Ensuring the safety and security of our users' information is of utmost importance to us at Grammarly. We understand the trust our users place in us, and we want to assure you that any data you share with us while using our product offerings is protected and secure. Your security is our top priority, and we take all necessary measures to safeguard your information.
When users use Grammarly, Grammarly processes the following types of data.
User text: Raw text written by a user and checked by Grammarly’s communication assistance service. Grammarly only checks text in editable text fields. It does not process any data from fields marked “sensitive,” such as those requesting passwords or credit card information.
Grammarly account information: Information provided by a user during the registration process, such as their username, email address, contact, and language preferences.
Log data: Technical information about how you use our product, such as browser type and version and other device information, and statistical data about your interaction with our product, such as rates of accepted or rejected writing suggestions. We use this information to improve the quality of our product and for certain technical purposes such as regression diagnosis.
User customization data: Optional user and administrator settings that customize the suggestions provided by the service, which operate at different levels. These settings include additions to the personal dictionary at the individual user level and style guide entries at the team administration level.
Individual users can control where Grammarly operates—for instance, in a browser, and on the desktop—which affects how much of your data it processes.
Data is collected through Grammarly’s software clients, which include our browser extensions, desktop applications (Grammarly for Windows and Grammarly for Mac), a Microsoft Office add-in, a web-based editor, mobile keyboards, and an iPad application. Grammarly products do not collect any data from fields marked as sensitive, such as those requesting passwords or credit card information. Users can determine whether Grammarly is running in a particular text field on a website or in an application by looking for the Grammarly logo, a minimized Grammarly status dot, or an icon showing the number of suggestions for their attention. Additionally, we proactively scrub any sensitive data that was not inputted in a sensitive field (e.g., we ignore your phone number if it appears in a doc).
All data is transferred to the United States for processing and storage using Amazon Web Services, one of the world’s leading data center providers.
Data in transit is protected by up-to-date encryption protocols, including SSL/TLS 1.2.
Data at rest is encrypted using the industry-standard AES 256 algorithm.
Passwords are hashed using the bcrypt algorithm.
Grammarly takes extreme care to isolate each customer’s data. Customer data is stored in a multi-tenant environment but is segregated logically via tenant IDs. Any writing that an individual or organization reviews with Grammarly will never appear in another customer’s writing suggestions.
We will store documents created in the Grammarly Editor until they are deleted by the user, or upon request after contract termination or expiration.
For all other user text processed by Grammarly (i.e., anything not saved in the Grammarly Editor). We may retain random samples of de-identified text to help us improve the algorithms underlying our software and services. When reasonably necessary for our legitimate business purposes, including fraud detection and prevention, we retain data for legal compliance with our tax, legal reporting, and auditing obligations.
No one at Grammarly can read your text at will. We tightly control access to user data within the company. Only those who have an approved need to access certain data are granted access via specific, audited permissions. Access to data requires review and approval by responsible managers and a member of the security team.
No. We have not sold, do not sell, and will not sell customer data. We make money from selling subscriptions, and we do not allow third parties to advertise to our customers.
Grammarly only accesses the text you write while you’re using our product offerings. The sole purpose of this access is to check your text and provide suggestions. You have the ability to turn Grammarly on or off anytime within a document or site. Additionally, Grammarly is blocked from accessing any sensitive information you type in fields marked "sensitive," such as credit card forms or password fields.