SOC 2
Grammarly has successfully completed SOC 2 (Type 1) and SOC 2 (Type 2) examinations and received corresponding reports. These examinations validate that Grammarly meets the strict SOC 2 standards for security, availability, confidentiality, and privacy of our customers’ data.
SOC 3
Grammarly’s SOC 3 report is a publicly available version of the SOC 2 (Type 2) report. To learn more, view the System and Organization Controls (SOC 3) Report.
ISO/IEC 27001:2013
This is an international standard for information security management systems. Obtaining this certification confirms that Grammarly meets industry-standard requirements for establishing, implementing, maintaining, and continually improving an information security management system. You can view Grammarly’s ISO 27001 certificate.
ISO/IEC 27017:2015
This certification sets forth security requirements for cloud service providers and customers. It shows that Grammarly adheres to industry standards concerning the provision and use of cloud services. You can view Grammarly’s ISO 27017 certificate.
ISO/IEC 27018:2019
This international standard covers the protection of users’ personal information. Grammarly meeting this standard demonstrates our commitment to safeguarding your data. You can view Grammarly’s ISO 27018 certificate.
ISO/IEC 27701:2019
This certification verifies that Grammarly meets industry-standard requirements for privacy information management. You can view Grammarly’s ISO 27701 certificate.
PCI DSS
Grammarly is compliant with the Payment Card Industry Data Security Standard. Grammarly’s attestation confirms that your payment information is protected in accordance with industry standards.
HIPAA
The Health Insurance Portability and Accountability Act of 1996 establishes a set of standards to protect sensitive health information. Grammarly is compliant with HIPAA Security, Privacy, and Breach Notification rules.
If you need to sign a BAA in order to comply with HIPAA, please be aware that currently we can enter into BAAs only for volume licenses of 100 seats or more. This limitation allows us to process these requests promptly and efficiently. We are looking to optimize this process as we ramp up HIPAA support for our other customers. If you are interested in a license of 100 seats or more, please submit your request by contacting us.
Cloud Security Alliance
The Cloud Security Alliance is a nonprofit organization with the goal of promoting best practices in relation to cloud computing. Grammarly is a CSA-Trusted Cloud Provider and has completed the Consensus Assessment Initiative Questionnaire to represent our security controls.
CCPA
Grammarly complies with the California Consumer Privacy Act (CCPA). You are welcome to review our Privacy Policy for more information.
FERPA
Grammarly is compliant with the Family Educational Rights & Privacy Act (FERPA). If you’d like to review our EDU addenda please contact us.
NYS Education Law 2-d
Grammarly is compliant with the New York State Education Law 2-d. If you’d like to review our EDU addenda please contact us.