that help us provide our services. Grammarly maintains a thorough vendor-review process to conduct due diligence before engaging with any subprocessors. The review process includes multi-step security and privacy assessments, a detailed review of the vendor’s compliance posture, and an in-depth legal review of subprocessor data practices.
Any information used to power Grammarly's generative AI features, such as prompt type, prompt text, and the context in which it's used, will be shared with our small number of thoroughly vetted partners for the sole purpose of providing you with the Grammarly experience. We do not allow any partners or third parties to use your data for training their models or improving their products.
You can also find information here about the small number of trusted third-party processors that help us provide our services. Grammarly maintains a thorough vendor-review process to conduct due diligence before engaging with any subprocessors. The review process includes multi-step security and privacy assessments, a detailed review of the vendor’s compliance posture, and an in-depth legal review of subprocessor data practices.
Communicate confidently—and securely
With Grammarly, you can take your communication to the next level with the peace of mind of knowing your data is private and protected.