Mutiny

Overview

Mutiny is an account-based marketing (ABM) personalization platform used primarily by B2B SaaS companies. It resolves the company affiliation of website visitors using IP-to-company data, then dynamically rewrites page content—headlines, CTAs, social proof logos, and body copy—in real time to match the detected audience segment. This enables a single website to present multiple tailored experiences without server-side rendering changes.

What This Script Does

The Mutiny script (mutiny.js or loaded from cdn.mutinyhq.com) executes on page load and performs the following operations:

• IP-based company resolution: Makes an outbound request to Mutiny's reverse-IP lookup service, querying the visitor's IP address against a database of corporate IP ranges. This resolves the visitor's likely employer or company without requiring any login or form submission.
• Audience segmentation: Matches the resolved company attributes (industry, size, revenue, firmographic data) against the site owner's defined audience segments in Mutiny's configuration.
• DOM manipulation: Once a segment match is confirmed, the script modifies page DOM elements—swapping headline text, replacing logo images, inserting personalized copy blocks, or adjusting CTA button text—before the visitor sees the original content.
• Cookie setting: Sets a first-party cookie to persist the identified segment across the session and on return visits, avoiding repeated IP lookups and ensuring consistent personalization.
• Behavioral data collection: Records page views, scroll depth, CTA clicks, and other interaction events for each visitor within a segment, transmitting this data to Mutiny's analytics servers.
• A/B testing instrumentation: May assign the visitor to an experience variant and record the assignment for conversion measurement.

Consent & Compliance

GDPR and ePrivacy: Mutiny's IP-to-company resolution processes the visitor's IP address, which is personal data under GDPR Recital 30. The subsequent profiling—associating a browser session with firmographic attributes—constitutes automated processing of personal data under GDPR Article 22 considerations. Cookies set by Mutiny for session persistence require consent under the ePrivacy Directive. While Mutiny's targeting is firmographic rather than individually identifiable, GDPR's definition of personal data includes any information relating to an identifiable natural person; an individual's employment at a specific company identified through IP lookup meets this threshold.

Mutiny is a US-based company; transatlantic data transfers require coverage under the EU-US Data Privacy Framework or appropriate standard contractual clauses.

CCPA/CPRA: Mutiny collects IP address, behavioral interaction data, and inferred company affiliation. This constitutes personal information under CCPA. Sharing this data with Mutiny for personalization and analytics may constitute "sharing" for cross-context behavioral purposes under CPRA, triggering opt-out rights.

This vendor is classified as marketing and analytics. Its core function—IP-based profiling and personalized content delivery—serves advertising and demand generation objectives.

Should You Block This Without Consent?

Yes.

Mutiny performs IP-based profiling and sets tracking cookies for the purpose of personalizing marketing content and measuring ABM campaign performance. These activities require consent under GDPR and ePrivacy rules. The script should not load until the visitor grants consent for marketing and analytics processing.