Ensuring the safety and security of our users' information is important to us at Grammarly. We maintain protections and practice privacy by design.
To serve our users, Grammarly collects necessary information, such as username, email address, and contact and language preferences. Read more in our Privacy Policy. Any user can submit a request in the account hub to view all data associated with their account. You can also find information about the small number of trusted third-party processors that help us provide our services.
All users have access to our Product Improvement and Training control, which gives them the ability to opt out of allowing Grammarly to use their content to improve its products or train its models. We do not train on any content from certain business users or users whose accounts originate in the EU or UK, automatically. Further, individual users can control where Grammarly operates—for instance, in a browser, and on the desktop—which affects how much of your data it processes.
All data is transferred to the United States for processing and storage using Amazon Web Services, one of the world’s leading data center providers.
Data in transit is encrypted using TLS 1.2.
Data at rest is encrypted using AES256.
Passwords are hashed using bcrypt.
Grammarly implements technical controls to isolate each customer’s data. Customer data is stored in a multi-tenant environment but is segregated logically via tenant IDs. Any writing that an individual or organization reviews with Grammarly will never appear in another customer’s writing suggestions.
We will store documents created in the Grammarly Editor until they are deleted by the user or upon request after contract termination or expiration.
For all other user text processed by Grammarly (i.e., anything not saved in the Grammarly Editor), a customer’s personal data is used only as necessary to deliver and administer services to that same customer and is always used in a fair, transparent manner in accordance with the customer’s privacy expectations.
To provide a seamless and highly functional experience, we may leverage random samples of aggregated and de-identified user content to refine and enhance our service for all customers unless the user has opted out of having their content used for product improvement and training.
In accordance with our Privacy Policy, you can delete your personal data from Grammarly by deleting your account. This will include any user documents that you stored in the Grammarly Editor. The instructions on how to do that are available on the Delete your Grammarly account page.
Additionally, you are able to see data that Grammarly associates with your account by requesting a personal data report. Request a personal data report by navigating to your privacy settings and clicking “Submit Request” under Personal Data Report.
We take your privacy very seriously. We do not share your content with any third parties except for the generative AI partners described below. We have security measures in place to ensure that your content stays private so you can trust that it is safe with us. We only disclose personal data to third parties as outlined in the "With Whom Does Grammarly Share Personal Information?" section of our Privacy Policy. This is necessary for us to deliver Grammarly's services to our users.
Any information used to power Grammarly’s generative AI features, such as prompt type, prompt text, and the context in which it’s used, will be shared with our small number of thoroughly vetted partners for the sole purpose of providing you with the Grammarly experience. We do not allow any partners or third parties to use your data for training their models or improving their products.
You can find information here about the small number of trusted third-party processors that help us provide our services. Grammarly maintains a thorough vendor-review process to conduct due diligence before engaging with any subprocessors. The review process includes multi-step security and privacy assessments, a detailed review of the vendor’s compliance posture, and an in-depth legal review of subprocessor data practices.
No one individual at Grammarly can read your text at will. We tightly control access to user data within the company. Only those with an approved need to access certain data are granted access via specific, audited permissions. Access to data requires review and approval by responsible managers and a member of the security team.
No. We have not sold, do not sell, and will not sell customer data. We make money from selling subscriptions, and we do not allow third parties to advertise to our customers.
No. A keylogger records every keystroke, sends data to a third party for the benefit of that party, and does so without the user’s knowledge. Grammarly’s product doesn’t fit any of these descriptions. At Grammarly, we value user trust and operate with high standards for privacy and transparency. You can feel confident using Grammarly’s product offerings knowing that: Grammarly is blocked from running in read-only and sensitive fields, such as payment forms, passwords, addresses, and URLs. We don’t record every keystroke. We make it clear when Grammarly is active by turning the G button green. You can easily turn it off any time, then turn it back on within a document or site using the easy-to-find floating G icon when you use Grammarly for Windows or Mac; or an on/off toggle when you use Grammarly Extension, which you can find by pressing on the Grammarly icon located on the top bar of your web browser. (To learn more about how to turn Grammarly off or on, visit the Tips & Tutorials section of our Support portal.)