Grammarly has successfully completed SOC 2 (Type 1) and SOC 2 (Type 2) examinations and received corresponding reports. These examinations validate that Grammarly meets the strict SOC 2 standards for security, availability, confidentiality, and privacy of our customers’ data.
Grammarly’s SOC 3 report is a publicly available version of the SOC 2 (Type 2) report. To learn more, view the System and Organization Controls (SOC 3) Report.
This is an international standard for information security management systems. Obtaining this certification confirms that Grammarly meets industry-standard requirements for establishing, implementing, maintaining, and continually improving an information security management system. You can view Grammarly’s ISO 27001 certificate.
This certification sets forth security requirements for cloud service providers and customers. It shows that Grammarly adheres to industry standards concerning the provision and use of cloud services. You can view Grammarly’s ISO 27017 certificate.
This international standard covers the protection of users’ personal information. Grammarly meeting this standard demonstrates our commitment to safeguarding your data. You can view Grammarly’s ISO 27018 certificate.
Grammarly is compliant with the Payment Card Industry Data Security Standard. Grammarly’s attestation confirms that your payment information is protected in accordance with industry standards.
The Health Insurance Portability and Accountability Act of 1996 establishes a set of standards to protect sensitive health information. Grammarly is compliant with HIPAA Security, Privacy, and Breach Notification rules.
If you need to sign a BAA in order to comply with HIPAA, please be aware that currently we can enter into BAAs only for volume licenses of 100 seats or more. This limitation allows us to process these requests promptly and efficiently. We are looking to optimize this process as we ramp up HIPAA support for our other customers. If you are interested in a license of 100 seats or more, please submit your request by contacting us.
Cloud Security Alliance
The Cloud Security Alliance is a nonprofit organization with the goal of promoting best practices in relation to cloud computing. Grammarly is a CSA-Trusted Cloud Provider and has completed the Consensus Assessment Initiative Questionnaire to represent our security controls.
Grammarly is compliant with the Family Educational Rights & Privacy Act (FERPA). If you’d like to review our EDU addenda please contact us.
NYS Education Law 2-d
Grammarly is compliant with the New York State Education Law 2-d. If you’d like to review our EDU addenda please contact us.