# Contact And Intake Privacy

The Gateway intake should collect the minimum information needed to understand the request.

## Intake Principles

- Do not request credentials by default.
- Do not request private keys, tokens, passwords, or full packet captures.
- Ask operators to redact evidence before sharing.
- Keep remote access explicit, time-limited, revocable, and logged.
- Explain retention expectations before requesting support bundles.
- Separate sponsor, support, appliance, MSP, evidence, and security paths.
- Start vulnerability reports with minimal detail and ask for a secure exchange path before sending sensitive evidence.

## Intake Fields

- Contact path.
- Request type.
- Deployment mode.
- Hardware class.
- Route/DNS/fallback goal.
- Privacy posture goal.
- Redacted evidence available.
- Remote access allowed: yes/no.
- Retention or deletion requirement.

## Security Reports

Vulnerability reports should follow `SECURITY.md`, start with minimal detail, and should not be filed as public issues.

## Next Action

- Open [support intake](./support-intake.md) only after reviewing [support boundaries](./support-boundaries.md) and the [redaction guide](./support-bundle-redaction.md).