# Contact And Intake Privacy

The Gateway intake should collect the minimum information needed to understand the request.

## Intake Principles

- Do not request credentials by default.
- Do not request private keys, tokens, passwords, or full packet captures.
- Do not ask visitors to share versioned deployment URLs, provider-specific endpoints, or internal helper names.
- Ask operators to redact evidence before sharing.
- Keep remote access explicit, time-limited, revocable, and logged.
- Explain retention expectations before requesting support bundles.
- Separate sponsor, support, appliance, MSP, evidence, and security paths.
- Start vulnerability reports with minimal detail and ask for a secure exchange path before sending sensitive evidence.

## Intake Fields

- Contact path.
- Request type.
- Deployment mode.
- Hardware class.
- Route/DNS/fallback goal.
- Privacy posture goal.
- Redacted evidence available.
- Remote access allowed: yes/no.
- Retention or deletion requirement.

## Security Reports

Vulnerability reports should follow [SECURITY.md](../SECURITY.md), start with minimal detail, and should not be filed as public issues.

## Next Action

- Open [support intake](./support-intake.html) only after reviewing [SECURITY.md](../SECURITY.md), [publication review](./site-qa.html), [launch status](./launch-status.html), [production checklist](./production-checklist.html), [support boundaries](./support-boundaries.md), and the [redaction guide](./support-bundle-redaction.md).