Our GDPR Commitment

What is GDPR?

The European Union’s General Data Protection Regulation, or GDPR, enhances the existing framework for companies that process the personal data of EU-based residents. It comes into effect on May 25, 2018, bringing with it a host of new obligations for those companies, and new privacy rights for their end users.

Processing data can mean many things, from collecting data to storing and using it. Organizations large and small that process the personal data of EU-based individuals are now preparing for the new regulation, and Evernote is no exception.


What is Evernote doing for GDPR?

As we make clear in our Three Laws of Data Protection, Evernote is committed to protecting the privacy and security of our users’ data. We believe that GDPR complements our existing data protection policies and processes, giving us a solid foundation and helping us maintain a strong commitment to data privacy. In addition to updating our Privacy Policy to reflect our new obligations, we are implementing processes in place to support users seeking to export or access their personal data in a seamless way, and training our staff on how build and design privacy-conscious products.

To help guide our readiness initiatives, Evernote actively collaborates with privacy experts from the Center for Democracy and Technology (CDT) and the Future of Privacy Forum (FPF). Evernote continues to be EU-US Privacy Shield and Swiss-US Privacy Shield certified.


How can I learn more about GDPR?

Being ready for GDPR is important to us and we welcome this opportunity to help our users understand what we’re doing to prepare. For Evernote users interested in learning more about GDPR and how we are adopting these principles, please contact us by email at privacy@evernote.com. Evernote Business customers looking for a data protection agreement should contact their customer success agent, or email privacy@evernote.com for more information.