← Back to RescueMyNotes
Security
Last Updated: January 1, 2025
At RescueMyNotes, security is our priority. Here's how we keep your data safe.
How We Protect Your Evernote Data
- ✅ OAuth authentication - Industry-standard security (same as IFTTT/Zapier)
- ✅ Never see your password - You authenticate directly with Evernote
- ✅ Encrypted storage - All data encrypted in transit and at rest
- ✅ Automatic deletion - Data wiped after 7 days (access tokens within hours)
- ✅ Secure infrastructure - Hosted in UK/EU regions with enterprise-grade security
OAuth Authentication
What is OAuth?
OAuth is Evernote's official authentication method - the same technology used by trusted apps like IFTTT, Zapier, and Google sign-in.
How It Works
- You click "Import from Evernote"
- You're redirected to Evernote's official login page
- You authenticate directly with Evernote
- Evernote asks "Allow RescueMyNotes to access your notes?"
- You authorize the access
- Evernote sends us a temporary access token
- We download your notes using this token
- Token is automatically deleted when import completes
What We Never See
- ❌ Your Evernote password
- ❌ Your Evernote login credentials
- ❌ Any data beyond your notes and attachments
Access duration: Typically 30 minutes, maximum 3 days, then automatically deleted
Data Lifecycle
Authentication → OAuth token received (stored securely, deleted after use)
Download → Notes downloaded from Evernote
Conversion → Converted to Markdown format
Storage → ZIP archive available for 7 days
Deletion → All data automatically wiped after 7 days
Encryption
Data in Transit
- TLS 1.3 encryption for all connections
- Your browser ↔ Our service: HTTPS
- Our service ↔ Evernote: HTTPS
Data at Rest
- Industry-standard encryption for stored files
- Private storage (not publicly accessible)
- Automatic deletion after retention period
Your Rights & Controls
You Can:
- Revoke access anytime in your Evernote settings
- Request immediate deletion of your data
- Download your data within 7 days
- Request information about what data we hold
We Cannot:
- Access your account after token expires/is revoked
- Recover your data after deletion period
- Share your data with third parties (except payment processor)
- Store your Evernote password (we never receive it)
Compliance
UK GDPR
- Data Controller: AIXL Ltd
- Data Retention: Maximum 7 days
- Your Rights: Access, rectification, erasure, portability
Security Standards
- TLS 1.3 encryption
- Secure cloud infrastructure
- Regular security monitoring
- 24-hour incident response
Questions?
Security concerns: contact@rescuemynotes.com
Data requests: contact@rescuemynotes.com
Response time: Within 24 hours (business days)
Transparency
We believe in being clear about security:
- ✅ We use Evernote's official OAuth (not custom authentication)
- ✅ We auto-delete data aggressively (7 days maximum)
- ✅ We use industry-standard encryption
What we don't do:
- ❌ Store passwords
- ❌ Share data with third parties
- ❌ Sell your data
- ❌ Keep data longer than necessary