If you live in California, you have specific legal rights over your data including the ability to see what Grammarly collects, delete it, correct it, and stop Grammarly from selling or sharing it with third parties.
This analysis describes what Grammarly's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
California's CCPA and CPRA give residents stronger data rights than many other US states, including the right to opt out of data sharing for advertising, which is practically significant given Grammarly's acknowledged use of data with business partners.
California residents can actively limit how their personal information is used and shared, including opting out of data sharing with business partners, which may reduce targeted advertising or secondary data uses; exercising these rights requires submitting a request through Grammarly's privacy portal.
How other platforms handle this
California law gives residents the right to know what personal information we collect, use, share or sell; to delete personal information under certain circumstances; to opt-out of the sale or sharing of their personal information; to correct inaccurate personal information; to limit the use and dis...
If you are a California resident, you have the right to opt out of the sale or sharing of your personal information. You also have the right to know what personal information we have collected about you, the right to delete your personal information, the right to correct inaccurate personal informat...
If you are a California resident, you have the right to know what personal information we collect, use, disclose, and sell about you. You also have the right to request that we delete personal information we have collected from you, and the right to opt-out of the sale of your personal information.
Monitoring
Grammarly has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"If you are a California resident, you have certain rights with respect to your personal information, including: The right to know about the personal information we collect, use, disclose, and sell. The right to delete your personal information. The right to opt out of the sale or sharing of your personal information. The right to correct inaccurate personal information. The right to limit use and disclosure of sensitive personal information.— Excerpt from Grammarly's Grammarly Privacy Policy
REGULATORY LANDSCAPE: This provision directly implements CCPA and CPRA requirements, enforced by the California Privacy Protection Agency (CPPA) and the California Attorney General. Key CPRA obligations include the right to limit use of sensitive personal information and the right to opt out of sharing for cross-context behavioral advertising. Non-compliance with opt-out request mechanisms can result in regulatory enforcement and civil penalties. GOVERNANCE EXPOSURE: Medium. The provision discloses the rights but compliance depends on the operational functionality of the opt-out and deletion mechanisms, the response time and process for honoring requests, and whether all categories of 'sharing' within the CPRA definition are covered by the opt-out offered. JURISDICTION FLAGS: These rights apply specifically to California residents. Organizations with California-based users should ensure their own privacy notices reflect Grammarly's data practices and that employees are aware of available data rights. Other US states with similar laws (Virginia, Colorado, Connecticut, Texas) may have analogous rights that Grammarly's policy may or may not address with equal specificity. CONTRACT AND VENDOR IMPLICATIONS: Enterprises with California-based employees using Grammarly's consumer product should assess whether employee data rights under CPRA are adequately addressed through consumer-facing mechanisms or require enterprise-specific agreements. Vendor assessments should include verification of Grammarly's CPRA opt-out signal support including Global Privacy Control (GPC) compliance. COMPLIANCE CONSIDERATIONS: Privacy compliance teams should verify that Grammarly honors opt-out requests within the 15-business-day period required under CPRA and that the privacy portal is functional and accessible. Organizations acting as employers should assess whether the use of Grammarly's consumer product by employees creates obligations under their own CPRA compliance programs.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
California's CCPA and CPRA give residents stronger data rights than many other US states, including the right to opt out of data sharing for advertising, which is practically significant given Grammarly's acknowledged use of data with business partners.
California residents can actively limit how their personal information is used and shared, including opting out of data sharing with business partners, which may reduce targeted advertising or secondary data uses; exercising these rights requires submitting a request through Grammarly's privacy portal.
ConductAtlas has identified this type of provision across 2 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Grammarly.