Effective April 2026
MasonKey is a self-service activation portal. It accepts an activation code (CDK) provided by the visitor and forwards the redemption request to the corresponding upstream provider. This document describes what data flows through the portal and how it is handled.
All data submitted during an activation is forwarded in real time to the upstream provider's API and is not written to any database or log on the portal. Once the request completes, the data is discarded from memory. Server-side logs retain only anonymous operational telemetry (request timing, HTTP status) required to keep the portal running.
Activation requests are relayed to the official API of the respective subscription service. The portal does not share data with any other third party, does not sell data, and does not participate in ad networks or data brokers.
Traffic is served over HTTPS/TLS. All upstream API endpoints are accessed server-side through a proxy layer that strips identifying headers. Visitors do not communicate with upstream providers directly from their browser, and provider credentials (if any) never reach the client.
The portal operates as a technical relay. It does not sell activation codes, does not issue refunds, and does not verify how a visitor obtained a code. Use of the portal implies acceptance that all responsibility for the source and validity of a code rests with the visitor.
This policy may be updated at any time. The most recent version is always available on this page.
Back to MasonKey