Choose another country or region to see content specific to your location.
Trust & Security at Mention Me
Trust
Mention Me is committed to trust, security and privacy in our product and services. We are ISO 27001 certified and GDPR and PECR compliant.
Security is embedded in everything we do — from design to development to continuous monitoring of the consumer-facing experiences we power in production. Mention Me is committed to the security of its own platforms, systems and services and the data entrusted to it by its customers and partners.
Looking to report a security vulnerability? See our Vulnerability Disclosure page.
Security
Our platform is hosted by AWS (Amazon Web Services) in a multi-zone data centre in Ireland.
We apply industry best practices such as encryption of data in transit and at rest, infrastructure as code with peer review for all changes, continuous deployment, networking best practices and security training in OWASP principles for all engineers.
We have disaster recovery and business continuity plans in place. We regularly conduct realistic incident drills for our teams.
We adopt a privacy-by-design mindset when building and offering our service.
We always aim to be transparent and clear to users on how we use and handle data.
In addition to complying with applicable privacy laws and practices we can offer a cookie-less customer experience to your users.
Compliance
We practice continuous improvement in our security practices led by the ISO 27001 international standard and we are evaluated by a 3rd party auditor on an annual basis.
We invite a 3rd party penetration test every 6 months and implement the findings.
We continuously evaluate our security controls and quickly detect and respond to incidents in order to maintain a healthy operating risk posture for Mention Me and its customers’ data.
Availability
Our cloud infrastructure takes advantage of cloud-native features like auto-scaling, and infrastructure redundancy to reduce latency, increase reliability, and scale with your organisation’s needs.
Mention Me has historically maintained 99.99% platform uptime. Real-time status and historical availability information is available at status.mention-me.com
We strive to ensure that the platform is available every single time your customers and employees interact with it.
We use Risk Ledger to manage our responses to information security enquiries from clients, prospective clients and partners. We can grant you access to Risk Ledger to support your own compliance reviews of Mention Me.
Resources
Here is our Privacy Policy for consumers and our site Terms and Conditions.
We take a shared responsibility model of security with our clients, read more about What are my responsibilities as a client of Mention Me?
Sub-processors
Sub-processor |
Function |
Location |
Further details |
Amazon Web Services, Inc. 1200 12th Avenue South, Suite 1200, Seattle, WA 98144, United States |
The Mention Me platform is hosted by AWS in a multi-zone Tier 1 data center in Ireland. |
EEA | Please see: Amazon Data Protection Compliance |
Mailjet SAAS Ltd 23 Copenhagen Street, London, England, N1 0JB |
Mention Me uses Mailjet for the purposes of sending emails to participants in the Service |
EEA and UK | Please see: Mailjet Data Protection Compliance |
Google Cloud, Ireland Ltd Gordon House, Barrow Street Dublin 4 Ireland |
Mention Me uses services within the Google Cloud platform alongside Amazon Web Services to build, run and extend the Mention Me Platform. |
EEA | Please see: Google Cloud Privacy and Compliance |
Tray.io, Inc 25 Stillman Street, San Francisco CA 94107 |
(only relevant if client using specific integrations and/or smart features) Mention Me uses Tray.io’s platform in order to send and receive data to and from third party companies (at the Client’s request). |
EEA and USA | Please see: Tray.io security measures With respect to the USA processing, Tray.io processes data in line with the EU model standard contractual |
Lacework Inc 391 San Antonio Road, Floor 3, Mountain View CA 94040 |
Mention Me works with a security partner to assist in threat monitoring and security intelligence to support Mention Me in its own information security. |
EEA and USA | Please see: Lacework’s security standard With respect to the USA processing, Lacework processes data in line with the EU model standard contractual clauses. |
Posthog Inc 2261 Market Street San Francisco CA 94114 |
Mention Me uses this partner to assist in product analytics and ensure that we understand how users consume our products |
EEA and USA | Please see: Posthog’s security information With respect to the USA processing, Posthog processes data in line with the EU model standard contractual clauses. |
“We’ve gained valuable insight into how to engage our customers and build lifetime value. Since implementing our programme, we’ve significantly increased core marketing metrics. Mention Me provides excellent ROI as a marketing channel.”
Steph Powell
Global Digital Acquisition Manager
“Our CEO used to go to a bag show and honk his car horn until people came around to look at our bags. Mention Me takes that same mechanic and puts more data and science behind it. It’s word of mouth on Red Bull.”
Luke Collins
Chief Commercial Officer
“Since switching from in-house referral to Mention Me, we’re acquiring 4x more customers through this channel and serve a smoother and more sophisticated journey.”
Hannah Graham
Senior Growth Manager