Mention Me Privacy Policy

Mention Me Privacy Policy

We reserve the right to amend this Policy from time to time.

Print this page for your records.

Also see our Cookie Policy

Mention Me Limited is a company registered in England and Wales.


Our registered company number is: 08382730

Our registered office is at: 20-22 Wenlock Road, London, N1 7GU

Our trading office is at: Vox Studios, 1-45 Durham St, London, SE11 5JH

Our Data Protection Register number is: ZA004639

Mention Me helps online businesses (our Clients) operate refer-a-friend programmes and related services. We act as a service provider and data processor to our Clients.

Through our technology platform, our Clients can: (a) enable their customers to refer their friends to their brand and then reward both the referrer and the referred friend when the referred friend becomes a customer; (b) deliver rewards and offers to customers; and (c) engage with their customers.

The following key terms are used in this Policy:

Client A Client is an online business for whom Mention Me operates a refer-a-friend programme and related services. We provide services to our Clients and process data in connection with those services on their behalf as their Data Processor. If you are a Referrer or a Referee under a refer-a-friend programme, a reference to a Client will mean the brand or online business whose refer-a-friend programme you are participating in.
Data Controller A Data Controller is the person who determines the purposes for which and the manner in which personal data is processed
Data Processor A Data Processor is a person who processes personal data on behalf of a Data Controller

Mention Me takes data privacy very seriously. We hold various personal data relating to individuals who have interacted with our website or our services. What data we hold about you and why we hold it will depend on how you interacted with us. You can find all the relevant detail behind the tab which applies to you below:


If you are an existing customer of the Client (including a Referrer or a potential Referrer under one of our Client's refer-a-friend programmes):

We may hold the following personal data about you:

  • Your email address;
  • Your name (which we may use to infer your gender);
  • The order details and order history of purchases of goods/services you have made with the Client;
  • Details of your interactions with our clients and our referral programme;
  • Details about whether you have referred someone and how you referred them;

As is true of most websites, we also automatically gather information about your computer such as your IP address, browser type, referring/exit pages and operating system. When you visit our hosted-pages, we also use cookies to identify you when you come back to the site. For more information on the cookies we use, why we use them and more information about cookies generally, please see our Cookie Policy

If you are a customer of multiple Clients which use Mention Me’s services, then we will hold your data in respect of each Client separately. Your data is never shared between Clients.

The above data is either:

  • collected from you by our Client (the Data Controller) or one of our Client’s partners and shared with us in accordance with the Client or our Client’s partners’ privacy policy so that we can operate the service for the Client or our Client’s partners; or
  • We may also receive your email address and name directly from you if you have entered it into our Referrer registration page.

We need the above data:

  • To allow us to recognise you and reward you as the Referrer when your friends interact with a sharing link you have sent them and/or give us your name through our ‘name sharing’ feature.
  • To send you service emails solely in connection with the refer-a-friend programme or the fulfilment of any reward or offer – for example to help you share offers with your friends, to notify you when your friends engage with an offer and to email you rewards as and when you are eligible to receive them. You can opt-out of receiving these emails at any time by clicking on the unsubscribe link at the footer of any email you receive from us or via our data privacy contact form.
  • To help confirm that friends referred through a refer-a-friend programme are not existing customers of the Client and are therefore eligible for referee rewards.
  • To allocate you into a customer segment (a set of customers grouped by their characteristics) and display messages, rewards and offers to you based on your segment. This allocation may be done automatically via a segmentation tool.
  • To process your responses and rewards and offers.
  • To investigate activity that we suspect as being contrary to the Client's terms and conditions or fraudulent in nature.
  • To respond to customer service requests.
  • To undertake individual and/or aggregate statistical analysis as requested by the Client to better understand their business, profitability and growth.
  • To analyse responses and information in an anonymised and aggregated way in order to understand consumer behaviour and share such information with selected third party partners to help them understand consumer behaviour.

We hold and process all of the above data as a Data Processor on behalf of our Client, who is the Data Controller. This means that we keep your data strictly confidential and we only ever use your data in accordance with our Client’s instructions.

So that you are not prevented from participating in the programme or otherwise redeeming rewards and/or offers, we will normally hold your data for as long as the Client continues to work with us or such other period as they may specify in their instructions to us.

Some Clients will prescribe specific (shorter) retention periods for specific types of data we hold about their customers. If you would like details of any retention periods which may apply to you, please contact us via our data privacy contact form.

When it is no longer necessary to retain your personal information, we will delete or anonymise it.

In the ordinary course, we will only ever share your data with our Client or, on a confidential basis, with our own carefully selected sub-processors who are directly involved in delivering our services. Our sub-processors are only engaged with our Client’s consent and are primarily used for the purposes of hosting our platform and assisting with sending service emails to our Client's customers (including referrers) and referees. We only allow our sub-processors to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on sub-processors relating to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors, accreditation and the audit of our accounts.

We never sell or give your personal information to third parties to use for their own purposes.

In exceptional circumstances, we may disclose or transfer your personal information:

  • as required by law.
  • when we (or our Client) believe in good faith that disclosure is necessary to protect our rights, protect your safety or the rights and safety of other third parties (including other Mention me users), investigate fraud, or respond to a government request.
  • to a third-party buyer or seller in the event that Mention Me is involved in a merger, acquisition, or sale of all or a portion of its assets.
  • to any other third party with your prior consent to do so.

Information we hold about you is stored and processed principally in the Mention Me platform. The Mention Me platform is hosted in a secure data centre within the European Economic Area (EEA). Your information may be shared with our carefully selected sub-processors who are directly involved with the delivery of our services but such sub-processors shall only process personal information in the EEA and otherwise in countries which have an adequate level of protection from a data protection perspective. In particular, we process your data in France, Ireland and the UK.

In the event that the processing of your personal information at any time requires it to be transferred to and/or stored at or accessed from a destination outside the EEA, we will take all steps reasonably necessary to ensure that your data is treated securely, in accordance with this policy and safeguarded in accordance with all applicable legislation.

We have appropriate security measures to prevent personal information from being accidentally lost, or used or accessed unlawfully. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We continually test our systems and are ISO 27001 certified, which means we follow top industry standards for information security. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

You have the right to object at any time to the processing of your personal information. You can make this objection to us via our data privacy contact form, or to our Client (the Data Controller) in accordance with the procedure set out in their privacy notice which is available on their website. We will pass any processing objection we receive on to the relevant Client for their consideration.

  • You have the right to access any information we hold about you. Any request which is manifestly unfounded or excessive may be subject to a reasonable fee to cover our administrative costs in providing you with the necessary details.
  • You have the right to ensure the personal information we hold about you is up to date and accurate.
  • If you have given direct consent to us (or indirectly via the Client) to process any of your personal information you may withdraw that consent at any time.
  • You have the right to opt-out of receiving emails from us at any time. You can do this by managing your privacy settings in the link contained in the footer of any email you may receive from us. You can also opt-out via our data privacy contact form. Please note that if you opt-out of receiving Mention Me emails:
    • we will not be able to send you any rewards or offers you may be entitled to; and
    • you will not be automatically opted-out of any other communications you may have opted to receive from the relevant Client. You will need to inform the Client directly if you wish to opt-out of their direct communications.
  • You have the right to request that the personal information we hold about you be erased and/or request that the processing of that data be restricted.

If you would like to exercise any of the rights listed above, you may submit a request to us via our data privacy contact form or by post to 20-22 Wenlock Road, London, N1 7GU. You may also submit a request directly to the relevant Client in accordance with the procedures outlined in their privacy policy which will be available on their website.

We will share any request promptly with the relevant Client who is the Data Controller and ultimately responsible for decisions made in respect of personal information we hold about you.

If you have registered as a Referred Friend under a refer-a-friend programme:

We may hold the following personal data about you:

  • Your email address;
  • Details of your visits to any refer-a-friend programme you are participating in; and
  • A record of any correspondence between you and us.

As is true of most websites, we also automatically gather information about your computer such as your IP address, browser type, referring/exit pages and operating system. When you visit our hosted-pages, we also use cookies to identify you when you come back to the site. For more information on the cookies we use, why we use them and more information about cookies generally, please see our Cookie Policy

If you have registered as a Referred Friend under multiple refer-a-friend programmes provided by different Clients, then we will hold the above data in respect of each separate refer-a-friend programme you participate in. Your data is kept separate for each refer-a-friend programme and is never shared between Clients.

We receive your email address:

  • directly from you when you when enter it into our Referee registration page after you have clicked on a sharing link; or
  • From our Client if you have entered it into their website when using our ‘share by name’ feature.

We need the above data:

  • To check that you are not an existing customer of the relevant Client.
  • To allow us to recognise and reward you as a Referred Friend when you fulfil the conditions necessary to receive a reward under the refer-a-friend programme you are participating in.
  • To send you service emails solely in connection with the refer-a-friend programme – for example to email you rewards as and when you are eligible to receive them. You can opt-out of receiving these emails at any time by clicking on the unsubscribe link at the footer of any email you receive from us or via our data privacy contact form.
  • If, and only if, you have opted-in to receive marketing communications from the relevant Client, we will share your email address with the Client to enable them to send you those communications.
  • To respond to customer service requests.

We hold and process all of the above data as a Data Processor on behalf of our Client, who is the Data Controller. This means that we keep your data strictly confidential and we only ever use your data in accordance with our Client's instructions.

How long we hold your data for will depend on the particular Client and the instructions they have given us. We will normally always retain your data for at least as long as the validity period of the offer or reward that has been shared with you by your friend.

Some Clients will prescribe specific (shorter or longer) retention periods for your data. If you would like details of any retention periods which may apply to the specific refer-a-friend programme you are enrolled in, please contact us via our data privacy contact form.

When it is no longer necessary to retain your personal information, we will delete or anonymise it.

In the ordinary course, we will only ever share your data with:

  • our Client;
  • the friend who has referred you (so that we can notify them when they are due a reward for their referral); or
  • on a confidential basis, our own carefully selected sub-processors who are directly involved in delivering our refer-a-friend services. Our sub-processors are only engaged with our Client’s consent and are primarily used for the purposes of hosting our platform and assisting with sending referral service emails to referrers and referees. We only allow our sub-processors to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on sub-processors relating to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors, accreditation and the audit of our accounts.

We never sell or give your personal information to third parties to use for their own purposes.

In exceptional circumstances, we may disclose or transfer your personal information:

  • as required by law.
  • when we (or our Client) believe in good faith that disclosure is necessary to protect our rights, protect your safety or the rights and safety of other third parties (including other Mention me users), investigate fraud, or respond to a government request.
  • to a third-party buyer or seller in the event that Mention Me is involved in a merger, acquisition, or sale of all or a portion of its assets.
  • to any other third party with your prior consent to do so.

Information we hold about you is stored and processed principally in the Mention Me platform. The Mention Me platform is hosted in a secure data centre within the European Economic Area (EEA). Your information may be shared with our carefully selected sub-processors who are directly involved with the delivery of our refer-a-friend services but such sub-processors shall only process personal information in the EEA and otherwise in countries which have an adequate level of protection from a data protection perspective. In particular, we process your data in France, Ireland and the UK.

In the event that the processing of your personal information at any time requires it to be transferred to and/or stored at or accessed from a destination outside the EEA, we will take all steps reasonably necessary to ensure that your data is treated securely, in accordance with this policy and safeguarded in accordance with all applicable legislation.

We have appropriate security measures to prevent personal information from being accidentally lost, or used or accessed unlawfully. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We continually test our systems and are ISO 27001 certified, which means we follow top industry standards for information security. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

You have the right to object at any time to the processing of your personal information. You can make this objection via our data privacy contact form, or to our Client (the Data Controller) in accordance with the procedure set out in their privacy notice which is available on their website. We will pass any processing objection we receive on to the relevant Client for their consideration.

  • You have the right to access any information we hold about you. Any request which is manifestly unfounded or excessive may be subject to a reasonable fee to cover our administrative costs in providing you with the necessary details.
  • You have the right to ensure the personal information we hold about you is up to date and accurate.
  • If you have given consent to us directly (or indirectly via the Client) to process any of your personal information you may withdraw that consent at any time.
  • You have the right to opt-out of receiving emails from us at any time. You can do this by managing your privacy settings in the link contained in the footer of any email you may receive from us. You can also opt-out via our data privacy contact form. Please note that if you opt-out of receiving Mention Me referral emails:
    • we will not be able to send you any referral rewards you may be entitled to; and
    • you will not be automatically opted-out of any other communications you may have opted to receive from the relevant Client. You will need to inform the Client directly if you wish to opt-out of their direct communications.
  • You have the right to request that the personal information we hold about you be erased and/or request that the processing of that data be restricted.

If you would like to exercise any of the rights listed above, you may submit a request to us via our data privacy contact form to us or by post to 20-22 Wenlock Road, London, N1 7GU. You may also submit a request directly to the relevant Client in accordance with the procedures outlined in their privacy policy which will be available on their website.

We will share any request promptly with the relevant Client who is the Data Controller and ultimately responsible for decisions made in respect of personal information we hold about you.

If you have visited our website mention-me.com, downloaded our content from a 3rd party website or attended one of our marketing events:

We may hold the following personal data about you:

  • Your email address;
  • Your first and last name;
  • The details of any content you have downloaded;
  • Details of your visits to our website; and
  • A record of any correspondence between you and us.

As is true of most websites, we also automatically gather information about your computer such as your IP address, browser type, referring/exit pages and operating system. When you visit our hosted-pages, we also use cookies to identify you when you come back to the site. For more information on the cookies we use, why we use them and more information about cookies generally, please see our Cookie Policy.

We will receive some or all of the above data directly from you if you have:

  • submitted it to us via our website when completing a contact form;
  • submitted it to us when downloading content from our website;
  • submitted it to us when communicating with us through our website chat feature; or
  • submitted it to us when attending one of our hosted events.

We may also receive certain of the above data from one of our 3rd party partners if you have submitted it to them when downloading any of our content that they publish on our behalf.

We may also receive some or all of the above data from our 3rd party partners.

We may use the above data:

  • To email you specific content you have requested;
  • To keep you up to date with developments at Mention Me and to send you marketing communications we think you may be interested in, unless you have opted-out of receiving such messages. You can opt-out at any time by Unsubscribing from Mention Me, or by clicking the unsubscribe link in the footer of any email you receive from us;
  • To respond to any customer service enquiries; and
  • To monitor and analyse traffic to our website and website performance.
  • To allow us to better understand our website visitors
  • To identify potential business leads and enhance our marketing efforts

We hold and process all of the above data as Data Controller either because you have expressly consented for us to do so, or because it is in our legitimate business interests to process it for the purposes specified above.

As Data Controller, we are responsible for keeping your data secure and processing it in accordance with applicable legislation.

We won’t process your data for any longer than is reasonably necessary for us to do so for the purposes specified above. Specifically:

  • If you have indicated to us that you are a consumer or a sole trader, we will not send you emails other than those you expressly solicit from us and we will then delete your data;
  • If you have not opted-out of marketing communications from us, but you have also not responded to an email after 12 months of being on our marketing list, we will no longer send you emails unless you expressly request us to;
  • If you have opted-out of marketing communications we will no longer send you emails and we will retain a copy of your data solely for the purposes of ensuring you are no longer sent marketing communications.

We will only ever share your data, on a confidential basis, with our carefully selected Data Processors who we use in connection with the sales and marketing operations of our business. We will never sell your data to third parties.

In exceptional circumstances, we may disclose your data:

  • as required by law.
  • when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the rights and safety of other third parties, investigate fraud, or respond to a government request.
  • to a third-party buyer or seller in the event that Mention Me is involved in a merger, acquisition, or sale of all or a portion of its assets.
  • to any other third party with your prior consent to do so.

Information we hold about you is stored and processed on Mention Me’s secure servers and may be shared with and stored by our carefully selected Data Processors who we use in connection with sales and marketing operations of our business.

The processing of your data may involve it being transferred to and/or stored at or accessed from a destination outside the European Economic Area (EEA). In such circumstances, we will take all steps reasonably necessary to ensure that your data is treated securely, in accordance with this policy and safeguarded in accordance with all applicable legislation.

You have the right to object at any time to the processing of your personal information. You can make this objection to us via our data privacy contact form.

  • You have the right to access any information we hold about you. Any request which is manifestly unfounded or excessive may be subject to a reasonable fee to cover our administrative costs in providing you with the necessary details.
  • You have the right to ensure the personal information we hold about you is up to date and accurate.
  • If you have given consent to us to process any of your personal information you may withdraw that consent at any time.
  • You have the right to opt-out of receiving emails from us at any time. You can opt-out at any time by Unsubscribing from Mention Me, or by clicking the unsubscribe link in the footer of any email you receive from us.
  • You have the right to request that the personal information we hold about you be erased and/or request that the processing of that data be restricted.

If you would like to exercise any of the rights listed above, you may submit a request online to us or by post to 20-22 Wenlock Road, London, N1 7GU.