Evercontact (operated by One More Company, Inc.) recognizes and supports the EU General Data Protection Regulation (GDPR). This page explains, in plain language, how we meet GDPR requirements for the Evercontact and ContactRescue services, the rights you have, and how to exercise them.
01Overview & consent
Our service provides value by turning the email signatures you receive into new or updated contacts in your address book. To do this, you must authorize Evercontact to access your account so we can automatically read header information and signature blocks from your emails.
We present clear information on privacy and compliance before any sign-up, and you consent to our terms by signing up. From time to time you may receive product-specific emails; you can change their frequency or opt out entirely at any time, and any marketing emails require a separate, additional opt-in.
02Your GDPR rights
If your personal data is processed by Evercontact, you may exercise the following rights under the GDPR:
- Access — obtain a copy of the personal data we hold about you.
- Rectification — correct inaccurate or incomplete data.
- Erasure — request deletion of your personal data ("right to be forgotten").
- Restriction — ask us to limit how we process your data.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing, including for direct marketing.
- Withdraw consent — revoke our access to your mailbox at any time, which stops further processing.
To exercise any of these rights, contact our Data Protection Officer at dpo@evercontact.com. We respond to every request within one month, and inquiries regarding your personal information and its removal are always free of charge.
03How we handle your data
This is how data is collected, stored, and maintained by Evercontact throughout the entire client life cycle inside our systems:
- Evercontact keeps all user data private and never sells data about its users to anyone.
- Evercontact manages and controls how the data is stored.
- Evercontact replies to any customer request about their data in less than a month.
- Inquiries regarding personal information and information removal are always free of charge.
- A disclaimer is available on our website defining how Evercontact uses cookies and how to opt out.
- We read inbound email signatures only — never the message body or outbound mail — and we never use customer data to train any model.
04Data Protection Officer & EU point of contact
Evercontact has appointed a Data Protection Officer in accordance with European law. You can reach our DPO at dpo@evercontact.com.
While the GDPR applies specifically to people located in EU member states, you can reach our DPO for all matters relating to your data privacy and how it is managed by Evercontact even if you do not live in the European Union. Evercontact's European Point of Contact is available on simple request.
05Lawful basis & international transfers
We process personal data on the basis of your consent and to provide the service you have requested. Evercontact processes data on hardened infrastructure; where personal data originates in the EEA, UK, or Switzerland, transfers are covered by the EU Standard Contractual Clauses (and the UK Addendum) together with supplementary technical measures. EU data residency is available on Enterprise plans. See our DPA for details.
06Our team
Our staff is trained and up to speed on what it means to be GDPR compliant. We ensure no personally identifiable information is ever shared on internal communication channels, such as Slack, and we are highly responsive — you can reach us at any time with questions.
07More information
You can read more in our Privacy Policy and Terms of Service, or review our DPA & Compliance program. For anything else, contact us.