GDPR was not designed to target service providers providing a data service storing and processing data that the customer explicitly contracted for. That would be under data processing which has different rules.
Unless the guarantee was for Evernote to hold this data for 100 years irrespective of what the customer wishes and for example after the customer has ended their contract for the service, this angle doesn't apply.
Many companies are purging data associated with inactive accounts as part of data minimization. If the user specifically asked for indefinite retention before going inactive, that might be one thing, but as a general practice it could be risky.
Unless the guarantee was for Evernote to hold this data for 100 years irrespective of what the customer wishes and for example after the customer has ended their contract for the service, this angle doesn't apply.