ISO 27701 Demonstrates Grammarly’s Ongoing Dedication to Defending Consumer Information
Our prime precedence at Grammarly helps over 30 million customers and 70,000 groups talk extra successfully, with best-in-class safety and privateness practices that preserve person information non-public and guarded. We take this accountability critically and frequently replace our compliance portfolio to remain forward of evolving business greatest practices.
At the moment, we’re saying we’ve achieved the ISO 27701 certification from our third-party auditor, Ernst & Younger, demonstrating our dedication to sustaining the very best requirements in information privateness administration. ISO 27701 dietary supplements our present set of enterprise-grade certifications and compliance choices, reminiscent of SOC 2 Sort 2, ISO 27001, ISO 27017, ISO 27018, PCI DSS, TX-RAMP, and HIPAA, and can be a recurring annual audit.
Unofficially dubbed the “GDPR certification,” ISO 27701 showcases a corporation’s sturdy dedication to information safety by means of clear insurance policies, proactive threat evaluation, and streamlined breach notifications. Not solely can we worth these rules on their very own deserves; we acknowledge that they’re essential for assembly GDPR requirements.
ISO 27701’s goal is to create and keep a Privateness Info Administration System (PIMS) targeted on private information safety and privateness. It’s an extension of the ISO 27001 normal (Info Safety Administration System), for which Grammarly has been licensed since June 2021, nevertheless it provides new necessities:
- Privateness threat assessments to determine and handle potential impacts on people and organizations
- Strict circumstances for amassing and processing private information, as an example, goal and consent
- Honoring information topics’ rights, reminiscent of information entry, correction, and deletion
- Privateness by design rules, as an example, outlined retention durations, de-identification, and sanitization of information collected
- Procedures for disclosing private information to 3rd events
The scope of this normal addresses the rules discovered in lots of world information safety laws, such because the European Common Information Safety Regulation (GDPR), California’s Shopper Privateness Act (CCPA), and the Information Safety Act 2018. Whereas the main target is on defending private information, Grammarly’s PIMS applies to all buyer content material, no matter whether or not information is personally identifiable info (PII). It additionally covers Grammarly as a PII processor for establishments and a PII controller for people.
Grammarly has prioritized safe, non-public, and accountable innovation since our inception over 15 years in the past. Hundreds of companies and thousands and thousands of individuals already belief us to raise their communication—regardless of the place they work or what they’re working towards—whereas sustaining probably the most safe infrastructure and respect for person privateness. This new ISO 27701 certification, together with our Information Privateness Addendum, builds on Grammarly’s present, sturdy safety practices to supply prospects with much more assurance that any private information processed by Grammarly can be dealt with in a approach that meets the strictest requirements, ones that we’d anticipate for our personal information.
Go to The Grammarly Consumer Belief Middle | Safety, Privateness, & Compliance to search out extra details about our safety practices and insurance policies.
Learn extra about our journey to acquire our SOC 2 report and different ISO certifications.