glossary Data + launch boundaries Request Scan form · Production Launch Gate

Intake Boundary

An intake boundary defines what data the public intake surface collects, what it does not, and how the surface enforces both. The current OmniLabs intake boundary keeps the surface at "email only" with no sensitive data, no internal-system disclosure, and no production endpoint; future intake boundaries will be defined explicitly before any endpoint is enabled.

Definition

An intake boundary names the fields the public form may collect, the fields it must not collect, the storage state at intake time, and the operator-side handling that follows. It is one of four operating boundaries — intake, consent, anti-spam, retention — that together define the data-handling posture of the public intake.

Why it matters

Without a documented intake boundary, the form surface accumulates fields and processors over time without explicit decisions. The current prototype intake stays inside a narrow boundary; production intake widens it deliberately, only after the boundaries are reviewed.

Explore related entities

[CLAIM BOUNDARY] The intake boundary is an operating-process boundary documented for this project. It is not legal advice and does not substitute for qualified-counsel review of the production intake.