Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.mention-me.com/llms.txt

Use this file to discover all available pages before exploring further.

Keeping your data safe is a shared endeavour. Mention Me takes many technical and organisational measures to protect your customers’ confidential data as detailed in our DPA. But you also need to manage your account securely and use the tools we provide carefully. The three areas of risk are:
  • Client-customer data we store for managing referral
  • Vouchers you upload that we issue to customers
  • Client-confidential performance data that we collect

Your responsibilities

  • Appoint Administrators who understand their responsibility to manage user permissions and your internal security policies.
  • Nominate at least one Administrator with security duties.
  • Regularly review the list of users who have access to your account.
  • Immediately revoke access for any users who leave your organisation.
  • Regularly review user permissions and aim for least privilege.
  • Review business processes within your customer support and marketing team for adding referrals, approving rewards, and giving out vouchers.
  • Avoid sharing accounts — each user should have a unique email address.
  • Educate employees on basic internet security: choosing and protecting passwords, protecting against phishing, and not sharing confidential data insecurely.

Tools Mention Me provides

  • Manage & Add Users — Review all users from the platform.
  • Lock / edit permissions — Lock individual accounts or edit permissions with immediate effect.
  • SSO — Set up Single Sign-On via OAuth (Google, Okta, Azure AD, Auth0) so employees access Mention Me without a separate password. Other providers can be integrated on request.
  • Password enforcement — Users must change their password on account creation to one that is at least 10 characters and suitably complex.
  • IP range restriction — Restrict admin user access to a specific IP range (e.g. your office network).
  • 90-day password rotation — Optionally enable automatic password rotation for employees.
  • Automatic account lockout — Users inactive for 90 days are automatically disabled.
  • Audit tool — Review specific behaviours of admin users (e.g. who is adding users, changing permissions, viewing voucher codes, creating and approving referrals).
  • Full audit log — Download a complete audit log of sensitive user transactions on an ad-hoc or scheduled basis.
  • Secure File Transfer — A platform mechanism for controlled sharing of confidential data.
Last modified on March 31, 2026