All about adopting our Cookieless solution
We aim to use as few Cookies as possible in delivering Mention Me’s services (read more about these here). We don’t use Cookies to track customers across our clients or across the web. And referrals themselves are identified by the email addresses of the two customers involved and so we don’t need cookies at all to track referrals and reward your customers effectively.
We do currently recommend that clients use a limited set of up to 5 Cookies and the purpose of these is clearly defined in our Cookie Policy. We can provide detailed descriptions of what each Cookie does upon request.
However, we know that clients cannot always agree with our definition of “strictly necessary” when it comes to the Mention Me Cookies and clients who cannot tend to also want to block our tags behind a consent banner. This has a generally larger impact on the success of the programme than using the Cookies.
This is why we offer a Cookieless alternative for running Mention Me which suits clients who can’t justify our Cookies and means they don’t need to list our Cookies or tags in their Consent Platform.
The purpose of this document is to help you understand what switching to the Cookieless solution means.
If we take the Cookieless solution, what does it mean?
It means we’ll disable all of the Cookies that we normally drop for customers of your Mention Me programmes. We won’t store those Cookies at all during your programme.
Not using our Cookies means there are some modest implications/trade-offs in your programmes which are covered below. It does not require new tags or different logins and it can be reversed in the future if you wish.
If you accept the trade-offs then you don’t need to add our Cookies to your Consent Platform or you can mark them as “not dropped” or “not applicable” to remove the requirement for Consent.
If the Cookies are strictly necessary, what do we lose by not having them?
Not using our Cookies means there are some modest implications/trade-offs in your programmes:
- Roughly 2-5% of referrals which would normally be identified via our MM_ID cookie as “self-referral” may be let through our gaming restrictions - although there are some other mitigations we can help you can take.
- Some customers who view Offer A when they make a purchase might see Offer B when they come back to your landing page (the AB testing is less consistent) before we can identify them via email address.
- Frequency limiting of our offers (which is an option used by a few clients) cannot be used since it requires a Cookie.
- If a customer closes a corner peel or conversion message, it will return when they next visit the same page instead of being suppressed for their session.
What do I need to do in my Consent platform if I opt out of the Cookies?
It depends on your Consent platform. Please seek their advice if you are unsure.
In some consent platforms, you can put our tag into a “Cookieless” bucket which means we are excluded from the list of Cookies.
In others, ironically you have to add our Cookies but mark them as Strictly Necessary with a note that they won’t be used.
In others, you might need to mark them as Not Applicable or Not in Use.
If I want to use one of the features which require Cookies in the future, will you tell me I need to use that Cookie?
Exactly. For example, if you discover you want to do frequency limiting in the future, we’ll tell you which Cookie you will need to re-enable and help you add it to your Consent Platform.
What if I say the Mention Me tag isn’t Strictly Necessary so that customers have to consent to it first?
If you put our Tag (which shares the name and email address of each customer with Mention Me to run the referral programme) behind a Consent banner, you generally have a significant impact on the customer experience of the programme.
If our tag only fires for customers who consent to it, then we:
- Have an incomplete picture of who is already a customer, therefore we might give someone a reward they are not eligible for or for referring an existing customer.
- Do not see a % of referrals being completed and therefore we might not reward some of your loyal customers even though they have successfully referred a friend. You may also see an increased customer service burden on the back of this poor experience.
- Do not enrol a % of your customers into referral, meaning the opportunity for referrals is reduced.
Whilst there are some mitigations we can suggest to improve this in some cases with work required from your engineering teams, you might expect this to have a >20% impact on the commercial upside of your referral programme - depending on your overall Consent opt-out rate.
Why don’t I need to get my customers' consent to send their data to you via the tag?
Clients often get confused between GDPR and PECR (Privacy in Electronic Communication Regulations) when it comes to consent as it applies to tags and Cookies. Each of these are separate laws and have their own view on tags.
GDPR
We operate as the Data Processor under GDPR and you are the Data Controller.
Because of the nature of the referral programme needing to track all customers in order to avoid giving incentives to existing customers, we operate on the basis of you having a Legitimate Interest in sharing data with Mention Me to run this programme effectively. This is explained in your privacy policy and in information notices shown to customers and potential customers during the referral journey. You do not need to get your customers to consent to the transfer of their name and email address to Mention Me via our tag on this basis. Instead, it is allowed under GDPR and the basis on which processing is being done is “legitimate interests”. Read more about GDPR here.
PECR
PECR applies to the storage of Cookies (and similar technology) that are dropped during the customer experience on the customer’s device and is broadly the reason why we have consent banners across the web. The concept of “legitimate interests” doesn’t exist under PECR. Instead, the rule is generally that Cookies (and similar technology) can only be dropped on a customer’s device with the customer’s consent unless it is strictly necessary for the Cookie (and similar technology) to be dropped to perform either a service requested by the consumer or for the client’s website to operate.
There is some debate on whether a javascript tag is a similar technology to a Cookie. However, in any event, whilst Cookies are not “strictly necessary” for our service to operate, tags are “strictly necessary” in order for us to provide our service to clients and for customers to be able to refer each other successfully.
If you have further questions on finding the right solution for you and your own internal policies, speak to your Onboarding Manager or Client Manager and we can support you.
Alternatively, you can also contact our Tech Support team.