What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This policy engages GDPR (applicable to EEA users, enforced by EU data protection authorities including the Irish DPC as Grammarly's likely EU lead supervisory authority), CCPA and CPRA (applicable to California residents, enforced by the California Privacy Protection Agency and California AG), COPPA (relevant given the policy's age restrictions for users under 13 in the US), and potentially the EU AI Act given Grammarly's disclosed use of user content to train AI models. …

How does Grammarly's Grammarly Privacy Policy affect users?

Users who submit text through Grammarly's services operate under terms that permit Grammarly to collect that text and use it for AI model development and improvement. Users may exercise data access, deletion, or processing restriction rights by submitting requests through privacy.grammarly.com, with additional procedural rights available to California and EEA residents under applicable law.

How often is Grammarly's Grammarly Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Grammarly updates this document?

Yes. Monitor subscribers ($19/month) can add Grammarly to their watchlist and receive same-day email alerts whenever this document or any other Grammarly document changes.

CA-D-000456

Grammarly Privacy Policy

Grammarly

Last change detected April 29, 2026 Privacy policy

SHA-256: 7c6d87e3e53e677d402… 1 version captured 0 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Grammarly ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

9 Total

1 High severity

8 Medium severity

0 Low severity

Summary

Grammarly's Privacy Policy establishes the categories of personal data Grammarly collects through its writing assistance services, including the full text of user submissions for grammar and writing suggestions. The policy authorizes Grammarly to use collected text to improve and train its AI models and machine learning systems. California residents and EEA users are granted rights to access, delete, or restrict processing of their data through Grammarly's privacy request portal at privacy.grammarly.com.

Technical / Legal Breakdown

This document is Grammarly's Privacy Policy, governing the collection, use, storage, and sharing of personal data by Grammarly Inc. across its writing assistance products and services, with a stated legal basis grounded in consent, contractual necessity, and legitimate interests depending on jurisdiction. The policy states that Grammarly collects a broad range of data categories including account information, user content (text submitted for analysis), usage data, device and browser information, and inferred preferences, and the terms authorize sharing of this data with service providers, business partners, affiliates, and in connection with corporate transactions such as mergers or acquisitions. Notably, the policy asserts that user content submitted through Grammarly's services may be used to improve and train its AI and machine learning models, a practice disclosed but one where the scope of training data use and opt-out granularity merits scrutiny; the policy also distinguishes between consumer and enterprise (Grammarly Business) data handling, with enterprise customer content subject to separate agreements that may limit certain uses. The policy expressly addresses GDPR obligations for EEA users including legal bases for processing, data subject rights, and cross-border transfer mechanisms, and engages CCPA/CPRA requirements for California residents including rights to know, delete, and opt out of sale or sharing of personal information; users in other jurisdictions may have more limited protections depending on local law and enforcement context.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

High — 1 provision

User Content Used for AI Model Training Compare →

The text you submit to Grammarly for grammar and writing help may be used by the company to train and improve its AI systems, not just to give you suggestions in the moment.

Added May 9, 2026 Standard Seen across 284 platforms

Medium — 8 provisions

Data Sharing with Business Partners and Third Parties Compare →

Grammarly shares your personal data with outside companies that help run its services, as well as with business partners for joint marketing or co-branded offerings.

Added May 9, 2026 Standard Seen across 252 platforms
Corporate Transaction Data Transfer Compare →

If Grammarly is sold, merged, or goes through a major business change, your personal data including your account and content history could be transferred to a new company.

Added May 9, 2026 Standard Seen across 252 platforms
California Resident Rights and Opt-Out of Sale or Sharing Compare →

If you live in California, you have specific legal rights over your data including the ability to see what Grammarly collects, delete it, correct it, and stop Grammarly from selling or sharing it with third parties.

Added May 9, 2026 Standard Seen across 284 platforms
EEA and UK User Rights under GDPR Compare →

If you're in the EU, UK, or Switzerland, you have strong legal rights over your data under GDPR, including the ability to access, correct, delete, or move your information, and to complain to your country's data regulator.

Added May 9, 2026 Standard Seen across 284 platforms
Age Restriction and Children's Data Compare →

Grammarly's services are not intended for children under 13, and the company states it will delete data from users under 13 if discovered.

Added May 9, 2026 Standard Seen across 284 platforms
Cross-Border Data Transfers Compare →

If you use Grammarly from outside the US, your personal data will be sent to and stored on servers in the United States, where privacy laws may offer less protection than in your home country.

Added April 30, 2026 Standard Seen across 284 platforms
Enterprise vs Consumer Data Processing Distinction Compare →

If you use Grammarly through your employer or an organization's business account, your data is governed by a separate contract and your employer's privacy policy, not this consumer policy.

Added May 9, 2026 Standard Seen across 284 platforms
Data Retention Compare →

Grammarly keeps your personal data for as long as your account is open or as needed for legal reasons, and you can request deletion by contacting support.

Added April 30, 2026 Standard Seen across 284 platforms