Effective as of September 18, 2020

Privacy Policy

(View Previous Version)

At Grammarly, we care about the privacy of your data and are committed to protecting it. This Privacy Policy explains what information we collect about you and why. We hope you will read it carefully.

Summary
We hope you read this entire Privacy Policy. However, if you’re in a hurry, here is a brief overview of the most important points:
  • We do not and will not sell your information. We don’t help companies advertise their products to you. (read more)
  • We offer a free service and hope you will upgrade to our paid versions. That’s the only way we make money. (read more)
  • We use a small number of trusted third parties to help provide our products. (read more)
  • We use cookies to provide, protect, and promote our products. (read more)
  • You can exercise your GDPR and CCPA rights.
  • If you have any questions or concerns about this policy, you can contact us.

What is the scope of this Privacy Policy?

This Privacy Policy is incorporated into Grammarly’s Terms of Service and License Agreement, located at grammarly.com/terms, and applies to the information obtained by us through your use of Grammarly’s Site, Software, and Services (“Information”) as described in this Policy. Capitalized terms used in this Policy and not otherwise defined shall have the meanings provided for those terms in the Terms of Service.

What is Grammarly’s business model?

Grammarly offers a free service and paid services. To make money, we encourage the users of our free service to upgrade to one of our paid services. We don’t help third parties to advertise their products to you. We also do not—and will not—sell your information.

Information collection and use

What Information does Grammarly collect about me?
When you interact with our Site, Software, and/or Services, we collect information that could be used to identify you (“Personal Data”). Some of the information we collect is stored in a manner that cannot be linked back to you (“Non-Personal Data”).

Information you provide us when you create an account
When you sign up for or use our Services, you voluntarily give us certain Personal Data, including:
  • Your username, email address, and contact and language preferences. If you log into Grammarly with a social networking credential, such as with your Facebook or Google account, we will ask permission to access basic information from that account, such as your name and email address. You can stop sharing that information with us at any time by removing Grammarly’s access to that account.
  • Your payment information, if you are a paying customer. This is required to complete a commercial transaction on the Site. We use this information to enable and fulfill your transaction. If you choose to use PayPal® to finalize and pay for your order, you will provide your credit card number directly to PayPal®. The privacy policy of PayPal® will apply to the information you provide on the PayPal® website.
Other Information we collect
We collect this information as you use the Site, Software, and/or Services:
  • User Content. This consists of all text, documents, or other content or information uploaded, entered, or otherwise transmitted by you in connection with your use of the Services and/or Software.
  • Names of user contacts (if you are using the Grammarly Keyboard). The Grammarly Keyboard may request or obtain access to the names of your contacts on your device. This access helps the Grammarly Keyboard recognize when you are typing names so it can make appropriate suggestions (for example, if you misspell a name).
Automatically collected Information
Certain data about the devices you use to connect with Grammarly and your use of the Site, Software, and/or Services are automatically logged in our systems, including:
  • Location information. This is the geographic area where you use your computer and mobile devices (as indicated by an Internet Protocol (IP) address or similar identifier) when interacting with our Site, Software, and/or Services.
  • Log data. As with most websites and technology services delivered over the internet, our servers automatically collect data when you access or use our Site, Software, and/or Services and record it in log files. This log data may include IP address, browser type and settings, date and time of use, information about browser configuration, language preferences, and cookie data.
  • Usage information. This is information about the Grammarly Site, Software, and/or Services you use and how you use them. We may also obtain data from our third-party partners and service providers to analyze how users use our Site, Software, and/or Services. For example, we will know how many users access a specific page on the Site and which links they clicked on. We use this aggregated information to better understand and optimize the Site.
  • Device information. This is data from your computer or mobile device, such as the type of hardware and software you are using (for example, your operating system and browser type), as well as unique device identifiers for devices that are using Grammarly Software.
  • Cookies. Data obtained from cookies is described in the “Does Grammarly use cookies?” section and in our Cookie Policy.
Information collected from other sources
We may collect information about you from third parties, such as marketing partners and researchers, where they are legally allowed to share your Information with us. We may combine the Information we receive from other sources with Information we collect from you (or your device) and use it as described in this Privacy Policy.

How does Grammarly use my Information?
We use, process, and store your Information as necessary to perform our contract with you and for our legitimate business interests, including:
  • To help us provide and administer our Site, Software, and/or Services, authenticate users for security purposes, provide personalized user features and access, process transactions, conduct research, develop new features, and improve the features, algorithms, and usability of our Site, Software, and/or Services.
  • To communicate with you about your use of our Site, Software, and/or Services, product announcements, and software updates, as well as respond to your requests for assistance, including providing account verification support if you’re having difficulty accessing your account.
  • To send you direct marketing emails and special offers about Grammarly, from which you can unsubscribe at any time. For more information, please see the section titled, “Will Grammarly send me emails?” If you are located in the European Economic Area (EEA), we will only send you marketing information if you consent to us doing so at the time you create your account or any point thereafter.
  • To display User Content associated with your account and make sure it is available to you when you use our Services.
  • To provide human proofreading services for users who submit User Content in connection with this specific service.
  • To calculate aggregate statistics on the number of unique devices using our Site, Software, and/or Services, and to detect and prevent fraud and misuse of those.
Does Grammarly review User Content?
As a rule, Grammarly employees do not monitor or view your User Content stored in or transferred through our Site, Software, and/or Services, but it may be viewed if we believe the Terms of Service have been violated and confirmation is required, if we need to do so to respond to your requests for support, if we otherwise determine that we have an obligation to review it as described in the Terms of Service, or to improve our algorithms as described in the User Content section of our Terms of Service. In addition, if you request our human proofreading services, our proofreaders may also read the User Content you submit for this specific service, as necessary to perform our contract with you and for our legitimate business interests. Finally, your Information may be viewed where necessary to protect the rights, property, or personal safety of Grammarly and its users, or to comply with our legal obligations, such as responding to warrants, court orders, or other legal processes.

Information access and disclosure

Does Grammarly share my Information?
We only disclose Personal Data to third parties when…
  • …we use service providers who assist us in meeting business operations needs, including hosting, delivering, and improving our Services. We also use service providers for specific services and functions, including email communication, customer support services, and analytics. These service providers may only access, process, or store Personal Data pursuant to our instructions and to perform their duties to us.
  • …we have your explicit consent to share your Personal Data.
  • …we believe it is necessary to investigate potential violations of the Terms of Service, to enforce those Terms of Service, or to investigate, prevent, or take action regarding illegal activities, suspected fraud, or potential threats against persons, property, or the systems on which we operate our Site, Software, and/or Services.
  • …we determine that the access, preservation, or disclosure of your Personal Data is required by law to protect the rights, property, or personal safety of Grammarly and users of our Site, Software, and/or Services, or to respond to lawful requests by public authorities, including national security or law enforcement requests.
  • …we need to do so in connection with a merger, acquisition, bankruptcy, reorganization, sale of some or all of our assets or stock, public offering of securities, or steps in consideration of such activities (e.g., due diligence). In these cases some or all of your Personal Data may be shared with or transferred to another entity, subject to this Privacy Policy.
We may disclose Non-Personal Data publicly and to third parties—for example, in public reports about word usage, to partners under agreement with us, or as part of progress reports we may provide to users.

Through the use of cookies, we help deliver advertisements for relevant Grammarly products and services to you. For more details on cookies, please see the “Does Grammarly use cookies?” section below.

Grammarly does not share your Personal Data with third parties for the purpose of enabling them to deliver their advertisements to you.

Does Grammarly sell or rent my Personal Data?
No, Grammarly does not sell or rent your Personal Data.

Does Grammarly use cookies?
Cookies are small text files stored on your device and used by web browsers to deliver personalized content and remember logins and account settings. Grammarly uses cookies and similar technologies, including tracking pixels and web beacons, to collect usage and analytic data that helps us provide our Site, Software, and/or Services to you, as well as to help deliver ads for relevant Grammarly products and services to you when you visit certain pages on the Site and then visit certain third-party sites. For more information on cookies and how Grammarly uses them, please see our Cookie Policy. Our products currently do not respond to Do Not Track requests.

How do third-party apps and plugins work?
Some third-party applications and services that work with us may ask for permission to access your Information. Those applications will provide you with notice and request your consent in order to obtain such access or information. Please consider your selection of such applications and services, and your permissions, carefully.

Some third parties’ embedded content or plugins on our Site and/or Software, such as Facebook “Like” buttons, may allow their operators to learn that you have visited the Site, and they may combine this knowledge with other data they have collected about your visits to other websites or online services that can identify you.

Data collected by third parties through these apps and plugins is subject to each parties’ own policies. We encourage you to read those policies and understand how other companies use your data.

Will Grammarly send me emails?
From time to time, we may want to contact you with information about product announcements, software updates, and special offers. We also may want to contact you with information about products and services from our business partners. You may opt out of such communications at any time by clicking the “unsubscribe” link found within Grammarly emails and changing your contact preferences. All Grammarly account holders will continue to receive transactional messages related to our Services, even if you unsubscribe from promotional emails.

For EEA users: We only send marketing communications to users located in the EEA with your prior consent. Please see the section “For EEA users” below.

Does Grammarly ever make any of my Personal Data or User Content public?
No, we do not share Personal Data or User Content except in the limited circumstances described in the “Does Grammarly share my Information?” section of the Policy.

Does Grammarly collect information from children?
Unless your Grammarly account is part of a Grammarly for Education (also known as Grammarly@edu) license, Grammarly does not knowingly collect personal information from children under the age of 13. If we determine we have collected personal information from a child younger than 13 years of age, we will take reasonable measures to remove that information from our systems. If you are under the age of 13, please do not submit any personal information through the Site, Service, and/or Software. We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce this Policy by instructing their children never to provide personal information through the Site, Service, and/or Software without their permission.

Data storage, transfer, retention, and deletion

Where is my Information stored?
Information submitted to Grammarly will be transferred to, processed, and stored in the United States. When you use the Software on your computing device, User Content you save will be stored locally on that device and synced with our servers. If you post or transfer any Information to or through our Site, Software, and/or Services, you are agreeing to such Information, including Personal Data and User Content, being hosted and accessed in the United States. Please note that the laws of the United States may be different from the privacy laws applicable to the place where you are resident.

How secure is my Information?
Grammarly is committed to protecting the security of your Information and takes reasonable precautions to protect it. However, internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure, and as a result, we cannot ensure the security of Information you transmit to us, including Personal Data and User Content; accordingly, you acknowledge that you do so at your own risk.

We use industry-standard encryption to protect your data in transit and at rest.

Once we receive your data, we protect it on our servers using a combination of technical, physical, and logical security safeguards. The security of the data stored locally in any of our Software installed on your computing device requires that you make use of the security features of your device. We recommend that you take the appropriate steps to secure all computing devices that you use in connection with our Site, Software, and/or Services.

If Grammarly learns of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice on the Site. Depending on where you live, you may have a legal right to receive such notices in writing.

How can I delete my Personal Data from Grammarly?
You can remove your Personal Data from Grammarly at any time by logging into your account, accessing the Settings page, and then deleting your account. More details can be found here. Please note that, for security reasons, subscribers of our paid services will first be instructed to cancel their subscriptions before they can delete their Grammarly account.

How long is Personal Data retained?
You can remove your Personal Data from Grammarly at any time by deleting your account as described above. However, we may keep some of your Personal Data for as long as reasonably necessary for our legitimate business interests, including fraud detection and prevention and to comply with our legal obligations including tax, legal reporting, and auditing obligations.

What happens if Grammarly closes my account?
If Grammarly closes your account due to your violation of the Terms of Service, then you may contact Grammarly to request deletion of your data. Grammarly will evaluate such requests on a case by case basis, pursuant to our legal obligations.

Will this Privacy Policy ever change?

As Grammarly evolves, we may need to update this Policy to keep pace with changes in our Site, Software, and Services, our business, and laws applicable to us and you. We will, however, always maintain our commitment to respect your privacy. We will notify you of any material changes that impact your rights under this Policy by email (to your most recently provided email address) or post any other revisions to this Policy, along with their effective date, in an easy-to-find area of the Site, so we recommend that you periodically check back here to stay informed of any changes. Please note that your continued use of Grammarly after any change means that you agree with and consent to be bound by the new Policy. If you disagree with any changes in this Policy and do not wish your information to be subject to it, you will need to delete your Grammarly account.

EU-U.S. & Swiss-U.S. Privacy Shield

Grammarly complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Grammarly has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit http://www.privacyshield.gov.
In compliance with the Privacy Shield Principles, Grammarly commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Grammarly at the contact address below. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, dispute resolution is available through a third-party arbitrator by contacting our designated Privacy Shield independent recourse mechanism, JAMS. In certain circumstances, the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework provide the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.
The Privacy Shield Principles describe Grammarly’s accountability for personal data that it subsequently transfers to a third-party agent. Under the Principles, Grammarly shall remain liable if third-party agents process the personal information in a manner inconsistent with the Principles, unless Grammarly proves it is not responsible for the event giving rise to the damage.
The Federal Trade Commission has jurisdiction over Grammarly’s compliance with the Privacy Shield.

For EEA, Swiss, and UK users

Grammarly uses, processes, and stores Personal Data, including what is listed in the “What Information does Grammarly collect about me?” section, as necessary to perform our contract with you, and based on our legitimate interests in order to provide the Services. We rely on your consent to process Personal Data to send promotional emails and to place cookies on your devices. In some cases, Grammarly may process Personal Data pursuant to legal obligation or to protect your vital interests or those of another person.

What rights do I have, and how can I exercise them?

Individuals located in the European Economic Area (EEA), Switzerland, and the UK have certain rights in respect to their personal information, including the right to access, correct, or delete Personal Data we process through your use of the Site, Software, and/or Services. If you’re a user based in the EEA, Switzerland, or the UK, you can:

  • Request a Personal Data report by submitting a support ticket through this link. This report will include the Personal Data we have about you, provided to you in a structured, commonly used, and portable format. You must be signed into your Grammarly account to submit this request. Please note that Grammarly may request additional information from you to verify your identity before we disclose any information.
  • Have your Personal Data corrected or deleted. Some Personal Data can be updated by you: You can update your name and email address, as well as language preference, through your Grammarly account settings. If you registered for Grammarly using Google or Facebook, or if you otherwise have problems updating this information, please submit a support ticket. You can remove your Personal Data from Grammarly by deleting your account.
  • Object to us processing your Personal Data. You can ask us to stop using your Personal Data, including when we use your Personal Data to send you marketing emails. We only send marketing communications to users located in the EEA with your prior consent, and you may withdraw your consent at any time by clicking the “unsubscribe” link found within Grammarly emails and changing your contact preferences. Please note you will continue to receive transactional messages related to our Services, even if you unsubscribe from marketing emails.
  • Complain to a regulator. If you’re based in the EEA and think that we haven’t complied with data protection laws, you have a right to lodge a complaint with your local supervisory authority.

If you have other questions or do not have a Grammarly account, contact us by submitting a support ticket.

Who is Grammarly's EEA Representative?

VeraSafe has been appointed as Grammarly’s representative in the EEA for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. VeraSafe can be contacted in matters related to the processing of Personal Data. To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative.

Alternatively, VeraSafe can be contacted at:
VeraSafe Ireland Ltd Unit 3D North Point House North Point Business Park New Mallow Road Cork T23AT2P Ireland

Data transfers

As stated in the “Where is my Information stored?” section above, information submitted to Grammarly will be transferred to, processed, and stored in the United States. When you use the Software on your computing device, User Content you save will be stored locally on that device and synced with our servers. If you post or transfer any Information to or through our Site, Software, and/or Services, you are agreeing to such Information, including Personal Data and User Content, being hosted and accessed in the United States. Please note that the privacy laws of the United States may be different from those in the place where you are a resident.

Where required, we will use appropriate safeguards for transferring data outside of Europe, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.

For California users

Supplemental Privacy Notice for California residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above and applies to California residents only.
Summary of information we collect
If you’re a California resident, California law requires us to provide you with some additional information about how we collect, use, and disclose your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout this Privacy Policy, we discuss in detail the specific pieces of personal information we collect from and about users, the sources of that information, and how we share it. Under the CCPA, we’re also required to provide you with the “categories” of personal information we collect and disclose for business purposes (as defined by applicable law). Those categories are: identifiers (such as name, email address, or social network account and profile data); commercial information (such as transaction data for a paid account); financial data (such as payment method or financial account information); internet or other network or device activity (such as IP address and usage information); location information (e.g., the general location where you use your device when interacting with the Site, Software, and/or Services); sensory information (such as audio recordings if you call our customer service); inference data about you; and other information that identifies or can be reasonably associated with you. We collect these categories of personal information from different sources, as described in the section titled, “What Information does Grammarly collect about me?” above.
We and our service providers may use the categories of personal information we collect from and about you consistent with the various business and commercial purposes we discuss throughout this Privacy Policy. Please see the section titled “How does Grammarly use my Information?” above for more information. We share this information with the categories of third parties described in the section titled, “Does Grammarly share my Information?
We may also use the categories of personal information for compliance with applicable laws and regulations, and we may aggregate the information we collect or de-identify the information to limit or prevent identification of any particular user or device.
Rights
If you’re a California resident, you may have certain rights. California law may permit you to request that we:
  • Provide access to and/or a copy of certain information we hold about you.
  • Provide you a summary of the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.
  • Delete certain information we have about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right not to be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Site, Software, and Services to you. If you ask us to delete it, you may no longer be able to access or use the Site, Software, and Services.
To exercise these rights, you can:
  • Request a personal data report by submitting a support ticket through this link. You must be signed into your Grammarly account to submit this request, and you will be required to log into your account to access the summary or the report.
  • Request the summary described above by submitting a support ticket or emailing support@grammarly.com.
  • Delete your personal information from Grammarly by deleting your account. You must be signed into your Grammarly account to submit this request, and you will be required to provide your password to confirm that you want to delete your account.
  • You can also submit requests by submitting a support ticket or emailing support@grammarly.com.
You’ll need to provide us with information sufficient to verify your identity before we can satisfy your request. To do so, you’ll need to log into your account or provide us with certain information regarding yourself and/or your usage of the Site, Software, and Services. You can also designate an authorized agent to make a request on your behalf. To do so, you need to provide us with written authorization for the agent to act on your behalf. You will still need to verify your identity directly with us.
The CCPA sets forth certain obligations for businesses that “sell” personal information. Based on the definition of “sell” under the CCPA and under current regulatory guidance, we don’t believe we engage in such activity and have not engaged in such activity in the past twelve months. We do share certain information as described in the “Information access and disclosure” section above, and we allow third parties to collect certain information about your activity, for example through cookies, as explained in our Cookie Policy. You can control these cookies through browser settings and other controls; for more information, see our Cookie Policy.
California Shine the Light
If you’re a California resident, you can ask for a list of third parties (if any) that have received your information for their direct marketing purposes during the previous calendar year. This list also contains the types of information shared. We provide this list at no cost. To make such a request, contact us at support@grammarly.com.

For Nevada Users

Under Nevada law, certain Nevada consumers may opt out of the sale of “personally identifiable information” for monetary consideration to a person for that person to license or sell such information to additional persons. “Personally identifiable information” includes first and last name, address, email address, phone number, Social Security Number, or an identifier that allows a specific person to be contacted either physically or online. We do not engage in such activity; however, if you are a Nevada resident who has purchased or leased goods or services from us, you may submit a request to opt out of any potential future sales under Nevada law by emailing support@grammarly.com. Please note we will take reasonable steps to verify your identity and the authenticity of the request. Once verified, we will maintain your request in the event our practices change.

For Brazil Users

This Brazil Privacy Notice (“Notice”) applies to personal data processing activities under Brazilian law, and takes effect on the LGPD’s effective date.

If you’re a resident of Brazil, you may have certain rights. Brazilian law may permit you to request that we:
  • Confirm whether we process your data.
  • Provide access to and/or a copy of certain information we hold about you.
  • Correct incomplete, inaccurate, and outdated data.
  • Anonymize, block, or delete data that is unnecessary, excessive, or not being processed in accordance with Brazilian data protection law.
  • Port your personal data to another service or product vendor.
  • Delete personal data processed with your consent, when applicable.
  • Provide you with information regarding the public and private entities with which we share data.
  • Provide you with information about the possibility of withdrawing consent and the consequences of such withdrawal, where applicable.
  • Withdraw your consent.

You can exercise some of these rights by logging in and visiting the My Account page. For example, you can download a copy of your Personal Data, delete your Personal Data by deleting your account, or correct your Personal Data in your Grammarly account settings. You can also submit requests by submitting a support ticket or emailing support@grammarly.com. You will be required to verify your identity before we fulfill your request. To do so, you’ll need to log into your account or provide us with certain information regarding yourself and/or your usage of the Site, Software, and Services.

For EDU users

If your Grammarly account is part of a Grammarly for Education (also known as Grammarly@edu) license, your parents and your school administrator may have the legal right to access your account and may delete it.

Contact us

You may contact us with any questions relating to this Privacy Policy by submitting a help desk request here or by contacting us at privacy@grammarly.com.

For the purposes of this Policy, when we say “Grammarly,” “we,” or “us,” we mean Grammarly, Inc., 548 Market Street, #35410 San Francisco, CA 94104, USA.