Security and privacy are extremely important topics for Evernote users, and for good reason. Evernote would like to provide a single service to manage your memories for many years. To achieve this, we must provide a very high level of system and data security while offering users a variety of choices to manage their own privacy requirements. Here is a high-level overview of some of the ways in which your data is protected by Evernote.
When you add a note to the service, it is secured like your email would be at a high-end email provider. This means that your notes are stored in a private, locked cage at a guarded data center that can only be accessed by a small number of Evernote operations personnel. Administrative maintenance on these servers can only be performed through secure, encrypted communications by the same set of people. All network access to these servers is similarly protected by a set of firewalls and hardened servers. Your data is only transmitted to the servers in encrypted form over SSL, and your passwords are not directly stored on any of our systems.
We also offer enhanced privacy options that would not be available from services like email:
If you have sensitive text that you would like to remember (passwords, PINs, credit card numbers), you can encrypt that text in our Windows and Mac clients using a passphrase that is never transmitted to Evernote. This encrypted text can only be decrypted and read on one of your computers after you’ve re-entered the encryption passphrase. The sensitive text is not readable on our servers or on your computer by anyone who does not know the passphrase.
If you have some notes that you only want to access from a single computer, you can place these into a “Local Notebook” on our Windows or Mac client. Notes in a Local Notebook are never transmitted to our service, so they aren’t accessible from the web, or from your other computers. This may allow a greater level of privacy for some notes, at the expense of the accessibility and reliability you would get from a private note on the service.
Evernote recognizes that user choice is an important component of privacy and security. We believe that no single option is going to meet the needs of all users, so we aim to offer a set of tools that let people balance their needs for accessibility, privacy and control.