We make money from selling subscriptions—not from selling data

We have not, do not, and will not sell or rent user data—period. We don’t provide information to third parties to help them advertise to you.
Grammarly’s financial interests are directly aligned with our users’ interests. We make money when customers see value in what we provide and decide to purchase one of our paid product offerings, which include Grammarly Premium, Grammarly Business, and Grammarly for Education.

We practice privacy by design

Grammarly’s writing assistant provides real-time communication support wherever you’re typing. When you see the green Grammarly logo next to your text, we want you to feel secure that the product you’re using has been created with the privacy of your data top of mind. This section details the stringent protections we maintain.

Our product checks only the text you want it to

Grammarly’s product can’t access anything you type unless you are actively using it. For example: If you’re using one of our desktop applications, browser extensions, or mobile applications, you can see that it is activated in a text field by looking for a visible Grammarly logo or an icon showing the number of suggestions waiting for you. When a developer has integrated a Grammarly API in their application, you can see Grammarly's floating button in the bottom right corner of the page where suggestions are being delivered.
To check text and provide suggestions, Grammarly uses powerful server-based algorithms that are too complex to be stored locally on a user’s device. The servers are hosted by AWS in the United States.

Our product does not run in sensitive fields

Grammarly’s writing assistant is blocked from accessing text in fields marked “sensitive.” This means that Grammarly’s desktop applications, browser extensions, and mobile applications do not see anything typed in credit card forms, password fields, URL fields, or fields where similar private information is provided.
By default, we also block the product from running where you can’t edit text (known as “read-only” fields), such as the instructions to a web form.

You can view all data associated with your account

We think you should know exactly what Grammarly has stored about you. To view the personal data associated with your account, submit a request through your account hub. Requiring you to be logged in helps us ensure that only you can request information about yourself. If you delete your account, we will remove your personal information from our systems.
If you use the Grammarly Editor, you can view all documents you have saved—we store them so you have access until you choose to delete them. If you delete your account, we will delete these documents from our servers.

We tightly control access to user data

Grammarly restricts employee access to customer data across our network, infrastructure, and services. Only those authorized to access data critical to their work may do so. This is often referred to as the “principle of least privilege.”
Grammarly relies on trusted third-party vendors for specific services and functions, such as hosting our servers, email communication, and customer support services. We regularly evaluate vendor security, and we validate that all user information is removed from third-party systems after there is no longer any need for its storage. Read more about the third-party subprocessors we use.

You own what you write

Grammarly does not own the text you write while using our product. You always retain all rights to your text, including copyrights and duplication privileges. In short, your work remains yours.

We comply with governmental privacy regulations and frameworks

Grammarly complies with regulations regarding data privacy and protection. This includes the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA), among other frameworks that govern Grammarly’s privacy obligations.
You can read further detail about many of these points in our Privacy Policy and Terms of Service.

We are vigilant about information security

Supporting our users means keeping security at the core of everything we do. This section details how we safeguard your data at all times. We also encourage you to read more about our security practices.

We maintain a security-first culture across our organization

Grammarly’s in-house team of security specialists is dedicated to fortifying the security of our product, infrastructure, and operations. Company executives are directly involved in overseeing security strategy and enforcement.
We also run a Security Champions program. Team members across the organization train on information security matters and drive team-specific security initiatives. This helps ensure company-wide attention to security issues.

All data—in transit and at rest—is encrypted to keep your information safe

We use industry-standard encryption to protect all user data in transit and at rest. Whether you’re receiving suggestions through a desktop application or browser extension, or you’re saving documents in your Grammarly Editor, all your data is encrypted and safeguarded.

Security features in our product help protect you against unauthorized access

To aid users in keeping their accounts secure, we offer two-step verification—also known as two-step authentication, a type of multi-factor authentication. We also offer guidance about maintaining strong passwords. These help ensure your account can only be accessed by you.
Grammarly protects against unauthorized access through constant auditing and monitoring. We are vigilant about identifying unexpected account behavior, and we notify affected users if we learn of unauthorized account access.

We seek regular and consistent third-party evaluation

We ask outside experts to validate the strength of our information security. That’s why we operate a bug bounty program with HackerOne, where we invite ethical hackers to search for potential software vulnerabilities and report them directly to our Security team.
We regularly hire security firms to evaluate our systems through “penetration tests,” which simulate a cyber attack to check for anything that could be exploited. We also invite enterprise customers to contract third parties of their choosing to perform these tests.

Our enterprise-grade compliances validate our security controls

Third-party auditors review our security practices to help us achieve trusted industry standards. We have received a SOC 2 (Type 2) report and are certified with ISO 27001, 27017, and 27018, among other attestations.
We are proud to be members of the Cloud Security Alliance, a nonprofit dedicated to promoting secure cloud computing.

We provide transparency about our secure cloud architecture

We host a security whitepaper to offer transparency into our security practices and procedures.

Great Writing Awaits

Get Grammarly


We know that information may be easier to approach in a Q&A format. That’s why we’ve collected questions from Grammarly users and have provided links to where you can find more information, on this page or elsewhere.

Is Grammarly secure?

Is Grammarly a privacy risk?

We maintain stringent protections for our users and practice privacy by design. We encourage you to read our Privacy Policy for more detailed information.

Does Grammarly sell your data?

No, we do not and will not sell or rent user data and never have. We make money from user subscriptions. We do not help third parties advertise to our users.

Is Grammarly a keylogger?

What data does Grammarly collect?

To serve our users, Grammarly collects necessary information, such as username, email address, and contact and language preferences. Read more in our Privacy Policy. Any user can request to view all data associated with their account. You can also find information about the small number of trusted third-party processors that help us provide our services.

Can Grammarly see or use your writing?

No one at Grammarly can read your text at will, as we tightly control access to user data within the company. You own what you write.

Does Grammarly use cookies? What’s Grammarly’s cookie policy?

Yes, Grammarly’s website uses cookies. We encourage you to read and review our Cookie Policy.

Is Grammarly reliable and accurate?

We encourage you to read this post to learn more about how we build our product with reliability and accuracy top of mind.

What are Grammarly’s Terms of Service?

We encourage all users to read our full Terms of Service.

Who owns Grammarly?

Grammarly is a private company. Read more about our story on our About Us page. To learn more about Grammarly’s business, read about how we make money from selling subscriptions—not from selling data.

Is Grammarly GDPR-compliant?

If you have questions that are not answered here, we encourage you to get in touch.