Trust & Security at Mention Me
Mention Me is committed to trust, security and privacy in our product and services. We are ISO 27001 certified and GDPR and PECR compliant.
Security is embedded in everything we do — from design to development to continuous monitoring of the consumer-facing experiences we power in production. Mention Me is committed to the security of its own platforms, systems and services and the data entrusted to it by its customers and partners.
Looking to report a security vulnerability? See our Vulnerability Disclosure page.
Our platform is hosted by AWS (Amazon Web Services) in a multi-zone data centre in Ireland.
We apply industry best practices such as encryption of data in transit and at rest, infrastructure as code with peer review for all changes, continuous deployment, networking best practices and security training in OWASP principles for all engineers.
We have disaster recovery and business continuity plans in place. We regularly conduct realistic incident drills for our teams.
We adopt a privacy-by-design mindset when building and offering our service.
We always aim to be transparent and clear to users on how we use and handle data.
In addition to complying with applicable privacy laws and practices we can offer a cookie-less customer experience to your users.
We practice continuous improvement in our security practices led by the ISO 27001 international standard and we are evaluated by a 3rd party auditor on an annual basis.
We invite a 3rd party penetration test every 6 months and implement the findings.
We continuously evaluate our security controls and quickly detect and respond to incidents in order to maintain a healthy operating risk posture for Mention Me and its customers’ data.
Our cloud infrastructure takes advantage of cloud-native features like auto-scaling, and infrastructure redundancy to reduce latency, increase reliability, and scale with your organisation’s needs.
Mention Me has historically maintained 99.99% platform uptime. Real-time status and historical availability information is available at status.mention-me.com
We strive to ensure that the platform is available every single time your customers and employees interact with it.
We use Risk Ledger to manage our responses to information security enquiries from clients, prospective clients and partners. We can grant you access to Risk Ledger to support your own compliance reviews of Mention Me.
We take a shared responsibility model of security with our clients, read more about What are my responsibilities as a client of Mention Me?
“We’ve gained valuable insight into how to engage our customers and build lifetime value. Since implementing our programme, we’ve significantly increased core marketing metrics. Mention Me provides excellent ROI as a marketing channel.”
Global Digital Acquisition Manager
“Our CEO used to go to a bag show and honk his car horn until people came around to look at our bags. Mention Me takes that same mechanic and puts more data and science behind it. It’s word of mouth on Red Bull.”
Chief Commercial Officer
“Since switching from in-house referral to Mention Me, we’re acquiring 4x more customers through this channel and serve a smoother and more sophisticated journey.”
Senior Growth Manager