PRIVACY
How Baytek handles inquiry data.
Plain language. No trackers, no third-party analytics, no advertising cookies. Last reviewed 2026-05-03.
Scope
This notice covers baytekdev.com and the contact and scheduled-meeting forms hosted on the same domain. It does not cover the Baytek-built products you may visit separately (ResReader, Agile Analytics, ChatBox123, and the others) — each has its own privacy notice.
What we collect
Contact form. Name, work email, company, primary need, timeline, and your message. We also keep the request timestamp and your IP for rate limiting.
Scheduled meeting form. Name, work email, company, meeting type, agenda notes, your timezone, and the requested slot in both your local time and California time. Approval tokens we email back are stored as SHA-256 hashes — we never see them in plain text after issue.
Server logs. Standard Cloud Functions logs (path, status, IP, timestamp). Retained per Google Cloud defaults.
How we use it
To respond to your inquiry, scope an engagement, and schedule a call. That's it. Internal notification emails go to kazb@baygan.com and support@baytekdev.com. We do not enrich, segment, score, or share with third parties.
Storage
Submissions are stored in Google Cloud Firestore (US region) under collections contact_leads, booking_requests, and booking_events. Direct client access to these collections is denied by Firestore security rules — every read and write goes through Baytek-controlled Cloud Functions.
Retention
We keep inquiry records for as long as the relationship is active. If you ask us to delete your record, we do — within five business days.
Third parties
We deliver email via SMTP (Gmail SMTP relay). Google Cloud Platform provides hosting and storage. The site loads no analytics, no tag manager, no chat widget, no advertising pixel — our Content Security Policy explicitly forbids it.
Cookies
None. The site sets no cookies of its own.
Your rights
You can ask us to show, correct, or delete what we hold on you. Email support@baytekdev.com with the subject line Privacy request and we'll respond within five business days.
Security
Transport is TLS-only. We enforce a strict Content Security Policy that bans third-party scripts, blocks framing (X-Frame-Options: DENY), and locks form submissions to the same origin. Approval links carry single-use, time-limited tokens stored only as SHA-256 hashes.
Changes
If we change this notice, we update the last reviewed date at the top. For material changes affecting active engagements, we will email you separately.