
Our product checks only the text you want it to
Grammarly’s product can’t access anything you type unless you are actively using it. For example: If you’re using one of our desktop applications, browser extensions, or mobile applications, you can see that it is activated in a text field by looking for a visible Grammarly logo or an icon showing the number of suggestions waiting for you. When a developer has integrated a Grammarly API in their application, you can see Grammarly's floating button in the bottom right corner of the page where suggestions are being delivered.
To check text and provide suggestions, Grammarly uses powerful server-based algorithms that are too complex to be stored locally on a user’s device. The servers are hosted by AWS in the United States.

Our product does not run in sensitive fields
Grammarly’s writing assistant is blocked from accessing text in fields marked “sensitive.” This means that Grammarly’s desktop applications, browser extensions, and mobile applications do not see anything typed in credit card forms, password fields, URL fields, or fields where similar private information is provided.
By default, we also block the product from running where you can’t edit text (known as “read-only” fields), such as the instructions to a web form.

You can view all data associated with your account
We think you should know exactly what Grammarly has stored about you. To view the personal data associated with your account, submit a request through your
account hub. Requiring you to be logged in helps us ensure that only you can request information about yourself. If you delete your account, we will remove your personal information from our systems.
If you use the
Grammarly Editor, you can view all documents you have saved—we store them so you have access until you choose to delete them. If you delete your account, we will delete these documents from our servers.

We tightly control access to user data
Grammarly restricts employee access to customer data across our network, infrastructure, and services. Only those authorized to access data critical to their work may do so. This is often referred to as the “principle of least privilege.”
Grammarly relies on trusted third-party vendors for specific services and functions, such as hosting our servers, email communication, and customer support services. We regularly evaluate vendor security, and we validate that all user information is removed from third-party systems after there is no longer any need for its storage.
Read more about the third-party subprocessors we use.

You own what you write
Grammarly does not own the text you write while using our product. You always retain all rights to your text, including copyrights and duplication privileges. In short, your work remains yours.

We comply with governmental privacy regulations and frameworks
Grammarly complies with regulations regarding data privacy and protection. This includes the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA), among other frameworks that govern Grammarly’s privacy obligations.