We are vigilant about information security. We detail our security operations, policies, practices, and attestations and host a security white paper to provide further transparency.

We maintain stringent protections for our users and practice privacy by design. We encourage you to read our Privacy Policy for more detailed information.

No, we do not and will not sell user data and never have. We make money from user subscriptions. We do not help third parties advertise to our users.

No. A keylogger records every keystroke and sends data to a third party for the benefit of that party and does so without the user’s knowledge. Grammarly’s product doesn’t fit any of these descriptions.

To serve our users, Grammarly collects necessary information, such as username, email address, and contact and language preferences. Read more in our Privacy Policy. Any user can submit a request in the account hub to view all data associated with their account. You can also find information about the small number of trusted third-party processors that help us provide our services.

No one at Grammarly can read your text at will, as we tightly control access to user data within the company. You own what you write.

Yes, Grammarly’s website uses cookies. We encourage you to read and review our Cookie Policy.

We encourage you to read this post to learn more about how we build our product with reliability and accuracy top of mind.

We encourage all users to read our full Terms of Service.

Grammarly is a private company. Read more about our story on our About Us page. To learn more about Grammarly’s business, read about how we make money from selling subscriptions—not from selling data.

Yes, we comply with governmental privacy regulations and frameworks, including GDPR, CCPA, HIPAA, ISO 27018, and SOC2.

Yes, Grammarly is compliant with HIPAA Security, Privacy, and Breach Notification rules. Grammarly has been audited by an independent third-party audit firm that has issued an attest report demonstrating our compliance. If you need to sign a BAA in order to comply with HIPAA, please be aware that currently, we can enter into BAAs only for volume licenses of 100 seats or more. This limitation allows us to process these requests promptly and efficiently. We are looking to optimize this process as we ramp up HIPAA support for our other customers. If you are interested in a license of 100 seats or more, please submit your request here.

Grammarly’s enterprise-grade attestations and certifications and user-first approach to security and privacy reflect our practices and policies to ensure users’ data is safe and secure.

Any information used to power GrammarlyGO, such as prompt type, prompt text, and the context in which it's used, will be shared with our partners for the sole purpose of providing you with the GrammarlyGO experience. We do not allow any partners or third parties to use your data for training their models or improving their products.

You can also find information here about the small number of trusted third-party processors that help us provide our services. Grammarly maintains a thorough vendor-review process to conduct due diligence before engaging with any subprocessors. The review process includes multi-step security and privacy assessments, a detailed review of the vendor’s compliance posture, and an in-depth legal review of subprocessor data practices.