MDPay
TermsPrivacyContact

MDPay Privacy Policy

Effective date: 24 May 2026. This policy describes what data MDPay collects, how it uses that data and how it protects it.

1. Data we collect

  • HMAC of your account key and HMACs of each word of the recovery phrase. These are stored as derived values on the server; the original key and phrase cannot be reconstructed from them.
  • Telegram username — provided voluntarily by you, used only for support contact.
  • Webhook URL and success/failure URLs that you configure.
  • Server logs: IP address, User-Agent, request timestamps. Retained for 30 days, then rotated.
  • On-chain TON data: addresses, amounts, payment comments. This data is inherently public by the nature of the TON blockchain; MDPay simply associates it with your account.

2. Data we do not collect

MDPay does not request or store email addresses, government identity documents, real names, phone numbers or biometric data. No KYC is performed. Your withdrawal address is visible to MDPay only at the moment your withdrawal request is processed and is not accumulated in your profile.

3. Sharing

We do not sell your data and do not share it for marketing purposes. Disclosure is made only in response to a lawful order from a competent authority, or to prevent imminent harm, in each case to the extent required or permitted by applicable law.

4. Security

  • Account keys and API keys are stored as HMAC-SHA256 with a server-side pepper.
  • Sensitive secrets (receiving wallet mnemonic, webhook signing secrets) are encrypted at rest with NaCl secretbox.
  • All traffic is encrypted with TLS. HSTS is enabled.
  • Internal processes are isolated under the principle of least privilege; state-changing actions are written to an audit log.

5. Cookies

MDPay sets the following cookies:

  • a session cookie (HttpOnly, SameSite=Lax) carrying your account key for browser convenience;
  • a language-preference cookie;
  • a CSRF cookie used by web forms.

No tracking cookies and no third-party analytics are used.

6. Data-subject rights

Lacking any verifiable identity beyond the account key, MDPay cannot reliably authenticate deletion or access requests not made via the account key itself. Account deletion is initiated by you from the dashboard and zeroises all server-side records associated with your account key; for audit purposes a timestamped record of the deletion event is retained. Public on-chain data cannot be deleted by MDPay for technical reasons.

7. Contact

Privacy questions: Telegram @n0s3nse or email admin@y7v.lol.

Privacy Policy · MDPay