Choose another country or region to see content specific to your location.

Request a Demo
SECURITY TEAMS

Trust & Security at Mention Me

 

Trust

Mention Me is committed to trust, security and privacy in our product and services. We are ISO 27001 certified and GDPR and PECR compliant.

Security is embedded in everything we do — from design to development to continuous monitoring of the consumer-facing experiences we power in production. Mention Me is committed to the security of its own platforms, systems and services and the data entrusted to it by its customers and partners.

Looking to report a security vulnerability? See our Vulnerability Disclosure page.

Security

Our platform is hosted by AWS (Amazon Web Services) in a multi-zone data centre in Ireland.

We apply industry best practices such as encryption of data in transit and at rest, infrastructure as code with peer review for all changes, continuous deployment, networking best practices and security training in OWASP principles for all engineers.

We have disaster recovery and business continuity plans in place. We regularly conduct realistic incident drills for our teams.

Privacy

We adopt a privacy-by-design mindset when building and offering our service.

We always aim to be transparent and clear to users on how we use and handle data.

In addition to complying with applicable privacy laws and practices we can offer a cookie-less customer experience to your users. 

 

Compliance

We practice continuous improvement in our security practices led by the ISO 27001 international standard and we are evaluated by a 3rd party auditor on an annual basis.

We invite a 3rd party penetration test every 6 months and implement the findings.

We continuously evaluate our security controls and quickly detect and respond to incidents in order to maintain a healthy operating risk posture for Mention Me and its customers’
data.

Availability

Our cloud infrastructure takes advantage of cloud-native features like auto-scaling, and infrastructure redundancy to reduce latency, increase reliability, and scale with your organisation’s needs.

Mention Me has historically maintained 99.99% platform uptime. Real-time status and historical availability information is available at status.mention-me.com

We strive to ensure that the platform is available every single time your customers and employees interact with it. 

Trusted and Trustworthy

NQA ISO 27001 Logo - UKAS  gdpr  ccpa

Download our ISO 27001 certificate

Information Security Questionnaires

We use Risk Ledger to manage our responses to information security enquiries from clients, prospective clients and partners. We can grant you access to Risk Ledger to support your own compliance reviews of Mention Me.

Resources

Here is our Privacy Policy for consumers and our site Terms and Conditions.

We take a shared responsibility model of security with our clients, read more about What are my responsibilities as a client of Mention Me?

Sub-processors

Sub-processor

Function

Location

Further details

Amazon Web Services,
Inc.
1200 12th Avenue South,
Suite 1200, Seattle, WA
98144, United States
The Mention Me platform
is hosted by AWS in a
multi-zone Tier 1 data
center in Ireland.
EEA Please see:
Amazon Data Protection Compliance
Mailjet SAAS Ltd
23 Copenhagen Street,
London,
England, N1 0JB
Mention Me uses Mailjet
for the purposes of
sending emails to
participants in the Service
EEA and UK Please see:
Mailjet Data Protection Compliance
Google Cloud, Ireland Ltd
Gordon House,
Barrow Street
Dublin 4
Ireland
Mention Me uses services
within the Google Cloud
platform alongside
Amazon Web Services to
build, run and extend the
Mention Me Platform.
EEA Please see:
Google Cloud Privacy and Compliance
Tray.io, Inc
25 Stillman Street,
San Francisco
CA 94107
(only relevant if client using specific
integrations and/or smart
features)
Mention Me uses Tray.io’s
platform in order to send
and receive data to and
from third party
companies (at the Client’s
request).

EEA and USA Please see: Tray.io security measures
With respect to the USA processing,
Tray.io processes data in line with the
EU model standard contractual
Lacework Inc
391 San Antonio Road,
Floor 3,
Mountain View
CA 94040
Mention Me works with a
security partner to assist
in threat monitoring and
security intelligence to
support Mention Me in its
own information
security.
EEA and USA Please see: Lacework’s security
standard
With respect to the USA processing,
Lacework processes data in line with
the EU model standard contractual
clauses.
Posthog Inc
2261 Market Street
San Francisco
CA 94114
Mention Me uses this
partner to assist in
product analytics and
ensure that we
understand how users
consume our products
EEA Please see: Posthog’s security
information

 

“We’ve gained valuable insight into how to engage our customers and build lifetime value. Since implementing our programme, we’ve significantly increased core marketing metrics. Mention Me provides excellent ROI as a marketing channel.”

Steph Powell

Steph Powell

Global Digital Acquisition Manager

“Our CEO used to go to a bag show and honk his car horn until people came around to look at our bags. Mention Me takes that same mechanic and puts more data and science behind it. It’s word of mouth on Red Bull.”

Luke Collins

Luke Collins

Chief Commercial Officer

“Since switching from in-house referral to Mention Me, we’re acquiring 4x more customers through this channel and serve a smoother and more sophisticated journey.”

Hannah Graham

Hannah Graham

Senior Growth Manager

$2bn revenue for customer-obsessed brands

Charlotte_Tilbury_logo
Air_up_logo
Asos_logo
Puma_logo
Farfetch_logo
Michael_kors_logo
Schuh_logo
Motorway_logo
Boohoo_logo
Bloom&Wild_logo
PLT_logo
Huel_logo
Pret_logo
Ocado_logo
Kenwood_logo